Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1 Keep ESXi system properly patchedCIS VMware ESXi 5.5 v1.2.0 Level 1VMware
1.2 Verify Image Profile and VIB Acceptance LevelsCIS VMware ESXi 5.5 v1.2.0 Level 1VMware
1.3 Verify no unauthorized kernel modules are loaded on the hostCIS VMware ESXi 5.5 v1.2.0 Level 1VMware
2.4 Disable X-Powered-By HTTP Header and Rename the Server Value for all ConnectorsCIS Apache Tomcat 9 L2 v1.2.0 MiddlewareUnix

CONFIGURATION MANAGEMENT

2.4 Do not use default self-signed certificates for ESXi communicationCIS VMware ESXi 5.5 v1.2.0 Level 1VMware
2.5 Disable client facing Stack Traces - check for defined exception typeCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

CONFIGURATION MANAGEMENT

3.1 Ensure detailed logging is enabledCIS NGINX Benchmark v2.1.0 L1 ProxyUnix

AUDIT AND ACCOUNTABILITY

4.2 Restrict access to $CATALINA_BASECIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

ACCESS CONTROL, MEDIA PROTECTION

4.12 Restrict access to Tomcat server.xmlCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

ACCESS CONTROL, MEDIA PROTECTION

5.2 Use LockOut RealmsCIS Apache Tomcat 9 L2 v1.2.0 MiddlewareUnix

CONFIGURATION MANAGEMENT

5.6 Remove keys from SSH authorized_keys fileCIS VMware ESXi 5.5 v1.2.0 Level 2VMware

SYSTEM AND INFORMATION INTEGRITY

5.7 Set a timeout to automatically terminate idle ESXi Shell and SSH sessionsCIS VMware ESXi 5.5 v1.2.0 Level 1VMware

ACCESS CONTROL

6.1 Setup Client-cert AuthenticationCIS Apache Tomcat 9 L2 v1.2.0 MiddlewareUnix

IDENTIFICATION AND AUTHENTICATION

6.3 Ensure scheme is set accuratelyCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

CONFIGURATION MANAGEMENT

7.2 Specify file handler in logging.properties files - check if org.apache.juli.FileHandler logging is enabled in web applicationCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

AUDIT AND ACCOUNTABILITY

7.5 Ensure that port groups are not configured to VLAN values reserved by upstream physical switchesCIS VMware ESXi 5.5 v1.2.0 Level 1VMware
7.6 Ensure directory in logging.properties is a secure location - check log directory locationCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

ACCESS CONTROL

8.2.2 Disconnect unauthorized devices - CD/DVD DevicesCIS VMware ESXi 5.5 v1.2.0 Level 2VMware
8.2.6 Prevent unauthorized removal and modification of devices.CIS VMware ESXi 5.5 v1.2.0 Level 1VMware

ACCESS CONTROL

8.4.25 Disable VM Console Drag and Drop operationsCIS VMware ESXi 5.5 v1.2.0 Level 1VMware

CONFIGURATION MANAGEMENT

8.4.27 Disable VM Console Paste operationsCIS VMware ESXi 5.5 v1.2.0 Level 1VMware

CONFIGURATION MANAGEMENT

8.4.28 Control access to VM console via VNC protocolCIS VMware ESXi 5.5 v1.2.0 Level 1VMware

CONFIGURATION MANAGEMENT

8.6.2 Disable virtual disk shrinkingCIS VMware ESXi 5.5 v1.2.0 Level 1VMware

CONFIGURATION MANAGEMENT

8.7.2 Limit number of VM log filesCIS VMware ESXi 5.5 v1.2.0 Level 1VMware

AUDIT AND ACCOUNTABILITY

8.7.4 Limit VM log file sizeCIS VMware ESXi 5.5 v1.2.0 Level 1VMware

AUDIT AND ACCOUNTABILITY

10.5 Rename the manager application - host-manager/manager.xmlCIS Apache Tomcat 9 L2 v1.2.0 MiddlewareUnix

CONFIGURATION MANAGEMENT

10.7 Turn off session facade recyclingCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

CONFIGURATION MANAGEMENT

10.8 Do not allow additional path delimiters - ALLOW_ENCODED_SLASHCIS Apache Tomcat 9 L2 v1.2.0 MiddlewareUnix

CONFIGURATION MANAGEMENT

10.9 Configure connectionTimeoutCIS Apache Tomcat 9 L2 v1.2.0 MiddlewareUnix

CONFIGURATION MANAGEMENT

10.12 Do not allow symbolic linkingCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY

10.17 Setting Security Lifecycle Listener - check for umask present in startupCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

