Detections
Analytics

Item Search

NameAudit NamePluginCategory
Access Credential Manager as a trusted callerMSCT Windows 10 v20H2 v1.0.0Windows

ACCESS CONTROL

Access data sources across domains - Internet ZoneMSCT Windows 10 v20H2 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Allow Basic authentication - Client - AllowBasicMSCT Windows 10 v20H2 v1.0.0Windows

ACCESS CONTROL

Allow binary and script behaviorsMSCT Windows 10 v20H2 v1.0.0Windows

CONFIGURATION MANAGEMENT

Allow cut, copy or paste operations from the clipboard via script - Internet ZoneMSCT Windows 10 v20H2 v1.0.0Windows

CONFIGURATION MANAGEMENT

Allow drag and drop or copy and paste files - Internet ZoneMSCT Windows 10 v20H2 v1.0.0Windows

CONFIGURATION MANAGEMENT

Allow enhanced PINs for startupMSCT Windows 10 v20H2 v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Allow only approved domains to use the TDC ActiveX control - Restricted Sites ZoneMSCT Windows 10 v20H2 v1.0.0Windows

CONFIGURATION MANAGEMENT

Allow scripting of Internet Explorer WebBrowser controls - Restricted Sites ZoneMSCT Windows 10 v20H2 v1.0.0Windows

CONFIGURATION MANAGEMENT

Always install with elevated privilegesMSCT Windows 10 v20H2 v1.0.0Windows

ACCESS CONTROL

Apply UAC restrictions to local accounts on network logonsMSCT Windows 10 v20H2 v1.0.0Windows

ACCESS CONTROL

Audit Sensitive Privilege UseMSCT Windows 10 v20H2 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settingsMSCT Windows 10 v20H2 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Boot-Start Driver Initialization PolicyMSCT Windows 10 v20H2 v1.0.0Windows

SYSTEM AND INFORMATION INTEGRITY

Configure Attack Surface Reduction rules - 7674ba52-37eb-4a4f-a9a1-f0f9a1619a2cMSCT Windows 10 v20H2 v1.0.0Windows

SYSTEM AND INFORMATION INTEGRITY

Configure Attack Surface Reduction rules - 75668c1f-73b5-4cf0-bb93-3ecf5cb7cc84MSCT Windows 10 v20H2 v1.0.0Windows

SYSTEM AND INFORMATION INTEGRITY

Configure Attack Surface Reduction rules - d4f940ab-401b-4efc-aadc-ad5f3c50688aMSCT Windows 10 v20H2 v1.0.0Windows

SYSTEM AND INFORMATION INTEGRITY

Configure Attack Surface Reduction rules - e6db77e5-3df2-4cf1-b95a-636979351e5bMSCT Windows 10 v20H2 v1.0.0Windows

SYSTEM AND INFORMATION INTEGRITY

Configure registry policy processing - NoBackgroundPolicyMSCT Windows 10 v20H2 v1.0.0Windows

CONFIGURATION MANAGEMENT

Configure SMB v1 serverMSCT Windows 10 v20H2 v1.0.0Windows

CONFIGURATION MANAGEMENT

Configure Solicited Remote Assistance - MaxTicketExpiryMSCT Windows 10 v20H2 v1.0.0Windows

CONFIGURATION MANAGEMENT

Configure the 'Block at First Sight' featureMSCT Windows 10 v20H2 v1.0.0Windows

SYSTEM AND INFORMATION INTEGRITY

Create global objectsMSCT Windows 10 v20H2 v1.0.0Windows

ACCESS CONTROL

Disallow Autoplay for non-volume devicesMSCT Windows 10 v20H2 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Enable dragging of content from different domains within a window - Internet ZoneMSCT Windows 10 v20H2 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Enable dragging of content from different domains within a window - Restricted Sites ZoneMSCT Windows 10 v20H2 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Enable insecure guest logonsMSCT Windows 10 v20H2 v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

Enforce password historyMSCT Windows 10 v20H2 v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

Initialize and script ActiveX controls not marked as safe - Restricted Sites ZoneMSCT Windows 10 v20H2 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Interactive logon: Machine account lockout thresholdMSCT Windows 10 v20H2 v1.0.0Windows

ACCESS CONTROL

Interactive logon: Machine inactivity limitMSCT Windows 10 v20H2 v1.0.0Windows

ACCESS CONTROL

Internet Explorer Processes - FEATURE_DISABLE_MK_PROTOCOL - iexplore.exeMSCT Windows 10 v20H2 v1.0.0Windows

CONFIGURATION MANAGEMENT

Internet Explorer Processes - FEATURE_SECURITYBAND - (Reserved)MSCT Windows 10 v20H2 v1.0.0Windows

CONFIGURATION MANAGEMENT

Internet Explorer Processes - FEATURE_ZONE_ELEVATION - iexplore.exeMSCT Windows 10 v20H2 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Java permissions - Intranet ZoneMSCT Windows 10 v20H2 v1.0.0Windows

CONFIGURATION MANAGEMENT

Java permissions - Restricted Sites ZoneMSCT Windows 10 v20H2 v1.0.0Windows

CONFIGURATION MANAGEMENT

Logon options - Internet ZoneMSCT Windows 10 v20H2 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Network access: Restrict clients allowed to make remote calls to SAMMSCT Windows 10 v20H2 v1.0.0Windows

ACCESS CONTROL

Network security: Allow LocalSystem NULL session fallbackMSCT Windows 10 v20H2 v1.0.0Windows

ACCESS CONTROL

Prevent certificate error overridesMSCT Windows 10 v20H2 v1.0.0Windows

CONFIGURATION MANAGEMENT

Prevent enabling lock screen slide showMSCT Windows 10 v20H2 v1.0.0Windows

CONFIGURATION MANAGEMENT

Profile single processMSCT Windows 10 v20H2 v1.0.0Windows

ACCESS CONTROL

Prohibit connection to non-domain networks when connected to domain authenticated networkMSCT Windows 10 v20H2 v1.0.0Windows

ACCESS CONTROL

Relax minimum password length limitsMSCT Windows 10 v20H2 v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

Reset account lockout counter afterMSCT Windows 10 v20H2 v1.0.0Windows

ACCESS CONTROL

Restore files and directoriesMSCT Windows 10 v20H2 v1.0.0Windows

ACCESS CONTROL

Scan all downloaded files and attachmentsMSCT Windows 10 v20H2 v1.0.0Windows

SYSTEM AND INFORMATION INTEGRITY

User Account Control: Behavior of the elevation prompt for administrators in Admin Approval ModeMSCT Windows 10 v2004 v1.0.0Windows

ACCESS CONTROL

User Account Control: Virtualize file and registry write failures to per-user locationsMSCT Windows 10 v2004 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Windows Defender Firewall: Protect all network connectionsMSCT Windows 10 v2004 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION