Baseline category | Baseline name | Baseline description | Number of check items |
Internationally agreed best practices for security | Alibaba Cloud Linux 2/3 Internationally Agreed Best Practices for Security | Checks system configurations based on the check items in internationally agreed best practices for security. The baselines are suitable for enterprise users who have professional security requirements. The baselines include a variety of check items that you can use based on your business scenarios and requirements. You can reinforce the security of your system based on the check results. | 176 |
Rocky 8 Internationally Agreed Best Practices for Security | 161 |
CentOS Linux 6 LTS Internationally Agreed Best Practices for Security | 194 |
CentOS Linux 7 LTS Internationally Agreed Best Practices for Security | 195 |
CentOS Linux 8 LTS Internationally Agreed Best Practices for Security | 162 |
Debian Linux 8 Internationally Agreed Best Practices for Security | 155 |
Ubuntu 14 LTS Internationally Agreed Best Practices for Security | 175 |
Ubuntu 16/18/20 LTS Internationally Agreed Best Practices for Security | 174 |
Ubuntu 22 LTS Internationally Agreed Best Practices for Security | 148 |
Unauthorized access | Influxdb unauthorized access high exploit vulnerability risk | Checks InfluxDB vulnerabilities that can be exploited by attackers to implement unauthorized access. | 1 |
Redis unauthorized access high exploit vulnerability risk | Checks Redis vulnerabilities that can be exploited by attackers to implement unauthorized access. | 1 |
Jboss unauthorized access high exploit vulnerability risk | Checks JBoss vulnerabilities that can be exploited by attackers to implement unauthorized access. | 1 |
ActiveMQ unauthorized access high exploit vulnerability risk | Checks ActiveMQ vulnerabilities that can be exploited by attackers to implement unauthorized access. | 1 |
RabbitMQ unauthorized access high exploit vulnerability risk | Checks RabbitMQ vulnerabilities that can be exploited by attackers to implement unauthorized access. | 1 |
OpenLDAP unauthorized access vulnerability baseline (Linux) | Checks OpenLDAP vulnerabilities that can be exploited by attackers to implement unauthorized access. | 1 |
rsync unauthorized access high exploit vulnerability risk | Checks rsync vulnerabilities that can be exploited by attackers to implement unauthorized access. | 1 |
Mongodb unauthorized access high exploit vulnerability risk | Checks MongoDB vulnerabilities that can be exploited by attackers to implement unauthorized access. | 1 |
Postgresql unauthorized access to high-risk risk baseline | Checks PostgreSQL vulnerabilities that can be exploited by attackers to implement unauthorized access. | 1 |
Jenkins unauthorized access high exploit vulnerability risk | Checks Jenkins vulnerabilities that can be exploited by attackers to implement unauthorized access. | 1 |
Hadoop unauthorized access high exploit vulnerability risk | Checks Apache Hadoop vulnerabilities that can be exploited by attackers to implement unauthorized access. | 1 |
CouchDB unauthorized access high exploit risk | Checks Apache CouchDB vulnerabilities that can be exploited by attackers to implement unauthorized access. | 1 |
ZooKeeper unauthorized access high exploit vulnerability risk | Checks Apache ZooKeeper vulnerabilities that can be exploited by attackers to implement unauthorized access. | 1 |
Memcached unauthorized access high exploit vulnerability risk | Checks memcached vulnerabilities that can be exploited by attackers to implement unauthorized access. | 1 |
Elasticsearch unauthorized access high exploit vulnerability risk | Checks Elasticsearch vulnerabilities that can be exploited by attackers to implement unauthorized access. | 1 |
MLPS compliance | MLPS Level 3 Compliance Baseline for SUSE 15 | Checks whether the configurations of SLES 15 are compliant with MLPS standards. The check items included in the baseline are benchmarked against the testing standards and requirements on secure computing environments proposed by authoritative assessment organizations. During benchmarking, the MLPS 2.0 standards (level 3) are used. | 18 |
MLPS Level 3 Compliance Baseline for Alibaba Cloud Linux 3 | Checks whether the configurations of Alibaba Cloud Linux 3 are compliant with MLPS standards. The check items included in the baseline are benchmarked against the testing standards and requirements on secure computing environments proposed by authoritative assessment organizations. During benchmarking, the MLPS 2.0 standards (level 3) are used. | 19 |
MLPS Level 3 Compliance Baseline for Alibaba Cloud Linux 2 | Checks whether the configurations of Alibaba Cloud Linux 2 are compliant with MLPS standards. The check items included in the baseline are benchmarked against the testing standards and requirements on secure computing environments proposed by authoritative assessment organizations. During benchmarking, the MLPS 2.0 standards (level 3) are used. | 19 |
MLPS Level 3 Compliance Baseline for Bind | Checks whether the configurations of Bind are compliant with MLPS standards. The check items included in the baseline are benchmarked against the testing standards and requirements on secure computing environments proposed by authoritative assessment organizations. During benchmarking, the MLPS 2.0 standards (level 3) are used. | 4 |
