Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.2 Ensure 'Login Banner' is setCIS Palo Alto Firewall 9 Benchmark v1.0.0 L1Palo_Alto
1.1.2 Ensure 'Login Banner' is setCIS Palo Alto Firewall 9 v1.0.1 L1Palo_Alto
1.8 Ensure Retired JUNOS Devices are Disposed of SecurelyCIS Juniper OS Benchmark v2.0.0 L1Juniper
3.1 Ensure a fully-synchronized High Availability peer is configuredCIS Palo Alto Firewall 10 v1.1.0 L1Palo_Alto
3.1.2 Set 'no ip proxy-arp'CIS Cisco IOS 16 L2 v1.1.2Cisco
3.1.2 Set 'no ip proxy-arp'CIS Cisco IOS 16 L2 v2.0.0Cisco
3.1.3 Set 'no interface tunnel'CIS Cisco IOS 16 L1 v1.1.2Cisco
3.1.3 Set 'no interface tunnel'CIS Cisco IOS 16 L1 v2.0.0Cisco
3.1.3 Set 'no interface tunnel'CIS Cisco IOS 17 L1 v2.0.0Cisco
3.1.3.1 Set Interfaces with no Peers to Passive-InterfaceCIS Cisco NX-OS L2 v1.0.0Cisco
3.1.4 Set 'ip verify unicast source reachable-via'CIS Cisco IOS 16 L1 v1.1.2Cisco
3.1.4 Set 'ip verify unicast source reachable-via'CIS Cisco IOS 17 L1 v2.0.0Cisco
3.1.4 Set 'ip verify unicast source reachable-via'CIS Cisco IOS 16 L1 v2.0.0Cisco
3.2 Ensure 'High Availability' requires Link Monitoring and/or Path Monitoring - Link Monitoring Failure ConditionCIS Palo Alto Firewall 10 v1.0.0 L1Palo_Alto
3.2 Ensure 'High Availability' requires Link Monitoring and/or Path Monitoring - Link Monitoring Failure ConditionCIS Palo Alto Firewall 10 v1.1.0 L1Palo_Alto
3.2 Ensure 'High Availability' requires Link Monitoring and/or Path Monitoring - Path Monitoring Failure ConditionCIS Palo Alto Firewall 9 v1.0.1 L1Palo_Alto
3.2 Ensure 'High Availability' requires Link Monitoring and/or Path Monitoring - Path Monitoring Failure ConditionCIS Palo Alto Firewall 10 v1.1.0 L1Palo_Alto
3.2.1 Set 'ip access-list extended' to Forbid Private Source Addresses from External Networks - 'Default deny configured'CIS Cisco IOS 16 L2 v2.0.0Cisco
3.2.1 Set 'ip access-list extended' to Forbid Private Source Addresses from External Networks - 'Deny 0.0.0.0'CIS Cisco IOS 16 L2 v1.1.2Cisco
3.2.1 Set 'ip access-list extended' to Forbid Private Source Addresses from External Networks - 'Deny 10.0.0.0'CIS Cisco IOS 17 L2 v2.0.0Cisco
3.2.1 Set 'ip access-list extended' to Forbid Private Source Addresses from External Networks - 'Deny 10.0.0.0'CIS Cisco IOS 16 L2 v1.1.2Cisco
3.2.1 Set 'ip access-list extended' to Forbid Private Source Addresses from External Networks - 'Deny 10.0.0.0'CIS Cisco IOS 16 L2 v2.0.0Cisco
3.2.1 Set 'ip access-list extended' to Forbid Private Source Addresses from External Networks - 'Deny 169.254.0.0'CIS Cisco IOS 16 L2 v2.0.0Cisco
3.2.1 Set 'ip access-list extended' to Forbid Private Source Addresses from External Networks - 'Deny 172.16.0.0'CIS Cisco IOS 16 L2 v1.1.2Cisco
