Detections
Analytics

Item Search

NameAudit NamePluginCategory
Access Credential Manager as a trusted callerMSCT Windows 10 v2004 v1.0.0Windows

ACCESS CONTROL

Access data sources across domains - Internet ZoneMSCT Windows 10 v2004 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Allow indexing of encrypted filesMSCT Windows 10 v2004 v1.0.0Windows

CONFIGURATION MANAGEMENT

Allow loading of XAML files - Restricted Sites ZoneMSCT Windows 10 v2004 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Allow META REFRESHMSCT Windows 10 v2004 v1.0.0Windows

CONFIGURATION MANAGEMENT

Allow only approved domains to use ActiveX controls without prompt - Internet ZoneMSCT Windows 10 v2004 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Allow script-initiated windows without size or position constraints - Restricted Sites ZoneMSCT Windows 10 v2004 v1.0.0Windows

CONFIGURATION MANAGEMENT

Allow scriptlets - Internet ZoneMSCT Windows 10 v2004 v1.0.0Windows

CONFIGURATION MANAGEMENT

Audit Credential ValidationMSCT Windows 10 v2004 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit MPSSVC Rule-Level Policy ChangeMSCT Windows 10 v2004 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Other Logon/Logoff EventsMSCT Windows 10 v2004 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Security State ChangeMSCT Windows 10 v2004 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit User Account ManagementMSCT Windows 10 v2004 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settingsMSCT Windows 10 v2004 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Automatic prompting for file downloads - Restricted Sites ZoneMSCT Windows 10 v2004 v1.0.0Windows

CONFIGURATION MANAGEMENT

Boot-Start Driver Initialization PolicyMSCT Windows 10 v2004 v1.0.0Windows

SYSTEM AND INFORMATION INTEGRITY

Check for signatures on downloaded programsMSCT Windows 10 v2004 v1.0.0Windows

CONFIGURATION MANAGEMENT

Configure Attack Surface Reduction rules - 7674ba52-37eb-4a4f-a9a1-f0f9a1619a2cMSCT Windows 10 v2004 v1.0.0Windows

SYSTEM AND INFORMATION INTEGRITY

Configure detection for potentially unwanted applicationsMSCT Windows 10 v2004 v1.0.0Windows

CONFIGURATION MANAGEMENT

Deny write access to removable drives not protected by BitLocker - RDVDenyWriteAccessMSCT Windows 10 v2004 v1.0.0Windows

MEDIA PROTECTION, SYSTEM AND COMMUNICATIONS PROTECTION

Do not allow ActiveX controls to run in Protected Mode when Enhanced Protected Mode is enabledMSCT Windows 10 v2004 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Domain member: Digitally encrypt or sign secure channel data (always)MSCT Windows 10 v2004 v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

Domain member: Digitally sign secure channel data (when possible)MSCT Windows 10 v2004 v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

Don't run antimalware programs against ActiveX controls - Internet ZoneMSCT Windows 10 v2004 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Enable dragging of content from different domains within a window - Restricted Sites ZoneMSCT Windows 10 v2004 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Enable local admin password managementMSCT Windows 10 v2004 v1.0.0Windows

ACCESS CONTROL

Enumerate local users on domain-joined computersMSCT Windows 10 v2004 v1.0.0Windows

ACCESS CONTROL

Initialize and script ActiveX controls not marked as safe - Restricted Sites ZoneMSCT Windows 10 v2004 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Interactive logon: Machine account lockout thresholdMSCT Windows 10 v2004 v1.0.0Windows

ACCESS CONTROL

Internet Explorer Processes - FEATURE_DISABLE_MK_PROTOCOL - iexplore.exeMSCT Windows 10 v2004 v1.0.0Windows

CONFIGURATION MANAGEMENT

Internet Explorer Processes - FEATURE_MIME_SNIFFING - (Reserved)MSCT Windows 10 v2004 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Internet Explorer Processes - FEATURE_MIME_SNIFFING - iexplore.exeMSCT Windows 10 v2004 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Internet Explorer Processes - FEATURE_RESTRICT_ACTIVEXINSTALL - iexplore.exeMSCT Windows 10 v2004 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Internet Explorer Processes - FEATURE_SECURITYBAND - (Reserved)MSCT Windows 10 v2004 v1.0.0Windows

CONFIGURATION MANAGEMENT

Internet Explorer Processes - FEATURE_SECURITYBAND - iexplore.exeMSCT Windows 10 v2004 v1.0.0Windows

CONFIGURATION MANAGEMENT

Java permissions - Internet ZoneMSCT Windows 10 v2004 v1.0.0Windows

CONFIGURATION MANAGEMENT

Java permissions - Local Machine ZoneMSCT Windows 10 v2004 v1.0.0Windows

CONFIGURATION MANAGEMENT

Java permissions - Locked-Down Restricted Sites ZoneMSCT Windows 10 v2004 v1.0.0Windows

CONFIGURATION MANAGEMENT

Load and unload device driversMSCT Windows 10 v2004 v1.0.0Windows

ACCESS CONTROL

Logon options - Restricted Sites ZoneMSCT Windows 10 v2004 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Manage auditing and security logMSCT Windows 10 v2004 v1.0.0Windows

ACCESS CONTROL

Modify firmware environment valuesMSCT Windows 10 v2004 v1.0.0Windows

ACCESS CONTROL

MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routesMSCT Windows 10 v2004 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Navigate windows and frames across different domains - Internet ZoneMSCT Windows 10 v2004 v1.0.0Windows

ACCESS CONTROL

Navigate windows and frames across different domains - Restricted Sites ZoneMSCT Windows 10 v2004 v1.0.0Windows

ACCESS CONTROL

Network access: Allow anonymous SID/Name translationMSCT Windows 10 v2004 v1.0.0Windows

ACCESS CONTROL

Network access: Do not allow anonymous enumeration of SAM accountsMSCT Windows 10 v2004 v1.0.0Windows

ACCESS CONTROL

User Account Control: Detect application installations and prompt for elevationMSCT Windows Server v20H2 MS v1.0.0Windows

ACCESS CONTROL

Userdata persistence - Internet ZoneMSCT Windows Server v20H2 MS v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Windows Defender Firewall: Protect all network connectionsMSCT Windows Server v20H2 MS v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION