Item Search

Name	Audit Name	Plugin	Category
1.6.1.1 Ensure SELinux is enabled in the bootloader configuration - security=selinux	CIS Debian 9 Workstation L2 v1.0.1	Unix	ACCESS CONTROL
1.6.1.2 Ensure the SELinux state is enforcing - /etc/selinux/config	CIS Aliyun Linux 2 L2 v1.0.0	Unix	ACCESS CONTROL
1.6.1.3 Ensure SELinux policy is configured	CIS CentOS 6 Workstation L1 v3.0.0	Unix	ACCESS CONTROL
1.6.1.3 Ensure SELinux policy is configured	CIS Debian 9 Server L2 v1.0.1	Unix	ACCESS CONTROL
1.6.1.3 Ensure SELinux policy is configured - /etc/selinux/config	CIS Aliyun Linux 2 L2 v1.0.0	Unix	ACCESS CONTROL
1.6.1.4 Ensure no unconfined daemons exist	CIS Debian 9 Server L2 v1.0.1	Unix	ACCESS CONTROL
1.6.1.4 Ensure no unconfined daemons exist	CIS Debian 9 Workstation L2 v1.0.1	Unix	ACCESS CONTROL
1.6.2.2 Ensure all AppArmor Profiles are enforcing - complain mode	CIS Debian 9 Workstation L2 v1.0.1	Unix	ACCESS CONTROL
1.6.2.2 Ensure all AppArmor Profiles are enforcing - profiles loaded	CIS Debian 9 Workstation L2 v1.0.1	Unix	ACCESS CONTROL
1.7.1.2 Ensure AppArmor is enabled in the bootloader configuration - apparmor=1	CIS Debian Family Server L1 v1.0.0	Unix	ACCESS CONTROL
1.7.1.3 Ensure all AppArmor Profiles are in enforce or complain mode - 0 processes are unconfined	CIS Debian Family Workstation L1 v1.0.0	Unix	ACCESS CONTROL
1.7.1.3 Ensure all AppArmor Profiles are in enforce or complain mode - profiles loaded	CIS Debian Family Server L1 v1.0.0	Unix	ACCESS CONTROL
1.7.1.4 Ensure all AppArmor Profiles are enforcing - complain mode	CIS Debian Family Workstation L2 v1.0.0	Unix	ACCESS CONTROL
1.7.1.4 Ensure all AppArmor Profiles are enforcing - profiles loaded	CIS Debian Family Server L2 v1.0.0	Unix	ACCESS CONTROL
1.7.1.4 Ensure all AppArmor Profiles are enforcing - profiles loaded	CIS Debian Family Workstation L2 v1.0.0	Unix	ACCESS CONTROL
1.7.1.4 Ensure the SELinux mode is enforcing or permissive - /etc/selinux/config	CIS Fedora 19 Family Linux Server L1 v1.0.0	Unix	ACCESS CONTROL
1.7.1.4 Ensure the SELinux mode is enforcing or permissive - getenforce	CIS Fedora 19 Family Linux Workstation L1 v1.0.0	Unix	ACCESS CONTROL
1.7.1.5 Ensure the SELinux mode is enforcing - /etc/selinux/config	CIS Fedora 19 Family Linux Workstation L2 v1.0.0	Unix	ACCESS CONTROL
1.8.1.5 Ensure permissions on /etc/issue are configured	CIS Fedora 19 Family Linux Server L1 v1.0.0	Unix	ACCESS CONTROL
2.2.11 Ensure 'SEC_PROTOCOL_ERROR_FURTHER_ACTION' Is Set to '(DROP,3)'	CIS Oracle Server 18c DB Traditional Auditing v1.1.0	OracleDB	ACCESS CONTROL
2.2.13 Ensure 'SEC_PROTOCOL_ERROR_FURTHER_ACTION' Is Set to 'DROP,3'	CIS Oracle Server 12c DB Unified Auditing v3.0.0	OracleDB	ACCESS CONTROL
2.3 Set umask value for DB2 admin user .profile file	CIS IBM DB2 v10 v1.1.0 Linux OS Level 1	Unix	ACCESS CONTROL
2.3.10.12 (L1) Ensure 'Network access: Shares that can be accessed anonymously' is set to 'None'	CIS Microsoft Windows Server 2022 v3.0.0 L1 Member Server	Windows	ACCESS CONTROL
2.3.10.12 (L1) Ensure 'Network access: Shares that can be accessed anonymously' is set to 'None'	CIS Microsoft Windows Server 2025 v1.0.0 L1 MS	Windows	ACCESS CONTROL
4.4 Ensure logrotate assigns appropriate permissions	CIS Debian Family Workstation L1 v1.0.0	Unix	ACCESS CONTROL
4.6 Ensure No Public Database Links Exist	CIS Oracle Server 12c DB Traditional Auditing v3.0.0	OracleDB	ACCESS CONTROL
5.1 Use secure Realms	CIS Apache Tomcat 8 L2 v1.1.0	Unix	ACCESS CONTROL
5.1.2 Ensure permissions on /etc/crontab are configured	CIS Fedora 19 Family Linux Server L1 v1.0.0	Unix	ACCESS CONTROL
5.1.2 Ensure permissions on /etc/crontab are configured	CIS Fedora 19 Family Linux Workstation L1 v1.0.0	Unix	ACCESS CONTROL
5.1.5 Ensure permissions on /etc/cron.weekly are configured	CIS Fedora 19 Family Linux Workstation L1 v1.0.0	Unix	ACCESS CONTROL
5.1.6 Ensure permissions on /etc/cron.monthly are configured	CIS Fedora 19 Family Linux Workstation L1 v1.0.0	Unix	ACCESS CONTROL
5.1.7 Ensure permissions on /etc/cron.d are configured	CIS Fedora 19 Family Linux Server L1 v1.0.0	Unix	ACCESS CONTROL
5.1.7 Ensure permissions on /etc/cron.d are configured	CIS Fedora 19 Family Linux Workstation L1 v1.0.0	Unix	ACCESS CONTROL
5.2.1 Ensure permissions on /etc/ssh/sshd_config are configured	CIS Fedora 19 Family Linux Server L1 v1.0.0	Unix	ACCESS CONTROL
5.2.3 Ensure permissions on SSH public host key files are configured	CIS Fedora 19 Family Linux Workstation L1 v1.0.0	Unix	ACCESS CONTROL
5.3.2 Ensure permissions on SSH private host key files are configured	CIS CentOS 6 Server L1 v3.0.0	Unix	ACCESS CONTROL
5.3.2 Ensure permissions on SSH private host key files are configured	CIS CentOS 6 Workstation L1 v3.0.0	Unix	ACCESS CONTROL
6.1.1 Audit system file permissions	CIS Aliyun Linux 2 L2 v1.0.0	Unix	ACCESS CONTROL
6.1.1 Audit system file permissions	CIS Debian 9 Workstation L2 v1.0.1	Unix	ACCESS CONTROL
6.1.1 Audit system file permissions	CIS Fedora 19 Family Linux Workstation L2 v1.0.0	Unix	ACCESS CONTROL
6.1.2 Ensure permissions on /etc/passwd are configured	CIS Fedora 19 Family Linux Server L1 v1.0.0	Unix	ACCESS CONTROL
6.1.2 Ensure permissions on /etc/passwd are configured	CIS Fedora 19 Family Linux Workstation L1 v1.0.0	Unix	ACCESS CONTROL
6.1.8 Ensure permissions on /etc/group- are configured	CIS Fedora 19 Family Linux Server L1 v1.0.0	Unix	ACCESS CONTROL
6.1.8 Ensure permissions on /etc/group- are configured	CIS Fedora 19 Family Linux Workstation L1 v1.0.0	Unix	ACCESS CONTROL
6.1.10 Ensure no world writable files exist	CIS Debian Family Server L1 v1.0.0	Unix	ACCESS CONTROL
6.2.9 Ensure users own their home directories	CIS Aliyun Linux 2 L1 v1.0.0	Unix	ACCESS CONTROL
6.2.17 Ensure shadow group is empty	CIS Debian Family Server L1 v1.0.0	Unix	ACCESS CONTROL
7.6 Ensure directory in logging.properties is a secure location - check application log directory is secure	CIS Apache Tomcat 9 L1 v1.2.0 Middleware	Unix	ACCESS CONTROL
10.3 Ensure the named_t Process Type is Not in Permissive Mode	CIS BIND DNS v1.0.0 L2 Caching Only Name Server	Unix	ACCESS CONTROL
18.10.4.1 (L2) Ensure 'Allow a Windows app to share application data between users' is set to 'Disabled'	CIS Microsoft Windows Server 2025 v1.0.0 L2 DC	Windows	ACCESS CONTROL

Detections

Analytics

Item Search