Item Search

NameAudit NamePluginCategory
1.1.21 Disable AutomountingCIS Debian 8 Workstation L2 v2.0.2Unix

MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY

1.1.21 Disable AutomountingCIS Debian 8 Server L1 v2.0.2Unix

MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY

1.1.22 Disable AutomountingCIS CentOS 6 Server L1 v3.0.0Unix

SYSTEM AND INFORMATION INTEGRITY

1.1.22 Disable AutomountingCIS Oracle Linux 6 Workstation L2 v2.0.0Unix

SYSTEM AND INFORMATION INTEGRITY

1.1.22 Disable AutomountingCIS Oracle Linux 6 Server L1 v2.0.0Unix

SYSTEM AND INFORMATION INTEGRITY

1.1.22 Disable AutomountingCIS Red Hat 6 Server L1 v3.0.0Unix

SYSTEM AND INFORMATION INTEGRITY

1.1.22 Disable AutomountingCIS Red Hat 6 Workstation L2 v3.0.0Unix

SYSTEM AND INFORMATION INTEGRITY

1.1.27 Disable AutomountingCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION

1.2.1 Set 'privilege 1' for local users - 'No users with privileges 2-15'CIS Cisco IOS 15 L1 v4.1.1Cisco

ACCESS CONTROL

1.2.6.3 Ensure passcode have at least 1 number is set to enabledCIS Zoom L1 v1.0.0Zoom

CONFIGURATION MANAGEMENT

1.13.3.1.6 Ensure 'Remove file extensions blocked as Level 2' is set to DisabledCIS Microsoft Office Outlook 2016 v1.1.0 Level 1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

2.1.4 Ensure CUPS is not installedCIS Debian Family Server L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

2.1.4 Ensure CUPS is not installedCIS Debian Family Workstation L2 v1.0.0Unix

SYSTEM AND INFORMATION INTEGRITY

2.1.4 Ensure CUPS is not installedCIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0Unix

CONFIGURATION MANAGEMENT

3.10.25.1 (L1) Ensure 'Block user from showing account details on sign-in' is set to 'Enabled'CIS Microsoft Intune for Windows 11 v3.0.1 L1Windows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

8.4.11 Ensure Unity Push Update is disabledCIS VMware ESXi 6.5 v1.0.0 Level 2VMware

SYSTEM AND INFORMATION INTEGRITY

8.4.14 Disable Shell ActionCIS VMware ESXi 5.5 v1.2.0 Level 2VMware

CONFIGURATION MANAGEMENT

8.4.18 Disable UnityCIS VMware ESXi 5.5 v1.2.0 Level 2VMware

CONFIGURATION MANAGEMENT

18.6.8.1 (L1) Ensure 'Enable insecure guest logons' is set to 'Disabled'CIS Microsoft Windows 10 Stand-alone v3.0.0 L1Windows

CONFIGURATION MANAGEMENT

18.6.8.1 (L1) Ensure 'Enable insecure guest logons' is set to 'Disabled'CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL NGWindows

CONFIGURATION MANAGEMENT

18.9.24.4 Ensure 'Default Protections for Popular Software' is set to 'Enabled' - opera.exe 2CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0Windows

CONFIGURATION MANAGEMENT

18.9.28.1 (L1) Ensure 'Block user from showing account details on sign-in' is set to 'Enabled'CIS Microsoft Windows 10 Enterprise v3.0.0 L1 + BLWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.9.28.1 (L1) Ensure 'Block user from showing account details on sign-in' is set to 'Enabled'CIS Microsoft Windows 11 Stand-alone v3.0.0 L1 + BLWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.9.28.1 (L1) Ensure 'Block user from showing account details on sign-in' is set to 'Enabled'CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 NGWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.9.28.1 (L1) Ensure 'Block user from showing account details on sign-in' is set to 'Enabled'CIS Microsoft Windows 11 Enterprise v4.0.0 L1Windows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.9.52.1 Ensure 'Prevent the usage of OneDrive for file storage' is set to 'Enabled'CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0Windows

ACCESS CONTROL

18.10.14.3 (L1) Ensure 'Prevent the use of security questions for local accounts' is set to 'Enabled'CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 NGWindows

CONFIGURATION MANAGEMENT

18.10.14.3 (L1) Ensure 'Prevent the use of security questions for local accounts' is set to 'Enabled'CIS Microsoft Windows 10 Enterprise v3.0.0 L1 + BL + NGWindows

CONFIGURATION MANAGEMENT

18.10.15.3 (L1) Ensure 'Prevent the use of security questions for local accounts' is set to 'Enabled'CIS Microsoft Windows 11 Enterprise v4.0.0 L1Windows

