Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1 Remove extraneous files and directories - /webapps/docsCIS Apache Tomcat 9 L2 v1.2.0 MiddlewareUnix

CONFIGURATION MANAGEMENT

1.1.2 Ensure 'Login Banner' is setCIS Palo Alto Firewall 10 v1.2.0 L1Palo_Alto

AWARENESS AND TRAINING, PROGRAM MANAGEMENT

1.2.2 Ensure 'Permitted IP Addresses' is set for all management profiles where SSH, HTTPS, or SNMP is enabledCIS Palo Alto Firewall 10 v1.2.0 L1Palo_Alto

ACCESS CONTROL

1.3.2 Ensure 'Minimum Length' is greater than or equal to 12CIS Palo Alto Firewall 10 v1.2.0 L1Palo_Alto

IDENTIFICATION AND AUTHENTICATION

1.6.2 Ensure redundant NTP servers are configured appropriatelyCIS Palo Alto Firewall 10 v1.2.0 L1Palo_Alto

AUDIT AND ACCOUNTABILITY

2.2 Configure the ESXi host firewall to restrict access to services running on the hostCIS VMware ESXi 5.5 v1.2.0 Level 1VMware

ACCESS CONTROL

2.2 Ensure that MongoDB does not bypass authentication via the localhost exceptionCIS MongoDB 5 L1 OS Linux v1.2.0Unix

IDENTIFICATION AND AUTHENTICATION

2.3 Ensure authentication is enabled in the sharded cluster - CAFileCIS MongoDB 5 L2 OS Linux v1.2.0Unix

CONFIGURATION MANAGEMENT

2.3 Ensure authentication is enabled in the sharded cluster - PEMKeyFileCIS MongoDB 5 L2 OS Linux v1.2.0Unix

CONFIGURATION MANAGEMENT

2.3 Ensure that User-ID is only enabled for internal trusted interfacesCIS Palo Alto Firewall 10 v1.2.0 L1Palo_Alto

AUDIT AND ACCOUNTABILITY

2.5 Ensure that the User-ID Agent has minimal permissions if User-ID is enabledCIS Palo Alto Firewall 10 v1.2.0 L1Palo_Alto

ACCESS CONTROL

2.6 Prevent unintended use of dvfilter network APIsCIS VMware ESXi 5.5 v1.2.0 Level 1VMware

ACCESS CONTROL

2.7 Remove expired or revoked SSL certificates from the ESXi serverCIS VMware ESXi 5.5 v1.2.0 Level 1VMware
2.7.3 iCloud DriveCIS Apple OSX 10.10 Yosemite L2 v1.2.0Unix
3.2 Disable the Shutdown portCIS Apache Tomcat 9 L2 v1.2.0 MiddlewareUnix

SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

3.2 Ensure 'High Availability' requires Link Monitoring and/or Path MonitoringCIS Palo Alto Firewall 10 v1.2.0 L1Palo_Alto

SYSTEM AND INFORMATION INTEGRITY

3.3 Configure remote logging for ESXi hostsCIS VMware ESXi 5.5 v1.2.0 Level 1VMware

AUDIT AND ACCOUNTABILITY

3.3 Ensure that MongoDB is run using a non-privileged, dedicated service accountCIS MongoDB 5 L1 OS Linux v1.2.0Unix

ACCESS CONTROL

4.1 Create a non-root user account for local admin accessCIS VMware ESXi 5.5 v1.2.0 Level 1VMware
4.3 Create network specific locationsCIS Apple OSX 10.10 Yosemite L2 v1.2.0Unix
4.7 Restrict access to Tomcat web application directoryCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

ACCESS CONTROL, MEDIA PROTECTION

5.2 Disable ESXi Shell unless needed for diagnostics or troubleshootingCIS VMware ESXi 5.5 v1.2.0 Level 1VMware

CONFIGURATION MANAGEMENT

5.8 Set a timeout for Shell ServicesCIS VMware ESXi 5.5 v1.2.0 Level 1VMware

ACCESS CONTROL

5.18 Install an approved tokend for smartcard authenticationCIS Apple OSX 10.10 Yosemite L2 v1.2.0Unix
6.1 Enable bidirectional CHAP authentication for iSCSI traffic.CIS VMware ESXi 5.5 v1.2.0 Level 1VMware

