Item Search

Name	Audit Name	Plugin	Category
1.1.6 Ensure that the scheduler pod specification file ownership is set to root:root	CIS Kubernetes v1.10.0 L1 Master	Unix	ACCESS CONTROL
1.1.10 Ensure that the Container Network Interface file ownership is set to root:root	CIS Kubernetes v1.10.0 L1 Master	Unix	ACCESS CONTROL
1.1.14 Ensure that the default administrative credential file ownership is set to root:root	CIS Kubernetes v1.10.0 L1 Master	Unix	ACCESS CONTROL
1.1.16 Ensure that the scheduler.conf file ownership is set to root:root	CIS Kubernetes v1.10.0 L1 Master	Unix	ACCESS CONTROL
1.1.18 Ensure that the controller-manager.conf file ownership is set to root:root	CIS Kubernetes v1.10.0 L1 Master	Unix	ACCESS CONTROL
1.1.20 Ensure that the Kubernetes PKI certificate file permissions are set to 600 or more restrictive	CIS Kubernetes v1.10.0 L1 Master	Unix	ACCESS CONTROL
1.7.1 - Miscellaneous Enhancements - crontab access - 'cron.allow includes no other users'	CIS AIX 5.3/6.1 L2 v1.1.0	Unix	ACCESS CONTROL
1.7.2 - Miscellaneous Enhancements - at access - 'at.allow includes no other users'	CIS AIX 5.3/6.1 L2 v1.1.0	Unix	ACCESS CONTROL
1.7.3 - Miscellaneous Enhancements - '/etc/ftpusers includes root'	CIS AIX 5.3/6.1 L1 v1.1.0	Unix	ACCESS CONTROL
2.1 Run BIND as a non-root User - process -u named	CIS BIND DNS v3.0.1 Authoritative Name Server	Unix	ACCESS CONTROL
2.1 Run BIND as a non-root User - process -u named	CIS BIND DNS v3.0.1 Caching Only Name Server	Unix	ACCESS CONTROL
2.1 Run BIND as a non-root User - UID	CIS BIND DNS v3.0.1 Caching Only Name Server	Unix	ACCESS CONTROL
2.1 Run BIND as a non-root User - UID	CIS BIND DNS v3.0.1 Authoritative Name Server	Unix	ACCESS CONTROL
2.12.9 - Miscellaneous Config - /etc/ftpusers - '/etc/ftpusers contains adm'	CIS AIX 5.3/6.1 L2 v1.1.0	Unix	ACCESS CONTROL
2.12.9 - Miscellaneous Config - /etc/ftpusers - '/etc/ftpusers contains bin'	CIS AIX 5.3/6.1 L2 v1.1.0	Unix	ACCESS CONTROL
2.12.9 - Miscellaneous Config - /etc/ftpusers - '/etc/ftpusers contains daemon'	CIS AIX 5.3/6.1 L2 v1.1.0	Unix	ACCESS CONTROL
2.12.9 - Miscellaneous Config - /etc/ftpusers - '/etc/ftpusers contains guest'	CIS AIX 5.3/6.1 L2 v1.1.0	Unix	ACCESS CONTROL
2.12.9 - Miscellaneous Config - /etc/ftpusers - '/etc/ftpusers contains invscout'	CIS AIX 5.3/6.1 L2 v1.1.0	Unix	ACCESS CONTROL
2.12.9 - Miscellaneous Config - /etc/ftpusers - '/etc/ftpusers contains lp'	CIS AIX 5.3/6.1 L2 v1.1.0	Unix	ACCESS CONTROL
2.12.9 - Miscellaneous Config - /etc/ftpusers - '/etc/ftpusers contains lpd'	CIS AIX 5.3/6.1 L2 v1.1.0	Unix	ACCESS CONTROL
2.12.9 - Miscellaneous Config - /etc/ftpusers - '/etc/ftpusers contains nuucp'	CIS AIX 5.3/6.1 L2 v1.1.0	Unix	ACCESS CONTROL
2.12.9 - Miscellaneous Config - /etc/ftpusers - '/etc/ftpusers contains sys'	CIS AIX 5.3/6.1 L2 v1.1.0	Unix	ACCESS CONTROL
2.12.9 - Miscellaneous Config - /etc/ftpusers - '/etc/ftpusers contains uucp'	CIS AIX 5.3/6.1 L2 v1.1.0	Unix	ACCESS CONTROL
