Item Search

NameAudit NamePluginCategory
1.1.8 Ensure nodev option set on /var partitionCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

1.4.1 Ensure core dumps are restrictedCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

CONFIGURATION MANAGEMENT

1.5.1.4 Ensure permissions on /etc/motd are configuredCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

3.1 Ensure 'FAILED_LOGIN_ATTEMPTS' Is Less than or Equal to '5'CIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

ACCESS CONTROL

3.2 Ensure 'PASSWORD_LOCK_TIME' Is Greater than or Equal to '1'CIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

ACCESS CONTROL

3.2.4 Ensure suspicious packets are loggedCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

3.3.2.3 Ensure outbound and established connections are configuredCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.9 Ensure 'INACTIVE_ACCOUNT_TIME' Is Less than or Equal to '120'CIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

ACCESS CONTROL

4.1.1.1 Ensure correct container image is set for stackdriver logging agentCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

4.5 Ensure 'SYS.USER$MIG' Has Been DroppedCIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.1.1.2 Ensure 'EXECUTE' is revoked from 'PUBLIC' on "File System" PackagesCIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

ACCESS CONTROL, MEDIA PROTECTION

5.1.1.3 Ensure 'EXECUTE' is revoked from 'PUBLIC' on "Encryption" PackagesCIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

ACCESS CONTROL, MEDIA PROTECTION

5.1.1.4 Ensure 'EXECUTE' is revoked from 'PUBLIC' on "Java" PackagesCIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

ACCESS CONTROL, MEDIA PROTECTION

5.1.3.3 Ensure 'ALL' Is Revoked on 'Sensitive' TablesCIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

ACCESS CONTROL, MEDIA PROTECTION

5.1.14 Ensure only strong MAC algorithms are usedCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.2.1 Ensure '%ANY%' Is Revoked from Unauthorized 'GRANTEE'CIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

ACCESS CONTROL, MEDIA PROTECTION

5.2.3 Ensure 'EXECUTE ANY PROCEDURE' Is Revoked from 'OUTLN'CIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

ACCESS CONTROL, MEDIA PROTECTION

5.2.10 Ensure 'CREATE PROCEDURE' Is Revoked from Unauthorized 'GRANTEE'CIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

ACCESS CONTROL, MEDIA PROTECTION

5.2.12 Ensure 'CREATE ANY LIBRARY' Is Revoked from Unauthorized 'GRANTEE'CIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

ACCESS CONTROL, MEDIA PROTECTION

5.2.15 Ensure 'GRANT ANY ROLE' Is Revoked from Unauthorized 'GRANTEE'CIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

ACCESS CONTROL, MEDIA PROTECTION

5.3.1.4 Ensure inactive password lock is 30 days or lessCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

IDENTIFICATION AND AUTHENTICATION

6.2.12 Ensure no users have .netrc filesCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

6.2.13 Ensure the 'ALTER DATABASE LINK' Action Audit Is EnabledCIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

AUDIT AND ACCOUNTABILITY

6.2.14 Ensure no users have .rhosts filesCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

6.2.25 Ensure the 'ALTER TRIGGER' Action Audit IS EnabledCIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

AUDIT AND ACCOUNTABILITY

CIS Control 3 (3.6(b)) Deploy Automated Software Patch Management ToolsCAS Implementation Group 1 Audit FileUnix

SYSTEM AND INFORMATION INTEGRITY

CIS Control 8 (8.4) Configure Anti-Malware Scanning of Removable MediaCAS Implementation Group 1 Audit FileUnix

SYSTEM AND INFORMATION INTEGRITY

CIS_Apple_macOS_11.0_Big_Sur_v4.0.0_L1.audit from CIS Apple macOS 12.0 Big Sur Benchmark v4.0.0CIS Apple macOS 11.0 Big Sur v4.0.0 L1Unix
Salesforce.com : AuthConfig - 'Auth Providers = Facebook'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : AuthConfig - 'Auth Providers = MicrosoftACS Consumer Key'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : AuthConfig - 'Auth Providers = OpenIdConnect Consumer Key'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : AuthConfig - 'Auth Providers = OpenIdConnect Consumer Secret'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : AuthConfig - 'Auth Providers = OpenIdConnect Token Issuer'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : AuthConfig - 'Auth Providers = Salesforce Consumer Secret'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : AuthConfig - 'Auth Providers = Salesforce Default Scope'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : AuthConfig - No SSO Auth Providers have been configuredTNS Salesforce Best Practices Audit v1.2.0Salesforce.com

IDENTIFICATION AND AUTHENTICATION

Salesforce.com : CronTrigger - 'Cron Jobs with Status of BLOCKED'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

CONFIGURATION MANAGEMENT

Salesforce.com : Email Services - 'AddressInactiveAction != 2'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

CONFIGURATION MANAGEMENT

Salesforce.com : Email Services - 'FunctionInactiveAction != 2'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

CONFIGURATION MANAGEMENT

Salesforce.com : Monitoring Login History - 'Inactive System Administrators'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

ACCESS CONTROL

Salesforce.com : Setting Password Policies - 'Minimum 1 day password lifetime'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

IDENTIFICATION AND AUTHENTICATION

Salesforce.com : Setting Password Policies - 'Obscure secret answer for password resets = true'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

IDENTIFICATION AND AUTHENTICATION

Salesforce.com : Setting Password Policies - 'passwords expire >= 90'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

IDENTIFICATION AND AUTHENTICATION

Salesforce.com : Setting Session Security - 'Enable clickjack protection for non-setup Salesforce pages = true'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

SYSTEM AND COMMUNICATIONS PROTECTION

Salesforce.com : Setting Session Security - 'Review Apex Mobile User'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : Setting Session Security - 'Review Call Center Auto-Login Users'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : Setting Session Security - 'Review Chatter Answers Users'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : Setting Session Security - 'Review Offline User'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : Setting Session Security - 'Review Salesforce Knowledge Users'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : User Access - 'No new users have been created since the last scan'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

ACCESS CONTROL