IDENTIFICATION AND AUTHENTICATION

6.1.3 Disable guest account loginCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

ACCESS CONTROL

6.2 Ensure uniqueness of CHAP authentication secretsCIS VMware ESXi 5.5 v1.2.0 Level 1VMware
7.2 Specify file handler in logging.properties files - check if java.util.logging.ConsoleHandler logging is enabled in web applicationCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

AUDIT AND ACCOUNTABILITY

7.2 Specify file handler in logging.properties files - check if org.apache.juli.FileHandler logging is enabled in defaultCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

AUDIT AND ACCOUNTABILITY

7.3 Ensure that the vSwitch Promiscuous Mode policy is set to rejectCIS VMware ESXi 5.5 v1.2.0 Level 1VMware

SYSTEM AND COMMUNICATIONS PROTECTION

7.4 Ensure directory in context.xml is a secure location - configurationCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

ACCESS CONTROL, MEDIA PROTECTION

8.2.3 Disconnect unauthorized devices - Parallel DevicesCIS VMware ESXi 5.5 v1.2.0 Level 2VMware

CONFIGURATION MANAGEMENT

8.2.5 Disconnect unauthorized devices - USB DevicesCIS VMware ESXi 5.5 v1.2.0 Level 2VMware

MEDIA PROTECTION

8.2.7 Prevent unauthorized connection of devices.CIS VMware ESXi 5.5 v1.2.0 Level 1VMware

ACCESS CONTROL

8.3.3 Use secure protocols for virtual serial port accessCIS VMware ESXi 5.5 v1.2.0 Level 1VMware
8.4.16 Disable Trash Folder StateCIS VMware ESXi 5.5 v1.2.0 Level 2VMware

CONFIGURATION MANAGEMENT

8.4.20 Disable GetCredsCIS VMware ESXi 5.5 v1.2.0 Level 2VMware

CONFIGURATION MANAGEMENT

8.4.22 Disable Guest Host Interaction Launch MenuCIS VMware ESXi 5.5 v1.2.0 Level 2VMware

CONFIGURATION MANAGEMENT

8.4.23 Disable memSchedFakeSampleStatsCIS VMware ESXi 5.5 v1.2.0 Level 2VMware

CONFIGURATION MANAGEMENT

8.4.24 Disable VM Console Copy operationsCIS VMware ESXi 5.5 v1.2.0 Level 1VMware

CONFIGURATION MANAGEMENT

8.5.1 Prevent virtual machines from taking over resources - Mem Share LevelCIS VMware ESXi 5.5 v1.2.0 Level 2VMware

SYSTEM AND COMMUNICATIONS PROTECTION

8.5.1 Prevent virtual machines from taking over resources - Num Mem SharesCIS VMware ESXi 5.5 v1.2.0 Level 2VMware

SYSTEM AND COMMUNICATIONS PROTECTION

9.1 Starting Tomcat with Security ManagerCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

CONFIGURATION MANAGEMENT

9.2 Disabling auto deployment of applicationsCIS Apache Tomcat 9 L2 v1.2.0 MiddlewareUnix

CONFIGURATION MANAGEMENT

10.15 Do not resolve hosts on logging valvesCIS Apache Tomcat 9 L2 v1.2.0 MiddlewareUnix

SYSTEM AND INFORMATION INTEGRITY

10.18 Use the logEffectiveWebXml and metadata-complete settings for deploying applications in production - context.xmlCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

AUDIT AND ACCOUNTABILITY

18.8.4.1 Ensure 'Encryption Oracle Remediation' is set to 'Enabled: Force Updated Clients'CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MSWindows

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

Check for MongoDB 5CIS MongoDB 5 L1 OS Linux v1.2.0Unix
Mac OSX 10.10 Yosemite is installedCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix
Tomcat 9 is installedCIS Apache Tomcat 9 L2 v1.2.0 MiddlewareUnix