Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.1.1 Syslog logging should be configuredCIS Palo Alto Firewall 10 v1.2.0 L1Palo_Alto

AUDIT AND ACCOUNTABILITY

1.2 Disable Unused ConnectorsCIS Apache Tomcat 9 L2 v1.2.0 MiddlewareUnix

CONFIGURATION MANAGEMENT

1.2.4 Ensure HTTP and Telnet options are disabled for all management profilesCIS Palo Alto Firewall 10 v1.2.0 L1Palo_Alto

CONFIGURATION MANAGEMENT

1.3.1 Ensure 'Minimum Password Complexity' is enabledCIS Palo Alto Firewall 10 v1.2.0 L1Palo_Alto

IDENTIFICATION AND AUTHENTICATION

1.3.3 Ensure 'Minimum Uppercase Letters' is greater than or equal to 1CIS Palo Alto Firewall 10 v1.2.0 L1Palo_Alto

IDENTIFICATION AND AUTHENTICATION

1.3.8 Ensure 'New Password Differs By Characters' is greater than or equal to 3CIS Palo Alto Firewall 10 v1.2.0 L1Palo_Alto

IDENTIFICATION AND AUTHENTICATION

1.3.9 Ensure 'Prevent Password Reuse Limit' is set to 24 or more passwordsCIS Palo Alto Firewall 10 v1.2.0 L1Palo_Alto

IDENTIFICATION AND AUTHENTICATION

1.3.10 Ensure 'Password Profiles' do not existCIS Palo Alto Firewall 10 v1.2.0 L1Palo_Alto

IDENTIFICATION AND AUTHENTICATION

1.5.1 Ensure 'V3' is selected for SNMP pollingCIS Palo Alto Firewall 10 v1.2.0 L1Palo_Alto

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.2 Alter the Advertised server.number StringCIS Apache Tomcat 9 L2 v1.2.0 MiddlewareUnix

CONFIGURATION MANAGEMENT

2.3 Alter the Advertised server.built DateCIS Apache Tomcat 9 L2 v1.2.0 MiddlewareUnix

CONFIGURATION MANAGEMENT

4.1 Restrict access to $CATALINA_HOMECIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

ACCESS CONTROL, MEDIA PROTECTION

4.6 Restrict access to Tomcat binaries directoryCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

ACCESS CONTROL, MEDIA PROTECTION

4.8 Restrict access to Tomcat catalina.propertiesCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

ACCESS CONTROL, MEDIA PROTECTION

4.9 Restrict access to Tomcat catalina.policyCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

ACCESS CONTROL, MEDIA PROTECTION

4.15 Restrict access to jaspic-providers.xmlCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

ACCESS CONTROL, MEDIA PROTECTION

7.2 Specify file handler in logging.properties files - check if java.util.logging.ConsoleHandler logging is enabled in defaultCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

AUDIT AND ACCOUNTABILITY

7.6 Ensure directory in logging.properties is a secure location - check application log directory is secureCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

ACCESS CONTROL

10.1 Ensure Web content directory is on a separate partition from the Tomcat system files - verify Web content directoryCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

CONFIGURATION MANAGEMENT, MAINTENANCE

10.2 Restrict access to the web administration applicationCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

ACCESS CONTROL

10.10 Configure maxHttpHeaderSizeCIS Apache Tomcat 9 L2 v1.2.0 MiddlewareUnix

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

10.14 Do not allow cross context requestsCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY

10.17 Setting Security Lifecycle Listener - check for config componentCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

ACCESS CONTROL

18.10.9.1.7 (BL) Ensure 'Choose how BitLocker-protected fixed drives can be recovered: Save BitLocker recovery information to AD DS for fixed data drives' is set to 'Enabled: False'CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BLWindows

SYSTEM AND COMMUNICATIONS PROTECTION

18.10.9.1.7 (BL) Ensure 'Choose how BitLocker-protected fixed drives can be recovered: Save BitLocker recovery information to AD DS for fixed data drives' is set to 'Enabled: False'CIS Microsoft Windows 11 Stand-alone v3.0.0 BLWindows

SYSTEM AND COMMUNICATIONS PROTECTION

18.10.9.2.3 (BL) Ensure 'Choose how BitLocker-protected operating system drives can be recovered' is set to 'Enabled'CIS Microsoft Windows 10 Stand-alone v3.0.0 L2 BLWindows

SYSTEM AND COMMUNICATIONS PROTECTION

18.10.9.2.13 (BL) Ensure 'Require additional authentication at startup' is set to 'Enabled'CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL NGWindows

ACCESS CONTROL

18.10.9.2.13 (BL) Ensure 'Require additional authentication at startup' is set to 'Enabled'CIS Microsoft Windows 10 Enterprise v3.0.0 L1 + BLWindows

ACCESS CONTROL

18.10.9.2.14 (BL) Ensure 'Require additional authentication at startup: Allow BitLocker without a compatible TPM' is set to 'Enabled: False'CIS Microsoft Windows 10 Enterprise v3.0.0 L2 + BL + NGWindows

