Item Search

Name	Audit Name	Plugin	Category
1.3 Ensure device is physically secured	CIS Juniper OS Benchmark v2.1.0 L1	Juniper	ACCESS CONTROL
1.13.5 Ensure 'Allow Active X One Off Forms' is set to Enabled:Load only Outlook Controls	CIS Microsoft Office Outlook 2016 v1.1.0 Level 1	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
1.13.5 Ensure 'Allow Active X One Off Forms' is set to Enabled:Load only Outlook Controls	CIS Microsoft Office Outlook 2013 v1.1.0 Level 1	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
2.5.14.5 Ensure 'Allow Active X One Off Forms' is set to 'Enabled: Load only Outlook Controls'	CIS Microsoft Office Enterprise v1.2.0 L1	Windows	CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION
3.10.9.1.3 (BL) Ensure 'Prevent installation of devices that match any of these device IDs: Prevent installation of devices that match any of these device IDs' is set to 'PCI\CC_0C0A'	CIS Microsoft Intune for Windows 11 v3.0.1 BitLocker (BL)	Windows	MEDIA PROTECTION
3.18 Only enable Web server if absolutely necessary - Ensure file /etc/rc3.d/S50apache does NOT exist.	CIS Solaris 9 v1.3	Unix	CONFIGURATION MANAGEMENT
4.1.4 Ensure only modern TLS protocols are used	CIS NGINX Benchmark v2.1.0 L1 Loadbalancer	Unix	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
4.1.4 Ensure only modern TLS protocols are used	CIS NGINX Benchmark v2.1.0 L1 Webserver	Unix	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
4.1.4 Ensure only modern TLS protocols are used	CIS NGINX Benchmark v2.1.0 L1 Proxy	Unix	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
4.3.10 Ensure 'accessTokenEncoding' is set to a strong hash algorithm in OAuth 2.0	CIS IBM WebSphere Liberty v1.0.0 L1	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
4.3.11 Ensure 'allowPublicClients' is set to 'false' in OAuth 2.0	CIS IBM WebSphere Liberty v1.0.0 L1	Unix	ACCESS CONTROL
4.3.12 Ensure 'clientSecretEncoding' is set to a strong encoding type in OAuth 2.0	CIS IBM WebSphere Liberty v1.0.0 L1	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
4.3.13 Ensure 'httpsRequired' is set to 'true' in OAuth 2.0	CIS IBM WebSphere Liberty v1.0.0 L1	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
4.3.14 Ensure 'skipResourceOwnerValidation' is set to 'false' in OAuth 2.0	CIS IBM WebSphere Liberty v1.0.0 L1	Unix	IDENTIFICATION AND AUTHENTICATION
6.13 Ensure alerting after a threshold of credit card or Social Security numbers is detected is enabled	CIS Palo Alto Firewall 10 v1.2.0 L1	Palo_Alto	AUDIT AND ACCOUNTABILITY
6.13 Ensure alerting after a threshold of credit card or Social Security numbers is detected is enabled	CIS Palo Alto Firewall 11 v1.1.0 L1	Palo_Alto	AUDIT AND ACCOUNTABILITY
6.14 Ensure alerting after a threshold of credit card or Social Security numbers is detected is enabled - Data Filtering Profile	CIS Palo Alto Firewall 9 v1.1.0 L1	Palo_Alto	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT
6.14 Ensure alerting after a threshold of credit card or Social Security numbers is detected is enabled - Data Object	CIS Palo Alto Firewall 9 v1.1.0 L1	Palo_Alto	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT
6.15 Ensure a secure Data Filtering profile is applied to all security policies allowing traffic to or from the Internet	CIS Palo Alto Firewall 6 Benchmark L1 v1.0.0	Palo_Alto	SYSTEM AND INFORMATION INTEGRITY
7.7 (L1) Virtual machines must limit PCI/PCIe device passthrough functionality	CIS VMware ESXi 8.0 v1.1.0 L1	VMware	CONFIGURATION MANAGEMENT
18.9.7.1.2 (BL) Ensure 'Prevent installation of devices that match any of these device IDs: Prevent installation of devices that match any of these device IDs' is set to 'PCI\CC_0C0A'	CIS Microsoft Windows 10 Enterprise v3.0.0 L2 + BL + NG	Windows	MEDIA PROTECTION
18.9.7.1.2 (BL) Ensure 'Prevent installation of devices that match any of these device IDs: Prevent installation of devices that match any of these device IDs' is set to 'PCI\CC_0C0A'	CIS Microsoft Windows 10 Stand-alone v3.0.0 L2 BL	Windows	MEDIA PROTECTION
18.9.7.1.2 (BL) Ensure 'Prevent installation of devices that match any of these device IDs: Prevent installation of devices that match any of these device IDs' is set to 'PCI\CC_0C0A'	CIS Microsoft Windows 10 Stand-alone v3.0.0 L2 BL NG	Windows	MEDIA PROTECTION
18.9.7.1.2 (BL) Ensure 'Prevent installation of devices that match any of these device IDs: Prevent installation of devices that match any of these device IDs' is set to 'PCI\CC_0C0A'	CIS Microsoft Windows 10 Enterprise v3.0.0 L1 + BL	Windows	MEDIA PROTECTION
18.9.7.1.2 (BL) Ensure 'Prevent installation of devices that match any of these device IDs: Prevent installation of devices that match any of these device IDs' is set to 'PCI\CC_0C0A'	CIS Microsoft Windows 10 Enterprise v3.0.0 L1 + BL + NG	Windows	MEDIA PROTECTION
18.9.7.1.2 (BL) Ensure 'Prevent installation of devices that match any of these device IDs: Prevent installation of devices that match any of these device IDs' is set to 'PCI\CC_0C0A'	CIS Microsoft Windows 10 Stand-alone v3.0.0 BL	Windows	MEDIA PROTECTION
