Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.1 Install Available UpdatesCIS IBM DB2 11 v1.2.0 Database Level 1IBM_DB2DB

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

1.1.3 Ensure nodev option set on /tmp partitionCIS Google Container-Optimized OS v1.2.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

1.1.13 Disable AutomountingCIS Google Container-Optimized OS v1.2.0 L1 ServerUnix

MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY

3.2.4 Ensure suspicious packets are loggedCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

3.2.5 Ensure broadcast ICMP requests are ignoredCIS Google Container-Optimized OS v1.2.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION

3.2.8 Ensure TCP SYN Cookies is enabledCIS Google Container-Optimized OS v1.2.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION

3.3.1.2 Ensure IPv6 loopback traffic is configuredCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.3.1.3 Ensure IPv6 outbound and established connections are configuredCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.3.2.1 Ensure default deny firewall policyCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.3.3 Ensure iptables is installedCIS Google Container-Optimized OS v1.2.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.1.1.2 Ensure Logging Service is RunningCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

4.1.2.1 Ensure journald is configured to compress large log filesCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

4.1.2.2 Ensure journald is configured to write logfiles to persistent diskCIS Google Container-Optimized OS v1.2.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

4.1.3 Ensure permissions on all logfiles are configuredCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

4.2 Ensure logrotate is configuredCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

4.2.2 Restrict Access to SYSCAT.AUDITUSECIS IBM DB2 11 v1.2.0 Database Level 1IBM_DB2DB

ACCESS CONTROL, MEDIA PROTECTION

4.2.5 Restrict Access to SYSCAT.COLGROUPDISTCIS IBM DB2 11 v1.2.0 Database Level 1IBM_DB2DB

ACCESS CONTROL, MEDIA PROTECTION

4.2.7 Restrict Access to SYSCAT.CONTEXTATTRIBUTESCIS IBM DB2 11 v1.2.0 Database Level 1IBM_DB2DB

ACCESS CONTROL, MEDIA PROTECTION

4.2.24 Restrict Access to SYSCAT.SECURITYLABELACCESSCIS IBM DB2 11 v1.2.0 Database Level 1IBM_DB2DB

ACCESS CONTROL, MEDIA PROTECTION

4.2.29 Restrict Access to SYSCAT.SECURITYPOLICYCOMPONENTRULESCIS IBM DB2 11 v1.2.0 Database Level 1IBM_DB2DB

ACCESS CONTROL, MEDIA PROTECTION

4.2.44 Restrict Access to SYSCAT.WRAPOPTIONSCIS IBM DB2 11 v1.2.0 Database Level 1IBM_DB2DB

ACCESS CONTROL, MEDIA PROTECTION

4.2.46 Restrict Access to SYSSTAT.COLDISTCIS IBM DB2 11 v1.2.0 Database Level 1IBM_DB2DB

ACCESS CONTROL, MEDIA PROTECTION

4.3.23 Restrict Access to SYSIBM.SYSROUTINESCIS IBM DB2 11 v1.2.0 Database Level 1IBM_DB2DB

ACCESS CONTROL, MEDIA PROTECTION

4.3.26 Restrict Access to SYSIBM.SYSSCHEMATACIS IBM DB2 11 v1.2.0 Database Level 1IBM_DB2DB

ACCESS CONTROL, MEDIA PROTECTION

5.1.1 Ensure that 'security defaults' is enabled in Microsoft Entra IDCIS Microsoft Azure Foundations v5.0.0 L1microsoft_azure

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.1.2 Ensure permissions on SSH private host key files are configuredCIS Google Container-Optimized OS v1.2.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

5.1.4 Ensure SSH Protocol is set to 2CIS Google Container-Optimized OS v1.2.0 L1 ServerUnix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION

5.1.9 Ensure SSH HostbasedAuthentication is disabledCIS Google Container-Optimized OS v1.2.0 L1 ServerUnix

IDENTIFICATION AND AUTHENTICATION

5.1.13 Ensure only strong Ciphers are usedCIS Google Container-Optimized OS v1.2.0 L1 ServerUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.1.14 Ensure only strong MAC algorithms are usedCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.1.16 Ensure SSH Idle Timeout Interval is configuredCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

ACCESS CONTROL

5.1.18 Ensure SSH warning banner is configuredCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

CONFIGURATION MANAGEMENT

5.3.2 Ensure system accounts are securedCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

5.4 Ensure root login is restricted to system consoleCIS Google Container-Optimized OS v1.2.0 L1 ServerUnix

ACCESS CONTROL

6.1.4 Ensure permissions on /etc/gshadow are configuredCIS Google Container-Optimized OS v1.2.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

6.1.8 Ensure permissions on /etc/gshadow- are configuredCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

18.10.57.3.9.1 (L1) Ensure 'Always prompt for password upon connection' is set to 'Enabled'CIS Windows Server 2012 DC L1 v3.0.0Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

18.10.57.3.9.1 (L1) Ensure 'Always prompt for password upon connection' is set to 'Enabled'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1Windows

CONFIGURATION MANAGEMENT

18.10.57.3.9.1 (L1) Ensure 'Always prompt for password upon connection' is set to 'Enabled'CIS Microsoft Windows Server 2016 v4.0.0 L1 DCWindows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

18.10.57.3.9.1 (L1) Ensure 'Always prompt for password upon connection' is set to 'Enabled'CIS Microsoft Windows Server 2019 Stand-alone v3.0.0 L1 MSWindows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

18.10.57.3.9.1 (L1) Ensure 'Always prompt for password upon connection' is set to 'Enabled'CIS Microsoft Windows Server 2019 v4.0.0 L1 DCWindows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

18.10.57.3.9.1 (L1) Ensure 'Always prompt for password upon connection' is set to 'Enabled'CIS Windows Server 2012 R2 DC L1 v3.0.0Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

18.10.57.3.9.1 (L1) Ensure 'Always prompt for password upon connection' is set to 'Enabled'CIS Windows Server 2012 MS L1 v3.0.0Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

18.10.57.3.9.1 (L1) Ensure 'Always prompt for password upon connection' is set to 'Enabled'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NGWindows

CONFIGURATION MANAGEMENT

18.10.57.3.9.1 (L1) Ensure 'Always prompt for password upon connection' is set to 'Enabled'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NGWindows

CONFIGURATION MANAGEMENT

18.10.57.3.9.1 Ensure 'Always prompt for password upon connection' is set to 'Enabled'CIS Microsoft Windows 11 Enterprise v5.0.1 L1Windows

CONFIGURATION MANAGEMENT

18.10.57.3.9.1 Ensure 'Always prompt for password upon connection' is set to 'Enabled'CIS Microsoft Windows Server 2025 v2.0.0 L1 MSWindows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

18.10.57.3.9.1 Ensure 'Always prompt for password upon connection' is set to 'Enabled'CIS Microsoft Windows Server 2022 v5.0.0 L1 DCWindows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

18.10.57.3.9.1 Ensure 'Always prompt for password upon connection' is set to 'Enabled'CIS Microsoft Windows Server 2022 v5.0.0 L1 MSWindows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

18.10.57.3.9.1 Ensure 'Always prompt for password upon connection' is set to 'Enabled'CIS Microsoft Windows 11 Stand-alone v5.0.0 L1Windows

CONFIGURATION MANAGEMENT