Item Search

NameAudit NamePluginCategory
1.1.6 Ensure that the scheduler pod specification file ownership is set to root:rootCIS Kubernetes v1.20 Benchmark v1.0.1 L1 MasterUnix

ACCESS CONTROL

1.1.10 Ensure that the Container Network Interface file ownership is set to root:rootCIS RedHat OpenShift Container Platform v1.6.0 L1OpenShift

ACCESS CONTROL

1.1.14 Ensure that the kubeconfig file ownership is set to root:rootCIS RedHat OpenShift Container Platform v1.6.0 L1OpenShift

ACCESS CONTROL

1.1.18 Ensure that the Controller Manager kubeconfig file ownership is set to root:rootCIS RedHat OpenShift Container Platform v1.6.0 L1OpenShift

ACCESS CONTROL

1.1.19 Ensure that the OpenShift PKI directory and file ownership is set to root:rootCIS RedHat OpenShift Container Platform v1.6.0 L1OpenShift

ACCESS CONTROL

1.17 Ensure Snowflake stored procedures do not run with ACCOUNTADMIN or SECURITYADMIN role privilegesCIS Snowflake Foundations v1.0.0 L1Snowflake

ACCESS CONTROL

2.2.1 Ensure that NGINX is run using a non-privileged, dedicated service accountCIS NGINX Benchmark v2.1.0 L1 ProxyUnix

ACCESS CONTROL

2.8 Ensure that security policies restrict User-ID Agent traffic from crossing into untrusted zonesCIS Palo Alto Firewall 10 v1.2.0 L1Palo_Alto

ACCESS CONTROL

4.1 Ensure sudo is configured correctlyCIS PostgreSQL 16 OS v1.0.0Unix

ACCESS CONTROL

4.1.2 Ensure that the kubelet service file ownership is set to root:rootCIS RedHat OpenShift Container Platform v1.6.0 L1OpenShift

ACCESS CONTROL

4.1.4 If proxy kubeconfig file exists ensure ownership is set to root:rootCIS RedHat OpenShift Container Platform v1.6.0 L1OpenShift

ACCESS CONTROL

4.1.6 Ensure that the --kubeconfig kubelet.conf file ownership is set to root:rootCIS Kubernetes v1.20 Benchmark v1.0.1 L1 WorkerUnix

ACCESS CONTROL

4.1.8 Ensure that the client certificate authorities file ownership is set to root:rootCIS Kubernetes v1.20 Benchmark v1.0.1 L1 WorkerUnix

ACCESS CONTROL

4.1.10 Ensure that the kubelet configuration file ownership is set to root:rootCIS RedHat OpenShift Container Platform v1.6.0 L1OpenShift

