Item Search

Name	Audit Name	Plugin	Category
1.2.9 Ensure that the admission control plugin EventRateLimit is set	CIS Kubernetes v1.24 Benchmark v1.0.0 L1 Master	Unix	SYSTEM AND SERVICES ACQUISITION
1.5.2 Ensure XD/NX support is enabled	CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Workstation	Unix	SYSTEM AND INFORMATION INTEGRITY
1.5.2 Ensure XD/NX support is enabled	CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Server	Unix	SYSTEM AND INFORMATION INTEGRITY
1.28 (L1) Ensure 'Allow download restrictions' is set to 'Enabled: Block malicious downloads'	CIS Microsoft Edge v3.0.0 L1	Windows	SYSTEM AND INFORMATION INTEGRITY
1.56 (L2) Ensure 'Block third party cookies' is set to 'Enabled'	CIS Microsoft Edge v3.0.0 L2	Windows	SYSTEM AND INFORMATION INTEGRITY
1.107 (L1) Ensure 'Enables DALL-E themes generation' is set to 'Disabled'	CIS Microsoft Edge v3.0.0 L1	Windows	SYSTEM AND INFORMATION INTEGRITY
1.111 (L2) Ensure 'Enhanced Security Mode configuration for Intranet zone sites' is set to 'Disabled'	CIS Microsoft Edge v3.0.0 L2	Windows	SYSTEM AND INFORMATION INTEGRITY
3.8.1 TE - implementation - CHKEXEC	CIS IBM AIX 7.1 L2 v2.1.0	Unix	SYSTEM AND INFORMATION INTEGRITY
18.3.3 Ensure 'Enable Structured Exception Handling Overwrite Protection (SEHOP)' is set to 'Enabled' - Enabled	CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS	Windows	SYSTEM AND INFORMATION INTEGRITY
18.4.6 (L1) Ensure 'Enable Structured Exception Handling Overwrite Protection (SEHOP)' is set to 'Enabled'	CIS Microsoft Windows Server 2019 v3.0.1 L1 MS	Windows	SYSTEM AND INFORMATION INTEGRITY
18.4.6 Ensure 'Enable Structured Exception Handling Overwrite Protection (SEHOP)' is set to 'Enabled'	CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 Domain Controller	Windows	SYSTEM AND INFORMATION INTEGRITY
18.4.6 Ensure 'Enable Structured Exception Handling Overwrite Protection (SEHOP)' is set to 'Enabled'	CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Domain Controller	Windows	SYSTEM AND INFORMATION INTEGRITY
18.5.8 (L1) Ensure 'MSS: (SafeDllSearchMode) Enable Safe DLL search mode' is set to 'Enabled'	CIS Microsoft Windows Server 2019 Stand-alone v2.0.0 L1 MS	Windows	SYSTEM AND INFORMATION INTEGRITY
18.8.5.1 Ensure 'Turn On Virtualization Based Security' is set to 'Enabled'	CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 DC NG	Windows	SYSTEM AND INFORMATION INTEGRITY
18.8.5.2 (NG) Ensure 'Turn On Virtualization Based Security: Select Platform Security Level' is set to 'Secure Boot and DMA Protection'	CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 NG MS	Windows	SYSTEM AND INFORMATION INTEGRITY
18.8.5.2 Ensure 'Turn On Virtualization Based Security: Select Platform Security Level' is set to 'Secure Boot and DMA Protection'	CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 MS NG	Windows	SYSTEM AND INFORMATION INTEGRITY
18.8.5.5 Ensure 'Turn On Virtualization Based Security: Credential Guard Configuration' is set to 'Enabled with UEFI lock' (MS Only) - Enabled with UEFI lock	CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 MS NG	Windows	SYSTEM AND INFORMATION INTEGRITY
18.8.40.1 (L1) Ensure 'Configure validation of ROCA-vulnerable WHfB keys during authentication' is set to 'Enabled: Audit' or higher (DC only)	CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DC	Windows	SYSTEM AND INFORMATION INTEGRITY
