Item Search

NameAudit NamePluginCategory
1.2 Ensure 'Host headers' are on all sitesCIS IIS 10 v1.2.1 Level 1Windows

SYSTEM AND SERVICES ACQUISITION

1.4 Ensure Service Runlevel Is Registered And Set CorrectlyCIS PostgreSQL 9.5 OS v1.1.0Unix

SYSTEM AND SERVICES ACQUISITION

1.4 Ensure Service Runlevel Is Registered And Set CorrectlyCIS PostgreSQL 9.6 OS v1.0.0Unix

SYSTEM AND SERVICES ACQUISITION

1.4 Ensure systemd Service Files Are EnabledCIS PostgreSQL 10 OS v1.0.0Unix

SYSTEM AND SERVICES ACQUISITION

2.4 Ensure 'forms authentication' is set to use cookies - ApplicationCIS IIS 10 v1.2.1 Level 2Windows

SYSTEM AND SERVICES ACQUISITION

2.4 Ensure 'forms authentication' is set to use cookies - DefaultCIS IIS 10 v1.2.1 Level 2Windows

SYSTEM AND SERVICES ACQUISITION

2.6 Ensure aufs storage driver is not usedCIS Docker v1.6.0 L1 Docker LinuxUnix

SYSTEM AND SERVICES ACQUISITION

2.9 Enable user namespace support - /etc/subgidCIS Docker v1.6.0 L2 Docker LinuxUnix

SYSTEM AND SERVICES ACQUISITION

2.9 Enable user namespace support - /etc/subuidCIS Docker v1.6.0 L2 Docker LinuxUnix

SYSTEM AND SERVICES ACQUISITION

2.9 Enable user namespace support - SecurityOptionsCIS Docker v1.6.0 L2 Docker LinuxUnix

SYSTEM AND SERVICES ACQUISITION

2.10 Ensure the default cgroup usage has been confirmed - daemon.jsonCIS Docker v1.6.0 L2 Docker LinuxUnix

SYSTEM AND SERVICES ACQUISITION

2.10 Ensure the default cgroup usage has been confirmed - dockerdCIS Docker v1.6.0 L2 Docker LinuxUnix

SYSTEM AND SERVICES ACQUISITION

2.17 Ensure that a daemon-wide custom seccomp profile is applied if appropriateCIS Docker v1.6.0 L2 Docker LinuxUnix

SYSTEM AND SERVICES ACQUISITION

3.1 Ensure 'deployment method retail' is setCIS IIS 10 v1.2.1 Level 1Windows

SYSTEM AND SERVICES ACQUISITION

3.2 Ensure 'debug' is turned off - ApplicationsCIS IIS 10 v1.2.1 Level 2Windows

SYSTEM AND SERVICES ACQUISITION

3.2 Ensure 'debug' is turned off - DefaultCIS IIS 10 v1.2.1 Level 2Windows

SYSTEM AND SERVICES ACQUISITION

3.3 Ensure custom error messages are not off - ApplicationsCIS IIS 10 v1.2.1 Level 2Windows

SYSTEM AND SERVICES ACQUISITION

3.3 Ensure custom error messages are not off - DefaultCIS IIS 10 v1.2.1 Level 2Windows

SYSTEM AND SERVICES ACQUISITION

3.4 Ensure IIS HTTP detailed errors are hidden from displaying remotely - ApplicationsCIS IIS 10 v1.2.1 Level 1Windows

SYSTEM AND SERVICES ACQUISITION

3.4 Ensure IIS HTTP detailed errors are hidden from displaying remotely - DefaultCIS IIS 10 v1.2.1 Level 1Windows

SYSTEM AND SERVICES ACQUISITION

3.5 Ensure ASP.NET stack tracing is not enabled - ApplicationsCIS IIS 10 v1.2.1 Level 2Windows

SYSTEM AND SERVICES ACQUISITION

3.5 Ensure ASP.NET stack tracing is not enabled - DefaultCIS IIS 10 v1.2.1 Level 2Windows

SYSTEM AND SERVICES ACQUISITION

3.6 Ensure 'httpcookie' mode is configured for session state - ApplicationsCIS IIS 10 v1.2.1 Level 2Windows

SYSTEM AND SERVICES ACQUISITION

3.6 Ensure 'httpcookie' mode is configured for session state - DefaultCIS IIS 10 v1.2.1 Level 2Windows

SYSTEM AND SERVICES ACQUISITION

3.7 Ensure 'cookies' are set with HttpOnly attribute - ApplicationsCIS IIS 10 v1.2.1 Level 1Windows

SYSTEM AND SERVICES ACQUISITION