CONFIGURATION MANAGEMENT

CASA-VN-000180 - The Cisco ASA must be configured to specify Perfect Forward Secrecy (PFS) for the IPsec Security Association (SA) during IKE Phase 2 negotiation.DISA STIG Cisco ASA VPN v2r2Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

CIS Microsoft IIS 8 Benchmark v1.5.1 Level 2CIS IIS 8.0 v1.5.1 Level 2Windows
CIS_Aliyun_Linux_2_L2_v1.0.0.audit from CIS Aliyun Linux 2 Benchmark v1.0.0CIS Aliyun Linux 2 L2 v1.0.0Unix
Display Level 1 attachmentsMSCT M365 Apps for enterprise 2312 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO241 - Action to demote an EMail Level 1 attachment to Level 2 must be configured.DISA STIG Microsoft Outlook 2013 v1r13Windows

SYSTEM AND COMMUNICATIONS PROTECTION

ESXI5-VM-000019 - The unexposed feature keyword isolation.tools.ghi.protocolhandler.info.disable must be initialized to decrease the VMs potential attack vectors.DISA STIG VMWare ESXi 5 Virtual Machine STIG v2r1VMware

CONFIGURATION MANAGEMENT

ESXI5-VM-000026 - The unexposed feature keyword isolation.tools.unity.push.update.disable must be initialized to decrease the VMs potential attack vectors.DISA STIG VMWare ESXi 5 Virtual Machine STIG v2r1VMware

CONFIGURATION MANAGEMENT

ESXI5-VM-000031 - The unexposed feature keyword isolation.tools.guestDnDVersionSet.disable must be initialized to decrease the VMs potential attack vectors.DISA STIG VMWare ESXi 5 Virtual Machine STIG v2r1VMware

CONFIGURATION MANAGEMENT

GEN000290-2 - The system must not have the unnecessary news account - news account.DISA STIG for Oracle Linux 5 v2r1Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT

GEN002740-2 - The audit system must be configured to audit file deletions - 'rmdir'DISA STIG for Oracle Linux 5 v2r1Unix

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

GEN002740-2 - The audit system must be configured to audit file deletions - 'rmdir'DISA STIG for Red Hat Enterprise Linux 5 v1r18 AuditUnix

AUDIT AND ACCOUNTABILITY

GEN005507 - The SSH daemon must be configured to only use Message Authentication Codes (MACs) employing FIPS 140-2 approved cryptographic hash algorithms - MACs that employ FIPS 140-2 cryptographic hash algorithms.DISA STIG for Oracle Linux 5 v2r1Unix

ACCESS CONTROL

GEN005512 - The SSH client must be configured to only use Message Authentication Codes (MACs) employing FIPS 140-2 approved cryptographic hash algorithms - MACs that employ FIPS 140-2 cryptographic hash algorithms.DISA STIG for Oracle Linux 5 v2r1Unix

ACCESS CONTROL

MADB-10-004400 - MariaDB must use NIST FIPS 140-2 validated cryptographic modules for cryptographic operations.DISA MariaDB Enterprise 10.x v2r2 DBMySQLDB

IDENTIFICATION AND AUTHENTICATION

O365-OU-000016 - The display of Level 1 attachments must be disabled in Outlook.DISA STIG Microsoft Office 365 ProPlus v3r1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

SPLK-CL-000010 - Splunk Enterprise must be installed with FIPS mode enabled, to implement NIST FIPS 140-2 approved ciphers for all cryptographic functions.DISA STIG Splunk Enterprise 7.x for Windows v3r1 REST APISplunk

SYSTEM AND COMMUNICATIONS PROTECTION

SRG-OS-000120-ESXI5 - The password hashes stored on the system must have been generated using a FIPS 140-2 approved cryptographic hashing algorithm.DISA STIG VMWare ESXi Server 5 STIG v2r1VMware

IDENTIFICATION AND AUTHENTICATION

VM : disable-hgfsVMWare vSphere 6.5 Hardening GuideVMware

CONFIGURATION MANAGEMENT

WBSP-AS-000212 - The WebSphere Application Server Java 2 security must not be bypassed.DISA IBM WebSphere Traditional 9 Windows STIG v1r1Windows

ACCESS CONTROL

WBSP-AS-000212 - The WebSphere Application Server Java 2 security must not be bypassed.DISA IBM WebSphere Traditional 9 STIG v1r1 MiddlewareUnix

ACCESS CONTROL

WN11-CC-000345 - The Windows Remote Management (WinRM) service must not use Basic authentication.DISA Windows 11 STIG v2r2Windows

MAINTENANCE