ACCESS CONTROL

18.10.9.2.14 (BL) Ensure 'Require additional authentication at startup: Allow BitLocker without a compatible TPM' is set to 'Enabled: False'CIS Microsoft Windows 10 Stand-alone v3.0.0 L2 BLWindows

ACCESS CONTROL

18.10.36.1 (L2) Ensure 'Turn off location' is set to 'Enabled'CIS Microsoft Windows Server 2016 v3.0.0 L2 DCWindows

CONFIGURATION MANAGEMENT

18.10.36.1 (L2) Ensure 'Turn off location' is set to 'Enabled'CIS Microsoft Windows 11 Stand-alone v3.0.0 L2Windows

CONFIGURATION MANAGEMENT

18.10.36.1 (L2) Ensure 'Turn off location' is set to 'Enabled'CIS Microsoft Windows 10 Stand-alone v3.0.0 L2Windows

CONFIGURATION MANAGEMENT

CIS Control 12 (12.4(b)) Deny Communications Over Unauthorized PortsCAS Implementation Group 1 Audit FileUnix

SYSTEM AND COMMUNICATIONS PROTECTION

CIS Control 13 (13.1) Maintain an Inventory of Sensitive InformationCAS Implementation Group 1 Audit FileUnix

CONFIGURATION MANAGEMENT

CIS_Amazon_Linux_2_STIG_v1.0.0_L1.audit from CIS Amazon Linux 2 STIG Benchmark v1.0.0CIS Amazon Linux 2 STIG v1.0.0 L1Unix
CIS_Amazon_Linux_2_STIG_v1.0.0_L3.audit from CIS Amazon Linux 2 STIG Benchmark v1.0.0CIS Amazon Linux 2 STIG v1.0.0 L3Unix
CIS_Fedora_28_Family_Linux_Server_L1_v1.0.0.audit from CIS Fedora 19 Family Linux Benchmark v1.0.0CIS Fedora 19 Family Linux Server L1 v1.0.0Unix
CIS_Microsoft_Exchange_Server_2016_Level_1_Hub_v1.0.0.audit from CIS Microsoft Exchange Server 2016 v1.0.0 BenchmarkCIS Microsoft Exchange Server 2016 Hub v1.0.0Windows

SYSTEM AND INFORMATION INTEGRITY

CIS_Microsoft_Office_Access_2013_v1.0.1_Level_1.audit from CIS Microsoft Office Access 2013 Benchmark v1.0.1CIS Microsoft Office Access 2013 v1.0.1Windows
CIS_Microsoft_Office_Access_2016_v1.0.1_Level_1.audit from CIS Microsoft Office Access 2016 Benchmark v1.0.1CIS Microsoft Office Access 2016 v1.0.1Windows
CIS_Microsoft_Office_Outlook_2013_v1.1.0_Level_1.audit from CIS Microsoft Office Outlook 2013 Benchmark v1.1.0CIS Microsoft Office Outlook 2013 v1.1.0 Level 1Windows
CIS_Microsoft_Office_Outlook_2016_v1.0.1_Level_1.audit from CIS Microsoft Office Outlook 2016 Benchmark v1.0.1CIS Microsoft Office Outlook 2016 v1.1.0 Level 1Windows
CIS_Microsoft_Office_PowerPoint_2013_v1.0.1_Level_1.audit from CIS Microsoft Office PowerPoint 2013 Benchmark v1.0.1CIS Microsoft Office PowerPoint 2013 v1.0.1Windows
CIS_Mozilla_Firefox_ESR_GPO_v1.0.0_L1.audit from CIS Mozilla Firefox ESR GPO Benchmark v1.0.0CIS Mozilla Firefox ESR GPO v1.0.0 L1Windows
CIS_MySQL_5.6_Community_Benchmark_v2.0.0_OS_MS_L1.audit from CIS Oracle MySQL 5.6 Community Edition BenchmarkCIS MySQL 5.6 Community Windows OS L2 v2.0.0Windows
CIS_MySQL_5.6_Community_Benchmark_v2.0.0_OS_UNIX_L1.audit from CIS Oracle MySQL 5.6 Community Edition BenchmarkCIS MySQL 5.6 Community Linux OS L1 v2.0.0Unix
CIS_MySQL_5.6_Enterprise_Benchmark_v2.0.0_OS_MS_L1.audit from CIS Oracle MySQL 5.6 Enterprise Edition BenchmarkCIS MySQL 5.6 Enterprise Windows OS L1 v2.0.0Windows
CIS_MySQL_5.6_Enterprise_Benchmark_v2.0.0_OS_MS_L1.audit from CIS Oracle MySQL 5.6 Enterprise Edition BenchmarkCIS MySQL 5.6 Enterprise Windows OS L2 v2.0.0Windows
JUEX-NM-000520 - The Juniper EX switch must be configured to implement cryptographic mechanisms using a FIPS 140-2 approved algorithm to protect the confidentiality of remote maintenance sessions.DISA Juniper EX Series Network Device Management v2r2Juniper

MAINTENANCE