Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.21 Ensure sticky bit is set on all world-writable directoriesCIS Red Hat EL8 Workstation L1 v1.0.0Unix

ACCESS CONTROL

1.3.2 Ensure sudo commands use ptyCIS Oracle Linux 7 Server L1 v3.0.0Unix

ACCESS CONTROL

1.6.1.2 Ensure the SELinux state is enforcing - 'Current mode'CIS Ubuntu Linux 14.04 LTS Workstation L2 v2.0.0Unix

ACCESS CONTROL

1.6.1.2 Ensure the SELinux state is enforcing - 'SELINUX'CIS Ubuntu Linux 14.04 LTS Server L2 v2.0.0Unix

ACCESS CONTROL

1.6.1.3 Ensure SELinux policy is configuredCIS Oracle Linux 6 Workstation L2 v1.1.0Unix

ACCESS CONTROL

1.6.1.3 Ensure SELinux policy is configured - 'Policy from config file'CIS Ubuntu Linux 14.04 LTS Server L2 v2.0.0Unix

ACCESS CONTROL

1.6.1.3 Ensure SELinux policy is configured - 'SELINUXTYPE'CIS Ubuntu Linux 14.04 LTS Server L2 v2.0.0Unix

ACCESS CONTROL

1.6.2.2 Ensure all AppArmor Profiles are enforcing - 'complian mode'CIS Ubuntu Linux 14.04 LTS Workstation L2 v2.0.0Unix

ACCESS CONTROL

1.8.10 Set default umask for users '/etc/d.login'CIS HP-UX 11i v1.5Unix

ACCESS CONTROL

1.8.10 Set default umask for users '/etc/profile'CIS HP-UX 11i v1.5Unix

ACCESS CONTROL

2.2 Ensure IAM Policy for EC2 IAM Roles for App tier is configuredCIS Amazon Web Services Three-tier Web Architecture L1 1.0.0amazon_aws

ACCESS CONTROL

2.2.14 Ensure 'SEC_PROTOCOL_ERROR_FURTHER_ACTION' Is Set to 'DELAY,3' or 'DROP,3'CIS Oracle Server 11g R2 DB v2.2.0OracleDB

ACCESS CONTROL

2.2.26 Ensure 'Deny log on as a batch job' to include 'Guests, Enterprise Admins Group, and Domain Admins Group' (STIG MS only)CIS Microsoft Windows Server 2019 STIG v2.0.0 STIG MSWindows

ACCESS CONTROL

2.4.2 Restrict BIND Access with SELinux 'named_disable_trans'CIS ISC BIND 9.0/9.5 v2.0.0Unix

ACCESS CONTROL

2.7 Prevent unintended use of dvfilter network APIsCIS VMware ESXi 5.1 v1.0.1 Level 1VMware

ACCESS CONTROL

2.13.2 - PCM - enhanced RBAC (AIX 6.1 only) - 'lskst -t auth info'CIS AIX 5.3/6.1 L2 v1.1.0Unix

ACCESS CONTROL

2.13.2 - PCM - enhanced RBAC (AIX 6.1 only) - 'lskst -t cmd info'CIS AIX 5.3/6.1 L2 v1.1.0Unix

ACCESS CONTROL

2.13.2 - PCM - enhanced RBAC (AIX 6.1 only) - 'lskst -t domobj info'CIS AIX 5.3/6.1 L2 v1.1.0Unix

