Item Search

Name	Audit Name	Plugin	Category
1.1.2 Ensure 'Enable Log on High DP Load' is enabled	CIS Palo Alto Firewall 7 Benchmark L1 v1.0.0	Palo_Alto	AUDIT AND ACCOUNTABILITY
1.6 Audit Docker files and directories - /var/lib/docker	CIS Docker 1.13.0 v1.0.0 L1 Linux	Unix	AUDIT AND ACCOUNTABILITY
1.8 Audit Docker files and directories - docker.service	CIS Docker 1.13.0 v1.0.0 L1 Linux	Unix	AUDIT AND ACCOUNTABILITY
1.10 Audit Docker files and directories - docker.service	CIS Docker 1.12.0 v1.0.0 L1 Linux	Unix	AUDIT AND ACCOUNTABILITY
1.10.1 Ensure 'logging' is enabled	CIS Cisco Firewall v8.x L1 v4.2.0	Cisco	AUDIT AND ACCOUNTABILITY
1.11 Audit Docker files and directories - docker-registry.service	CIS Docker 1.6 v1.0.0 L1 Linux	Unix	AUDIT AND ACCOUNTABILITY
1.12 Audit Docker files and directories - /etc/default/docker	CIS Docker 1.11.0 v1.0.0 L1 Linux	Unix	AUDIT AND ACCOUNTABILITY
1.14 Audit Docker files and directories - /usr/bin/docker-containerd	CIS Docker 1.11.0 v1.0.0 L1 Linux	Unix	AUDIT AND ACCOUNTABILITY
1.15 Audit Docker files and directories - /usr/bin/docker-runc	CIS Docker 1.12.0 v1.0.0 L1 Linux	Unix	AUDIT AND ACCOUNTABILITY
2.2.3 Ensure SNMP traps is enabled - configurationSave	CIS Check Point Firewall L1 v1.1.0	CheckPoint	AUDIT AND ACCOUNTABILITY
2.2.4 Ensure SNMP traps receivers is set	CIS Check Point Firewall L1 v1.1.0	CheckPoint	AUDIT AND ACCOUNTABILITY
2.6.1 Ensure mgmtauditlogs is set to on	CIS Check Point Firewall L1 v1.1.0	CheckPoint	AUDIT AND ACCOUNTABILITY
2.6.2 Ensure auditlog is set to permanent	CIS Check Point Firewall L1 v1.1.0	CheckPoint	AUDIT AND ACCOUNTABILITY
3.2 Enable Stack Protection - set noexec_user_stack_log = 1	CIS Solaris 11.1 L1 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.2 Enable Auditing of Incoming Network Connections - AUE_ACCEPT : cis	CIS Solaris 11.1 L1 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.2 Enable Auditing of Incoming Network Connections - AUE_SOCKACCEPT : cis	CIS Solaris 11 L1 v1.1.0	Unix	AUDIT AND ACCOUNTABILITY
4.3 Enable Auditing of File Metadata Modification Events - AUE_ACLSET : cis	CIS Solaris 11.1 L1 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.3 Enable Auditing of File Metadata Modification Events - AUE_ACLSET : cis	CIS Solaris 11 L1 v1.1.0	Unix	AUDIT AND ACCOUNTABILITY
4.3 Enable Auditing of File Metadata Modification Events - AUE_LCHOWN : cis	CIS Solaris 11.1 L1 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.4 Enable Auditing of Process and Privilege Events - AUE_CHROOT : cis	CIS Solaris 11.1 L1 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.4 Enable Auditing of Process and Privilege Events - AUE_PFEXEC : cis	CIS Solaris 11.1 L1 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.4 Enable Auditing of Process and Privilege Events - AUE_SETEUID : cis	CIS Solaris 11.2 L1 v1.1.0	Unix	AUDIT AND ACCOUNTABILITY
4.4 Enable Auditing of Process and Privilege Events - AUE_SETGID : cis	CIS Solaris 11.1 L1 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.4 Enable Auditing of Process and Privilege Events - AUE_SETREGID : cis	CIS Solaris 11.2 L1 v1.1.0	Unix	AUDIT AND ACCOUNTABILITY
4.4 Enable Auditing of Process and Privilege Events - AUE_SETREUID : cis	CIS Solaris 11 L1 v1.1.0	Unix	AUDIT AND ACCOUNTABILITY
4.5 Configure Solaris Auditing - active non-attributable flags = lo	CIS Solaris 11 L1 v1.1.0	Unix	AUDIT AND ACCOUNTABILITY
