Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1 Ensure a separate user and group exist for Cassandra - groupCIS Apache Cassandra 3.11 L2 Unix Audit v1.0.0Unix

ACCESS CONTROL

1.1 Ensure a separate user and group exist for Cassandra - passwdCIS Apache Cassandra 3.11 L1 Unix Audit v1.0.0Unix

ACCESS CONTROL

1.1 Ensure a separate user and group exist for Cassandra - user exists in groupCIS Apache Cassandra 3.11 L1 Unix Audit v1.0.0Unix

ACCESS CONTROL

1.3.1 Ensure sudo is installedCIS Fedora 19 Family Linux Server L1 v1.0.0Unix

ACCESS CONTROL

1.3.1 Ensure sudo is installedCIS Fedora 19 Family Linux Workstation L1 v1.0.0Unix

ACCESS CONTROL

1.3.2 Ensure sudo commands use ptyCIS Fedora 19 Family Linux Server L1 v1.0.0Unix

ACCESS CONTROL

1.3.2 Ensure sudo commands use ptyCIS Fedora 19 Family Linux Workstation L1 v1.0.0Unix

ACCESS CONTROL

1.5 Ensure the Cassandra service is run as a non-root userCIS Apache Cassandra 3.11 L1 Unix Audit v1.0.0Unix

ACCESS CONTROL

1.13 Ensure there is only one active access key available for any single IAM userCIS Amazon Web Services Foundations L1 3.0.0amazon_aws

ACCESS CONTROL

2.1 Run BIND as a non-root User - process -u namedCIS BIND DNS v1.0.0 L1 Caching Only Name ServerUnix

ACCESS CONTROL

2.1 Run BIND as a non-root User - process -u namedCIS BIND DNS v1.0.0 L1 Authoritative Name ServerUnix

ACCESS CONTROL

2.1 Run BIND as a non-root User - UIDCIS BIND DNS v1.0.0 L1 Caching Only Name ServerUnix

ACCESS CONTROL

2.6 Ensure that the User-ID service account does not have interactive logon rightsCIS Palo Alto Firewall 9 v1.1.0 L1Palo_Alto

ACCESS CONTROL

2.6 Ensure that the User-ID service account does not have interactive logon rightsCIS Palo Alto Firewall 10 v1.2.0 L1Palo_Alto

ACCESS CONTROL

3.7.1 Ensure 'Notification Settings' are configured for all 'Managed Apps'MobileIron - CIS Apple iOS 14 and iPadOS 14 Institution Owned L1MDM

ACCESS CONTROL

3.7.1 Ensure 'Notification Settings' are configured for all 'Managed Apps'AirWatch - CIS Apple iOS 13 and iPadOS 13 Institution Owned L1MDM

ACCESS CONTROL

3.7.1 Ensure 'Notification Settings' are configured for all 'Managed Apps'AirWatch - CIS Apple iOS 14 and iPadOS 14 Institution Owned L1MDM