ACCESS CONTROL

3.4.3.8 Ensure nftables rules are permanentCIS Red Hat EL8 Server L1 v1.0.0Unix

ACCESS CONTROL

4.5 Activate AppArmor - GRUB_CMDLINE_LINUX - apparmor=1CIS Debian Linux 7 L2 v1.0.0Unix

ACCESS CONTROL

4.5 Activate AppArmor - GRUB_CMDLINE_LINUX - security=apparmorCIS Debian Linux 7 L2 v1.0.0Unix

ACCESS CONTROL

5.3 Reduce the sudo timeout periodCIS Apple macOS 10.13 L1 v1.0.0Unix

ACCESS CONTROL

5.3 Reduce the sudo timeout periodCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

ACCESS CONTROL

5.3 Reduce the sudo timeout periodCIS Apple OSX 10.11 El Capitan L1 v1.1.0Unix

ACCESS CONTROL

5.5 Use a separate timestamp for each user/tty comboCIS Apple macOS 10.13 L1 v1.1.0Unix

ACCESS CONTROL

7.7 Set Default umask for FTP Users - Check if 'defumask' is set to 077.CIS Solaris 10 v5.2Unix

ACCESS CONTROL

8.1 Block system accounts, Ensure account 'adm' is locked.CIS Solaris 9 v1.3Unix

ACCESS CONTROL

8.1 Block system accounts, Ensure account 'lp' is locked.CIS Solaris 9 v1.3Unix

ACCESS CONTROL

8.1 Block system accounts, Ensure account 'nobody' is locked.CIS Solaris 9 v1.3Unix

ACCESS CONTROL

8.1 Block system accounts, Ensure account 'nuucp' is locked.CIS Solaris 9 v1.3Unix

ACCESS CONTROL

8.1 Block System Accounts, should pass if the default shell for 'nobody4' is set to /dev/null.CIS Solaris 9 v1.3Unix

ACCESS CONTROL

8.1 Block System Accounts, should pass if the default shell for 'nuucp' is set to /dev/null.CIS Solaris 9 v1.3Unix

ACCESS CONTROL

8.1 Block System Accounts, should pass if the default shell for 'smtp' is set to /dev/null.CIS Solaris 9 v1.3Unix

ACCESS CONTROL

8.4.1 Control access to VMs through the dvfilter network APIsCIS VMware ESXi 5.5 v1.2.0 Level 1VMware

ACCESS CONTROL

20.2 (L1) Ensure 'Event Logs are protected'CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1Windows

ACCESS CONTROL

20.46 Ensure 'Permissions for program file directories must conform to minimum requirements'CIS Microsoft Windows Server 2016 STIG v2.0.0 STIG DCWindows

ACCESS CONTROL

20.51 Ensure 'Permissions for the Windows installation directory conform to minimum requirements'CIS Microsoft Windows Server 2016 STIG v2.0.0 STIG MSWindows

ACCESS CONTROL

Appendix E: HP-UX Bastille configuration entries 'AccountSecurity.umask=077'CIS HP-UX 11i v1.5Unix

ACCESS CONTROL

Configure Role-Based Access Control - 'security.authorization = enabled'TNS MongoDB 2.6 Best Practices Linux OS Audit v1.0Unix

ACCESS CONTROL

Connection settings - 'pg_hba.conf no host entries for 'all' users'TNS PostgreSQL 9.1 Best Practices Windows OSWindows

ACCESS CONTROL

Connection settings - 'pg_hba.conf review entries using 'trust' method'TNS PostgreSQL 9.1 Best Practices Windows OSWindows

ACCESS CONTROL

Connections - Host Based Authentication - no unconditional connectTNS PostgreSQL 9.6 Best Practices Windows OSWindows

ACCESS CONTROL

Ensure Standalone LDAP Registry SSL is EnabledTNS IBM WebSphere Application Server 9 Linux Best PracticesUnix

ACCESS CONTROL

IBM i : Allow User Domain Objects (QALWUSRDMN) - '*ALL'IBM System i Security Reference for V7R3AS/400

ACCESS CONTROL

IBM i : Use Adopted Authority (QUSEADPAUT) - AUTH_LIST_NAMEIBM System i Security Reference for V7R1 and V6R1AS/400

ACCESS CONTROL

SalesForce.com : User Permissions - 'Review Active System Administrators'TNS Salesforce Best Practices Audit v1.1.0Salesforce.com

ACCESS CONTROL

User IDs which disclose the privileges associated with it, should not be created. 'lock'TNS IBM HTTP Server Best PracticeUnix

ACCESS CONTROL

VM : verify-network-filterVMWare vSphere 6.0 Hardening GuideVMware

ACCESS CONTROL

VM: verify-network-filterTNS VMWare vSphere Best PracticesVMware

ACCESS CONTROL

WG470 - Wscript.exe and Cscript.exe are accessible by users other than the SA and Web Manager. - 'wscript.exe'DISA STIG IIS 6.0 Installation v6r1Windows

ACCESS CONTROL