Item Search

Name	Audit Name	Plugin	Category
1.1.5 Ensure noexec option set on /tmp partition	CIS Google Container-Optimized OS v1.2.0 L1 Server	Unix	CONFIGURATION MANAGEMENT
1.5.1.3 Ensure remote login warning banner is configured properly	CIS Google Container-Optimized OS v1.2.0 L1 Server	Unix	CONFIGURATION MANAGEMENT
2.1.1.1 Ensure time synchronization is in use	CIS Google Container-Optimized OS v1.2.0 L1 Server	Unix	AUDIT AND ACCOUNTABILITY
2.1.2 Ensure X Window System is not installed	CIS Google Container-Optimized OS v1.2.0 L1 Server	Unix	CONFIGURATION MANAGEMENT
2.1.3 Ensure NFS and RPC are not enabled	CIS Google Container-Optimized OS v1.2.0 L1 Server	Unix	SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION
2.2.6 Ensure 'REMOTE_LOGIN_PASSWORDFILE' Is Set to 'NONE'	CIS Oracle Server 19c DB Traditional Auditing v1.2.0	OracleDB	ACCESS CONTROL
2.2.11 Ensure 'SEC_PROTOCOL_ERROR_FURTHER_ACTION' Is Set to '(DROP,3)'	CIS Oracle Server 19c DB Traditional Auditing v1.2.0	OracleDB	SYSTEM AND COMMUNICATIONS PROTECTION
2.2.13 Ensure 'SEC_RETURN_SERVER_RELEASE_BANNER' Is Set to 'FALSE'	CIS Oracle Server 19c DB Traditional Auditing v1.2.0	OracleDB	ACCESS CONTROL, MEDIA PROTECTION
2.2.14 Ensure 'SQL92_SECURITY' Is Set to 'TRUE'	CIS Oracle Server 19c DB Traditional Auditing v1.2.0	OracleDB	ACCESS CONTROL, MEDIA PROTECTION
2.2.17 Ensure 'PDB_OS_CREDENTIAL' is NOT null	CIS Oracle Server 19c DB Traditional Auditing v1.2.0	OracleDB	ACCESS CONTROL
3.2.5 Ensure broadcast ICMP requests are ignored	CIS Google Container-Optimized OS v1.2.0 L1 Server	Unix	CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION
3.3 Ensure 'PASSWORD_LIFE_TIME' Is Less than or Equal to '90'	CIS Oracle Server 19c DB Traditional Auditing v1.2.0	OracleDB	ACCESS CONTROL
3.5 Ensure 'PASSWORD_REUSE_TIME' Is Greater than or Equal to '365'	CIS Oracle Server 19c DB Traditional Auditing v1.2.0	OracleDB	IDENTIFICATION AND AUTHENTICATION
3.9 Ensure 'INACTIVE_ACCOUNT_TIME' Is Less than or Equal to '120'	CIS Oracle Server 19c DB Traditional Auditing v1.2.0	OracleDB	ACCESS CONTROL
4.1 Ensure All Default Passwords Are Changed	CIS Oracle Server 19c DB Traditional Auditing v1.2.0	OracleDB	IDENTIFICATION AND AUTHENTICATION
4.1.2.2 Ensure journald is configured to write logfiles to persistent disk	CIS Google Container-Optimized OS v1.2.0 L1 Server	Unix	AUDIT AND ACCOUNTABILITY
4.3 Ensure 'DBA_USERS.AUTHENTICATION_TYPE' Is Not Set to 'EXTERNAL' for Any User	CIS Oracle Server 19c DB Traditional Auditing v1.2.0	OracleDB	ACCESS CONTROL
4.6 Ensure No Public Database Links Exist	CIS Oracle Server 19c DB Traditional Auditing v1.2.0	OracleDB	ACCESS CONTROL, MEDIA PROTECTION
5.1.1 Ensure permissions on /etc/ssh/sshd_config are configured	CIS Google Container-Optimized OS v1.2.0 L1 Server	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.1.1.3 Ensure 'EXECUTE' is revoked from 'PUBLIC' on "Encryption" Packages	CIS Oracle Server 19c DB Traditional Auditing v1.2.0	OracleDB	ACCESS CONTROL, MEDIA PROTECTION
5.1.3 Ensure permissions on SSH public host key files are configured	CIS Google Container-Optimized OS v1.2.0 L1 Server	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.1.8 Ensure SSH IgnoreRhosts is enabled	CIS Google Container-Optimized OS v1.2.0 L1 Server	Unix	SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION
5.3.1.3 Ensure password expiration warning days is 7 or more	CIS Google Container-Optimized OS v1.2.0 L1 Server	Unix	IDENTIFICATION AND AUTHENTICATION
5.3.3 Ensure default group for the root account is GID 0	CIS Google Container-Optimized OS v1.2.0 L1 Server	Unix	ACCESS CONTROL, MEDIA PROTECTION
6.1.7 Ensure permissions on /etc/group- are configured	CIS Google Container-Optimized OS v1.2.0 L1 Server	Unix	ACCESS CONTROL, MEDIA PROTECTION
