Item Search

Name	Audit Name	Plugin	Category
1.1 Ensure packages are obtained from authorized repositories	CIS PostgreSQL 15 v1.2.0 L1 OS Linux Unix	Unix	CONFIGURATION MANAGEMENT, MAINTENANCE
1.7 Verify That the 'PGPASSWORD' Environment Variable is Not in Use	CIS PostgreSQL 15 v1.2.0 L1 OS Linux Unix	Unix	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.8.1 (L1) Ensure 'Microsoft network client: Digitally sign communications (always)' is set to 'Enabled'	CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.8.1 (L1) Ensure 'Microsoft network client: Digitally sign communications (always)' is set to 'Enabled'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.8.1 (L1) Ensure 'Microsoft network client: Digitally sign communications (always)' is set to 'Enabled'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NG	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.8.1 (L1) Ensure 'Microsoft network client: Digitally sign communications (always)' is set to 'Enabled'	CIS Microsoft Windows Server 2016 v4.0.0 L1 DC	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.8.1 (L1) Ensure 'Microsoft network client: Digitally sign communications (always)' is set to 'Enabled'	CIS Microsoft Windows Server 2019 v4.0.0 L1 MS	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.8.1 Ensure 'Microsoft network client: Digitally sign communications (always)' is set to 'Enabled'	CIS Windows 7 Workstation Level 1 v3.2.0	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.8.2 (L1) Ensure 'Microsoft network client: Digitally sign communications (if server agrees)' is set to 'Enabled'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NG	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.9.2 (L1) Ensure 'Microsoft network server: Digitally sign communications (always)' is set to 'Enabled'	CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DC	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.9.2 (L1) Ensure 'Microsoft network server: Digitally sign communications (always)' is set to 'Enabled'	CIS Windows Server 2012 R2 DC L1 v3.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.9.2 (L1) Ensure 'Microsoft network server: Digitally sign communications (always)' is set to 'Enabled'	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker	Windows	CONFIGURATION MANAGEMENT
2.3.9.2 (L1) Ensure 'Microsoft network server: Digitally sign communications (always)' is set to 'Enabled'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NG	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.9.2 (L1) Ensure 'Microsoft network server: Digitally sign communications (always)' is set to 'Enabled'	CIS Microsoft Windows Server 2019 v4.0.0 L1 DC	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.9.3 (L1) Ensure 'Microsoft network server: Digitally sign communications (if client agrees)' is set to 'Enabled'	CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.9.3 (L1) Ensure 'Microsoft network server: Digitally sign communications (if client agrees)' is set to 'Enabled'	CIS Windows Server 2012 R2 DC L1 v3.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.9.3 (L1) Ensure 'Microsoft network server: Digitally sign communications (if client agrees)' is set to 'Enabled'	CIS Windows Server 2012 R2 MS L1 v3.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.9.3 (L1) Ensure 'Microsoft network server: Digitally sign communications (if client agrees)' is set to 'Enabled'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.9.3 (L1) Ensure 'Microsoft network server: Digitally sign communications (if client agrees)' is set to 'Enabled'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.9.3 (L1) Ensure 'Microsoft network server: Digitally sign communications (if client agrees)' is set to 'Enabled'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NG	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
3.1.6 Ensure the log file permissions are set correctly	CIS PostgreSQL 15 v1.2.0 L1 OS Linux PostgreSQLDB	PostgreSQLDB	ACCESS CONTROL, MEDIA PROTECTION