MLPS Level 3 Compliance Baseline for CentOS Linux 6 | Checks whether the configurations of CentOS Linux 6 are compliant with MLPS standards. The check items included in the baseline are benchmarked against the testing standards and requirements on secure computing environments proposed by authoritative assessment organizations. During benchmarking, the MLPS 2.0 standards (level 3) are used. | 19 |
MLPS Level 3 Compliance Baseline for CentOS Linux 7 | Checks whether the configurations of CentOS Linux 7 are compliant with MLPS standards. The check items included in the baseline are benchmarked against the testing standards and requirements on secure computing environments proposed by authoritative assessment organizations. During benchmarking, the MLPS 2.0 standards (level 3) are used. | 19 |
MLPS Level 3 Compliance Baseline for CentOS Linux 8 | Checks whether the configurations of CentOS Linux 8 are compliant with MLPS standards. The check items included in the baseline are benchmarked against the testing standards and requirements on secure computing environments proposed by authoritative assessment organizations. During benchmarking, the MLPS 2.0 standards (level 3) are used. | 19 |
MLPS Level 3 Compliance Baseline for Informix | Checks whether the configurations of Informix are compliant with MLPS standards. The check items included in the baseline are benchmarked against the testing standards and requirements on secure computing environments proposed by authoritative assessment organizations. During benchmarking, the MLPS 2.0 standards (level 3) are used. | 6 |
MLPS Level 3 Compliance Baseline for JBoss 6/7 | Checks whether the configurations of JBoss 6 or JBoss 7 are compliant with MLPS standards. The check items included in the baseline are benchmarked against the testing standards and requirements on secure computing environments proposed by authoritative assessment organizations. During benchmarking, the MLPS 2.0 standards (level 3) are used. | 5 |
MLPS Level 3 Compliance Baseline for MongoDB | Checks whether the configurations of MongoDB are compliant with MLPS standards. The check items included in the baseline are benchmarked against the testing standards and requirements on secure computing environments proposed by authoritative assessment organizations. During benchmarking, the MLPS 2.0 standards (level 3) are used. | 6 |
MLPS Level 3 Compliance Baseline for MySQL | Checks whether the configurations of MySQL are compliant with MLPS standards. The check items included in the baseline are benchmarked against the testing standards and requirements on secure computing environments proposed by authoritative assessment organizations. During benchmarking, the MLPS 2.0 standards (level 3) are used. | 5 |
MLPS Level 3 Compliance Baseline for Nginx | Checks whether the configurations of NGINX are compliant with MLPS standards. The check items included in the baseline are benchmarked against the testing standards and requirements on secure computing environments proposed by authoritative assessment organizations. During benchmarking, the MLPS 2.0 standards (level 3) are used. | 3 |
MLPS Level 3 Compliance Baseline for Oracle | Checks whether the configurations of Oracle are compliant with MLPS standards. The check items included in the baseline are benchmarked against the testing standards and requirements on secure computing environments proposed by authoritative assessment organizations. During benchmarking, the MLPS 2.0 standards (level 3) are used. | 12 |
MLPS Level 3 Compliance Baseline for PostgreSQL | Checks whether the configurations of PostgreSQL are compliant with MLPS standards. The check items included in the baseline are benchmarked against the testing standards and requirements on secure computing environments proposed by authoritative assessment organizations. During benchmarking, the MLPS 2.0 standards (level 3) are used. | 4 |
MLPS Level 3 Compliance Baseline for Red Hat Linux 6 | Checks whether the configurations of RHEL 6 are compliant with MLPS standards. The check items included in the baseline are benchmarked against the testing standards and requirements on secure computing environments proposed by authoritative assessment organizations. During benchmarking, the MLPS 2.0 standards (level 3) are used. | 19 |
MLPS Level 3 Compliance Baseline for Red Hat Linux 7 | Checks whether the configurations of RHEL 7 are compliant with MLPS standards. The check items included in the baseline are benchmarked against the testing standards and requirements on secure computing environments proposed by authoritative assessment organizations. During benchmarking, the MLPS 2.0 standards (level 3) are used. | 19 |
MLPS Level 3 Compliance Baseline for Redis | Checks whether the configurations of Redis are compliant with MLPS standards. The check items included in the baseline are benchmarked against the testing standards and requirements on secure computing environments proposed by authoritative assessment organizations. During benchmarking, the MLPS 2.0 standards (level 3) are used. | 4 |
MLPS Level 3 Compliance Baseline for SUSE 10 | Checks whether the configurations of SLES 10 are compliant with MLPS standards. The check items included in the baseline are benchmarked against the testing standards and requirements on secure computing environments proposed by authoritative assessment organizations. During benchmarking, the MLPS 2.0 standards (level 3) are used. | 19 |
MLPS Level 3 Compliance Baseline for SUSE 12 | Checks whether the configurations of SLES 12 are compliant with MLPS standards. The check items included in the baseline are benchmarked against the testing standards and requirements on secure computing environments proposed by authoritative assessment organizations. During benchmarking, the MLPS 2.0 standards (level 3) are used. | 19 |
MLPS Level 3 Compliance Baseline for SUSE 11 | Checks whether the configurations of SLES 11 are compliant with MLPS standards. The check items included in the baseline are benchmarked against the testing standards and requirements on secure computing environments proposed by authoritative assessment organizations. During benchmarking, the MLPS 2.0 standards (level 3) are used. | 19 |
MLPS Level 3 Compliance Baseline for Ubuntu 14 | Checks whether the configurations of Ubuntu 14 are compliant with MLPS standards. The check items included in the baseline are benchmarked against the testing standards and requirements on secure computing environments proposed by authoritative assessment organizations. During benchmarking, the MLPS 2.0 standards (level 3) are used. | 19 |
MLPS Level 3 Compliance Baseline for Ubuntu 16/18/20 | Checks whether the configurations of Ubuntu 16, Ubuntu 18, or Ubuntu 20 are compliant with MLPS standards. The check items included in the baseline are benchmarked against the testing standards and requirements on secure computing environments proposed by authoritative assessment organizations. During benchmarking, the MLPS 2.0 standards (level 3) are used. | 19 |
MLPS Level 3 Compliance Baseline for Ubuntu 22 | Checks whether the configurations of Ubuntu 22 are compliant with MLPS standards. The check items included in the baseline are benchmarked against the testing standards and requirements on secure computing environments proposed by authoritative assessment organizations. During benchmarking, the MLPS 2.0 standards (level 3) are used. | 19 |
MLPS Level 3 Compliance Baseline for Websphere Application Server | Checks whether the configurations of WebSphere Application Server are compliant with MLPS standards. The check items included in the baseline are benchmarked against the testing standards and requirements on secure computing environments proposed by authoritative assessment organizations. During benchmarking, the MLPS 2.0 standards (level 3) are used. | 7 |
MLPS Level 3 Compliance Baseline for TongWeb | Checks whether the configurations of TongWeb are compliant with MLPS standards. The check items included in the baseline are benchmarked against the testing standards and requirements on secure computing environments proposed by authoritative assessment organizations. During benchmarking, the MLPS 2.0 standards (level 3) are used. | 4 |
MLPS Level 3 Compliance Baseline for WebLogic | Checks whether the configurations of WebLogic are compliant with MLPS standards. The check items included in the baseline are benchmarked against the testing standards and requirements on secure computing environments proposed by authoritative assessment organizations. During benchmarking, the MLPS 2.0 standards (level 3) are used. | 5 |
MLPS Level 2 Compliance Baseline for Alibaba Cloud Linux 2 | Checks whether the configurations of Alibaba Cloud Linux 2 are compliant with MLPS standards. The check items included in the baseline are benchmarked against the testing standards and requirements on secure computing environments proposed by authoritative assessment organizations. During benchmarking, the MLPS 2.0 standards (level 2) are used. | 15 |
MLPS Level 2 Compliance Baseline for CentOS Linux 6 | Checks whether the configurations of CentOS Linux 6 are compliant with MLPS standards. The check items included in the baseline are benchmarked against the testing standards and requirements on secure computing environments proposed by authoritative assessment organizations. During benchmarking, the MLPS 2.0 standards (level 2) are used. | 15 |
MLPS Level 2 Compliance Baseline for CentOS Linux 7 | Checks whether the configurations of CentOS Linux 7 are compliant with MLPS standards. The check items included in the baseline are benchmarked against the testing standards and requirements on secure computing environments proposed by authoritative assessment organizations. During benchmarking, the MLPS 2.0 standards (level 2) are used. | 15 |
MLPS Level 2 Compliance Baseline for Debian Linux 8 | Checks whether the configurations of Debian Linux 8 are compliant with MLPS standards. The check items included in the baseline are benchmarked against the testing standards and requirements on secure computing environments proposed by authoritative assessment organizations. During benchmarking, the MLPS 2.0 standards (level 2) are used. | 12 |
MLPS Level 2 Compliance Baseline for Red Hat Linux 7 | Checks whether the configurations of RHEL 7 are compliant with MLPS standards. The check items included in the baseline are benchmarked against the testing standards and requirements on secure computing environments proposed by authoritative assessment organizations. During benchmarking, the MLPS 2.0 standards (level 2) are used. | 15 |