3.7 Ensure 'cookies' are set with HttpOnly attribute - DefaultCIS IIS 10 v1.2.1 Level 1Windows

SYSTEM AND SERVICES ACQUISITION

4.1 Ensure 'maxAllowedContentLength' is configured - ApplicationsCIS IIS 10 v1.2.1 Level 2Windows

SYSTEM AND SERVICES ACQUISITION

4.1 Ensure 'maxAllowedContentLength' is configured - DefaultCIS IIS 10 v1.2.1 Level 2Windows

SYSTEM AND SERVICES ACQUISITION

4.2 Ensure 'maxURL request filter' is configured - ApplicationsCIS IIS 10 v1.2.1 Level 2Windows

SYSTEM AND SERVICES ACQUISITION

4.2 Ensure 'maxURL request filter' is configured - DefaultCIS IIS 10 v1.2.1 Level 2Windows

SYSTEM AND SERVICES ACQUISITION

4.3 Ensure 'MaxQueryString request filter' is configured - ApplicationsCIS IIS 10 v1.2.1 Level 2Windows

SYSTEM AND SERVICES ACQUISITION

4.3 Ensure 'MaxQueryString request filter' is configured - DefaultCIS IIS 10 v1.2.1 Level 2Windows

SYSTEM AND SERVICES ACQUISITION

4.4 Ensure non-ASCII characters in URLs are not allowed - ApplicationsCIS IIS 10 v1.2.1 Level 2Windows

SYSTEM AND SERVICES ACQUISITION

4.4 Ensure non-ASCII characters in URLs are not allowed - DefaultCIS IIS 10 v1.2.1 Level 2Windows

SYSTEM AND SERVICES ACQUISITION

4.5 Ensure Double-Encoded requests will be rejected - ApplicationsCIS IIS 10 v1.2.1 Level 1Windows

SYSTEM AND INFORMATION INTEGRITY

4.5 Ensure Double-Encoded requests will be rejected - DefaultCIS IIS 10 v1.2.1 Level 1Windows

SYSTEM AND INFORMATION INTEGRITY

4.6 Ensure 'HTTP Trace Method' is disabled - ApplicationsCIS IIS 10 v1.2.1 Level 1Windows

SYSTEM AND SERVICES ACQUISITION

4.6 Ensure 'HTTP Trace Method' is disabled - DefaultCIS IIS 10 v1.2.1 Level 1Windows

SYSTEM AND SERVICES ACQUISITION

4.7 Ensure Unlisted File Extensions are not allowed - ApplicationsCIS IIS 10 v1.2.1 Level 1Windows

SYSTEM AND SERVICES ACQUISITION

4.7 Ensure Unlisted File Extensions are not allowed - DefaultCIS IIS 10 v1.2.1 Level 1Windows

SYSTEM AND SERVICES ACQUISITION

4.9 Ensure 'notListedIsapisAllowed' is set to falseCIS IIS 10 v1.2.1 Level 1Windows

SYSTEM AND SERVICES ACQUISITION

4.10 Ensure 'notListedCgisAllowed' is set to falseCIS IIS 10 v1.2.1 Level 1Windows

SYSTEM AND SERVICES ACQUISITION

5.11 Ensure that the memory usage for containers is limitedCIS Docker v1.6.0 L1 Docker LinuxUnix

SYSTEM AND COMMUNICATIONS PROTECTION

5.12 Ensure that CPU priority is set appropriately on containersCIS Docker v1.6.0 L1 Docker LinuxUnix

SYSTEM AND COMMUNICATIONS PROTECTION

6.3 Ensure 'Postmaster' Runtime Parameters are ConfiguredCIS PostgreSQL 10 DB v1.0.0PostgreSQLDB

SYSTEM AND SERVICES ACQUISITION

6.3 Ensure 'Postmaster' Runtime Parameters are ConfiguredCIS PostgreSQL 9.5 DB v1.1.0PostgreSQLDB

SYSTEM AND SERVICES ACQUISITION

6.3 Ensure 'Postmaster' Runtime Parameters are ConfiguredCIS PostgreSQL 9.6 DB v1.0.0PostgreSQLDB

SYSTEM AND SERVICES ACQUISITION

6.4 Ensure 'SIGHUP' Runtime Parameters are ConfiguredCIS PostgreSQL 9.6 DB v1.0.0PostgreSQLDB

SYSTEM AND SERVICES ACQUISITION

6.4 Ensure 'SIGHUP' Runtime Parameters are ConfiguredCIS PostgreSQL 10 DB v1.0.0PostgreSQLDB

SYSTEM AND SERVICES ACQUISITION

6.4 Ensure 'SIGHUP' Runtime Parameters are ConfiguredCIS PostgreSQL 9.5 DB v1.1.0PostgreSQLDB

SYSTEM AND SERVICES ACQUISITION