Item Search

Name	Audit Name	Plugin	Category
2.1 Ensure that IP addresses are mapped to usernames - Zones	CIS Palo Alto Firewall 9 v1.1.0 L2	Palo_Alto	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.12.18 - Miscellaneous Config - unnecessary user and group removal - 'printq account has been removed'	CIS AIX 5.3/6.1 L2 v1.1.0	Unix	ACCESS CONTROL
3.5 Review Superuser/Admin Roles - dbAdminAnyDatabase	CIS MongoDB 4 L2 DB v1.0.0	MongoDB	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
3.5 Review Superuser/Admin Roles - dbOwner	CIS MongoDB 4 L2 DB v1.0.0	MongoDB	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
3.5 Review Superuser/Admin Roles - hostManager	CIS MongoDB 4 L2 DB v1.0.0	MongoDB	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
3.5 Review Superuser/Admin Roles - readWriteAnyDatabase	CIS MongoDB 4 L2 DB v1.0.0	MongoDB	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
8.1 Block system accounts	CIS FreeBSD v1.0.5	Unix	ACCESS CONTROL
14.12 Screening router - 'Implement to restrict access to database host'	CIS v1.1.0 Oracle 11g OS L2	Unix	ACCESS CONTROL
18.2.1 (L1) Ensure LAPS AdmPwd GPO Extension / CSE is installed (MS only)	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION
18.2.3 (L1) Ensure 'Enable Local Admin Password Management' is set to 'Enabled' (MS only)	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION
18.3.1 (L1) Ensure LAPS AdmPwd GPO Extension / CSE is installed (MS only)	CIS Windows Server 2012 R2 MS L1 v3.0.0	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION
18.3.1 (L1) Ensure LAPS AdmPwd GPO Extension / CSE is installed (MS only)	CIS Microsoft Windows Server 2016 v3.0.0 L1 MS	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION
18.3.3 (L1) Ensure 'Enable Local Admin Password Management' is set to 'Enabled' (MS only)	CIS Microsoft Windows Server 2016 v3.0.0 L1 MS	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION
18.3.3 Ensure 'Enable Local Admin Password Management' is set to 'Enabled' (MS only)	CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 MS	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION
Access Credential Manager as a trusted caller	MSCT Windows Server 2019 MS v1.0.0	Windows	ACCESS CONTROL
Access this computer from the network	MSCT Windows Server 2016 DC v1.0.0	Windows	ACCESS CONTROL
Access this computer from the network	MSCT Windows Server 2019 MS v1.0.0	Windows	ACCESS CONTROL
Access this computer from the network	MSCT Windows Server v20H2 DC v1.0.0	Windows	ACCESS CONTROL
Act as part of the operating system	MSCT Windows Server 2012 R2 MS v1.0.0	Windows	ACCESS CONTROL
Allow log on locally	MSCT Windows Server 2019 DC v1.0.0	Windows	ACCESS CONTROL
Back up files and directories	MSCT Windows Server 2019 MS v1.0.0	Windows	ACCESS CONTROL
Backup files and directories	MSCT Windows Server 2012 R2 MS v1.0.0	Windows	ACCESS CONTROL
Backup files and directories	MSCT Windows Server 2016 DC v1.0.0	Windows	ACCESS CONTROL
Change the time zone	MSCT Windows Server 2012 R2 MS v1.0.0	Windows	ACCESS CONTROL
Create a token object	MSCT Windows Server 2019 DC v1.0.0	Windows	ACCESS CONTROL
Create global objects	MSCT Windows Server 2012 R2 MS v1.0.0	Windows	ACCESS CONTROL
Create global objects	MSCT Windows Server 2019 MS v1.0.0	Windows	ACCESS CONTROL
Create permanent shared objects	MSCT Windows Server 2016 MS v1.0.0	Windows	ACCESS CONTROL
Debug programs	MSCT Windows Server 2019 MS v1.0.0	Windows	ACCESS CONTROL
Deny access to this computer from the network	MSCT Windows Server 2019 MS v1.0.0	Windows	ACCESS CONTROL
Deny log on locally	MSCT Windows Server 2016 DC v1.0.0	Windows	ACCESS CONTROL
Deny log on through Remote Desktop Services	MSCT Windows Server 2016 DC v1.0.0	Windows	ACCESS CONTROL
Deny log on through Remote Desktop Services	MSCT Windows Server 2016 MS v1.0.0	Windows	ACCESS CONTROL
Enable computer and user accounts to be trusted for delegation	MSCT Windows Server 2019 MS v1.0.0	Windows	ACCESS CONTROL
Force shutdown from a remote system	MSCT Windows Server 2012 R2 MS v1.0.0	Windows	ACCESS CONTROL
Force shutdown from a remote system	MSCT Windows Server 2019 DC v1.0.0	Windows	ACCESS CONTROL
Force shutdown from a remote system	MSCT Windows Server 2019 MS v1.0.0	Windows	ACCESS CONTROL
Generate security audits	MSCT Windows Server 2012 R2 DC v1.0.0	Windows	ACCESS CONTROL
Generate security audits	MSCT Windows Server 2016 MS v1.0.0	Windows	ACCESS CONTROL
Impersonate a client after authentication	MSCT Windows Server 2012 R2 DC v1.0.0	Windows	ACCESS CONTROL
Impersonate a client after authentication	MSCT Windows Server 2016 DC v1.0.0	Windows	ACCESS CONTROL
Increase scheduling priority	MSCT Windows Server 2016 DC v1.0.0	Windows	ACCESS CONTROL
Load and unload device drivers	MSCT Windows Server 2012 R2 MS v1.0.0	Windows	ACCESS CONTROL
Load and unload device drivers	MSCT Windows Server 2019 DC v1.0.0	Windows	ACCESS CONTROL
Manage auditing and security log	MSCT Windows Server 2016 MS v1.0.0	Windows	ACCESS CONTROL
Perform volume maintenance tasks	MSCT Windows Server 2019 DC v1.0.0	Windows	ACCESS CONTROL
Restore files and directories	MSCT Windows Server 2019 DC v1.0.0	Windows	ACCESS CONTROL
Take ownership of files or other objects	MSCT Windows Server 2016 DC v1.0.0	Windows	ACCESS CONTROL
Take ownership of files or other objects	MSCT Windows Server 2016 MS v1.0.0	Windows	ACCESS CONTROL
Take ownership of files or other objects	MSCT Windows Server 2019 MS v1.0.0	Windows	ACCESS CONTROL

Detections

Analytics

Item Search