Item Search

Name	Audit Name	Plugin	Category
ESXI-67-000005 - The ESXi host must enforce the limit of three consecutive invalid logon attempts by a user.	DISA STIG VMware vSphere 6.7 ESXi v1r3	VMware	ACCESS CONTROL
ESXI-67-000006 - The ESXi host must enforce the unlock timeout of 15 minutes after a user account is locked out.	DISA STIG VMware vSphere 6.7 ESXi v1r3	VMware	ACCESS CONTROL
ESXI-67-000008 - The ESXi host must display the Standard Mandatory DoD Notice and Consent Banner before granting access to the system via SSH.	DISA STIG VMware vSphere 6.7 ESXi v1r3	VMware	ACCESS CONTROL
ESXI-67-000009 - The ESXi host SSH daemon must be configured with the DoD logon banner - DoD login banner.	DISA STIG VMware vSphere 6.7 ESXi OS v1r3	Unix	ACCESS CONTROL
ESXI-67-000013 - The ESXi host SSH daemon must not allow host-based authentication.	DISA STIG VMware vSphere 6.7 ESXi OS v1r3	Unix	CONFIGURATION MANAGEMENT
ESXI-67-000024 - The ESXi host SSH daemon must not accept environment variables from the client.	DISA STIG VMware vSphere 6.7 ESXi OS v1r3	Unix	CONFIGURATION MANAGEMENT
ESXI-67-000049 - The ESXi host must protect the confidentiality and integrity of transmitted information by protecting ESXi management traffic.	DISA STIG VMware vSphere 6.7 ESXi v1r3	VMware	SYSTEM AND COMMUNICATIONS PROTECTION
ESXI-67-000064 - For the ESXi host, all port groups must not be configured to VLAN 4095 unless Virtual Guest Tagging (VGT) is required - VGT is required.	DISA STIG VMware vSphere 6.7 ESXi v1r3	VMware	CONFIGURATION MANAGEMENT
ESXI-67-000076 - The ESXi host must enable Secure Boot.	DISA STIG VMware vSphere 6.7 ESXi OS v1r3	Unix	CONFIGURATION MANAGEMENT
ESXI-67-000078 - The ESXi host must use DoD-approved certificates.	DISA STIG VMware vSphere 6.7 ESXi OS v1r3	Unix	CONFIGURATION MANAGEMENT
KNOX-07-003700 - The Samsung Android 7 with Knox must be configured to disable developer modes.	MobileIron - DISA Samsung Android 7 with Knox 2.x v1r1	MDM	CONFIGURATION MANAGEMENT
KNOX-07-012100 - The Samsung Android 7 with Knox must implement the management setting: Enable CC mode.	MobileIron - DISA Samsung Android 7 with Knox 2.x v1r1	MDM	CONFIGURATION MANAGEMENT
KNOX-07-012500 - The Samsung Android 7 with Knox must implement the management setting: Configure application install blacklist.	MobileIron - DISA Samsung Android 7 with Knox 2.x v1r1	MDM	CONFIGURATION MANAGEMENT
KNOX-07-012600 - The Samsung Android 7 with Knox must implement the management setting: Disable USB host storage.	MobileIron - DISA Samsung Android 7 with Knox 2.x v1r1	MDM	CONFIGURATION MANAGEMENT
KNOX-07-012700 - The Samsung Android 7 with Knox must implement the management setting: Disable S Voice.	MobileIron - DISA Samsung Android 7 with Knox 2.x v1r1	MDM	CONFIGURATION MANAGEMENT
KNOX-07-013000 - The Samsung Android 7 with Knox must implement the management setting: Enable Certificate Revocation Status (CRL) Check.	MobileIron - DISA Samsung Android 7 with Knox 2.x v1r1	MDM	CONFIGURATION MANAGEMENT
KNOX-07-013900 - The Samsung Android 7 with Knox must implement the management setting: Disable Move Files from Container to Personal.	MobileIron - DISA Samsung Android 7 with Knox 2.x v1r1	MDM	CONFIGURATION MANAGEMENT
KNOX-07-017200 - The Samsung Android 7 with Knox must be configured to disable Phone Visibility.	MobileIron - DISA Samsung Android 7 with Knox 2.x v1r1	MDM	CONFIGURATION MANAGEMENT
