Item Search

Name	Audit Name	Plugin	Category
3.2 Enable security auditing	CIS Apple OSX 10.11 El Capitan L1 v1.1.0	Unix	AUDIT AND ACCOUNTABILITY
3.3 Configure Security Auditing Flags - 'audit successful/failed file attribute modification events'	CIS Apple OSX 10.11 El Capitan L2 v1.1.0	Unix	AUDIT AND ACCOUNTABILITY
3.3 Configure Security Auditing Flags - 'audit successful/failed login/logout events'	CIS Apple OSX 10.11 El Capitan L2 v1.1.0	Unix	AUDIT AND ACCOUNTABILITY
3.3 Enable Stack Protection - Makes sure 'noexec_user_stack_log' is set to 1 in /etc/system. Note: Only applicable if NX bit is set.	CIS Solaris 10 L1 v5.2	Unix	AUDIT AND ACCOUNTABILITY
3.4 Enable remote logging for Desktops on trusted networks	CIS Apple OSX 10.11 El Capitan L2 v1.1.0	Unix	AUDIT AND ACCOUNTABILITY
4.2 Enable Auditing of Incoming Network Connections - AUE_CONNECT : cis	CIS Solaris 11.1 L1 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.2 Enable Auditing of Incoming Network Connections - AUE_CONNECT : cis	CIS Solaris 11.2 L1 v1.1.0	Unix	AUDIT AND ACCOUNTABILITY
4.3 Enable Auditing of File Metadata Modification Events - AUE_ACLSET : cis	CIS Solaris 11.2 L1 v1.1.0	Unix	AUDIT AND ACCOUNTABILITY
4.3 Enable Auditing of File Metadata Modification Events - AUE_FACLSET : cis	CIS Solaris 11.1 L1 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.4 Enable Auditing of Process and Privilege Events - AUE_CHROOT : cis	CIS Solaris 11.2 L1 v1.1.0	Unix	AUDIT AND ACCOUNTABILITY
4.4 Enable Auditing of Process and Privilege Events - AUE_CHROOT : cis	CIS Solaris 11 L1 v1.1.0	Unix	AUDIT AND ACCOUNTABILITY
4.4 Enable Auditing of Process and Privilege Events - AUE_NICE : cis	CIS Solaris 11.2 L1 v1.1.0	Unix	AUDIT AND ACCOUNTABILITY
4.4 Enable Auditing of Process and Privilege Events - AUE_PRIOCNTLSYS : cis	CIS Solaris 11.1 L1 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.4 Enable Auditing of Process and Privilege Events - AUE_SETGID : cis	CIS Solaris 11.2 L1 v1.1.0	Unix	AUDIT AND ACCOUNTABILITY
4.4 Enable Auditing of Process and Privilege Events - AUE_SETPPRIV : cis	CIS Solaris 11.1 L1 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.4 Enable Auditing of Process and Privilege Events - AUE_SETSID : cis	CIS Solaris 11.1 L1 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.4 Enable Auditing of Process and Privilege Events - AUE_SETUID : cis	CIS Solaris 11 L1 v1.1.0	Unix	AUDIT AND ACCOUNTABILITY
4.5 Configure Solaris Auditing - active audit policies	CIS Solaris 11.2 L1 v1.1.0	Unix	AUDIT AND ACCOUNTABILITY
4.5 Configure Solaris Auditing - active non-attributable flags = lo	CIS Solaris 11.1 L1 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.5 Configure Solaris Auditing - active user flags = cis,ex,aa,ua,as,ss,lo,ft	CIS Solaris 11 L1 v1.1.0	Unix	AUDIT AND ACCOUNTABILITY
4.5 Configure Solaris Auditing - audit condition = auditing	CIS Solaris 11.1 L1 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.5 Configure Solaris Auditing - audit_flags root = lo,ad,ft,ex,cis:no	CIS Solaris 11.1 L1 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.5 Configure Solaris Auditing - configured audit policies = argv,cnt,zonename	CIS Solaris 11.1 L1 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.5 Configure Solaris Auditing - configured audit policies = argv,cnt,zonename	CIS Solaris 11 L1 v1.1.0	Unix	AUDIT AND ACCOUNTABILITY
4.5 Configure Solaris Auditing - configured user flags = cis,ex,aa,ua,as,ss,lo,ft	CIS Solaris 11 L1 v1.1.0	Unix	AUDIT AND ACCOUNTABILITY