MLPS Level 2 Compliance Baseline for Ubuntu 16/18 | Checks whether the configurations of Ubuntu 16 or Ubuntu 18 are compliant with MLPS standards. The check items included in the baseline are benchmarked against the testing standards and requirements on secure computing environments proposed by authoritative assessment organizations. During benchmarking, the MLPS 2.0 standards (level 2) are used. | 19 |
MLPS Level 3 Compliance Baseline for Debian Linux 8/9/10/11/12 | Checks whether the configurations of Debian Linux 8, Debian Linux 9, Debian Linux 10, Debian Linux 11, or Debian Linux 12 are compliant with MLPS standards. The check items included in the baseline are benchmarked against the testing standards and requirements on secure computing environments proposed by authoritative assessment organizations. During benchmarking, the MLPS 2.0 standards (level 3) are used. | 19 |
MLPS Level 3 Compliance Baseline for Kylin | Checks whether the configurations of Kylin are compliant with MLPS standards. The check items included in the baseline are benchmarked against the testing standards and requirements on secure computing environments proposed by authoritative assessment organizations. During benchmarking, the MLPS 2.0 standards (level 3) are used. | 19 |
MLPS Level 3 Compliance Baseline for UOS | Checks whether the configurations of UOS are compliant with MLPS standards. The check items included in the baseline are benchmarked against the testing standards and requirements on secure computing environments proposed by authoritative assessment organizations. During benchmarking, the MLPS 2.0 standards (level 3) are used. | 19 |
MLPS Level 3 Compliance Baseline for Anolis 8 | Checks whether the configurations of Anolis 8 are compliant with MLPS standards. The check items included in the baseline are benchmarked against the testing standards and requirements on secure computing environments proposed by authoritative assessment organizations. During benchmarking, the MLPS 2.0 standards (level 3) are used. | 19 |
Weak password | Zabbix login weak password baseline | Checks weak passwords that are used to log on to Zabbix. | 1 |
ElasticSearch login weak password baseline | Checks weak passwords that are used to log on to Elasticsearch servers. | 1 |
Activemq login weak password baseline | Checks weak passwords that are used to log on to ActiveMQ. | 1 |
RabbitMQ login weak password baseline | Checks weak passwords that are used to log on to RabbitMQ. | 1 |
OpenVPN weak password detection in Linux system | Checks common weak passwords of OpenVPN accounts in Linux operating systems. | 1 |
Jboss 6/7 login weak password baseline | Checks weak passwords that are used to log on to JBoss 6 and JBoss 7. | 1 |
Jenkins login weak password baseline | Checks weak passwords that are used to log on to Jenkins. This baseline check provides more samples to detect common weak passwords and delivers better check performance than its early version. | 1 |
Proftpd login weak password baseline | Checks weak passwords that are used to log on to a new version of ProFTPD. This baseline check contains diversified samples of common weak passwords for better check performance. | 1 |
Weblogic 12c login weak password detection | Checks weak password for users of WebLogic Server 12c. | 1 |
Openldap login weak password baseline | Checks weak passwords that are used to log on to OpenLDAP. | 1 |
VncServer weak password check | Checks common weak passwords that are used to log on to the VNC service. | 1 |
pptpd login weak password baseline | Checks weak passwords that are used to log on to PPTP servers. | 1 |
Oracle login weak password detection | Checks weak passwords for users of Oracle databases. | 1 |
svn login weak password baseline | Checks weak passwords that are used to log on to SVN servers. | 1 |
rsync login weak password baseline | Checks weak passwords that are used to log on to rsync servers. | 1 |
MongoDB Weak Password baseline | Checks weak passwords for the MongoDB service. MongoDB 3.x and 4.x support this baseline check. | 1 |
PostgreSQL DB login weak password baseline | Checks weak passwords that are used to log on to PostgreSQL databases. | 1 |
Apache Tomcat Console weak password baseline | Checks weak passwords that are used to log on to the Apache Tomcat console. Apache Tomcat 7, 8, and 9 support this baseline check. | 1 |
Ftp login weak password baseline | Checks weak passwords that are used to log on to FTP servers and anonymous logons to FTP servers. | 1 |
Redis DB login weak password baseline | Checks weak passwords that are used to log on to Redis databases. | 1 |
Linux system login weak password baseline | Checks weak passwords that are used to log on to a new version of Linux systems. This baseline check contains diversified samples of common weak passwords for better check performance. | 1 |
Mysql database login weak password check (version 8.x is not supported) | Checks weak passwords that are used to log on to a new version of MySQL databases. This baseline check contains diversified samples of common weak passwords for better check performance. | 1 |
MongoDB Weak Password baseline(support version 2. X) | Checks weak passwords for users of the MongoDB service. | 1 |
Container security | Unauthorized access - Risk of unauthorized access to the Redis container service | Checks whether the Redis service can be accessed without permissions. The system attempts to connect to the Redis service or reads the configuration file of the service during container runtime to perform the check. | 1 |
