Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.2.1 Ensure dm-verity is enabledCIS Google Container-Optimized OS v1.2.0 L1 ServerUnix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

1.5.1.3 Ensure remote login warning banner is configured properlyCIS Google Container-Optimized OS v1.2.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

1.6 Ensure AppArmor is installedCIS Google Container-Optimized OS v1.2.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

2.3.8.2 (L1) Ensure 'Microsoft network client: Digitally sign communications (if server agrees)' is set to 'Enabled'CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.8.2 (L1) Ensure 'Microsoft network client: Digitally sign communications (if server agrees)' is set to 'Enabled'CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1Windows

IDENTIFICATION AND AUTHENTICATION

2.3.8.2 (L1) Ensure 'Microsoft network client: Digitally sign communications (if server agrees)' is set to 'Enabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BLWindows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.8.2 (L1) Ensure 'Microsoft network client: Digitally sign communications (if server agrees)' is set to 'Enabled'CIS Microsoft Windows Server 2022 v4.0.0 L1 MSWindows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.8.2 (L1) Ensure 'Microsoft network client: Digitally sign communications (if server agrees)' is set to 'Enabled'CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BLWindows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.1.1 Ensure packet redirect sending is disabledCIS Google Container-Optimized OS v1.2.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

3.2.3 Ensure secure ICMP redirects are not acceptedCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION

3.3.3 Ensure iptables is installedCIS Google Container-Optimized OS v1.2.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.1.1.3 Ensure logging is configuredCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

4.1.2.1 Ensure journald is configured to compress large log filesCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

5.1.3 Ensure permissions on SSH public host key files are configuredCIS Google Container-Optimized OS v1.2.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

5.1.8 Ensure SSH IgnoreRhosts is enabledCIS Google Container-Optimized OS v1.2.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.1.11 Ensure SSH PermitEmptyPasswords is disabledCIS Google Container-Optimized OS v1.2.0 L1 ServerUnix

IDENTIFICATION AND AUTHENTICATION

5.1.21 Ensure SSH MaxStartups is configuredCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

CONFIGURATION MANAGEMENT

5.3.2 Ensure system accounts are securedCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

6.1.6 Ensure permissions on /etc/shadow- are configuredCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

6.2.7 Ensure all users' home directories existCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

CONFIGURATION MANAGEMENT

18.5.11.3 (L1) Ensure 'Require domain users to elevate when setting a network's location' is set to 'Enabled'CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1Windows

ACCESS CONTROL

18.6.8.2 (L1) Ensure 'Require Encryption' is set to 'Enabled'CIS Microsoft Windows Server 2022 v4.0.0 L1 MSWindows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

18.6.8.7 (L1) Ensure 'Require Encryption' is set to 'Enabled'CIS Microsoft Windows Server 2025 v1.0.0 L1 DCWindows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

18.6.11.3 (L1) Ensure 'Require domain users to elevate when setting a network's location' is set to 'Enabled'CIS Windows Server 2012 DC L1 v3.0.0Windows

ACCESS CONTROL

18.6.11.4 (L1) Ensure 'Require domain users to elevate when setting a network's location' is set to 'Enabled'CIS Microsoft Windows Server 2019 v4.0.0 L1 DCWindows

ACCESS CONTROL

18.9.20.1.3 (L2) Ensure 'Turn off handwriting personalization data sharing' is set to 'Enabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L2Windows

CONFIGURATION MANAGEMENT

18.9.20.1.3 (L2) Ensure 'Turn off handwriting personalization data sharing' is set to 'Enabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L2 NGWindows

CONFIGURATION MANAGEMENT

19.1.3.4 Ensure 'Screen saver timeout' is set to 'Enabled: 900 seconds or fewer, but not 0'CIS Microsoft Windows 8.1 v2.4.1 L1Windows