18.9.5.1 (NG) Ensure 'Turn On Virtualization Based Security' is set to 'Enabled'	CIS Microsoft Windows Server 2019 Stand-alone v2.0.0 NG MS	Windows	SYSTEM AND INFORMATION INTEGRITY
18.9.5.1 (NG) Ensure 'Turn On Virtualization Based Security' is set to 'Enabled'	CIS Microsoft Windows Server 2019 v3.0.1 NG MS	Windows	SYSTEM AND INFORMATION INTEGRITY
18.9.5.1 Ensure 'Turn On Virtualization Based Security' is set to 'Enabled'	CIS Microsoft Windows Server 2016 STIG v3.0.0 NG DC	Windows	SYSTEM AND INFORMATION INTEGRITY
18.9.5.2 Ensure 'Turn On Virtualization Based Security: Select Platform Security Level' is set to 'Secure Boot' or higher	CIS Microsoft Windows Server 2016 STIG v3.0.0 NG DC	Windows	SYSTEM AND INFORMATION INTEGRITY
18.9.5.2 Ensure 'Turn On Virtualization Based Security: Select Platform Security Level' is set to 'Secure Boot' or higher	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC	Windows	SYSTEM AND INFORMATION INTEGRITY
18.9.5.2 Ensure 'Turn On Virtualization Based Security: Select Platform Security Level' is set to 'Secure Boot' or higher	CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC	Windows	SYSTEM AND INFORMATION INTEGRITY
18.9.5.3 Ensure 'Turn On Virtualization Based Security: Virtualization Based Protection of Code Integrity' is set to 'Enabled with UEFI lock'	CIS Microsoft Windows Server 2022 STIG v2.0.0 NG MS	Windows	SYSTEM AND INFORMATION INTEGRITY
18.9.5.4 Ensure 'Turn On Virtualization Based Security: Require UEFI Memory Attributes Table' is set to 'True (checked)'	CIS Microsoft Windows Server 2016 STIG v3.0.0 NG MS	Windows	SYSTEM AND INFORMATION INTEGRITY
18.9.5.6 Ensure 'Turn On Virtualization Based Security: Credential Guard Configuration' is set to 'Disabled' (DC Only)	CIS Microsoft Windows Server 2022 STIG v2.0.0 NG DC	Windows	SYSTEM AND INFORMATION INTEGRITY
18.9.13.1 (L1) Ensure 'Boot-Start Driver Initialization Policy' is set to 'Enabled: Good, unknown and bad but critical'	CIS Microsoft Windows Server 2025 v1.0.0 L1 MS	Windows	SYSTEM AND INFORMATION INTEGRITY
18.9.13.1 Ensure 'Boot-Start Driver Initialization Policy' is set to 'Enabled: Good, unknown and bad but critical'	CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Domain Controller	Windows	SYSTEM AND INFORMATION INTEGRITY
18.9.31.2 Ensure 'Turn off Data Execution Prevention for Explorer' is set to 'Disabled'	CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC	Windows	SYSTEM AND INFORMATION INTEGRITY
18.9.47.5.1.2 Ensure 'Configure Attack Surface Reduction rules: Set the state for each ASR rule' is configured - 5beb7efe-fd9a-4556-801d-275e5ffc04cc	CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS	Windows	SYSTEM AND INFORMATION INTEGRITY
18.9.47.5.1.2 Ensure 'Configure Attack Surface Reduction rules: Set the state for each ASR rule' is configured - 9e6c4e1f-7d60-472f-ba1a-a39ef669e4b2	CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC	Windows	SYSTEM AND INFORMATION INTEGRITY
18.9.47.5.1.2 Ensure 'Configure Attack Surface Reduction rules: Set the state for each ASR rule' is configured - 92e97fa1-2edf-4476-bdd6-9dd0b4dddc7b	CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC	Windows	SYSTEM AND INFORMATION INTEGRITY
18.9.47.5.1.2 Ensure 'Configure Attack Surface Reduction rules: Set the state for each ASR rule' is configured - 7674ba52-37eb-4a4f-a9a1-f0f9a1619a2c	CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC	Windows	SYSTEM AND INFORMATION INTEGRITY
