Item Search

Name	Audit Name	Plugin	Category
1.1.2 Ensure that the API server pod specification file ownership is set to root:root	CIS Kubernetes v1.10.0 L1 Master	Unix	ACCESS CONTROL
1.1.4 Ensure that the controller manager pod specification file ownership is set to root:root	CIS Kubernetes v1.10.0 L1 Master	Unix	ACCESS CONTROL
1.1.8 Ensure that the etcd pod specification file ownership is set to root:root	CIS Kubernetes v1.10.0 L1 Master	Unix	ACCESS CONTROL
1.1.10 Ensure that the Container Network Interface file ownership is set to root:root	CIS Kubernetes v1.10.0 L1 Master	Unix	ACCESS CONTROL
1.1.16 Ensure that the scheduler.conf file ownership is set to root:root	CIS Kubernetes v1.10.0 L1 Master	Unix	ACCESS CONTROL
1.1.20 Ensure that the Kubernetes PKI certificate file permissions are set to 600 or more restrictive	CIS Kubernetes v1.10.0 L1 Master	Unix	ACCESS CONTROL
1.7.1 - Miscellaneous Enhancements - crontab access - 'cron.allow includes no other users'	CIS AIX 5.3/6.1 L2 v1.1.0	Unix	ACCESS CONTROL
1.7.2 - Miscellaneous Enhancements - at access - 'at.allow includes no other users'	CIS AIX 5.3/6.1 L2 v1.1.0	Unix	ACCESS CONTROL
1.7.3 - Miscellaneous Enhancements - '/etc/ftpusers includes root'	CIS AIX 5.3/6.1 L1 v1.1.0	Unix	ACCESS CONTROL
1.8.2 Set username secret for all local users	CIS Cisco IOS XR 7.x v1.0.0 L1	Cisco	ACCESS CONTROL
2.1 Run BIND as a non-root User - process -u named	CIS BIND DNS v3.0.1 Caching Only Name Server	Unix	ACCESS CONTROL
2.1 Run BIND as a non-root User - process -u named	CIS BIND DNS v3.0.1 Authoritative Name Server	Unix	ACCESS CONTROL
2.1 Run BIND as a non-root User - UID	CIS BIND DNS v3.0.1 Caching Only Name Server	Unix	ACCESS CONTROL
2.1 Run BIND as a non-root User - UID	CIS BIND DNS v3.0.1 Authoritative Name Server	Unix	ACCESS CONTROL
2.2 Run BIND as a non-root user '-u named'	CIS ISC BIND 9.0/9.5 v2.0.0	Unix	ACCESS CONTROL
2.2 Run BIND as a non-root user 'id named'	CIS ISC BIND 9.0/9.5 v2.0.0	Unix	ACCESS CONTROL
2.12.9 - Miscellaneous Config - /etc/ftpusers - '/etc/ftpusers contains adm'	CIS AIX 5.3/6.1 L2 v1.1.0	Unix	ACCESS CONTROL
2.12.9 - Miscellaneous Config - /etc/ftpusers - '/etc/ftpusers contains bin'	CIS AIX 5.3/6.1 L2 v1.1.0	Unix	ACCESS CONTROL
2.12.9 - Miscellaneous Config - /etc/ftpusers - '/etc/ftpusers contains daemon'	CIS AIX 5.3/6.1 L2 v1.1.0	Unix	ACCESS CONTROL
2.12.9 - Miscellaneous Config - /etc/ftpusers - '/etc/ftpusers contains guest'	CIS AIX 5.3/6.1 L2 v1.1.0	Unix	ACCESS CONTROL
2.12.9 - Miscellaneous Config - /etc/ftpusers - '/etc/ftpusers contains invscout'	CIS AIX 5.3/6.1 L2 v1.1.0	Unix	ACCESS CONTROL
2.12.9 - Miscellaneous Config - /etc/ftpusers - '/etc/ftpusers contains lp'	CIS AIX 5.3/6.1 L2 v1.1.0	Unix	ACCESS CONTROL
2.12.9 - Miscellaneous Config - /etc/ftpusers - '/etc/ftpusers contains lpd'	CIS AIX 5.3/6.1 L2 v1.1.0	Unix	ACCESS CONTROL
2.12.9 - Miscellaneous Config - /etc/ftpusers - '/etc/ftpusers contains nuucp'	CIS AIX 5.3/6.1 L2 v1.1.0	Unix	ACCESS CONTROL