KNOX-07-018600 - The Samsung Android 7 with Knox must implement the management setting: Configure minimum password complexity.	MobileIron - DISA Samsung Android 7 with Knox 2.x v1r1	MDM	CONFIGURATION MANAGEMENT
KNOX-07-018800 - The Samsung Android 7 with Knox must implement the management setting: Enable Audit Log.	MobileIron - DISA Samsung Android 7 with Knox 2.x v1r1	MDM	CONFIGURATION MANAGEMENT
KNOX-07-019000 - Samsung Android 7 mobile device users must complete required training.	MobileIron - DISA Samsung Android 7 with Knox 2.x v1r1	MDM	CONFIGURATION MANAGEMENT
KNOX-07-912200 - The Samsung Android 7 with Knox must be configured to lock the container after 15 minutes (or less) of inactivity.	MobileIron - DISA Samsung Android 7 with Knox 2.x v1r1	MDM	CONFIGURATION MANAGEMENT
KNOX-07-913200 - The Samsung must implement the management setting: Configure to enforce a minimum Container password length of 4 characters	MobileIron - DISA Samsung Android 7 with Knox 2.x v1r1	MDM	CONFIGURATION MANAGEMENT
KNOX-07-914200 - The Samsung must implement the management setting: Disable automatic completion of Container browser text input.	AirWatch - DISA Samsung Android 7 with Knox 2.x v1r1	MDM	CONFIGURATION MANAGEMENT
KNOX-07-914400 - The Samsung Android 7 with Knox must implement the management setting: Container Account blacklist.	MobileIron - DISA Samsung Android 7 with Knox 2.x v1r1	MDM	CONFIGURATION MANAGEMENT
PHTN-67-000004 - The Photon operating system must limit the number of concurrent sessions to 10 for all accounts and/or account types.	DISA STIG VMware vSphere 6.7 Photon OS v1r6	Unix	ACCESS CONTROL
SHPT-00-000007 - SharePoint must support the requirement to initiate a session lock after an organizationally defined time period of system or application inactivity has transpired.	DISA STIG SharePoint 2010 v1r9	Windows	ACCESS CONTROL
SHPT-00-000191 - SharePoint farm service account (Database Access account) must be configured with minimum privileges in Active Directory (AD).	DISA STIG SharePoint 2010 v1r9	Windows	ACCESS CONTROL
SHPT-00-000195 - The SharePoint setup user domain account must be configured with the minimum privileges for the local server.	DISA STIG SharePoint 2010 v1r9	Windows	ACCESS CONTROL
SHPT-00-000199 - SharePoint service accounts must be configured for separation of duties.	DISA STIG SharePoint 2010 v1r9	Windows	ACCESS CONTROL
SHPT-00-000430 - SharePoint must protect audit information from unauthorized access to the usage and health logs.	DISA STIG SharePoint 2010 v1r9	Windows	AUDIT AND ACCOUNTABILITY
SHPT-00-000445 - SharePoint must protect audit tools from unauthorized access - 'Verify Site Collection Administrators'	DISA STIG SharePoint 2010 v1r9	Windows	AUDIT AND ACCOUNTABILITY
SHPT-00-000480 - When configuring Central Administration, the port number selected must comply with DoD Ports and Protocol Management (PPSM) program requirements.	DISA STIG SharePoint 2010 v1r9	Windows	CONFIGURATION MANAGEMENT
SHPT-00-000810 - SharePoint must identify potentially security-relevant error conditions.	DISA STIG SharePoint 2010 v1r9	Windows	SYSTEM AND INFORMATION INTEGRITY
SPLK-CL-000090 - Splunk Enterprise must be configured to protect the log data stored in the indexes from alteration.	DISA STIG Splunk Enterprise 8.x for Linux v2r3 STIG OS	Unix	AUDIT AND ACCOUNTABILITY