4.5 Configure Solaris Auditing - Plugin	CIS Solaris 11.2 L1 v1.1.0	Unix	AUDIT AND ACCOUNTABILITY
5.3 Ensure that logging captures as much information as possible	CIS MongoDB L2 Unix Audit v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
5.5 Enable 'SYSTEM GRANT' Audit Option	CIS Oracle Server 11g R2 DB v2.2.0	OracleDB	AUDIT AND ACCOUNTABILITY
5.6 Enable 'PROFILE' Audit Option	CIS Oracle Server 11g R2 DB v2.2.0	OracleDB	AUDIT AND ACCOUNTABILITY
5.6 Turn on cron logging - Check if 'CRONLOG' is set to YES in /etc/default/cron.	CIS Solaris 9 v1.3	Unix	AUDIT AND ACCOUNTABILITY
5.8 Enable kernel-level auditing, Check if '/usr/sbin/auditconfig -setpolicy +argv,arge' is set in /etc/security/audit_startup.	CIS Solaris 9 v1.3	Unix	AUDIT AND ACCOUNTABILITY
5.8 Enable kernel-level auditing, Check if 'dir:/var/audit' is set in /etc/security/audit_control.	CIS Solaris 9 v1.3	Unix	AUDIT AND ACCOUNTABILITY
5.10 Enable 'PUBLIC DATABASE LINK' Audit Option	CIS Oracle Server 11g R2 DB v2.2.0	OracleDB	AUDIT AND ACCOUNTABILITY
5.20 Enable 'ALTER SYSTEM' Audit Option	CIS Oracle Server 11g R2 DB v2.2.0	OracleDB	AUDIT AND ACCOUNTABILITY
5.22 Enable 'CREATE SESSION' Audit Option	CIS Oracle Server 11g R2 DB v2.2.0	OracleDB	AUDIT AND ACCOUNTABILITY
8.1.4 Record Events That Modify Date and Time Information - '64bit clock_settime'	CIS Ubuntu 12.04 LTS Benchmark L2 v1.1.0	Unix	AUDIT AND ACCOUNTABILITY
8.1.4 Record Events That Modify Date and Time Information- '32bit clock_settime'	CIS Ubuntu 12.04 LTS Benchmark L2 v1.1.0	Unix	AUDIT AND ACCOUNTABILITY
8.1.5 Record Events That Modify User/Group Information - '/etc/group'	CIS Ubuntu 12.04 LTS Benchmark L2 v1.1.0	Unix	AUDIT AND ACCOUNTABILITY
8.1.5 Record Events That Modify User/Group Information - '/etc/passwd'	CIS Ubuntu 12.04 LTS Benchmark L2 v1.1.0	Unix	AUDIT AND ACCOUNTABILITY
8.1.6 Record Events That Modify the System's Network Environment- '64bit sethostname'	CIS Ubuntu 12.04 LTS Benchmark L2 v1.1.0	Unix	AUDIT AND ACCOUNTABILITY
8.1.7 Record Events That Modify the System's Mandatory Access Controls	CIS Ubuntu 12.04 LTS Benchmark L2 v1.1.0	Unix	AUDIT AND ACCOUNTABILITY
8.1.10 Collect Discretionary Access Control Permission Modification Events- '64bit chown/fchown/fchownat/lchown'	CIS Ubuntu 12.04 LTS Benchmark L2 v1.1.0	Unix	AUDIT AND ACCOUNTABILITY
8.1.11 Collect Unsuccessful Unauthorized Access Attempts to Files- '32bit EACCES'	CIS Ubuntu 12.04 LTS Benchmark L2 v1.1.0	Unix	AUDIT AND ACCOUNTABILITY
8.1.13 Collect Successful File System Mounts - '32bit mount'	CIS Ubuntu 12.04 LTS Benchmark L2 v1.1.0	Unix	AUDIT AND ACCOUNTABILITY
8.1.15 Collect Changes to System Administration Scope (sudoers)	CIS Ubuntu 12.04 LTS Benchmark L2 v1.1.0	Unix	AUDIT AND ACCOUNTABILITY
8.1.17 Collect Kernel Module Loading and Unloading - '/sbin/modprobe'	CIS Ubuntu 12.04 LTS Benchmark L2 v1.1.0	Unix	AUDIT AND ACCOUNTABILITY
9.3.2 Set LogLevel to INFO	CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0	Unix	AUDIT AND ACCOUNTABILITY
17.7.3 Ensure 'Audit Authorization Policy Change' is set to include 'Success'	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0	Windows	AUDIT AND ACCOUNTABILITY
17.9.3 Ensure 'Audit Security State Change' is set to include 'Success'	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0	Windows	AUDIT AND ACCOUNTABILITY
18.8.3.1 Ensure 'Include command line in process creation events' is set to 'Disabled'	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0	Windows	AUDIT AND ACCOUNTABILITY

Detections

Analytics

Item Search