3.2.1 Set 'ip access-list extended' to Forbid Private Source Addresses from External Networks - 'Deny 192.0.2.0'CIS Cisco IOS 17 L2 v2.0.0Cisco
3.2.1 Set 'ip access-list extended' to Forbid Private Source Addresses from External Networks - 'Deny 192.0.2.0'CIS Cisco IOS 16 L2 v1.1.2Cisco
3.2.1 Set 'ip access-list extended' to Forbid Private Source Addresses from External Networks - 'Deny 192.168.0.0'CIS Cisco IOS 17 L2 v2.0.0Cisco
3.2.1 Set 'ip access-list extended' to Forbid Private Source Addresses from External Networks - 'Deny 224.0.0.0'CIS Cisco IOS 16 L2 v1.1.2Cisco
3.2.1 Set 'ip access-list extended' to Forbid Private Source Addresses from External Networks - 'Deny 224.0.0.0'CIS Cisco IOS 16 L2 v2.0.0Cisco
3.2.1 Set 'ip access-list extended' to Forbid Private Source Addresses from External Networks - 'Deny host 255.255.255.255'CIS Cisco IOS 17 L2 v2.0.0Cisco
3.2.1 Set 'ip access-list extended' to Forbid Private Source Addresses from External Networks - 'Deny internal networks'CIS Cisco IOS 16 L2 v1.1.2Cisco
3.2.1 Set 'ip access-list extended' to Forbid Private Source Addresses from External Networks - 'Deny internal networks'CIS Cisco IOS 17 L2 v2.0.0Cisco
3.2.2 Set inbound 'ip access-group' on the External InterfaceCIS Cisco IOS 16 L2 v2.0.0Cisco
3.2.2 Set inbound 'ip access-group' on the External InterfaceCIS Cisco IOS 16 L2 v1.1.2Cisco
3.3 Ensure 'Passive Link State' and 'Preemptive' are configured appropriatelyCIS Palo Alto Firewall 11 v1.0.0 L1Palo_Alto
3.3 Ensure 'Passive Link State' and 'Preemptive' are configured appropriately - Election SetingsCIS Palo Alto Firewall 10 v1.0.0 L1Palo_Alto
3.3 Ensure 'Passive Link State' and 'Preemptive' are configured appropriately - Passive Link StateCIS Palo Alto Firewall 9 v1.0.1 L1Palo_Alto
3.3.1 Configure DHCP Trust - ip dhcp snooping trustCIS Cisco NX-OS L1 v1.0.0Cisco
3.3.1.1 Set 'key chain'CIS Cisco IOS 16 L2 v1.1.2Cisco
3.3.1.1 Set 'key chain'CIS Cisco IOS 16 L2 v2.0.0Cisco
3.3.1.2 Set 'key'CIS Cisco IOS 16 L2 v1.1.2Cisco
3.3.1.4 Set 'address-family ipv4 autonomous-system'CIS Cisco IOS 16 L2 v2.0.0Cisco
3.3.1.5 Set 'af-interface default'CIS Cisco IOS 16 L2 v1.1.2Cisco
3.3.1.5 Set 'af-interface default'CIS Cisco IOS 16 L2 v2.0.0Cisco
3.3.1.8 Set 'ip authentication key-chain eigrp'CIS Cisco IOS 16 L2 v2.0.0Cisco
3.3.1.8 Set 'ip authentication key-chain eigrp'CIS Cisco IOS 17 L2 v2.0.0Cisco
3.3.1.9 Set 'ip authentication mode eigrp'CIS Cisco IOS 16 L2 v1.1.2Cisco
3.4.2 Configure CDPCIS Cisco NX-OS L1 v1.0.0Cisco
3.4.2 Configure CDPCIS Cisco NX-OS L2 v1.0.0Cisco
5.13 Ensure that incoming container traffic is bound to a specific host interfaceCIS Docker v1.5.0 L1 Docker LinuxUnix