Unauthorized access - Risk of unauthorized access to the MongoDB container service | Checks whether the MongoDB service can be accessed without permissions. The system attempts to connect to the MongoDB service or reads the configuration file of the service during container runtime to perform the check. | 1 |
Unauthorized access - Risk of unauthorized access to the Jboss container service | Checks whether the JBoss service can be accessed without permissions. The system attempts to connect to the JBoss service or reads the configuration file of the service during container runtime to perform the check. | 1 |
Unauthorized access - Risk of unauthorized access to the ActiveMQ container service | Checks whether the ActiveMQ service can be accessed without permissions. The system attempts to connect to the ActiveMQ service or reads the configuration file of the service during container runtime to perform the check. | 1 |
Unauthorized access - Risk of unauthorized access to the Rsync container service | Checks whether the rsync service can be accessed without permissions. The system attempts to connect to the rsync service or reads the configuration file of the service during container runtime to perform the check. | 1 |
Unauthorized access - Risk of unauthorized access to the Memcached container service | Checks whether the Memcached service can be accessed without permissions. The system attempts to connect to the Memcached service or reads the configuration file of the service during container runtime to perform the check. | 1 |
Unauthorized access - Risk of unauthorized access to the RabbitMQ container service | Checks whether the RabbitMQ service can be accessed without permissions. The system attempts to connect to the RabbitMQ service or reads the configuration file of the service during container runtime to perform the check. | 1 |
Unauthorized access - Risk of unauthorized access to the ES container service | Checks whether the Elasticsearch service can be accessed without permissions. The system attempts to connect to the Elasticsearch service or reads the configuration file of the service during container runtime to perform the check. | 1 |
Unauthorized access - Risk of unauthorized access to the Jenkins container service | Checks whether the Jenkins service can be accessed without permissions. The system attempts to connect to the Jenkins service or reads the configuration file of the service during container runtime to perform the check. | 1 |
Kubernetes(ACK) Master Internationally Agreed Best Practices for Security | Checks system configurations based on the check items in internationally agreed best practices for security. The baselines are suitable for enterprise users who have professional security requirements. The baselines include a variety of check items that you can use based on your business scenarios and requirements. You can reinforce the security of your system based on the check results. | 52 |
Kubernetes(ACK) Node Internationally Agreed Best Practices for Security | | 9 |
Weak Password-Proftpd container runtime weak password risk | Checks whether weak passwords are used during ProFTPD container runtime. The system reads files such as password configuration files to obtain authentication information and attempts to connect to the ProFTPD service from an on-premises machine. If the service is connected, the system compares the used password against the weak password dictionary to check whether a weak password is used during ProFTPD container runtime. | 1 |
Weak Password-Redis container runtime weak password risk | Checks whether weak passwords are used during Redis container runtime. The system reads files such as password configuration files to obtain authentication information and attempts to connect to the Redis service from an on-premises machine. If the service is connected, the system compares the used password against the weak password dictionary to check whether a weak password is used during Redis container runtime. | 1 |
Weak Password-MongoDB container runtime weak password risk | Checks whether weak passwords are used during MongoDB container runtime. The system reads files such as password configuration files to obtain authentication information and attempts to connect to the MongoDB service from an on-premises machine. If the service is connected, the system compares the used password against the weak password dictionary to check whether a weak password is used during MongoDB container runtime. | 1 |
Weak Password-Jboss container runtime weak password risk | Checks whether weak passwords are used during JBoss container runtime. The system reads files such as password configuration files to obtain authentication information and attempts to connect to the JBoss service from an on-premises machine. If the service is connected, the system compares the used password against the weak password dictionary to check whether a weak password is used during JBoss container runtime. | 1 |
Weak Password-ActiveMQ container runtime weak password risk | Checks whether weak passwords are used during ActiveMQ container runtime. The system reads files such as password configuration files to obtain authentication information and attempts to connect to the ActiveMQ service from an on-premises machine. If the service is connected, the system compares the used password against the weak password dictionary to check whether a weak password is used during ActiveMQ container runtime. | 1 |