ACCESS CONTROL

18.9.59.3.9.4 Ensure 'Require user authentication for remote connections by using Network Level Authentication' is set to 'Enabled'CIS Microsoft Windows 8.1 v2.4.1 L1Windows

IDENTIFICATION AND AUTHENTICATION

18.9.108.1.3 (L1) Ensure 'No auto-restart with logged on users for scheduled automatic updates installations' is set to 'Disabled'CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1Windows

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

18.9.108.1.3 (L1) Ensure 'No auto-restart with logged on users for scheduled automatic updates installations' is set to 'Disabled'CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

18.10.93.1.1 (L1) Ensure 'No auto-restart with logged on users for scheduled automatic updates installations' is set to 'Disabled'CIS Windows Server 2012 R2 DC L1 v3.0.0Windows

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

18.10.93.1.1 (L1) Ensure 'No auto-restart with logged on users for scheduled automatic updates installations' is set to 'Disabled'CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLockerWindows

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

18.10.93.1.1 (L1) Ensure 'No auto-restart with logged on users for scheduled automatic updates installations' is set to 'Disabled'CIS Microsoft Windows 11 Stand-alone v4.0.0 L1Windows

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

18.10.93.1.1 (L1) Ensure 'No auto-restart with logged on users for scheduled automatic updates installations' is set to 'Disabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L1Windows

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

18.10.93.1.1 (L1) Ensure 'No auto-restart with logged on users for scheduled automatic updates installations' is set to 'Disabled'CIS Windows Server 2012 DC L1 v3.0.0Windows

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

18.10.93.1.1 (L1) Ensure 'No auto-restart with logged on users for scheduled automatic updates installations' is set to 'Disabled'CIS Windows Server 2012 MS L1 v3.0.0Windows

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

18.10.93.1.1 (L1) Ensure 'No auto-restart with logged on users for scheduled automatic updates installations' is set to 'Disabled'CIS Microsoft Windows Server 2019 Stand-alone v3.0.0 L1 MSWindows

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

18.10.93.1.1 (L1) Ensure 'No auto-restart with logged on users for scheduled automatic updates installations' is set to 'Disabled'CIS Microsoft Windows Server 2019 v4.0.0 L1 DCWindows

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

18.10.93.1.1 (L1) Ensure 'No auto-restart with logged on users for scheduled automatic updates installations' is set to 'Disabled'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BLWindows

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

18.10.93.1.1 (L1) Ensure 'No auto-restart with logged on users for scheduled automatic updates installations' is set to 'Disabled'CIS Microsoft Windows Server 2022 v4.0.0 L1 DCWindows

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

18.10.93.1.1 (L1) Ensure 'No auto-restart with logged on users for scheduled automatic updates installations' is set to 'Disabled'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NGWindows

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

18.10.93.1.1 (L1) Ensure 'No auto-restart with logged on users for scheduled automatic updates installations' is set to 'Disabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BLWindows

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

CIS_IBM_WebSphere_Liberty_v1.0.0_L2.audit from CIS IBM WebSphere Liberty Benchmark v1.0.0CIS IBM WebSphere Liberty v1.0.0 L2Unix
CIS_Ubuntu_Linux_18.04_LTS_v2.2.0_L1_Workstation.audit from CIS Ubuntu Linux 18.04 LTS Benchmark v2.2.0CIS Ubuntu Linux 18.04 LTS v2.2.0 L1 WorkstationUnix
CIS_Ubuntu_Linux_20.04_LTS_v3.0.0_L1_Workstation.audit from CIS Ubuntu Linux 20.04 LTS Benchmark v3.0.0CIS Ubuntu Linux 20.04 LTS v3.0.0 L1 WorkstationUnix
CIS_Ubuntu_Linux_20.04_LTS_v3.0.0_L2_Workstation.audit from CIS Ubuntu Linux 20.04 LTS Benchmark v3.0.0CIS Ubuntu Linux 20.04 LTS v3.0.0 L2 WorkstationUnix