6.2.18 Ensure no duplicate user names exist	CIS Google Container-Optimized OS v1.2.0 L1 Server	Unix	IDENTIFICATION AND AUTHENTICATION
6.2.19 Ensure no duplicate group names exist	CIS Google Container-Optimized OS v1.2.0 L1 Server	Unix	IDENTIFICATION AND AUTHENTICATION
Salesforce.com : AuthConfig - 'Auth Providers = Facebook is not configured'	TNS Salesforce Best Practices Audit v1.2.0	Salesforce.com	CONFIGURATION MANAGEMENT
Salesforce.com : AuthConfig - 'Auth Providers = MicrosoftACS Consumer Secret'	TNS Salesforce Best Practices Audit v1.2.0	Salesforce.com
Salesforce.com : AuthConfig - 'Auth Providers = MicrosoftACS Error URL'	TNS Salesforce Best Practices Audit v1.2.0	Salesforce.com
Salesforce.com : AuthConfig - 'Auth Providers = MicrosoftACS is not configured'	TNS Salesforce Best Practices Audit v1.2.0	Salesforce.com	CONFIGURATION MANAGEMENT
Salesforce.com : AuthConfig - 'Auth Providers = MicrosoftACS Token Endpoint URL'	TNS Salesforce Best Practices Audit v1.2.0	Salesforce.com
Salesforce.com : AuthConfig - 'Auth Providers = MicrosoftACS'	TNS Salesforce Best Practices Audit v1.2.0	Salesforce.com
Salesforce.com : AuthConfig - 'Auth Providers = OpenIdConnect Error URL'	TNS Salesforce Best Practices Audit v1.2.0	Salesforce.com
Salesforce.com : AuthConfig - 'Auth Providers = OpenIdConnect Send Client Credentials in Header'	TNS Salesforce Best Practices Audit v1.2.0	Salesforce.com
Salesforce.com : AuthConfig - 'Auth Providers = OpenIdConnect Token Endpoint URL'	TNS Salesforce Best Practices Audit v1.2.0	Salesforce.com
Salesforce.com : AuthConfig - 'Auth Providers = Salesforce'	TNS Salesforce Best Practices Audit v1.2.0	Salesforce.com
Salesforce.com : AuthConfig - 'Auth Providers in use'	TNS Salesforce Best Practices Audit v1.2.0	Salesforce.com
Salesforce.com : Data Access Control - 'Enable CSRF protection on GET requests on non-setup pages = true'	TNS Salesforce Best Practices Audit v1.2.0	Salesforce.com	SYSTEM AND COMMUNICATIONS PROTECTION
Salesforce.com : Email Services - 'IsErrorRoutingEnabled = True'	TNS Salesforce Best Practices Audit v1.2.0	Salesforce.com	SYSTEM AND INFORMATION INTEGRITY
Salesforce.com : Object Permissions - 'DefaultLeadAccess should not be Public Read/Write or Public Read/Write/Transfer'	TNS Salesforce Best Practices Audit v1.2.0	Salesforce.com	ACCESS CONTROL
Salesforce.com : Object Permissions - 'DefaultOpportunityAccess should not be Public Read/Write or Public Read/Write/Transfer'	TNS Salesforce Best Practices Audit v1.2.0	Salesforce.com	ACCESS CONTROL
Salesforce.com : Setting Password Policies - 'lockout period >= 30 minutes'	TNS Salesforce Best Practices Audit v1.2.0	Salesforce.com	ACCESS CONTROL
Salesforce.com : Setting Session Security - 'Enable clickjack protection for non-setup customer Visualforce pages = true'	TNS Salesforce Best Practices Audit v1.2.0	Salesforce.com	SYSTEM AND COMMUNICATIONS PROTECTION
Salesforce.com : Setting Session Security - 'Lock session to IP = true'	TNS Salesforce Best Practices Audit v1.2.0	Salesforce.com	ACCESS CONTROL
Salesforce.com : Setting Session Security - 'Review Salesforce console User'	TNS Salesforce Best Practices Audit v1.2.0	Salesforce.com
Salesforce.com : Setting Session Security - 'Review Salesforce CRM Content User'	TNS Salesforce Best Practices Audit v1.2.0	Salesforce.com
Salesforce.com : Setting Session Security - 'Review user types'	TNS Salesforce Best Practices Audit v1.2.0	Salesforce.com
Salesforce.com : Setting Session Security - 'Review Work.com User'	TNS Salesforce Best Practices Audit v1.2.0	Salesforce.com
Salesforce.com : Setting Session Security - 'Use POST requests for cross-domain sessions = true'	TNS Salesforce Best Practices Audit v1.2.0	Salesforce.com	CONFIGURATION MANAGEMENT

Detections

Analytics

Item Search