Item Search

Name	Audit Name	Plugin	Category
2.1 Alter the Advertised server.info String	CIS Apache Tomcat 7 L2 v1.1.0 Middleware	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
2.1 Alter the Advertised server.info String	CIS Apache Tomcat 7 L2 v1.1.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
2.2 Alter the Advertised server.number String	CIS Apache Tomcat 7 L2 v1.1.0 Middleware	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
2.2 Alter the Advertised server.number String	CIS Apache Tomcat 7 L2 v1.1.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
2.3 Alter the Advertised server.built Date	CIS Apache Tomcat 7 L2 v1.1.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
2.3 Alter the Advertised server.built Date	CIS Apache Tomcat 7 L2 v1.1.0 Middleware	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
2.4 Disable X-Powered-By HTTP Header and Rename the Server Value for all Connectors	CIS Apache Tomcat 7 L2 v1.1.0 Middleware	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
2.4 Disable X-Powered-By HTTP Header and Rename the Server Value for all Connectors	CIS Apache Tomcat 7 L2 v1.1.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.1.9 Disable instance discoverability	CIS IBM DB2 v10 v1.1.0 Linux OS Level 1	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.1.9 Disable instance discoverability	CIS IBM DB2 v10 v1.1.0 Linux OS Level 2	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.1.10 Disable instance discoverability - 'discover_inst = disable'	CIS IBM DB2 OS L2 v1.2.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.1.16 Disable database discovery	CIS IBM DB2 v10 v1.1.0 Linux OS Level 2	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.1.16 Disable database discovery	CIS IBM DB2 v10 v1.1.0 Linux OS Level 1	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.2.3 Disable database discover - 'discover_db = disable'	CIS IBM DB2 OS L2 v1.2.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
4.3 Enable Randomized Virtual Memory Region Placement	CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
6.1 Hide BIND Version String	CIS BIND DNS v3.0.1 Caching Only Name Server	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
6.1 Hide BIND Version String	CIS BIND DNS v3.0.1 Authoritative Name Server	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
6.2 Hide Nameserver ID	CIS BIND DNS v3.0.1 Authoritative Name Server	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
6.2 Hide Nameserver ID	CIS BIND DNS v3.0.1 Caching Only Name Server	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
10.9 Do not allow custom header status messages	CIS Apache Tomcat 7 L2 v1.1.0 Middleware	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
10.9 Do not allow custom header status messages	CIS Apache Tomcat 7 L2 v1.1.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
12 - Remove and mask informational headers - JSP Configuration	TNS Best Practice JBoss 7 Linux	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
12 - Remove and mask informational headers - Server Property Override	TNS Best Practice JBoss 7 Linux	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
MS.POWERPLATFORM.3.1v1 - Power Platform tenant isolation SHALL be enabled.	CISA SCuBA Microsoft 365 Power Platform v1.5.0	microsoft_azure	ACCESS CONTROL, SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, RISK ASSESSMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY
MS.POWERPLATFORM.4.1v1 - Content Security Policy (CSP) SHALL be enforced for model-driven and canvas Power Apps.	CISA SCuBA Microsoft 365 Power Platform v1.5.0	microsoft_azure	ACCESS CONTROL, SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, RISK ASSESSMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY
MS.POWERPLATFORM.5.1v1 - The ability to create Power Pages sites SHOULD be restricted to admins.	CISA SCuBA Microsoft 365 Power Platform v1.5.0	microsoft_azure	ACCESS CONTROL, SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, RISK ASSESSMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY
MS.TEAMS.8.1v1 - URL comparison with a blocklist SHOULD be enabled.	CISA SCuBA Microsoft 365 Teams v1.5.0	microsoft_azure	ACCESS CONTROL, SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY
MS.TEAMS.8.2v1 - User click tracking SHOULD be enabled.	CISA SCuBA Microsoft 365 Teams v1.5.0	microsoft_azure	ACCESS CONTROL, SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY
Server version information parameters should be turned off - 'ServerSignature Off'	TNS IBM HTTP Server Best Practice	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
Server version information parameters should be turned off - 'ServerSignature Off'	TNS IBM HTTP Server Best Practice	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
Server version information parameters should be turned off - 'ServerSignature Off'	TNS IBM HTTP Server Best Practice Middleware	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
Server version information parameters should be turned off - 'ServerTokens Prod'	TNS IBM HTTP Server Best Practice	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
Server version information parameters should be turned off - 'ServerTokens Prod'	TNS IBM HTTP Server Best Practice Middleware	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
Server version information parameters should be turned off - 'ServerTokens Prod'	TNS IBM HTTP Server Best Practice	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
WG520 A22 - Web server and/or operating system information must be protected.	DISA STIG Apache Server 2.2 Unix v1r11	Unix	SYSTEM AND COMMUNICATIONS PROTECTION

Detections

Analytics

Item Search