Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.3.9.3 Set 'MSS: (AutoAdminLogon) Enable Automatic Logon (not recommended)' to 'Disabled'CIS Windows 8 L1 v1.0.0Windows

ACCESS CONTROL

1.2.3.2.1 Set 'Turn on PIN sign-in' to 'Disabled'CIS Windows 8 L1 v1.0.0Windows

ACCESS CONTROL

1.2.4.3.3 Set 'Enumerate administrator accounts on elevation' to 'Disabled'CIS Windows 8 L1 v1.0.0Windows

ACCESS CONTROL

1.4 Ensure only trusted users are allowed to control Docker daemonCIS Docker Community Edition v1.1.0 L1 Linux Host OSUnix

ACCESS CONTROL

2.3.17.4 Ensure 'User Account Control: Detect application installations and prompt for elevation' is set to 'Enabled'CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0Windows

ACCESS CONTROL

2.3.17.6 Ensure 'User Account Control: Run all administrators in Admin Approval Mode' is set to 'Enabled'CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0Windows

ACCESS CONTROL

3.1 Set a nondeterministic Shutdown command valueCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

ACCESS CONTROL

3.1.3 Require explicit authorization for catalogingCIS IBM DB2 v10 v1.1.0 Windows OS Level 1Windows

ACCESS CONTROL

3.1.3 Require explicit authorization for catalogingCIS IBM DB2 v10 v1.1.0 Linux OS Level 2Unix

ACCESS CONTROL

3.5 Review User-Defined RolesCIS MongoDB 3.2 Database Audit L2 v1.0.0MongoDB

ACCESS CONTROL

3.5 Review User-Defined RolesCIS MongoDB 3.4 Database Audit L2 v1.0.0MongoDB

ACCESS CONTROL

5.2.1 Minimize the admission of privileged containersCIS Red Hat OpenShift Container Platform v1.7.0 L1OpenShift

ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY

6.9 Restrict at/cron To Authorized Users - should pass if /etc/cron.d/at.allow permissions are OK.CIS Solaris 10 L1 v5.2Unix

ACCESS CONTROL

6.11 Ensure that 'Notify all admins when other admins reset their password?' is set to 'Yes'CIS Microsoft Azure Foundations v4.0.0 L1microsoft_azure

ACCESS CONTROL

7.1 Secure SYSADM authority - SYSADM GroupCIS IBM DB2 v10 v1.1.0 Linux OS Level 2Unix

ACCESS CONTROL

7.1 Secure SYSADM authority - SYSADM GroupCIS IBM DB2 v10 v1.1.0 Windows OS Level 2Windows

ACCESS CONTROL

7.2 Establish a system control groupCIS IBM DB2 9 Benchmark v3.0.1 Level 2 OS LinuxUnix

ACCESS CONTROL

7.2 Secure SYSCTRL authority - SYSCTRL GroupCIS IBM DB2 v10 v1.1.0 Linux OS Level 2Unix

ACCESS CONTROL

7.2 Secure SYSCTRL authority - SYSCTRL Group MembersCIS IBM DB2 v10 v1.1.0 Linux OS Level 2Unix

ACCESS CONTROL

7.3 Establish a system maintenance groupCIS IBM DB2 9 Benchmark v3.0.1 Level 1 OS LinuxUnix

ACCESS CONTROL

7.3 Establish a system maintenance groupCIS IBM DB2 9 Benchmark v3.0.1 Level 1 OS WindowsWindows

ACCESS CONTROL

7.3 Secure SYSMAINT AuthorityCIS IBM DB2 v10 v1.1.0 Linux OS Level 2Unix

ACCESS CONTROL

7.4 Secure SYSMON AuthorityCIS IBM DB2 v10 v1.1.0 Linux OS Level 2Unix

ACCESS CONTROL

9.5 Verify that no UID 0 accounts exist other than rootCIS Solaris 10 L1 v5.2Unix

ACCESS CONTROL

10.2 Restrict access to the web administration applicationCIS Apache Tomcat 8 L2 v1.1.0Unix

ACCESS CONTROL

10.14 Do not run applications as privilegedCIS Apache Tomcat 8 L1 v1.1.0 MiddlewareUnix

ACCESS CONTROL

19.6.6.1.1 Ensure 'Turn off Help Experience Improvement Program' is set to 'Enabled'CIS Windows 7 Workstation Level 2 v3.2.0Windows

ACCESS CONTROL

Allow user control over installsMSCT Windows 10 v2004 v1.0.0Windows

ACCESS CONTROL

Always install with elevated privilegesMSCT Windows 10 v2004 v1.0.0Windows

ACCESS CONTROL

Always install with elevated privilegesMSCT Windows 10 v20H2 v1.0.0Windows

ACCESS CONTROL

Apply UAC restrictions to local accounts on network logonsMSCT Windows 10 1903 v1.19.9Windows

ACCESS CONTROL

Apply UAC restrictions to local accounts on network logonsMSCT Windows 10 v20H2 v1.0.0Windows

ACCESS CONTROL

Configure Windows Defender SmartScreen - EnableSmartScreenMSCT Windows 10 1803 v1.0.0Windows

ACCESS CONTROL

Enable local admin password managementMSCT Windows 10 1903 v1.19.9Windows

ACCESS CONTROL

Ensure at/cron is restricted to authorized users - cron.allowTenable Cisco Firepower Management Center OS Best Practices AuditUnix

ACCESS CONTROL

Ensure noexec option set on /tmp partitionTenable Cisco Firepower Management Center OS Best Practices AuditUnix

ACCESS CONTROL

Ensure root is the only UID 0 accountTenable Cisco Firepower Management Center OS Best Practices AuditUnix

ACCESS CONTROL

Enumerate administrator accounts on elevationMSCT Windows 10 1803 v1.0.0Windows

ACCESS CONTROL

Network access: Do not allow anonymous enumeration of SAM accountsMSCT Windows 10 1903 v1.19.9Windows

ACCESS CONTROL

Network security: Allow LocalSystem NULL session fallbackMSCT Windows 10 v2004 v1.0.0Windows

ACCESS CONTROL

Network security: Allow LocalSystem NULL session fallbackMSCT Windows 10 v20H2 v1.0.0Windows

ACCESS CONTROL

OpenStack Identity - Disable admin token in /etc/keystone/keystone-paste.iniTNS OpenStack Keystone/Identity Security GuideUnix

ACCESS CONTROL

Turn off toast notifications on the lock screenMSCT Windows 10 v20H2 v1.0.0Windows

ACCESS CONTROL

Turn on PowerShell Script Block Logging - EnableScriptBlockLoggingMSCT Windows 10 1803 v1.0.0Windows

ACCESS CONTROL

Turn on PowerShell Script Block Logging - EnableScriptBlockLoggingMSCT Windows 10 1909 v1.0.0Windows

ACCESS CONTROL

User Account Control: Admin Approval Mode for the Built-in Administrator accountMSCT Windows 10 v20H2 v1.0.0Windows

ACCESS CONTROL

User Account Control: Behavior of the elevation prompt for administrators in Admin Approval ModeMSCT Windows 10 v2004 v1.0.0Windows

ACCESS CONTROL

User Account Control: Behavior of the elevation prompt for standard usersMSCT Windows 10 1909 v1.0.0Windows

ACCESS CONTROL

User Account Control: Detect application installations and prompt for elevationMSCT Windows 10 1909 v1.0.0Windows

ACCESS CONTROL

User Account Control: Run all administrators in Admin Approval ModeMSCT Windows 10 1803 v1.0.0Windows

ACCESS CONTROL