Detections
Analytics

Item Search

NameAudit NamePluginCategory
2.3.7.1 (L1) Ensure 'Interactive logon: Do not require CTRL+ALT+DEL' is set to 'Disabled'CIS Microsoft Windows Server 2025 v1.0.0 L1 DCWindows

ACCESS CONTROL

2.3.7.1 (L1) Ensure 'Interactive logon: Do not require CTRL+ALT+DEL' is set to 'Disabled'CIS Microsoft Windows Server 2022 Stand-alone v1.0.0 L1 MSWindows

ACCESS CONTROL

2.3.7.1 (L1) Ensure 'Interactive logon: Do not require CTRL+ALT+DEL' is set to 'Disabled'CIS Microsoft Windows Server 2019 v4.0.0 L1 MSWindows

ACCESS CONTROL

2.3.7.1 Ensure 'Interactive logon: Do not require CTRL+ALT+DEL' is set to 'Disabled'CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 DCWindows

ACCESS CONTROL

2.3.7.2 (L1) Ensure 'Interactive logon: Do not require CTRL+ALT+DEL' is set to 'Disabled'CIS Microsoft Windows Server 2016 v3.0.0 L1 DCWindows

ACCESS CONTROL

2.3.7.2 (L1) Ensure 'Interactive logon: Do not require CTRL+ALT+DEL' is set to 'Disabled'CIS Microsoft Windows Server 2016 v3.0.0 L1 MSWindows

ACCESS CONTROL

2.3.7.3 (BL) Ensure 'Interactive logon: Machine account lockout threshold' is set to '10 or fewer invalid logon attempts, but not 0'CIS Microsoft Windows 10 Enterprise v4.0.0 BLWindows

ACCESS CONTROL

2.3.7.3 (BL) Ensure 'Interactive logon: Machine account lockout threshold' is set to '10 or fewer invalid logon attempts, but not 0'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NGWindows

ACCESS CONTROL

2.3.7.3 (BL) Ensure 'Interactive logon: Machine account lockout threshold' is set to '10 or fewer invalid logon attempts, but not 0'CIS Microsoft Windows 11 Stand-alone v4.0.0 BLWindows

ACCESS CONTROL

2.3.7.3 (BL) Ensure 'Interactive logon: Machine account lockout threshold' is set to '10 or fewer invalid logon attempts, but not 0'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BLWindows

ACCESS CONTROL

18.8.34.6.1 (BL) Ensure 'Allow standby states (S1-S3) when sleeping (on battery)' is set to 'Disabled'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

ACCESS CONTROL

18.8.34.6.2 (BL) Ensure 'Allow standby states (S1-S3) when sleeping (plugged in)' is set to 'Disabled'CIS Microsoft Windows 8.1 v2.4.1 L2 BitlockerWindows

ACCESS CONTROL

18.8.34.6.2 (BL) Ensure 'Allow standby states (S1-S3) when sleeping (plugged in)' is set to 'Disabled'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

ACCESS CONTROL

18.9.11.1.1 (BL) Ensure 'Allow access to BitLocker-protected fixed data drives from earlier versions of Windows' is set to 'Disabled'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

ACCESS CONTROL

18.9.11.1.1 (BL) Ensure 'Allow access to BitLocker-protected fixed data drives from earlier versions of Windows' is set to 'Disabled'CIS Microsoft Windows 8.1 v2.4.1 L2 BitlockerWindows

ACCESS CONTROL

18.9.11.1.10 (BL) Ensure 'Configure use of hardware-based encryption for fixed data drives' is set to 'Enabled'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

ACCESS CONTROL

18.9.11.1.10 (BL) Ensure 'Configure use of hardware-based encryption for fixed data drives' is set to 'Enabled'CIS Microsoft Windows 8.1 v2.4.1 L2 BitlockerWindows

ACCESS CONTROL

18.9.11.1.11 (BL) Ensure 'Configure use of hardware-based encryption for fixed data drives: Use BitLocker software-based encryption when hardware encryption is not available' is set to 'Enabled: True'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

ACCESS CONTROL

18.9.11.1.12 (BL) Ensure 'Configure use of hardware-based encryption for fixed data drives: Restrict encryption algorithms and cipher suites allowed for hardware-based encryption' is set to 'Enabled: False'CIS Microsoft Windows 8.1 v2.4.1 L2 BitlockerWindows

ACCESS CONTROL

18.9.11.1.12 (BL) Ensure 'Configure use of hardware-based encryption for fixed data drives: Restrict encryption algorithms and cipher suites allowed for hardware-based encryption' is set to 'Enabled: False'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

ACCESS CONTROL

18.9.11.1.13 (BL) Ensure 'Configure use of hardware-based encryption for fixed data drives: Restrict crypto algorithms or cipher suites to the following:' is set to 'Enabled: 2.16.840.1.101.3.4.1.2;2.16.840.1.101.3.4.1.42'CIS Microsoft Windows 8.1 v2.4.1 L2 BitlockerWindows

ACCESS CONTROL

18.9.11.1.13 (BL) Ensure 'Configure use of hardware-based encryption for fixed data drives: Restrict crypto algorithms or cipher suites to the following:' is set to 'Enabled: 2.16.840.1.101.3.4.1.2;2.16.840.1.101.3.4.1.42'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

ACCESS CONTROL

18.9.11.2.12 (BL) Ensure 'Configure use of hardware-based encryption for operating system drives' is set to 'Enabled'CIS Microsoft Windows 8.1 v2.4.1 L2 BitlockerWindows

ACCESS CONTROL

18.9.11.2.13 (BL) Ensure 'Configure use of hardware-based encryption for operating system drives: Use BitLocker software-based encryption when hardware encryption is not available' is set to 'Enabled: True'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

