Item Search

Name	Audit Name	Plugin	Category
1.6.1 Ensure 'Verify Update Server Identity' is enabled	CIS Palo Alto Firewall 8 Benchmark L1 v1.0.0	Palo_Alto	CONFIGURATION MANAGEMENT
2.1.5.1 Ensure 'Modal Trust Decision Only' is set to 'Disabled'	CIS Microsoft Office Enterprise v1.2.0 L1	Windows	CONFIGURATION MANAGEMENT
2.3.6.6 (L1) Ensure 'Domain member: Require strong (Windows 2000 or later) session key' is set to 'Enabled'	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker	Windows	CONFIGURATION MANAGEMENT
2.3.8.2 (L1) Ensure 'Microsoft network client: Digitally sign communications (if server agrees)' is set to 'Enabled'	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker	Windows	CONFIGURATION MANAGEMENT
2.3.9.5 (L1) Ensure 'Microsoft network server: Server SPN target name validation level' is set to 'Accept if provided by client' or higher	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker	Windows	CONFIGURATION MANAGEMENT
2.3.10.1 (L1) Ensure 'Network access: Allow anonymous SID/Name translation' is set to 'Disabled'	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker	Windows	CONFIGURATION MANAGEMENT
2.3.10.3 (L1) Ensure 'Network access: Do not allow anonymous enumeration of SAM accounts and shares' is set to 'Enabled'	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker	Windows	CONFIGURATION MANAGEMENT
2.3.11.10 (L1) Ensure 'Network security: Minimum session security for NTLM SSP based (including secure RPC) servers' is set to 'Require NTLMv2 session security, Require 128-bit encryption'	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker	Windows	CONFIGURATION MANAGEMENT
2.3.28.2 Ensure 'Disable the Office client from polling the SharePoint Server for published links' is set to 'Enabled'	CIS Microsoft Office Enterprise v1.2.0 L1	Windows	CONFIGURATION MANAGEMENT
2.3.38.1.1 Ensure 'Improve Proofing Tools' is set to 'Disabled'	CIS Microsoft Office Enterprise v1.2.0 L2	Windows	CONFIGURATION MANAGEMENT
2.4.2 Ensure 'Minimum passcode length' is set to '6' or greater	AirWatch - CIS Apple iOS 13 and iPadOS 13 v1.0.0 End User Owned L1	MDM	CONFIGURATION MANAGEMENT
2.4.2 Ensure 'Minimum passcode length' is set to '6' or greater	AirWatch - CIS Apple iOS 14 and iPadOS 14 v1.0.0 End User Owned L1	MDM	CONFIGURATION MANAGEMENT
2.4.2 Ensure 'Minimum passcode length' is set to '6' or greater	MobileIron - CIS Apple iOS 14 and iPadOS 14 v1.0.0 End User Owned L1	MDM	CONFIGURATION MANAGEMENT
2.4.4 Ensure 'Send Exchange Customer Experience reports' is set to 'False'	CIS Microsoft Exchange Server 2019 L2 Mailbox v1.0.0	Windows	CONFIGURATION MANAGEMENT
2.4.5 Ensure 'Maximum number of failed attempts' is set to '6'	MobileIron - CIS Apple iOS 13 and iPadOS 13 v1.0.0 End User Owned L1	MDM	CONFIGURATION MANAGEMENT
2.4.5 Ensure 'Maximum number of failed attempts' is set to '6'	AirWatch - CIS Apple iOS 14 and iPadOS 14 v1.0.0 End User Owned L1	MDM	CONFIGURATION MANAGEMENT
2.5 Ensure 'Ole Automation Procedures' Server Configuration Option is set to '0'	CIS SQL Server 2012 Database L1 AWS RDS v1.6.0	MS_SQLDB	CONFIGURATION MANAGEMENT
2.8 Ensure 'Scan for Startup Procs' Server Configuration Option is set to '0'	CIS SQL Server 2012 Database L1 DB v1.6.0	MS_SQLDB	CONFIGURATION MANAGEMENT
2.8 Ensure 'Scan For Startup Procs' Server Configuration Option is set to '0' - 0	CIS SQL Server 2014 Database L1 DB v1.5.0	MS_SQLDB	CONFIGURATION MANAGEMENT
2.15 Ensure 'sa' Login Account has been renamed	CIS SQL Server 2008 R2 DB Engine L1 v1.7.0	MS_SQLDB	CONFIGURATION MANAGEMENT
2.16 Ensure 'AUTO_CLOSE' is set to 'OFF' on contained databases	CIS SQL Server 2014 Database L1 AWS RDS v1.5.0	MS_SQLDB	CONFIGURATION MANAGEMENT
2.17 Ensure no login exists with the name 'sa'	CIS SQL Server 2012 Database L1 AWS RDS v1.6.0	MS_SQLDB	CONFIGURATION MANAGEMENT
3.1.14 Ensure 'debug_print_parse' is disabled	CIS PostgreSQL 11 DB v1.0.0	PostgreSQLDB	CONFIGURATION MANAGEMENT
3.1.21 Ensure 'log_hostname' is set correctly	CIS PostgreSQL 11 DB v1.0.0	PostgreSQLDB	CONFIGURATION MANAGEMENT