Weak Password-Rsync container runtime weak password risk | Checks whether weak passwords are used during rsync container runtime. The system reads files such as password configuration files to obtain authentication information and attempts to connect to the rsync service from an on-premises machine. If the service is connected, the system compares the used password against the weak password dictionary to check whether a weak password is used during rsync container runtime. | 1 |
Weak Password-SVN container runtime weak password risk | Checks whether weak passwords are used during SVN container runtime. The system reads files such as password configuration files to obtain authentication information and attempts to connect to the SVN service from an on-premises machine. If the service is connected, the system compares the used password against the weak password dictionary to check whether a weak password is used during SVN container runtime. | 1 |
Weak Password-ES container runtime weak password risk | Checks whether weak passwords are used during Elasticsearch container runtime. The system reads files such as password configuration files to obtain authentication information and attempts to connect to the Elasticsearch service from an on-premises machine. If the service is connected, the system compares the used password against the weak password dictionary to check whether a weak password is used during Elasticsearch container runtime. | 1 |
Weak Password-Mysql container runtime weak password risk | Checks whether weak passwords are used during MySQL container runtime. The system reads files such as password configuration files to obtain authentication information and attempts to connect to the MySQL service from an on-premises machine. If the service is connected, the system compares the used password against the weak password dictionary to check whether a weak password is used during MySQL container runtime. | 1 |
Weak Password-Tomcat container runtime weak password risk | Checks whether weak passwords are used during Tomcat container runtime. The system reads files such as password configuration files to obtain authentication information and attempts to connect to the Tomcat service from an on-premises machine. If the service is connected, the system compares the used password against the weak password dictionary to check whether a weak password is used during Tomcat container runtime. | 1 |
Weak Password-Jenkins container runtime weak password risk | Checks whether weak passwords are used during Jenkins container runtime. The system reads files such as password configuration files to obtain authentication information and attempts to connect to the Jenkins service from an on-premises machine. If the service is connected, the system compares the used password against the weak password dictionary to check whether a weak password is used during Jenkins container runtime. | 1 |
Alibaba Cloud Standard-Kubernetes-Node Security Baseline Check | Checks whether the configurations of Kubernetes nodes are compliant with the Alibaba Cloud standards of best security practices. | 7 |
Alibaba Cloud Standard-Kubernetes-Master Security Baseline Check | Checks whether the configurations of Kubernetes master nodes are compliant with the Alibaba Cloud standards of best security practices. | 18 |
Alibaba Cloud Standard-Docker Host Security Baseline Check | Checks whether the configurations of Docker hosts are compliant with the Alibaba Cloud standards of best security practices. | 10 |
Alibaba Cloud standard-Docker container security baseline check (supports K8S Docker pods) | Checks whether the configurations of Docker containers are compliant with the Alibaba Cloud standards of best security practices. | 8 |
Docker unauthorized access high vulnerability risk | Checks Docker vulnerabilities that can be exploited by attackers to implement unauthorized access. | 1 |
Kubernetes-Apiserver unauthorized access to high-risk risks | Checks Kubernetes API server vulnerabilities that can be exploited by attackers to implement unauthorized access. | 1 |
Kubernetes(K8s) Pod Internationally Agreed Best Practices for Security (supports K8S Containerd pods) | Checks system configurations based on the check items in internationally agreed best practices for security. The baseline is suitable for enterprise users who have professional security requirements. The baseline includes a variety of check items that you can use based on your business scenarios and requirements. You can reinforce the security of your system based on the check results. This baseline check is suitable for Kubernetes pods. | 12 |
Kubernetes(ACK) Pods Internationally Agreed Best Practices for Security | Checks system configurations based on the check items in internationally agreed best practices for security. The baseline is suitable for enterprise users who have professional security requirements. The baseline includes a variety of check items that you can use based on your business scenarios and requirements. You can reinforce the security of your system based on the check results. This baseline check is suitable for Container Service for Kubernetes (ACK) pods. | 7 |