ACCESS CONTROL

18.9.11.2.14 (BL) Ensure 'Configure use of hardware-based encryption for operating system drives: Restrict encryption algorithms and cipher suites allowed for hardware-based encryption' is set to 'Enabled: False'CIS Microsoft Windows 8.1 v2.4.1 L2 BitlockerWindows

ACCESS CONTROL

18.9.11.2.15 (BL) Ensure 'Configure use of hardware-based encryption for operating system drives: Restrict crypto algorithms or cipher suites to the following:' is set to 'Enabled: 2.16.840.1.101.3.4.1.2;2.16.840.1.101.3.4.1.42'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

ACCESS CONTROL

18.9.11.3.10 (BL) Ensure 'Configure use of hardware-based encryption for removable data drives' is set to 'Enabled'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

ACCESS CONTROL

18.9.11.3.10 (BL) Ensure 'Configure use of hardware-based encryption for removable data drives' is set to 'Enabled'CIS Microsoft Windows 8.1 v2.4.1 L2 BitlockerWindows

ACCESS CONTROL

18.9.11.3.11 (BL) Ensure 'Configure use of hardware-based encryption for removable data drives: Use BitLocker software-based encryption when hardware encryption is not available' is set to 'Enabled: True'CIS Microsoft Windows 8.1 v2.4.1 L2 BitlockerWindows

ACCESS CONTROL

18.9.11.3.11 (BL) Ensure 'Configure use of hardware-based encryption for removable data drives: Use BitLocker software-based encryption when hardware encryption is not available' is set to 'Enabled: True'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

ACCESS CONTROL

18.9.11.3.12 (BL) Ensure 'Configure use of hardware-based encryption for removable data drives: Restrict encryption algorithms and cipher suites allowed for hardware-based encryption' is set to 'Enabled: False'CIS Microsoft Windows 8.1 v2.4.1 L2 BitlockerWindows

ACCESS CONTROL

18.9.11.3.12 (BL) Ensure 'Configure use of hardware-based encryption for removable data drives: Restrict encryption algorithms and cipher suites allowed for hardware-based encryption' is set to 'Enabled: False'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

ACCESS CONTROL

18.9.11.3.13 (BL) Ensure 'Configure use of hardware-based encryption for removable data drives: Restrict crypto algorithms or cipher suites to the following:' is set to 'Enabled: 2.16.840.1.101.3.4.1.2;2.16.840.1.101.3.4.1.42'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

ACCESS CONTROL

18.9.11.3.13 (BL) Ensure 'Configure use of hardware-based encryption for removable data drives: Restrict crypto algorithms or cipher suites to the following:' is set to 'Enabled: 2.16.840.1.101.3.4.1.2;2.16.840.1.101.3.4.1.42'CIS Microsoft Windows 8.1 v2.4.1 L2 BitlockerWindows

ACCESS CONTROL

Android Work Profile Device Configuration - Maximum minutes of inactivity until screen locksTenable Best Practices for Microsoft Intune Android v1.0microsoft_azure

ACCESS CONTROL

Android Work Profile Device Configuration - Work profile notifications while device lockedTenable Best Practices for Microsoft Intune Android v1.0microsoft_azure

ACCESS CONTROL, CONFIGURATION MANAGEMENT

iOS Device Management - AirDropTenable Best Practices for Microsoft Intune iOS v1.0microsoft_azure

ACCESS CONTROL, CONFIGURATION MANAGEMENT

iOS Device Management - CameraTenable Best Practices for Microsoft Intune iOS v1.0microsoft_azure

ACCESS CONTROL, CONFIGURATION MANAGEMENT

iOS Device Management - Changes to app cellular data usage settingsTenable Best Practices for Microsoft Intune iOS v1.0microsoft_azure

ACCESS CONTROL, CONFIGURATION MANAGEMENT

iOS Device Management - Game CenterTenable Best Practices for Microsoft Intune iOS v1.0microsoft_azure

ACCESS CONTROL, CONFIGURATION MANAGEMENT

iOS Device Management - Join Wi-Fi networks only using configuration profilesTenable Best Practices for Microsoft Intune iOS v1.0microsoft_azure

ACCESS CONTROL

iOS Device Management - Maximum minutes after screen lock before password is requiredTenable Best Practices for Microsoft Intune iOS v1.0microsoft_azure

ACCESS CONTROL

iOS Device Management - Passcode modificationTenable Best Practices for Microsoft Intune iOS v1.0microsoft_azure

ACCESS CONTROL, CONFIGURATION MANAGEMENT

iOS Device Management - PasswordTenable Best Practices for Microsoft Intune iOS v1.0microsoft_azure

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

iOS Device Management - Share usage dataTenable Best Practices for Microsoft Intune iOS v1.0microsoft_azure

ACCESS CONTROL, CONFIGURATION MANAGEMENT

iOS Device Management - Today view while device lockedTenable Best Practices for Microsoft Intune iOS v1.0microsoft_azure

ACCESS CONTROL, CONFIGURATION MANAGEMENT

iOS Device Management - Wallet notifications while device lockedTenable Best Practices for Microsoft Intune iOS v1.0microsoft_azure

ACCESS CONTROL, CONFIGURATION MANAGEMENT

macOS Compliance Policy - Maximum minutes of inactivity before password is requiredTenable Best Practices for Microsoft Intune macOS v1.0microsoft_azure

ACCESS CONTROL

macOS Device Management - Maximum minutes after screen lock before password is requiredTenable Best Practices for Microsoft Intune macOS v1.0microsoft_azure

ACCESS CONTROL

Windows Device Configuration - Removable storageTenable Best Practices for Microsoft Intune Windows v1.0microsoft_azure

ACCESS CONTROL, CONFIGURATION MANAGEMENT