ACCESS CONTROL

CIS_Apache_HTTP_Server_2.4_v2.2.0_L1.audit from CIS Apache HTTP Server 2.4 Benchmark v2.2.0CIS Apache HTTP Server 2.4 v2.2.0 L1Unix
CIS_Apple_macOS_10.15_Catalina_v3.0.0_L2.audit from CIS Apple macOS 10.15 Catalina Benchmark v3.0.0CIS Apple macOS 10.15 Catalina v3.0.0 L2Unix
CIS_Apple_macOS_12.0_Monterey_v4.0.0_L1.audit from CIS Apple macOS 12.0 Monterey Benchmark v4.0.0CIS Apple macOS 12.0 Monterey v4.0.0 L1Unix
CIS_Apple_macOS_14_Sonoma_STIG_v1.0.0_CAT_II.audit from CIS Apple macOS 14 (Sonoma) STIG Benchmark v1.0.0CIS Apple macOS 14 (Sonoma) STIG v1.0.0 CAT IIUnix
CIS_Apple_macOS_14.0_Sonoma_v2.1.0_L1.audit from CIS Apple macOS 14.0 Sonoma Benchmark v2.1.0CIS Apple macOS 14.0 Sonoma v2.1.0 L1Unix
CIS_Apple_macOS_15.0_Sequoia_v1.1.0_L1.audit from CIS Apple macOS 15.0 Sequoia Benchmark v1.1.0CIS Apple macOS 15.0 Sequoia v1.1.0 L1Unix
CIS_Apple_macOS_15.0_Sequoia_v1.1.0_L2.audit from CIS Apple macOS 15.0 Sequoia Benchmark v1.1.0CIS Apple macOS 15.0 Sequoia v1.1.0 L2Unix
CIS_Fedora_28_Family_Linux_Server_L1_v2.0.0.audit from CIS Fedora 28 Family Linux Benchmark v2.0.0CIS Fedora 28 Family Linux Server L2 v2.0.0Unix
CIS_Fedora_28_Family_Linux_Workstation_L1_v1.0.0.audit from CIS Fedora 19 Family Linux Benchmark v1.0.0CIS Fedora 19 Family Linux Workstation L2 v1.0.0Unix
CIS_Google_Chrome_Group_Policy_v1.0.0_L2.audit from CIS Google Chrome Group Policy Benchmark v1.0.0CIS Google Chrome Group Policy v1.0.0 L2Windows
CIS_Google_Kubernetes_Engine_GKE_v1.7.0_L1.audit from CIS Google Kubernetes Engine (GKE) Benchmark v1.7.0CIS Google Kubernetes Engine (GKE) v1.7.0 L1Unix
CIS_Microsoft_Exchange_Server_2013_Level_1_Mailbox_v1.1.0.audit from CIS Microsoft Exchange Server 2013 v1.1.0 BenchmarkCIS Microsoft Exchange Server 2013 Mailbox v1.1.0Windows

SYSTEM AND INFORMATION INTEGRITY

CIS_Microsoft_Exchange_Server_2016_Level_1_Edge_v1.0.0.audit from CIS Microsoft Exchange Server 2016 v1.0.0 BenchmarkCIS Microsoft Exchange Server 2016 Edge v1.0.0Windows

SYSTEM AND INFORMATION INTEGRITY

CIS_Microsoft_Exchange_Server_2016_Level_1_UM_v1.0.0.audit from CIS Microsoft Exchange Server 2016 v1.0.0 BenchmarkCIS Microsoft Exchange Server 2016 UM v1.0.0Windows

SYSTEM AND INFORMATION INTEGRITY

CIS_Microsoft_Intune_for_Office_v1.1.0_L1.audit from CIS Microsoft Intune for Office Benchmark v1.1.0CIS Microsoft Intune for Office v1.1.0 L1Windows
CIS_MS_Office_Word_2013_v1.1.0.audit from CIS Microsoft Office Word 2013 Benchmark v1.1.0CIS Microsoft Office Word 2013 v1.1.0Windows
CIS_MySQL_5.6_Community_Benchmark_v2.0.0_OS_MS_L1.audit from CIS Oracle MySQL 5.6 Community Edition BenchmarkCIS MySQL 5.6 Community Windows OS L1 v2.0.0Windows
CIS_MySQL_5.6_Enterprise_Benchmark_v2.0.0_OS_UNIX_L2.audit from CIS Oracle MySQL 5.6 Enterprise Edition BenchmarkCIS MySQL 5.6 Enterprise Linux OS L2 v2.0.0Unix
CIS_Red_Hat_Enterprise_Linux_9_v2.0.0_L1_Server.audit from CIS Red Hat Enterprise Linux 9 Benchmark v2.0.0CIS Red Hat Enterprise Linux 9 v2.0.0 L1 ServerUnix
CIS_Red_Hat_Enterprise_Linux_9_v2.0.0_L1_Workstation.audit from CIS Red Hat Enterprise Linux 9 Benchmark v2.0.0CIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix
CIS_Ubuntu_Linux_22.04_LTS_STIG_v1.0.0_CAT_II.audit from CIS Ubuntu Linux 22.04 LTS STIG Benchmark v1.0.0CIS Ubuntu Linux 22.04 LTS STIG v1.0.0 CAT IIUnix
CIS_Visual_Studio_Code_GPO_v1.0.0_L1.audit from CIS Visual Studio Code GPO Benchmark v1.0.0CIS Visual Studio Code GPO v1.0.0 L1Windows