18.9.7.1.2 (BL) Ensure 'Prevent installation of devices that match any of these device IDs: Prevent installation of devices that match any of these device IDs' is set to 'PCI\CC_0C0A'	CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL	Windows	MEDIA PROTECTION
18.9.7.1.2 (BL) Ensure 'Prevent installation of devices that match any of these device IDs: Prevent installation of devices that match any of these device IDs' is set to 'PCI\CC_0C0A'	CIS Microsoft Windows 11 Stand-alone v3.0.0 BL	Windows	MEDIA PROTECTION
18.9.7.1.2 (BL) Ensure 'Prevent installation of devices that match any of these device IDs: Prevent installation of devices that match any of these device IDs' is set to 'PCI\CC_0C0A'	CIS Microsoft Windows 11 Stand-alone v3.0.0 L1 + BL	Windows	MEDIA PROTECTION
18.9.7.1.2 (BL) Ensure 'Prevent installation of devices that match any of these device IDs: Prevent installation of devices that match any of these device IDs' is set to 'PCI\CC_0C0A'	CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL NG	Windows	MEDIA PROTECTION
18.9.7.1.2 (BL) Ensure 'Prevent installation of devices that match any of these device IDs: Prevent installation of devices that match any of these device IDs' is set to 'PCI\CC_0C0A'	CIS Microsoft Windows 10 Enterprise v3.0.0 BL	Windows	MEDIA PROTECTION
18.9.7.1.2 (BL) Ensure 'Prevent installation of devices that match any of these device IDs: Prevent installation of devices that match any of these device IDs' is set to 'PCI\CC_0C0A'	CIS Microsoft Windows 10 Enterprise v3.0.0 L2 + BL	Windows	MEDIA PROTECTION
18.9.7.1.6 (L1) Ensure 'Prevent installation of devices that match any of these device IDs: Prevent installation of devices that match any of these device IDs' is set to 'PCI\CC_0C0A'	CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1	Windows	MEDIA PROTECTION
20.25 Ensure 'Domain-joined systems have a Trusted Platform Module (TPM) enabled and ready for use' (STIG only)	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS	Windows	CONFIGURATION MANAGEMENT
CASA-VN-000560 - The Cisco ASA remote access VPN server must be configured to use a FIPS-validated algorithm and hash function to protect the integrity of TLS remote access sessions.	DISA STIG Cisco ASA VPN v2r2	Cisco	ACCESS CONTROL
Overview of BIG-IP administrative access controls	Tenable F5 BIG-IP Best Practice Audit	F5	ACCESS CONTROL, CONFIGURATION MANAGEMENT
WDNS-SC-000031 - The Windows 2012 DNS Server must implement NIST FIPS-validated cryptography for provisioning digital signatures, generating cryptographic hashes, and protecting unclassified information requiring confidentiality.	DISA Microsoft Windows 2012 Server DNS STIG v2r7	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
WG340 IIS6 - A private web server must utilize an approved TLS version. - '128-Bit Encryption Enabled'	DISA STIG IIS 6.0 Site Checklist v6r16	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
WG340 IIS6 - A private web server must utilize an approved TLS version. - 'PCT 1.0\Server'	DISA STIG IIS 6.0 Site Checklist v6r16	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
WG340 IIS6 - A private web server must utilize an approved TLS version. - 'SSL 2.0\Client'	DISA STIG IIS 6.0 Site Checklist v6r16	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
WG340 IIS6 - A private web server must utilize an approved TLS version. - 'SSL 2.0\Server'	DISA STIG IIS 6.0 Site Checklist v6r16	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
WG340 IIS6 - A private web server must utilize an approved TLS version. - 'SSL 3.0\Server'	DISA STIG IIS 6.0 Site Checklist v6r16	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
WG340 IIS6 - A private web server must utilize an approved TLS version. - 'SSL Enabled'	DISA STIG IIS 6.0 Site Checklist v6r16	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
WG340 IIS6 - A private web server must utilize an approved TLS version. - 'TLS 1.0\Client'	DISA STIG IIS 6.0 Site Checklist v6r16	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
WG340 IIS6 - A private web server must utilize an approved TLS version. - 'TLS 1.0\Server'	DISA STIG IIS 6.0 Site Checklist v6r16	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
WG342 IIS6 - Public web servers must use TLS if authentication is required. - 'PCT 1.0 Server'	DISA STIG IIS 6.0 Site Checklist v6r16	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
WG342 IIS6 - Public web servers must use TLS if authentication is required. - 'SSL 2.0 Client'	DISA STIG IIS 6.0 Site Checklist v6r16	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
WG342 IIS6 - Public web servers must use TLS if authentication is required. - 'SSL 3.0 Client'	DISA STIG IIS 6.0 Site Checklist v6r16	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
WG342 IIS6 - Public web servers must use TLS if authentication is required. - 'SSL 3.0 Server'	DISA STIG IIS 6.0 Site Checklist v6r16	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
WG342 IIS6 - Public web servers must use TLS if authentication is required. - 'TLS 1.0 Client'	DISA STIG IIS 6.0 Site Checklist v6r16	Windows	SYSTEM AND COMMUNICATIONS PROTECTION

Detections

Analytics

Item Search