3.2 Ensure 'High Availability' requires Link Monitoring and/or Path Monitoring - Link Monitoring Failure Condition	CIS Palo Alto Firewall 8 Benchmark L1 v1.0.0	Palo_Alto	CONFIGURATION MANAGEMENT
3.2.1.14 Ensure 'Allow installing configuration profiles' is set to 'Disabled'	MobileIron - CIS Apple iOS 14 and iPadOS 14 Institution Owned L1	MDM	CONFIGURATION MANAGEMENT
3.2.2.1 Ensure 'Force fraud warning' is set to 'Enabled'	MobileIron - CIS Apple iOS 14 and iPadOS 14 Institution Owned L1	MDM	CONFIGURATION MANAGEMENT
3.3 Ensure 'Passive Link State' and 'Preemptive' are configured appropriately - Passive Link State	CIS Palo Alto Firewall 8 Benchmark L1 v1.0.0	Palo_Alto	CONFIGURATION MANAGEMENT
3.4.2 Ensure 'Minimum passcode length' is set to '6' or greater	MobileIron - CIS Apple iOS 13 and iPadOS 13 Institution Owned L1	MDM	CONFIGURATION MANAGEMENT
3.4.5 Ensure 'Maximum number of failed attempts' is set to '6'	AirWatch - CIS Apple iOS 13 and iPadOS 13 Institution Owned L1	MDM	CONFIGURATION MANAGEMENT
3.11.18.3 (L1) Ensure 'Turn off heap termination on corruption' is set to 'Disabled'	CIS Microsoft Intune for Windows 10 v3.0.1 L1	Windows	CONFIGURATION MANAGEMENT
4.1.5.8 finger	CIS IBM AIX 7.2 L1 v1.1.0	Unix	CONFIGURATION MANAGEMENT
4.1.5.29 tftp	CIS IBM AIX 7.2 L1 v1.1.0	Unix	CONFIGURATION MANAGEMENT
5.2 Ensure Options for the Web Root Directory Are Restricted	CIS Apache HTTP Server 2.2 L2 v3.6.0	Unix	CONFIGURATION MANAGEMENT
5.4 Ensure Default HTML Content Is Removed - 'httpd-manual is not installed'	CIS Apache HTTP Server 2.2 L2 v3.6.0	Unix	CONFIGURATION MANAGEMENT
5.4 Ensure Default HTML Content Is Removed - 'Server Information handler does not exist'	CIS Apache HTTP Server 2.2 L2 v3.6.0	Unix	CONFIGURATION MANAGEMENT
6.2 Ensure 'CLR Assembly Permission Set' is set to 'SAFE_ACCESS' for All CLR Assemblies	CIS SQL Server 2014 Database L1 DB v1.5.0	MS_SQLDB	CONFIGURATION MANAGEMENT
9.1 Starting Tomcat with Security Manager	CIS Apache Tomcat 8 L1 v1.1.0 Middleware	Unix	CONFIGURATION MANAGEMENT
9.1.9 Ensure 'Block ResourceKey Authentication' is 'Enabled'	CIS Microsoft 365 Foundations E3 L1 v3.1.0	microsoft_azure	CONFIGURATION MANAGEMENT
9.6 Ensure Timeout Limits for the Request Body Are Set Properly - RequestReadTimeout	CIS Apache HTTP Server 2.2 L2 v3.6.0	Unix	CONFIGURATION MANAGEMENT
10.3 Ensure the LimitRequestFieldsize Directive is Set to 1024 or Less	CIS Apache HTTP Server 2.2 L2 v3.6.0 Middleware	Unix	CONFIGURATION MANAGEMENT
10.7 Turn off session facade recycling	CIS Apache Tomcat 8 L1 v1.1.0 Middleware	Unix	CONFIGURATION MANAGEMENT
11.1 (L2) Ensure 'Allow Camera' is set to 'Not allowed'	CIS Microsoft Intune for Windows 10 v3.0.1 L2	Windows	CONFIGURATION MANAGEMENT
18.6.4.1 (L1) Ensure 'Configure NetBIOS settings' is set to 'Enabled: Disable NetBIOS name resolution on public networks'	CIS Microsoft Windows 10 Enterprise v3.0.0 L1	Windows	CONFIGURATION MANAGEMENT
18.8.36.2 (L1) Ensure 'Configure Solicited Remote Assistance' is set to 'Disabled'	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker	Windows	CONFIGURATION MANAGEMENT
18.9.11.2.16 (BL) Ensure 'Configure use of passwords for operating system drives' is set to 'Disabled'	CIS Microsoft Windows 8.1 v2.4.1 L2 Bitlocker	Windows	CONFIGURATION MANAGEMENT
18.10.15.6 (L1) Ensure 'Limit Diagnostic Log Collection' is set to 'Enabled'	CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1	Windows	CONFIGURATION MANAGEMENT
18.10.90.2 (L1) Ensure 'Allow networking in Windows Sandbox' is set to 'Disabled'	CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1	Windows	CONFIGURATION MANAGEMENT
60.4 (L2) Ensure 'Allow search highlights' is set to '0'	CIS Microsoft Intune for Windows 11 v3.0.1 L2	Windows	CONFIGURATION MANAGEMENT
77.1 (L1) Ensure 'Allow widgets' is set to 'Not allowed'	CIS Microsoft Intune for Windows 11 v3.0.1 L1	Windows	CONFIGURATION MANAGEMENT

Detections

Analytics

Item Search