4.5 Configure Solaris Auditing - audit_binfile (active)	CIS Solaris 11.1 L1 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.5 Configure Solaris Auditing - audit_binfile attributes: p_minfree=1;	CIS Solaris 11 L1 v1.1.0	Unix	AUDIT AND ACCOUNTABILITY
4.5 Configure Solaris Auditing - configured user flags = cis,ex,aa,ua,as,ss,lo,ft	CIS Solaris 11.1 L1 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.5 Configure Solaris Auditing - userattr audit_flags root	CIS Solaris 11.2 L1 v1.1.0	Unix	AUDIT AND ACCOUNTABILITY
4.5 Configure Solaris Auditing - var/audit/.not_terminated.	CIS Solaris 11.1 L1 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
7.2 Specify file handler in logging.properties (check if java.util.logging.ConsoleHandler exists in web application)	CIS Apache Tomcat 7 L1 v1.1.0 Middleware	Unix	AUDIT AND ACCOUNTABILITY
7.2 Specify file handler in logging.properties (check if org.apache.juli.FileHandler logging is enabled in default)	CIS Apache Tomcat 7 L1 v1.1.0 Middleware	Unix	AUDIT AND ACCOUNTABILITY
7.2.4 Log Suspicious Packets - net.ipv4.conf.all.log_martians	CIS Debian Linux 7 L1 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
8.1.4 Record Events That Modify Date and Time Information - 32 bit adjtimex	CIS Debian Linux 7 L2 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
8.1.4 Record Events That Modify Date and Time Information- '32bit adjtimex'	CIS Ubuntu 12.04 LTS Benchmark L2 v1.1.0	Unix	AUDIT AND ACCOUNTABILITY
8.1.5 Record Events That Modify User/Group Information - /etc/passwd	CIS Debian Linux 7 L2 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
8.1.6 Record Events That Modify the System's Network Environment - 32 bit system-locale	CIS Debian Linux 7 L2 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
8.1.8 Collect Login and Logout Events - /var/log/lastlog	CIS Debian Linux 7 L2 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
8.1.10 Collect Discretionary Access Control Permission Modification Events - 64 bit chown	CIS Debian Linux 7 L2 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
8.1.11 Collect Unsuccessful Unauthorized Access Attempts to Files - 64 bit EACCES	CIS Debian Linux 7 L2 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
8.1.11 Collect Unsuccessful Unauthorized Access Attempts to Files- '64bit EACCES'	CIS Ubuntu 12.04 LTS Benchmark L2 v1.1.0	Unix	AUDIT AND ACCOUNTABILITY
8.1.13 Collect Successful File System Mounts - '64bit mount'	CIS Ubuntu 12.04 LTS Benchmark L2 v1.1.0	Unix	AUDIT AND ACCOUNTABILITY
8.1.14 Collect File Deletion Events by User - 32 bit unlink	CIS Debian Linux 7 L2 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
8.1.14 Collect File Deletion Events by User- '32bit unlink/unlinkat/rename/renameat'	CIS Ubuntu 12.04 LTS Benchmark L2 v1.1.0	Unix	AUDIT AND ACCOUNTABILITY
8.1.16 Collect System Administrator Actions (sudolog)	CIS Ubuntu 12.04 LTS Benchmark L2 v1.1.0	Unix	AUDIT AND ACCOUNTABILITY
8.1.17 Collect Kernel Module Loading and Unloading - /sbin/insmod	CIS Debian Linux 7 L2 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
IBM i : Auditing for New Objects (QCRTOBJAUD) - '*CHANGE'	IBM System i Security Reference for V7R3	AS/400	AUDIT AND ACCOUNTABILITY
IBM i : Auditing Level (QAUDLVL) - '*SECURITY'	IBM System i Security Reference for V7R1 and V6R1	AS/400	AUDIT AND ACCOUNTABILITY
IBM i : Auditing Level (QAUDLVL) - '*SECURITY'	IBM System i Security Reference for V7R2	AS/400	AUDIT AND ACCOUNTABILITY

Detections

Analytics

Item Search