2.12.13 - Miscellaneous Config - authorized users in at.allow - 'at.allow contains no other entries besides sys and adm'	CIS AIX 5.3/6.1 L1 v1.1.0	Unix	ACCESS CONTROL
2.12.14 - Miscellaneous Config - authorized users in cron.allow - 'cron.allow contains no other entries besides sys and adm'	CIS AIX 5.3/6.1 L1 v1.1.0	Unix	ACCESS CONTROL
3.1 Ensure that the docker.service file ownership is set to root:root	CIS Docker v1.7.0 L1 Docker - Linux	Unix	ACCESS CONTROL
3.5 Ensure that the /etc/docker directory ownership is set to root:root	CIS Docker v1.7.0 L1 Docker - Linux	Unix	ACCESS CONTROL
3.9 Ensure that TLS CA certificate file ownership is set to root:root	CIS Docker v1.7.0 L1 Docker - Linux	Unix	ACCESS CONTROL
3.12 Ensure the 'SYSADMIN' Role is Limited to Administrative or Built-in Accounts	CIS SQL Server 2022 Database L1 DB v1.1.0	MS_SQLDB	ACCESS CONTROL
4.1 Ensure Interactive Login is Disabled	CIS PostgreSQL 13 OS v1.2.0	Unix	ACCESS CONTROL
4.1 Ensure Interactive Login is Disabled	CIS PostgreSQL 14 OS v 1.2.0	Unix	ACCESS CONTROL
4.1.2 Ensure that the kubelet service file ownership is set to root:root	CIS Kubernetes v1.10.0 L1 Worker	Unix	ACCESS CONTROL
4.1.6 Avoid use of system:masters group	CIS Google Kubernetes Engine (GKE) Autopilot v1.1.0 L1	GCP	ACCESS CONTROL
4.1.6 Avoid use of system:masters group	CIS Google Kubernetes Engine (GKE) v1.7.0 L1	GCP	ACCESS CONTROL
4.1.6 Ensure that the --kubeconfig kubelet.conf file ownership is set to root:root	CIS Kubernetes v1.10.0 L1 Worker	Unix	ACCESS CONTROL
5.1.8 Limit use of the Bind, Impersonate and Escalate permissions in the Kubernetes cluster	CIS Kubernetes v1.10.0 L1 Master	Unix	ACCESS CONTROL
5.2.7 Minimize the admission of root containers	CIS Kubernetes v1.10.0 L2 Master	Unix	ACCESS CONTROL
5.18 Ensure that host devices are not directly exposed to containers	CIS Docker v1.7.0 L1 Docker - Linux	Unix	ACCESS CONTROL
5.26 Ensure that the container is restricted from acquiring additional privileges	CIS Docker v1.7.0 L1 Docker - Linux	Unix	ACCESS CONTROL
6.1.1 Ensure sudo is installed	CIS IBM AIX 7 v1.0.0 L2	Unix	ACCESS CONTROL
6.2.4 Ensure cron.allow is configured	CIS IBM AIX 7 v1.0.0 L1	Unix	ACCESS CONTROL
6.5 Restrict FTP Use - Audit the list of users in /etc/ftpd/ftpusers.	CIS Solaris 10 L1 v5.2	Unix	ACCESS CONTROL
6.9 Restrict FTP Use	CIS Solaris 11.1 L1 v1.0.0	Unix	ACCESS CONTROL
6.9 Restrict FTP Use	CIS Solaris 11 L1 v1.1.0	Unix	ACCESS CONTROL
6.9 Restrict FTP Use - /etc/ftpd/ftpusers	CIS Solaris 11.2 L1 v1.1.0	Unix	ACCESS CONTROL
7.4 Create /etc/ftpusers	CIS Solaris 9 v1.3	Unix	ACCESS CONTROL
10.2 Restrict access to the web administration application	CIS Apache Tomcat 10.1 v1.0.0 L1	Unix	ACCESS CONTROL
10.3 Restrict manager application	CIS Apache Tomcat 10.1 v1.0.0 L2	Unix	ACCESS CONTROL
10.13 Do not run applications as privileged	CIS Apache Tomcat 10.1 v1.0.0 L1	Unix	ACCESS CONTROL
Access Security - SSH - Deny Root logins	Juniper Hardening JunOS 12 Devices Checklist	Juniper	ACCESS CONTROL

Detections

Analytics

Item Search