Kubernetes(ECI) Pod Internationally Agreed Best Practices for Security | Checks system configurations based on the check items in internationally agreed best practices for security. The baseline is suitable for enterprise users who have professional security requirements. The baseline includes a variety of check items that you can use based on your business scenarios and requirements. You can reinforce the security of your system based on the check results. This baseline check is suitable for Elastic Container Instance pods. | 2 |
Kubernetes(K8S) Master Internationally Agreed Best Practices for Security | Checks system configurations based on the check items in internationally agreed best practices for security. The baseline is suitable for enterprise users who have professional security requirements. The baseline includes a variety of check items that you can use based on your business scenarios and requirements. You can reinforce the security of your system based on the check results. This baseline check is suitable for Kubernetes master nodes. | 55 |
Kubernetes(K8S) Policy Internationally Agreed Best Practices for Security | Checks system configurations based on the check items in internationally agreed best practices for security. The baseline is suitable for enterprise users who have professional security requirements. The baseline includes a variety of check items that you can use based on your business scenarios and requirements. You can reinforce the security of your system based on the check results. This baseline check is suitable for Kubernetes nodes. | 34 |
Kubernetes(K8S) Worker Internationally Agreed Best Practices for Security | Checks system configurations based on the check items in internationally agreed best practices for security. The baseline is suitable for enterprise users who have professional security requirements. The baseline includes a variety of check items that you can use based on your business scenarios and requirements. You can reinforce the security of your system based on the check results. This baseline check is suitable for Kubernetes worker nodes. | 16 |
Dockerd Container Internationally Agreed Best Practices for Security | Checks system configurations based on the check items in internationally agreed best practices for security. The baselines are suitable for enterprise users who have professional security requirements. The baselines include a variety of check items that you can use based on your business scenarios and requirements. You can reinforce the security of your system based on the check results. | 91 |
Dockerd Host Internationally Agreed Best Practices for Security | | 25 |
Containerd Container Internationally Agreed Best Practices for Security | | 25 |
Containerd Host Internationally Agreed Best Practices for Security | | 22 |
Best security practices | Alibaba Cloud Standard - Alibaba Cloud Linux 2/3 Benchmark | Checks whether the configurations of Alibaba Cloud Linux 2 or Alibaba Cloud Linux 3 are compliant with the Alibaba Cloud standards of best security practices. | 16 |
Alibaba Cloud Standard - CentOS Linux 6 Security Baseline Check | Checks whether the configurations of CentOS Linux 6 are compliant with the Alibaba Cloud standards of best security practices. | 15 |
Alibaba Cloud Standard - CentOS Linux 7/8 Security Baseline Check | Checks whether the configurations of CentOS Linux 7 or CentOS Linux 8 are compliant with the Alibaba Cloud standards of best security practices. | 15 |
Alibaba Cloud Standard - Debian Linux 8/9/10/11/12 Security Baseline | Checks whether the configurations of Debian Linux 8, Debian Linux 9, Debian Linux 10, Debian Linux 11, or Debian Linux 12 are compliant with the Alibaba Cloud standards of best security practices. | 15 |
Alibaba Cloud Standard - Red Hat Enterprise Linux 6 Security Baseline Check | Checks whether the configurations of RHEL 6 are compliant with the Alibaba Cloud standards of best security practices. | 15 |
Alibaba Cloud Standard - Red Hat Enterprise Linux 7/8 Security Baseline Check | Checks whether the configurations of RHEL 7 or RHEL 8 are compliant with the Alibaba Cloud standards of best security practices. | 15 |
Alibaba Cloud Standard - Ubuntu Security Baseline | Checks whether the configurations of Ubuntu are compliant with the Alibaba Cloud standards of best security practices. | 15 |
Alibaba Cloud Standard - Memcached Security Baseline Check | Checks whether the configurations of Memcached are compliant with the Alibaba Cloud standards of best security practices. | 5 |
Alibaba Cloud Standard - MongoDB Security Baseline Check (Version 3.x) | Checks whether the configurations of MongoDB are compliant with the Alibaba Cloud standards of best security practices. | 9 |
Alibaba Cloud Standard - Mysql Security Baseline Check | Checks whether the configurations of MySQL are compliant with the Alibaba Cloud standards of best security practices. MySQL 5.1 to MySQL 5.7 support this baseline check. | 12 |
Alibaba Cloud Standard - Oracle Security Baseline Check | Checks whether the configurations of Oracle Database 11g are compliant with the Alibaba Cloud standards of best security practices. | 14 |
Alibaba Cloud Standard-PostgreSql Security Initialization Check | Checks whether the configurations of PostgreSQL are compliant with the Alibaba Cloud standards of best security practices. | 11 |
