Item Search

NameAudit NamePluginCategory
1.6.6 Configure Image Provenance using ImagePolicyWebhook admission controllerCIS Kubernetes 1.11 Benchmark v1.3.0 L2Unix
1.6.6 Configure Image Provenance using ImagePolicyWebhook admission controllerCIS Kubernetes 1.13 Benchmark v1.4.1 L2Unix
1.6.7 Configure Image Provenance using ImagePolicyWebhook admission controllerCIS Kubernetes 1.7.0 Benchmark v1.1.0 L2Unix
1.6.7 Configure Image Provenance using ImagePolicyWebhook admission controllerCIS Kubernetes 1.8 Benchmark v1.2.0 L2Unix
1.27 Ensure 'Instant apps' is set to 'Disabled'MobileIron - CIS Google Android v1.3.0 L1MDM

CONFIGURATION MANAGEMENT

1.27 Ensure 'Instant apps' is set to 'Disabled'AirWatch - CIS Google Android v1.3.0 L1MDM

CONFIGURATION MANAGEMENT

2.2.11 Ensure 'SEC_PROTOCOL_ERROR_FURTHER_ACTION' Is Set to '(DROP,3)'CIS Oracle Server 18c DB Unified Auditing v1.1.0OracleDB

ACCESS CONTROL

2.2.11 Ensure 'SEC_PROTOCOL_ERROR_FURTHER_ACTION' Is Set to '(DROP,3)'CIS Oracle Server 18c DB Traditional Auditing v1.1.0OracleDB

ACCESS CONTROL

2.2.13 Ensure 'SEC_PROTOCOL_ERROR_FURTHER_ACTION' Is Set to 'DROP,3'CIS Oracle Server 12c DB Unified Auditing v3.0.0OracleDB

ACCESS CONTROL

2.2.13 Ensure 'SEC_PROTOCOL_ERROR_FURTHER_ACTION' Is Set to 'DROP,3'CIS Oracle Server 12c DB Traditional Auditing v3.0.0OracleDB

ACCESS CONTROL

2.5 Ensure aufs storage driver is not usedCIS Docker Community Edition v1.1.0 L1 DockerUnix

CONFIGURATION MANAGEMENT

2.7 Ensure the default ulimit is configured appropriatelyCIS Docker Community Edition v1.1.0 L1 DockerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

2.8 Enable user namespace support - /etc/subgidCIS Docker Community Edition v1.1.0 L2 DockerUnix
2.8 Enable user namespace support - /etc/subuidCIS Docker Community Edition v1.1.0 L2 DockerUnix
2.8 Enable user namespace support --userns-remap=defaultCIS Docker Community Edition v1.1.0 L2 DockerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

2.9 Ensure the default cgroup usage has been confirmedCIS Docker Community Edition v1.1.0 L2 DockerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

2.10 Ensure base device size is not changed until neededCIS Docker Community Edition v1.1.0 L2 DockerUnix
2.13 Ensure operations on legacy registry (v1) are DisabledCIS Docker Community Edition v1.1.0 L1 DockerUnix

CONFIGURATION MANAGEMENT

2.14 Ensure live restore is EnabledCIS Docker Community Edition v1.1.0 L1 DockerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

2.16 Ensure daemon-wide custom seccomp profile is applied, if neededCIS Docker Community Edition v1.1.0 L2 DockerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

2.17 Ensure experimental features are avoided in productionCIS Docker Community Edition v1.1.0 L1 DockerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

3.10 Ensure the ScoreBoard File Is SecuredCIS Apache HTTP Server 2.2 L2 v3.6.0Unix

CONFIGURATION MANAGEMENT

3.10 Ensure the ScoreBoard File Is SecuredCIS Apache HTTP Server 2.2 L1 v3.6.0Unix

CONFIGURATION MANAGEMENT

3.10 Ensure the ScoreBoard File Is SecuredCIS Apache HTTP Server 2.2 L1 v3.6.0 MiddlewareUnix

CONFIGURATION MANAGEMENT

4.3 Ensure unnecessary packages are not installed in the containerCIS Docker Community Edition v1.1.0 L1 DockerUnix

CONFIGURATION MANAGEMENT

4.6 Ensure HEALTHCHECK instructions have been added to the container imageCIS Docker Community Edition v1.1.0 L1 DockerUnix

CONFIGURATION MANAGEMENT

4.7 Ensure update instructions are not use alone in the DockerfileCIS Docker Community Edition v1.1.0 L1 DockerUnix

CONFIGURATION MANAGEMENT

4.9 Ensure COPY is used instead of ADD in DockerfileCIS Docker Community Edition v1.1.0 L1 DockerUnix

CONFIGURATION MANAGEMENT

5.10 Ensure memory usage for container is limitedCIS Docker Community Edition v1.1.0 L1 DockerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

5.11 Ensure CPU priority is set appropriately on the containerCIS Docker Community Edition v1.1.0 L1 DockerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

5.14 Ensure 'on-failure' container restart policy is set to '5' - 'MaximumRetryCount'CIS Docker Community Edition v1.1.0 L1 DockerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

5.14 Ensure 'on-failure' container restart policy is set to '5' - RestartPolicyNameCIS Docker Community Edition v1.1.0 L1 DockerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

5.15 Ensure the host's process namespace is not sharedCIS Docker Community Edition v1.1.0 L1 DockerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

5.16 Ensure the host's IPC namespace is not sharedCIS Docker Community Edition v1.1.0 L1 DockerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

5.18 Ensure the default ulimit is overwritten at runtime, only if neededCIS Docker Community Edition v1.1.0 L1 DockerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

5.20 Ensure the host's UTS namespace is not sharedCIS Docker Community Edition v1.1.0 L1 DockerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

5.21 Ensure the default seccomp profile is not DisabledCIS Docker Community Edition v1.1.0 L1 DockerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

5.24 Ensure cgroup usage is confirmedCIS Docker Community Edition v1.1.0 L1 DockerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

5.26 Ensure container health is checked at runtimeCIS Docker Community Edition v1.1.0 L1 DockerUnix

CONFIGURATION MANAGEMENT

5.28 Ensure PIDs cgroup limit is usedCIS Docker Community Edition v1.1.0 L1 DockerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

6.1 Ensure image sprawl is avoidedCIS Docker Community Edition v1.1.0 L1 Linux Host OSUnix

CONFIGURATION MANAGEMENT

6.2 Ensure container sprawl is avoidedCIS Docker Community Edition v1.1.0 L1 Linux Host OSUnix

SYSTEM AND INFORMATION INTEGRITY

7.1 Ensure that the MaxZoneParts setting for Web Part limits is set to 100.CIS Microsoft SharePoint 2016 OS v1.1.0Windows

CONFIGURATION MANAGEMENT

7.1 Ensure that the MaxZoneParts setting for Web Parts is configuredCIS Microsoft SharePoint 2019 OS v1.0.0Windows

CONFIGURATION MANAGEMENT

7.2 Ensure that the SafeControls list is set to the minimum set of controls needed for your sitesCIS Microsoft SharePoint 2019 OS v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

7.2 Ensure that the SafeControls list is set to the minimum set of controls needed for your sitesCIS Microsoft SharePoint 2016 OS v1.1.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

7.3 Ensure compilation or scripting of database pages via the PageParserPaths elements is not allowedCIS Microsoft SharePoint 2016 OS v1.1.0Windows

SYSTEM AND INFORMATION INTEGRITY

7.3 Ensure compilation or scripting of database pages via the PageParserPaths elements is not allowedCIS Microsoft SharePoint 2019 OS v1.0.0Windows

SYSTEM AND INFORMATION INTEGRITY

7.5 Ensure Docker's secret management commands are used for managing secrets in a Swarm clusterCIS Docker Community Edition v1.1.0 L2 DockerUnix

CONFIGURATION MANAGEMENT

7.10 Ensure management plane traffic has been separated from data plane trafficCIS Docker Community Edition v1.1.0 L2 DockerUnix

SYSTEM AND COMMUNICATIONS PROTECTION