ACCESS CONTROL

4.2 Ensure sudo is configured correctlyCIS PostgreSQL 13 OS v1.2.0Unix

ACCESS CONTROL

4.2 Ensure sudo is configured correctlyCIS PostgreSQL 14 OS v 1.2.0Unix

ACCESS CONTROL

4.2.7 Ensure SSH root login is disabledCIS Ubuntu Linux 20.04 LTS Server L1 v2.0.1Unix

ACCESS CONTROL

4.2.19 Ensure sshd PermitRootLogin is disabledCIS Rocky Linux 8 Workstation L1 v2.0.0Unix

ACCESS CONTROL

4.2.19 Ensure sshd PermitRootLogin is disabledCIS Ubuntu Linux 18.04 LTS v2.2.0 L1 ServerUnix

ACCESS CONTROL

4.2.19 Ensure sshd PermitRootLogin is disabledCIS Ubuntu Linux 18.04 LTS v2.2.0 L1 WorkstationUnix

ACCESS CONTROL

4.2.20 Ensure sshd PermitRootLogin is disabledCIS Red Hat Enterprise Linux 7 v4.0.0 L1 ServerUnix

ACCESS CONTROL

4.3.1 Ensure sudo is installedCIS Red Hat EL8 Server L1 v3.0.0Unix

ACCESS CONTROL

4.3.1 Ensure sudo is installedCIS Red Hat Enterprise Linux 7 v4.0.0 L1 ServerUnix

ACCESS CONTROL

4.3.1 Ensure sudo is installedCIS Rocky Linux 8 Workstation L1 v2.0.0Unix

ACCESS CONTROL

4.3.1 Ensure sudo is installedCIS AlmaLinux OS 8 Server L1 v3.0.0Unix

ACCESS CONTROL

4.3.4 Ensure users must provide password for escalationCIS Rocky Linux 8 Server L2 v2.0.0Unix

ACCESS CONTROL

4.3.4 Ensure users must provide password for escalationCIS Rocky Linux 8 Workstation L2 v2.0.0Unix

ACCESS CONTROL

4.3.6 Ensure sudo authentication timeout is configured correctlyCIS Red Hat EL8 Workstation L1 v3.0.0Unix

ACCESS CONTROL

4.3.6 Ensure sudo authentication timeout is configured correctlyCIS Ubuntu Linux 20.04 LTS Workstation L1 v2.0.1Unix

ACCESS CONTROL

4.3.6 Ensure sudo authentication timeout is configured correctlyCIS AlmaLinux OS 8 Server L1 v3.0.0Unix

ACCESS CONTROL

4.4 Ensure No Users Are Assigned the 'DEFAULT' ProfileCIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

ACCESS CONTROL

4.8 Ensure the set_user extension is installedCIS PostgreSQL 13 DB v1.2.0PostgreSQLDB

ACCESS CONTROL

5.1.10 Ensure SSH root login is disabledCIS Google Container-Optimized OS v1.2.0 L1 ServerUnix

ACCESS CONTROL

5.1.20 Ensure sshd PermitRootLogin is disabledCIS Ubuntu Linux 24.04 LTS v1.0.0 L1 WorkstationUnix

ACCESS CONTROL

5.2.1 Ensure sudo is installedCIS Red Hat Enterprise Linux 9 v2.0.0 L1 ServerUnix

ACCESS CONTROL

5.2.1 Ensure sudo is installedCIS Oracle Linux 9 v2.0.0 L1 WorkstationUnix

ACCESS CONTROL

5.2.2 Ensure sudo commands use ptyCIS Rocky Linux 9 v2.0.0 L1 ServerUnix

ACCESS CONTROL

5.2.2 Ensure sudo commands use ptyCIS Ubuntu Linux 22.04 LTS v2.0.0 L1 WorkstationUnix

ACCESS CONTROL

5.2.2 Minimize the admission of privileged containersCIS Kubernetes v1.10.0 L1 MasterUnix

ACCESS CONTROL

5.2.5 Ensure re-authentication for privilege escalation is not disabled globallyCIS Ubuntu Linux 24.04 LTS v1.0.0 L1 WorkstationUnix

ACCESS CONTROL

5.2.10 Ensure SSH root login is disabledCIS SUSE Linux Enterprise 12 v3.1.0 L1 ServerUnix

ACCESS CONTROL

5.4 Ensure 'SUPER' is Not Granted to Non-Administrative UsersCIS MySQL 8.0 Enterprise Database L1 v1.3.0MySQLDB

ACCESS CONTROL

5.5 Ensure 'SHUTDOWN' is Not Granted to Non-Administrative UsersCIS MySQL 8.0 Enterprise Database L1 v1.3.0MySQLDB

ACCESS CONTROL

7.1 Ensure a replication-only user is created and used for streaming replicationCIS PostgreSQL 15 DB v1.1.0PostgreSQLDB

ACCESS CONTROL

7.2 Ensure logging of replication commands is configuredCIS PostgreSQL 14 DB v 1.2.0PostgreSQLDB

ACCESS CONTROL

18.10.81.2 (L1) Ensure 'Always install with elevated privileges' is set to 'Disabled'CIS Windows Server 2012 MS L1 v3.0.0Windows

ACCESS CONTROL

18.10.81.2 Ensure 'Always install with elevated privileges' is set to 'Disabled'CIS Microsoft Windows Server 2022 STIG v1.0.0 STIG DCWindows

ACCESS CONTROL

19.7.40.1 (L1) Ensure 'Always install with elevated privileges' is set to 'Disabled'CIS Windows Server 2012 R2 MS L1 v3.0.0Windows

ACCESS CONTROL

20.69 Ensure 'Users with Administrative privileges have separate accounts for administrative duties and normal operational tasks'CIS Microsoft Windows Server 2022 STIG v1.0.0 STIG DCWindows

ACCESS CONTROL

20.69 Ensure 'Users with Administrative privileges have separate accounts for administrative duties and normal operational tasks'CIS Microsoft Windows Server 2022 STIG v1.0.0 STIG MSWindows

ACCESS CONTROL