Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.2.4.1 Ensure separate partition exists for /varCIS Amazon Linux 2 v3.0.0 L2Unix

ACCESS CONTROL, MEDIA PROTECTION

1.1.2.5.1 Ensure separate partition exists for /var/tmpCIS Amazon Linux 2 v3.0.0 L2Unix

ACCESS CONTROL, MEDIA PROTECTION

1.1.13 Ensure separate partition exists for /homeCIS Aliyun Linux 2 L2 v1.0.0Unix

CONFIGURATION MANAGEMENT

1.4.1 Ensure bootloader password is setCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.4.1 Ensure bootloader password is set - password userCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

ACCESS CONTROL

1.4.1 Ensure bootloader password is set - superusers efiCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

ACCESS CONTROL

1.4.7.2.1.1 Ensure 'Excel 2 Macrosheets and Add-in Files' is set to Enabled(Open/Save blocked, use open policy)CIS Microsoft Office Excel 2013 v1.0.1Windows

SYSTEM AND INFORMATION INTEGRITY

1.4.9 Ensure GRUB 2 is configured to enable poisoning of SLUB/SLAB objects to mitigate use-after-free vulnerabilitiesCIS Red Hat Enterprise Linux 8 STIG v2.0.0 STIGUnix

SYSTEM AND COMMUNICATIONS PROTECTION

1.6.1.1 Ensure SELinux is not disabled in bootloader configuration - enforcingCIS Aliyun Linux 2 L2 v1.0.0Unix

ACCESS CONTROL

1.6.1.4 Ensure SETroubleshoot is not installedCIS Aliyun Linux 2 L2 v1.0.0Unix

CONFIGURATION MANAGEMENT

2.1.10 Ensure print server services are not in useCIS Red Hat Enterprise Linux 8 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

2.1.11 Ensure print server services are not in useCIS Ubuntu Linux 24.04 LTS v1.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

2.1.11 Ensure print server services are not in useCIS Oracle Linux 8 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

2.1.11 Ensure print server services are not in useCIS Debian Linux 11 v2.0.0 L2 WorkstationUnix

CONFIGURATION MANAGEMENT

2.1.12 Ensure print server services are not in useCIS Linux Mint 22 v1.0.0 L2 WorkstationUnix

CONFIGURATION MANAGEMENT

2.2.7 (L1) Ensure 'Control use of insecure content exceptions' is set to 'Enabled: Do not allow any site to load mixed content'CIS Google Chrome Group Policy v1.0.0 L1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

2.2.20 Ensure X window server services are not in useCIS Amazon Linux 2 v3.0.0 L2Unix

CONFIGURATION MANAGEMENT

2.11.8.7.2.1.2 Ensure 'Word 2 and earlier binary documents and templates' is set to 'Enabled: Open/Save blocked, use open policy'CIS Microsoft Office Enterprise v1.2.0 L1Windows

SYSTEM AND INFORMATION INTEGRITY

4.1.10 Ensure discretionary access control permission modification events are collected - auditctl chmod/fchmod/fchmodat (64-bit)CIS Aliyun Linux 2 L2 v1.0.0Unix

CONFIGURATION MANAGEMENT

4.1.11 Ensure unsuccessful unauthorized file access attempts are collected - auditctl EPERM (32-bit)CIS Aliyun Linux 2 L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.11 Ensure unsuccessful unauthorized file access attempts are collected - EPERM (32-bit)CIS Aliyun Linux 2 L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.11 Ensure unsuccessful unauthorized file access attempts are collected - EPERM (64-bit)CIS Aliyun Linux 2 L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.8 Ensure sshd DisableForwarding is enabledCIS Amazon Linux 2 v3.0.0 L2Unix

CONFIGURATION MANAGEMENT

5.2.1.1 Ensure audit is installedCIS Amazon Linux 2 v3.0.0 L2Unix

AUDIT AND ACCOUNTABILITY

5.2.2.4 Ensure system warns when audit logs are low on spaceCIS Amazon Linux 2 v3.0.0 L2Unix

AUDIT AND ACCOUNTABILITY

5.2.3.3 Ensure events that modify the sudo log file are collectedCIS Amazon Linux 2 v3.0.0 L2Unix

AUDIT AND ACCOUNTABILITY

5.2.3.5 Ensure events that modify the system's network environment are collectedCIS Amazon Linux 2 v3.0.0 L2Unix

AUDIT AND ACCOUNTABILITY

5.2.3.7 Ensure unsuccessful file access attempts are collectedCIS Amazon Linux 2 v3.0.0 L2Unix

AUDIT AND ACCOUNTABILITY

5.2.3.9 Ensure discretionary access control permission modification events are collectedCIS Amazon Linux 2 v3.0.0 L2Unix

AUDIT AND ACCOUNTABILITY

5.2.3.12 Ensure login and logout events are collectedCIS Amazon Linux 2 v3.0.0 L2Unix

AUDIT AND ACCOUNTABILITY

5.2.3.16 Ensure successful and unsuccessful attempts to use the setfacl command are recordedCIS Amazon Linux 2 v3.0.0 L2Unix