SPLK-CL-000130 - Splunk Enterprise must be configured to retain the DoD-defined attributes of the log records sent by the devices and hosts.	DISA STIG Splunk Enterprise 8.x for Linux v2r3 STIG REST API	Splunk	AUDIT AND ACCOUNTABILITY
SPLK-CL-000270 - Splunk Enterprise must use TCP for data transmission.	DISA STIG Splunk Enterprise 8.x for Linux v2r3 STIG REST API	Splunk	CONFIGURATION MANAGEMENT
SYMP-AG-000090 - Symantec ProxySG must immediately use updates made to policy enforcement mechanisms such as policies and rules - Web Access	DISA Symantec ProxySG Benchmark ALG v1r3	BlueCoat	ACCESS CONTROL
SYMP-AG-000120 - Symantec ProxySG providing user access control intermediary services must generate audit records when successful/unsuccessful logon attempts occur - enabled	DISA Symantec ProxySG Benchmark ALG v1r3	BlueCoat	AUDIT AND ACCOUNTABILITY
SYMP-AG-000290 - Symantec ProxySG must be configured to remove or disable unrelated or unneeded application proxy services.	DISA Symantec ProxySG Benchmark ALG v1r3	BlueCoat	CONFIGURATION MANAGEMENT
SYMP-AG-000310 - Symantec ProxySG providing user authentication intermediary services must require users to reauthenticate every 900 seconds when organization-defined circumstances or situations require reauthentication - iwa	DISA Symantec ProxySG Benchmark ALG v1r3	BlueCoat	IDENTIFICATION AND AUTHENTICATION
SYMP-AG-000310 - Symantec ProxySG providing user authentication intermediary services must require users to reauthenticate every 900 seconds when organization-defined circumstances or situations require reauthentication - siteminder	DISA Symantec ProxySG Benchmark ALG v1r3	BlueCoat	IDENTIFICATION AND AUTHENTICATION
SYMP-AG-000310 - Symantec ProxySG providing user authentication intermediary services must require users to reauthenticate every 900 seconds when organization-defined circumstances or situations require reauthentication - xml	DISA Symantec ProxySG Benchmark ALG v1r3	BlueCoat	IDENTIFICATION AND AUTHENTICATION
SYMP-AG-000510 - Symantec ProxySG must fail to a secure state upon failure of initialization, shutdown, or abort actions.	DISA Symantec ProxySG Benchmark ALG v1r3	BlueCoat	SYSTEM AND COMMUNICATIONS PROTECTION
UBTU-18-010451 - All local interactive user home directories must have mode 0750 or less permissive.	DISA STIG Ubuntu 18.04 LTS v2r15	Unix	CONFIGURATION MANAGEMENT
VCEM-67-000013 - ESX Agent Manager must have mappings set for Java servlet pages.	DISA STIG VMware vSphere 6.7 EAM Tomcat v1r4	Unix	CONFIGURATION MANAGEMENT
VCEM-67-000026 - ESX Agent Manager must have the debug option turned off.	DISA STIG VMware vSphere 6.7 EAM Tomcat v1r4	Unix	SYSTEM AND INFORMATION INTEGRITY
VCPF-67-000011 - Performance Charts must have Multipurpose Internet Mail Extensions (MIME) that invoke OS shell programs disabled.	DISA STIG VMware vSphere 6.7 Perfcharts Tomcat v1r3	Unix	CONFIGURATION MANAGEMENT
VCPF-67-000013 - Performance Charts must not have the Web Distributed Authoring (WebDAV) servlet installed.	DISA STIG VMware vSphere 6.7 Perfcharts Tomcat v1r3	Unix	CONFIGURATION MANAGEMENT
VCPF-67-000020 - Performance Charts must use the 'setCharacterEncodingFilter' filter - filter-mapping	DISA STIG VMware vSphere 6.7 Perfcharts Tomcat v1r3	Unix	SYSTEM AND INFORMATION INTEGRITY

Detections

Analytics

Item Search