3.1.10 Ensure the correct syslog facility is selected	CIS PostgreSQL 15 v1.2.0 L1 OS Linux PostgreSQLDB	PostgreSQLDB	AUDIT AND ACCOUNTABILITY
3.1.13 Ensure the program name for PostgreSQL syslog messages is correct	CIS PostgreSQL 15 v1.2.0 L1 OS Linux PostgreSQLDB	PostgreSQLDB	AUDIT AND ACCOUNTABILITY
3.1.23 Ensure 'log_hostname' is set correctly	CIS PostgreSQL 15 v1.2.0 L1 OS Linux PostgreSQLDB	PostgreSQLDB	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
3.2 Ensure the PostgreSQL Audit Extension (pgAudit) is enabled	CIS PostgreSQL 15 v1.2.0 L1 OS Linux PostgreSQLDB	PostgreSQLDB	AUDIT AND ACCOUNTABILITY
4.3 Ensure excessive administrative privileges are revoked	CIS PostgreSQL 15 v1.2.0 L1 OS Linux PostgreSQLDB	PostgreSQLDB	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
4.3.41 Restrict Access to SYSIBM.SYSUSEROPTIONS	CIS IBM DB2 11 v1.2.0 Database Level 1	IBM_DB2DB	ACCESS CONTROL, MEDIA PROTECTION
4.4 Lock Out Accounts if Not Currently in Use	CIS PostgreSQL 15 v1.2.0 L1 OS Linux PostgreSQLDB	PostgreSQLDB	ACCESS CONTROL
4.4.2 Restrict Access to SYSIBMADM.OBJECTOWNERS	CIS IBM DB2 11 v1.2.0 Database Level 1	IBM_DB2DB	ACCESS CONTROL, MEDIA PROTECTION
5.6 Ensure Password Complexity is configured	CIS PostgreSQL 15 v1.2.0 L1 OS Linux PostgreSQLDB	PostgreSQLDB	IDENTIFICATION AND AUTHENTICATION
5.7 Secure Permissions for All Authentication Plugins	CIS IBM DB2 11 v1.2.0 Database Level 1	IBM_DB2DB	ACCESS CONTROL, MEDIA PROTECTION
6.1.5 Secure SECADM Authority	CIS IBM DB2 11 v1.2.0 Database Level 1	IBM_DB2DB	ACCESS CONTROL, MEDIA PROTECTION
6.1.14 Secure LOAD Authority	CIS IBM DB2 11 v1.2.0 Database Level 1	IBM_DB2DB	ACCESS CONTROL, MEDIA PROTECTION
6.1.20 Secure Schema DATAACCESS Authority	CIS IBM DB2 11 v1.2.0 Database Level 1	IBM_DB2DB	ACCESS CONTROL, MEDIA PROTECTION
6.2 Ensure 'backend' runtime parameters are configured correctly	CIS PostgreSQL 15 v1.2.0 L1 OS Linux PostgreSQLDB	PostgreSQLDB	CONFIGURATION MANAGEMENT
6.2.1 Review Users, Groups, and Roles	CIS IBM DB2 11 v1.2.0 Database Level 1	IBM_DB2DB	ACCESS CONTROL, MEDIA PROTECTION
6.2.2 Review Roles	CIS IBM DB2 11 v1.2.0 Database Level 1	IBM_DB2DB	ACCESS CONTROL, MEDIA PROTECTION
6.2.3 Review Role Members	CIS IBM DB2 11 v1.2.0 Database Level 1	IBM_DB2DB	ACCESS CONTROL, MEDIA PROTECTION
6.2.5 Review Roles Granted to PUBLIC	CIS IBM DB2 11 v1.2.0 Database Level 1	IBM_DB2DB	ACCESS CONTROL, MEDIA PROTECTION
6.3.3 Review Column Mask Logic According to Policy	CIS IBM DB2 11 v1.2.0 Database Level 1	IBM_DB2DB	ACCESS CONTROL, MEDIA PROTECTION
6.4.1 Ensure Trusted Contexts are Enabled	CIS IBM DB2 11 v1.2.0 Database Level 2	IBM_DB2DB	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
6.11 Ensure the pgcrypto extension is installed and configured correctly	CIS PostgreSQL 15 v1.2.0 L1 OS Linux PostgreSQLDB	PostgreSQLDB	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
7.2 Ensure logging of replication commands is configured	CIS PostgreSQL 15 v1.2.0 L1 OS Linux PostgreSQLDB	PostgreSQLDB	ACCESS CONTROL
7.3 Ensure base backups are configured and functional	CIS PostgreSQL 15 v1.2.0 L1 OS Linux PostgreSQLDB	PostgreSQLDB	CONTINGENCY PLANNING
7.4 Ensure WAL archiving is configured and functional	CIS PostgreSQL 15 v1.2.0 L1 OS Linux PostgreSQLDB	PostgreSQLDB	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
8.2 Ensure the backup and restore tool, 'pgBackRest', is installed and configured	CIS PostgreSQL 15 v1.2.0 L1 OS Linux Unix	Unix	CONTINGENCY PLANNING
8.2.5 Backup the Stash File	CIS IBM DB2 11 v1.2.0 Database Level 2	IBM_DB2DB	CONTINGENCY PLANNING
8.2.8 Backup Your Password In Case Stash File is Inaccessible or Corrupted	CIS IBM DB2 11 v1.2.0 Database Level 2	IBM_DB2DB	CONTINGENCY PLANNING
9.1 Leverage the Least Privilege Principle	CIS IBM DB2 11 v1.2.0 Database Level 1	IBM_DB2DB	ACCESS CONTROL, MEDIA PROTECTION
9.3 Protecting Backups	CIS IBM DB2 11 v1.2.0 Database Level 1	IBM_DB2DB	CONTINGENCY PLANNING, SYSTEM AND COMMUNICATIONS PROTECTION

Detections

Analytics

Item Search