Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1 Keep ESXi system properly patchedCIS VMware ESXi 5.5 v1.2.0 Level 1VMware
1.1.2 (L1) Ensure 'Maximum password age' is set to '365 or fewer days, but not 0'CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1Windows

IDENTIFICATION AND AUTHENTICATION

1.2 (L1) Host hardware must enable UEFI Secure BootCIS VMware ESXi 8.0 v1.2.0 L1 VMwareVMware

SYSTEM AND SERVICES ACQUISITION

1.2.3 (L1) Ensure 'Reset account lockout counter after' is set to '15 or more minute(s)'CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1Windows

ACCESS CONTROL

1.3 Ensure Password Complexity is set to 3CIS Check Point Firewall L1 v1.1.0CheckPoint

IDENTIFICATION AND AUTHENTICATION

1.3 Verify no unauthorized kernel modules are loaded on the hostCIS VMware ESXi 5.5 v1.2.0 Level 1VMware
1.3.1 Ensure 'Minimum Password Complexity' is enabledCIS Palo Alto Firewall 10 v1.3.0 L1Palo_Alto

IDENTIFICATION AND AUTHENTICATION

1.3.1 Ensure 'Minimum Password Complexity' is enabledCIS Palo Alto Firewall 9 v1.1.0 L1Palo_Alto

IDENTIFICATION AND AUTHENTICATION

1.5 (L1) Host integrated hardware management controller must be secureCIS VMware ESXi 8.0 v1.2.0 L1 VMwareVMware

CONFIGURATION MANAGEMENT, MAINTENANCE

2.1 Configure NTP time synchronizationCIS VMware ESXi 5.5 v1.2.0 Level 1VMware

AUDIT AND ACCOUNTABILITY

2.2 Configure the ESXi host firewall to restrict access to services running on the hostCIS VMware ESXi 5.5 v1.2.0 Level 1VMware

ACCESS CONTROL

2.3 Disable Managed Object Browser (MOB)CIS VMware ESXi 5.5 v1.2.0 Level 1VMware
2.4 Do not use default self-signed certificates for ESXi communicationCIS VMware ESXi 5.5 v1.2.0 Level 1VMware
2.6 (L1) Host must have reliable time synchronization sourcesCIS VMware ESXi 8.0 v1.2.0 L1 VMwareVMware

AUDIT AND ACCOUNTABILITY

3.7 (L1) Host must automatically terminate idle DCUI sessionsCIS VMware ESXi 8.0 v1.2.0 L1 VMwareVMware

ACCESS CONTROL

3.12 (L1) Host must lock an account after a specified number of failed login attemptsCIS VMware ESXi 8.0 v1.2.0 L1 VMwareVMware

ACCESS CONTROL

4.3 (L1) Host must log sufficient information for eventsCIS VMware ESXi 8.0 v1.2.0 L1 VMwareVMware

AUDIT AND ACCOUNTABILITY

4.9 (L1) Host must transmit audit records to a remote log collectorCIS VMware ESXi 8.0 v1.2.0 L1 VMwareVMware

AUDIT AND ACCOUNTABILITY

5.2 (L1) Host must block network traffic by defaultCIS VMware ESXi 8.0 v1.2.0 L1 VMwareVMware

CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY

5.4 Ensure all WildFire session information settings are enabledCIS Palo Alto Firewall 11 v1.2.0 L1Palo_Alto

SYSTEM AND INFORMATION INTEGRITY

5.7 (L1) Host should reject MAC address changes on standard virtual switches and port groupsCIS VMware ESXi 8.0 v1.2.0 L1 VMwareVMware

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.7 Choosing Wildfire public cloud regionCIS Palo Alto Firewall 11 v1.2.0 L2Palo_Alto

CONFIGURATION MANAGEMENT

5.8 Ensure that 'Inline Cloud Analysis' on Wildfire profiles is enabledCIS Palo Alto Firewall 11 v1.2.0 L1Palo_Alto

SYSTEM AND INFORMATION INTEGRITY

6.1 Enable bidirectional CHAP authentication for iSCSI traffic.CIS VMware ESXi 5.5 v1.2.0 Level 1VMware

IDENTIFICATION AND AUTHENTICATION

6.4 Ensure DNS sinkholing is configured on all anti-spyware profiles in useCIS Palo Alto Firewall 11 v1.2.0 L1Palo_Alto

SYSTEM AND INFORMATION INTEGRITY

6.4 Zero out VMDK files prior to deletionCIS VMware ESXi 5.5 v1.2.0 Level 2VMware

CONFIGURATION MANAGEMENT

6.5.5 (L1) Host SSH daemon, if enabled, must set a timeout count on idle sessionsCIS VMware ESXi 8.0 v1.2.0 L1 UnixUnix