AUDIT AND ACCOUNTABILITY

5.2.4.4 Ensure only authorized groups are assigned ownership of audit log filesCIS Amazon Linux 2 v3.0.0 L2Unix

ACCESS CONTROL, MEDIA PROTECTION

5.2.4.7 Ensure audit configuration files belong to group rootCIS Amazon Linux 2 v3.0.0 L2Unix

ACCESS CONTROL, MEDIA PROTECTION

18.2.6 Ensure 'Password Settings: Password Age (Days)' is set to 'Enabled: 30 or fewer'CIS Microsoft Windows 8.1 v2.4.1 L1Windows

IDENTIFICATION AND AUTHENTICATION

18.3.6 (L1) Ensure 'Password Settings: Password Age (Days)' is set to 'Enabled: 30 or fewer' (MS only)CIS Microsoft Windows Server 2016 v4.0.0 L1 MSWindows

IDENTIFICATION AND AUTHENTICATION

18.5.8.1 (L1) Ensure 'Enable insecure guest logons' is set to 'Disabled'CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MSWindows

CONFIGURATION MANAGEMENT

18.6.8.1 (L1) Ensure 'Enable insecure guest logons' is set to 'Disabled'CIS Microsoft Windows Server 2019 Stand-alone v3.0.0 L1 MSWindows

CONFIGURATION MANAGEMENT

18.6.8.1 (L1) Ensure 'Enable insecure guest logons' is set to 'Disabled'CIS Microsoft Windows Server 2019 v4.0.0 L1 DCWindows

CONFIGURATION MANAGEMENT

18.6.8.4 (L1) Ensure 'Enable insecure guest logons' is set to 'Disabled'CIS Microsoft Windows Server 2025 Stand-alone v1.0.0 L1 MSWindows

CONFIGURATION MANAGEMENT

18.9.7.1.1 (BL) Ensure 'Prevent installation of devices that match any of these device IDs' is set to 'Enabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BLWindows

MEDIA PROTECTION

18.9.7.1.1 (BL) Ensure 'Prevent installation of devices that match any of these device IDs' is set to 'Enabled'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BLWindows

MEDIA PROTECTION

18.9.7.1.3 (BL) Ensure 'Prevent installation of devices that match any of these device IDs: Also apply to matching devices that are already installed.' is set to 'True' (checked)CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BLWindows

MEDIA PROTECTION

26.3 (L1) Ensure 'Device Password Enabled: Min Device Password Complex Characters' is set to 'Digits and lowercase letters are required'CIS Microsoft Intune for Windows 10 v4.0.0 L1Windows

IDENTIFICATION AND AUTHENTICATION

CD12-00-012300 - PostgreSQL must use NIST FIPS 140-2 or 140-3 validated cryptographic modules for cryptographic operations.DISA STIG Crunchy Data PostgreSQL OS v3r1Unix

IDENTIFICATION AND AUTHENTICATION

ESXI-70-000010 - The ESXi host Secure Shell (SSH) daemon must use FIPS 140-2 validated cryptographic modules to protect the confidentiality of remote access sessions.DISA STIG VMware vSphere 7.0 ESXi OS v1r4Unix

ACCESS CONTROL

MD4X-00-001300 - MongoDB must use NIST FIPS 140-2 or 140-3 validated cryptographic modules for cryptographic operations.DISA STIG MongoDB Enterprise Advanced 4.x v1r4 OSUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

O19C-00-015500 - Oracle Database must use NIST-validated FIPS 140-2/140-3 compliant cryptography for authentication mechanisms.DISA Oracle Database 19c STIG v1r2 WindowsWindows

IDENTIFICATION AND AUTHENTICATION

O19C-00-015500 - Oracle Database must use NIST-validated FIPS 140-2/140-3 compliant cryptography for authentication mechanisms.DISA Oracle Database 19c STIG v1r2 UnixUnix

IDENTIFICATION AND AUTHENTICATION

PGS9-00-012300 - PostgreSQL must use NIST FIPS 140-2 or 140-3 validated cryptographic modules for cryptographic operations.DISA STIG PostgreSQL 9.x on RHEL OS v2r5Unix

IDENTIFICATION AND AUTHENTICATION

PPS9-00-004900 - The EDB Postgres Advanced Server must use NIST FIPS 140-2 or 140-3 validated cryptographic modules for cryptographic operations.EDB PostgreSQL Advanced Server OS Linux Audit v2r3Unix

IDENTIFICATION AND AUTHENTICATION