2.12.9 - Miscellaneous Config - /etc/ftpusers - '/etc/ftpusers contains sys'	CIS AIX 5.3/6.1 L2 v1.1.0	Unix	ACCESS CONTROL
2.12.9 - Miscellaneous Config - /etc/ftpusers - '/etc/ftpusers contains uucp'	CIS AIX 5.3/6.1 L2 v1.1.0	Unix	ACCESS CONTROL
2.12.13 - Miscellaneous Config - authorized users in at.allow - 'at.allow contains no other entries besides sys and adm'	CIS AIX 5.3/6.1 L1 v1.1.0	Unix	ACCESS CONTROL
2.12.14 - Miscellaneous Config - authorized users in cron.allow - 'cron.allow contains no other entries besides sys and adm'	CIS AIX 5.3/6.1 L1 v1.1.0	Unix	ACCESS CONTROL
3.12 Ensure the 'SYSADMIN' Role is Limited to Administrative or Built-in Accounts	CIS SQL Server 2022 Database L1 DB v1.1.0	MS_SQLDB	ACCESS CONTROL
4.1 Ensure Interactive Login is Disabled	CIS PostgreSQL 13 OS v1.2.0	Unix	ACCESS CONTROL
4.1 Ensure Interactive Login is Disabled	CIS PostgreSQL 14 OS v 1.2.0	Unix	ACCESS CONTROL
4.1.4 If proxy kubeconfig file exists ensure ownership is set to root:root	CIS Kubernetes v1.10.0 L1 Worker	Unix	ACCESS CONTROL
4.1.6 Avoid use of system:masters group	CIS Google Kubernetes Engine (GKE) v1.6.1 L1	GCP	ACCESS CONTROL
4.1.6 Ensure that the --kubeconfig kubelet.conf file ownership is set to root:root	CIS Kubernetes v1.10.0 L1 Worker	Unix	ACCESS CONTROL
4.1.7 Limit use of the Bind, Impersonate and Escalate permissions in the Kubernetes cluster	CIS Google Kubernetes Engine (GKE) v1.6.1 L1	GCP	ACCESS CONTROL
4.1.8 Ensure that the client certificate authorities file ownership is set to root:root	CIS Kubernetes v1.10.0 L1 Worker	Unix	ACCESS CONTROL
4.1.10 If the kubelet config.yaml configuration file is being used validate file ownership is set to root:root	CIS Kubernetes v1.10.0 L1 Worker	Unix	ACCESS CONTROL
5.2.6 Minimize the admission of containers with allowPrivilegeEscalation	CIS Kubernetes v1.10.0 L1 Master	Unix	ACCESS CONTROL
6.3.1 Privilege escalation: sudo	CIS IBM AIX 7.2 L2 v1.1.0	Unix	ACCESS CONTROL
6.4 Adding authorized users in at.allow	CIS IBM AIX 7.2 L1 v1.1.0	Unix	ACCESS CONTROL
6.5 Restrict FTP Use - Audit the list of users in /etc/ftpd/ftpusers.	CIS Solaris 10 L1 v5.2	Unix	ACCESS CONTROL
6.6 Adding authorized users in cron.allow	CIS IBM AIX 7.2 L1 v1.1.0	Unix	ACCESS CONTROL
6.9 Restrict FTP Use	CIS Solaris 11.1 L1 v1.0.0	Unix	ACCESS CONTROL
6.9 Restrict FTP Use	CIS Solaris 11 L1 v1.1.0	Unix	ACCESS CONTROL
6.9 Restrict FTP Use - /etc/ftpd/ftpusers	CIS Solaris 11.2 L1 v1.1.0	Unix	ACCESS CONTROL
7.4 Create /etc/ftpd/ftpusers	CIS Solaris 9 v1.3	Unix	ACCESS CONTROL
7.4 Create /etc/ftpusers	CIS Solaris 9 v1.3	Unix	ACCESS CONTROL
10.3 Restrict manager application	CIS Apache Tomcat 7 L2 v1.1.0	Unix	ACCESS CONTROL
10.3 Restrict manager application	CIS Apache Tomcat 7 L2 v1.1.0 Middleware	Unix	ACCESS CONTROL
Access Security - SSH - Deny Root logins	Juniper Hardening JunOS 12 Devices Checklist	Juniper	ACCESS CONTROL

Detections

Analytics

Item Search