18.9.47.5.1.2 Ensure 'Configure Attack Surface Reduction rules: Set the state for each ASR rule' is configured - 75668c1f-73b5-4cf0-bb93-3ecf5cb7cc84	CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS	Windows	SYSTEM AND INFORMATION INTEGRITY
18.9.47.5.1.2 Ensure 'Configure Attack Surface Reduction rules: Set the state for each ASR rule' is configured - be9ba2d9-53ea-4cdc-84e5-9b1eeee46550	CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS	Windows	SYSTEM AND INFORMATION INTEGRITY
18.9.47.5.1.2 Ensure 'Configure Attack Surface Reduction rules: Set the state for each ASR rule' is configured - d4f940ab-401b-4efc-aadc-ad5f3c50688a	CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS	Windows	SYSTEM AND INFORMATION INTEGRITY
18.9.85.1.1 (L1) Ensure 'Configure Windows Defender SmartScreen' is set to 'Enabled: Warn and prevent bypass'	CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DC	Windows	SYSTEM AND INFORMATION INTEGRITY
18.9.85.1.1 (L1) Ensure 'Configure Windows Defender SmartScreen' is set to 'Enabled: Warn and prevent bypass'	CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MS	Windows	SYSTEM AND INFORMATION INTEGRITY
18.9.105.2.1 (L1) Ensure 'Prevent users from modifying settings' is set to 'Enabled'	CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MS	Windows	SYSTEM AND INFORMATION INTEGRITY
18.9.105.2.1 Ensure 'Prevent users from modifying settings' is set to 'Enabled'	CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC	Windows	SYSTEM AND INFORMATION INTEGRITY
18.9.105.2.1 Ensure 'Prevent users from modifying settings' is set to 'Enabled'	CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS	Windows	SYSTEM AND INFORMATION INTEGRITY
18.10.28.2 Ensure 'Turn off Data Execution Prevention for Explorer' is set to 'Disabled'	CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 Domain Controller	Windows	SYSTEM AND INFORMATION INTEGRITY
18.10.28.2 Ensure 'Turn off Data Execution Prevention for Explorer' is set to 'Disabled'	CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Domain Controller	Windows	SYSTEM AND INFORMATION INTEGRITY
18.10.28.2 Ensure 'Turn off Data Execution Prevention for Explorer' is set to 'Disabled'	CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC	Windows	SYSTEM AND INFORMATION INTEGRITY
18.10.42.6.1.1 (L1) Ensure 'Configure Attack Surface Reduction rules' is set to 'Enabled'	CIS Microsoft Windows Server 2016 v3.0.0 L1 DC	Windows	SYSTEM AND INFORMATION INTEGRITY
18.10.42.6.1.1 Ensure 'Configure Attack Surface Reduction rules' is set to 'Enabled'	CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 Domain Controller	Windows	SYSTEM AND INFORMATION INTEGRITY
18.10.75.2.1 (L1) Ensure 'Configure Windows Defender SmartScreen' is set to 'Enabled: Warn and prevent bypass'	CIS Microsoft Windows Server 2019 Stand-alone v2.0.0 L1 MS	Windows	SYSTEM AND INFORMATION INTEGRITY
18.10.75.2.1 Ensure 'Configure Windows Defender SmartScreen' is set to 'Enabled: Warn and prevent bypass'	CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 Domain Controller	Windows	SYSTEM AND INFORMATION INTEGRITY
18.10.92.2.1 (L1) Ensure 'Prevent users from modifying settings' is set to 'Enabled'	CIS Microsoft Windows Server 2025 v1.0.0 L1 MS	Windows	SYSTEM AND INFORMATION INTEGRITY

Detections

Analytics

Item Search