Alibaba Cloud Standard - Redis Security Baseline Check | Checks whether the configurations of Redis are compliant with the Alibaba Cloud standards of best security practices. | 7 |
Alibaba Cloud Standard - Anolis 7/8 Security Baseline Check | Checks whether the configurations of Anolis 7 or Anolis 8 are compliant with the Alibaba Cloud standards of best security practices. | 16 |
Alibaba Cloud Standard - Apache Security Baseline Check | Checks whether the middleware configurations of Apache are compliant with internationally agreed best practices for security and the Alibaba Cloud standards. | 19 |
Alibaba cloud standard - CouchDB security baseline check | Checks whether the configurations of Apache CouchDB are compliant with Alibaba Cloud standards. | 5 |
Alibaba Cloud Standard - ElasticSearch Security Baseline Check | Checks whether the configurations of Elasticsearch are compliant with the Alibaba Cloud standards of best security practices. | 3 |
Alibaba Cloud Standard - Hadoop Security Baseline Check | Checks whether the configurations of Apache Hadoop are compliant with the Alibaba Cloud standards of best security practices. | 3 |
Alibaba Cloud Standard - Influxdb Security Baseline Check | Checks whether the configurations of InfluxDB are compliant with the Alibaba Cloud standards of best security practices. | 5 |
Alibaba Cloud Standard -Jboss 6/7 Security Baseline | Checks whether the configurations of JBoss 6 or JBoss 7 are compliant with the Alibaba Cloud standards of best security practices. | 11 |
Alibaba Cloud Standard - Kibana Security Baseline Check | Checks whether the configurations of Kibana are compliant with the Alibaba Cloud standards of best security practices. | 4 |
Alibaba Cloud Standard - Kylin Security Baseline Check | Checks whether the configurations of Kylin are compliant with Alibaba Cloud standards. | 15 |
Alibaba Cloud Standard -Activemq Security Baseline | Checks whether the configurations of ActiveMQ are compliant with the Alibaba Cloud standards of best security practices. | 7 |
Alibaba Cloud Standard - Jenkins Security Baseline Check | Checks whether the configurations of Jenkins are compliant with the Alibaba Cloud standards of best security practices. | 6 |
Alibaba Cloud Standard - RabbitMQ Security Baseline | Checks whether the configurations of RabbitMQ are compliant with the Alibaba Cloud standards of best security practices. | 4 |
Alibaba Cloud Standard - Nginx Security Baseline Check | Checks whether the configurations of NGINX are compliant with the Alibaba Cloud standards of best security practices. | 13 |
Alibaba Cloud Standard - SUSE Linux 15 Security Baseline Check | Checks whether the configurations of SLES 15 are compliant with the Alibaba Cloud standards of best security practices. | 15 |
Alibaba Cloud Standard - Uos Security Baseline Check | Checks whether the configurations of UOS are compliant with the Alibaba Cloud standards of best security practices. | 15 |
Alibaba Cloud Standard -Zabbix Security Baseline | Checks whether the configurations of Zabbix are compliant with the Alibaba Cloud standards of best security practices. | 6 |
Alibaba Cloud Standard-Apache Tomcat Security Baseline | Checks whether the middleware configurations of Apache Tomcat are compliant with internationally agreed best practices for security and the Alibaba Cloud standards. | 13 |
Ping An Puhui standard - CentOS Linux 7 security baseline inspection | Checks whether the configurations of CentOS Linux 7 are compliant with the Ping An Puhui standards. | 31 |
Ping An Puhui risk monitoring | Checks risks based on the Ping An Puhui standards. | 7 |
Alibaba Cloud Standard - SVN Security Baseline Check | Checks whether the configurations of SVN are compliant with the Alibaba Cloud standards of best security practices. | 2 |
Alibaba Cloud Standard - Alma Linux 8 Security Baseline Check | Checks whether the configurations of Alma Linux 8 are compliant with the Alibaba Cloud standards of best security practices. | 16 |
Alibaba Cloud Standard - Rocky Linux 8 Security Baseline Check | Checks whether the configurations of Rocky Linux 8 are compliant with the Alibaba Cloud standards of best security practices. | 16 |
Alibaba Cloud Standard-TencentOS Security Baseline Check | Checks whether the configurations of TencentOS are compliant with the Alibaba Cloud standards of best security practices. | 16 |
Custom policy | CentOS Linux 7/8 custom baseline | The custom template that contains all baseline check items related to CentOS Linux 7 or CentOS Linux 8. You can select baseline check items and configure parameters for baseline check items by using the template. This helps best suit your business requirements. | 53 |
CentOS Linux 6 custom baseline | The custom template that contains all baseline check items related to CentOS Linux 6. You can select baseline check items and configure parameters for baseline check items by using the template. This helps best suit your business requirements. | 47 |
Ubuntu custom security baseline check | Checks whether the configurations of Ubuntu 14, Ubuntu 16, Ubuntu 18, and Ubuntu 20 are compliant with the Alibaba Cloud standards of best security practices. | 62 |
Redhat7/8 Custom Security Baseline Check | Checks the configurations of RHEL 7 or RHEL 8 based on custom parameters. | 53 |