CONFIGURATION MANAGEMENT, MAINTENANCE

6.5.6 (L1) Host SSH daemon, if enabled, must set a timeout interval on idle sessionsCIS VMware ESXi 8.0 v1.2.0 L1 UnixUnix

CONFIGURATION MANAGEMENT, MAINTENANCE

6.5.12 (L1) Host SSH daemon, if enabled, must not permit user environment settingsCIS VMware ESXi 8.0 v1.2.0 L1 UnixUnix

CONFIGURATION MANAGEMENT, MAINTENANCE

6.6 Ensure a Vulnerability Protection Profile is set to block attacks against critical and high vulnerabilities, and set to default on medium, low, and informational vulnerabilitiesCIS Palo Alto Firewall 11 v1.2.0 L1Palo_Alto

RISK ASSESSMENT

6.20 Ensure that 'Wildfire Inline ML Action' on antivirus profiles are set to reset-both on all decoders except 'imap' and 'pop3'CIS Palo Alto Firewall 11 v1.2.0 L1Palo_Alto

SYSTEM AND INFORMATION INTEGRITY

6.21 Ensure that 'Wildfire Inline ML' on antivirus profiles are set to enable for all file typesCIS Palo Alto Firewall 11 v1.2.0 L1Palo_Alto

SYSTEM AND INFORMATION INTEGRITY

6.25 Ensure that 'DNS Policies' is configured on Anti-Spyware profiles if 'DNS Security' license is availableCIS Palo Alto Firewall 11 v1.2.0 L1Palo_Alto

AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY

7.2 Ensure 'Service setting of ANY' in a security policy allowing traffic does not existCIS Palo Alto Firewall 11 v1.2.0 L1Palo_Alto

ACCESS CONTROL, MEDIA PROTECTION

7.3 Ensure 'Security Policy' denying any/all traffic to/from IP addresses on Trusted Threat Intelligence Sources ExistsCIS Palo Alto Firewall 11 v1.2.0 L1Palo_Alto

ACCESS CONTROL, MEDIA PROTECTION

7.11 (L1) Virtual machines must remove unnecessary AHCI devicesCIS VMware ESXi 8.0 v1.2.0 L1 VMwareVMware

CONFIGURATION MANAGEMENT

7.18 (L1) Virtual machines must deactivate console copy operationsCIS VMware ESXi 8.0 v1.2.0 L1 VMwareVMware

CONFIGURATION MANAGEMENT

7.20 (L1) Virtual machines must limit access through the "dvfilter" network APICIS VMware ESXi 8.0 v1.2.0 L1 VMwareVMware

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

7.21 (L1) Virtual machines must deactivate virtual disk shrinking operationsCIS VMware ESXi 8.0 v1.2.0 L1 VMwareVMware

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

7.22 (L1) Virtual machines must deactivate virtual disk wiping operationsCIS VMware ESXi 8.0 v1.2.0 L1 VMwareVMware

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

7.26 (L1) Virtual machines must limit the number of retained diagnostic logsCIS VMware ESXi 8.0 v1.2.0 L1 VMwareVMware

AUDIT AND ACCOUNTABILITY

7.28 (L1) Virtual machines must limit informational messages from the virtual machine to the VMX fileCIS VMware ESXi 8.0 v1.2.0 L1 VMwareVMware

AUDIT AND ACCOUNTABILITY

8.2.1 Disconnect unauthorized devices - Floppy DevicesCIS VMware ESXi 5.5 v1.2.0 Level 2VMware

MEDIA PROTECTION

8.2.5 Disconnect unauthorized devices - USB DevicesCIS VMware ESXi 5.5 v1.2.0 Level 2VMware

MEDIA PROTECTION

8.2.7 Prevent unauthorized connection of devices.CIS VMware ESXi 5.5 v1.2.0 Level 1VMware

ACCESS CONTROL

8.4.7 Disable Guest Host Interaction Protocol HandlerCIS VMware ESXi 5.5 v1.2.0 Level 2VMware

CONFIGURATION MANAGEMENT

8.4.24 Disable VM Console Copy operationsCIS VMware ESXi 5.5 v1.2.0 Level 1VMware

CONFIGURATION MANAGEMENT

8.5 (L1) VMware Tools must limit the automatic addition of featuresCIS VMware ESXi 8.0 v1.2.0 L1 VMwareVMware

CONFIGURATION MANAGEMENT

18.10.57.3.2.1 (L2) Ensure 'Restrict Remote Desktop Services users to a single Remote Desktop Services session' is set to 'Enabled'CIS Windows Server 2012 DC L2 v3.0.0Windows

CONFIGURATION MANAGEMENT

18.10.57.3.2.1 (L2) Ensure 'Restrict Remote Desktop Services users to a single Remote Desktop Services session' is set to 'Enabled'CIS Microsoft Windows Server 2019 Stand-alone v3.0.0 L2 MSWindows

CONFIGURATION MANAGEMENT