ACCESS CONTROL

4.1 Ensure that a user for the container has been createdCIS Docker v1.6.0 L1 Docker LinuxUnix

ACCESS CONTROL

4.2 Ensure excessive administrative privileges are revokedCIS PostgreSQL 10 DB v1.0.0PostgreSQLDB

ACCESS CONTROL

4.3 Ensure excessive function privileges are revokedCIS PostgreSQL 9.6 DB v1.0.0PostgreSQLDB

ACCESS CONTROL

4.3 Ensure excessive function privileges are revokedCIS PostgreSQL 10 OS v1.0.0Unix

ACCESS CONTROL

4.4 Ensure excessive DML privileges are revokedCIS PostgreSQL 10 DB v1.0.0PostgreSQLDB

ACCESS CONTROL

4.4 Ensure excessive function privileges are revokedCIS PostgreSQL 9.5 DB v1.1.0PostgreSQLDB

ACCESS CONTROL

5.2 Ensure SNMPv1/2 are set to Read OnlyCIS Juniper OS Benchmark v2.1.0 L1Juniper

ACCESS CONTROL

5.2.1 Ensure sudo is installedCIS Oracle Linux 6 Server L1 v2.0.0Unix

ACCESS CONTROL

5.2.1 Ensure sudo is installedCIS CentOS 6 Workstation L1 v3.0.0Unix

ACCESS CONTROL

5.2.2 Ensure sudo commands use ptyCIS CentOS 6 Server L1 v3.0.0Unix

ACCESS CONTROL

5.2.2 Ensure sudo commands use ptyCIS Oracle Linux 6 Server L1 v2.0.0Unix

ACCESS CONTROL

5.2.2 Ensure sudo commands use ptyCIS CentOS 6 Workstation L1 v3.0.0Unix

ACCESS CONTROL

5.2.2 Ensure sudo commands use ptyCIS Oracle Linux 6 Workstation L1 v2.0.0Unix

ACCESS CONTROL

5.7 Ensure access to the su command is restricted - pam_wheel.soCIS Red Hat 6 Workstation L1 v3.0.0Unix

ACCESS CONTROL

5.7 Ensure access to the su command is restricted - pam_wheel.soCIS CentOS 6 Server L1 v3.0.0Unix

ACCESS CONTROL

5.7 Ensure access to the su command is restricted - wheel group contains rootCIS Red Hat 6 Workstation L1 v3.0.0Unix

ACCESS CONTROL

5.7 Ensure access to the su command is restricted - wheel group contains rootCIS Oracle Linux 6 Server L1 v2.0.0Unix

ACCESS CONTROL

5.7 Ensure access to the su command is restricted - wheel group contains rootCIS CentOS 6 Workstation L1 v3.0.0Unix

ACCESS CONTROL

6.1.1 Create baseline of executables that elevate to a different GUID (Not scored)CIS IBM AIX 7.2 L2 v1.1.0Unix

ACCESS CONTROL

6.1.2 Create baseline of executables that require a specific group for elevation to a different EUID (not scored)CIS IBM AIX 7.2 L2 v1.1.0Unix

ACCESS CONTROL

6.1.3 Create baseline of executables that elevate directly to a new EUID (not scored)CIS IBM AIX 7.2 L2 v1.1.0Unix

ACCESS CONTROL

6.4 Restrict root Login to System ConsoleCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

ACCESS CONTROL

6.5 Ensure 'Superuser' Runtime Parameters are ConfiguredCIS PostgreSQL 10 DB v1.0.0PostgreSQLDB

ACCESS CONTROL

6.5 Ensure 'Superuser' Runtime Parameters are ConfiguredCIS PostgreSQL 9.6 DB v1.0.0PostgreSQLDB

ACCESS CONTROL

6.5 Restrict Access to the su Command - auth required pam_wheel.so use_uid'CIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

ACCESS CONTROL

6.5 Restrict Access to the su Command - wheel:x:10:root, <user list>'CIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

ACCESS CONTROL

6.6 Ensure 'User' Runtime Parameters are ConfiguredCIS PostgreSQL 9.5 DB v1.1.0PostgreSQLDB

ACCESS CONTROL

6.6 Ensure 'User' Runtime Parameters are ConfiguredCIS PostgreSQL 9.6 DB v1.0.0PostgreSQLDB

ACCESS CONTROL

6.6 Ensure 'User' Runtime Parameters are ConfiguredCIS PostgreSQL 10 DB v1.0.0PostgreSQLDB

ACCESS CONTROL

6.11.4 Ensure Console Port is Set as InsecureCIS Juniper OS Benchmark v2.1.0 L2Juniper

ACCESS CONTROL

6.11.5 Ensure Log-out-on-disconnect is Set for ConsoleCIS Juniper OS Benchmark v2.1.0 L1Juniper

ACCESS CONTROL

7.1 Ensure a replication-only user is created and used for streaming replicationCIS PostgreSQL 10 DB v1.0.0PostgreSQLDB

ACCESS CONTROL

7.2 Ensure a replication-only user is created and used for streaming replicationCIS PostgreSQL 9.6 DB v1.0.0PostgreSQLDB

ACCESS CONTROL