Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.55 WN19-AC-000080CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT IIWindows

IDENTIFICATION AND AUTHENTICATION

2.2 Ensure 'CLR Enabled' Server Configuration Option is set to '0'CIS Microsoft SQL Server 2019 v1.5.0 L1 Database EngineMS_SQLDB

CONFIGURATION MANAGEMENT

2.3 Ensure 'Cross DB Ownership Chaining' Server Configuration Option is set to '0'CIS SQL Server 2008 R2 DB Engine L1 v1.7.0MS_SQLDB

ACCESS CONTROL

2.5 Ensure 'Ole Automation Procedures' Server Configuration Option is set to '0'CIS Microsoft SQL Server 2019 v1.5.0 L1 Database EngineMS_SQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.8 Ensure 'Scan For Startup Procs' Server Configuration Option is set to '0'CIS Microsoft SQL Server 2019 v1.5.0 L1 Database EngineMS_SQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.11 Ensure SQL Server is configured to use non-standard portsCIS Microsoft SQL Server 2019 v1.5.0 L1 Database EngineMS_SQLDB

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.11 Ensure Unnecessary SQL Server Protocols are set to 'Disabled' - 'TCP/IP protocol is disabled'CIS SQL Server 2008 R2 DB OS L1 v1.7.0Windows

SYSTEM AND INFORMATION INTEGRITY

2.15 Ensure 'AUTO_CLOSE' is set to 'OFF' on contained databasesCIS Microsoft SQL Server 2019 v1.5.0 L1 Database EngineMS_SQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.17 Ensure 'clr strict security' Server Configuration Option is set to '1'CIS Microsoft SQL Server 2019 v1.5.0 L1 Database EngineMS_SQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

3.4 Ensure SQL Authentication is not used in contained databasesCIS Microsoft SQL Server 2019 v1.5.0 L1 Database EngineMS_SQLDB

ACCESS CONTROL

3.5 Ensure the SQL Server's MSSQL Service Account is Not an AdministratorCIS Microsoft SQL Server 2019 v1.5.0 L1 Database EngineMS_SQLDB

ACCESS CONTROL

3.6 Ensure the SQL Server's SQLAgent Service Account is Not an AdministratorCIS Microsoft SQL Server 2019 v1.5.0 L1 Database EngineMS_SQLDB

ACCESS CONTROL

3.7 Ensure the SQL Server's Full-Text Service Account is Not an AdministratorCIS Microsoft SQL Server 2019 v1.5.0 L1 Database EngineMS_SQLDB

ACCESS CONTROL

4.1 Ensure 'MUST_CHANGE' Option is set to 'ON' for All SQL Authenticated LoginsCIS Microsoft SQL Server 2019 v1.5.0 L1 Database EngineMS_SQLDB

IDENTIFICATION AND AUTHENTICATION

4.2 Ensure Example or Test Databases are Not Installed on Production ServersCIS Oracle MySQL Community Server 8.0 v1.2.0 L1 MySQL RDBMS on Linux MySQLDBMySQLDB

PLANNING, SYSTEM AND SERVICES ACQUISITION

4.2 Ensure Example or Test Databases are Not Installed on Production ServersCIS Oracle MySQL Enterprise Edition 8.0 v1.5.0 L1 MySQL RDBMS on Linux MySQLDBMySQLDB

PLANNING, SYSTEM AND SERVICES ACQUISITION

4.2 Ensure Example or Test Databases are Not Installed on Production ServersCIS MySQL 5.6 Community Database L1 v2.0.0MySQLDB

PLANNING, SYSTEM AND SERVICES ACQUISITION

4.2 Ensure Example or Test Databases are Not Installed on Production ServersCIS Oracle MySQL Community Server 8.4 v1.0.0 L1 DatabaseMySQLDB

PLANNING, SYSTEM AND SERVICES ACQUISITION

4.2 Ensure Example or Test Databases are Not Installed on Production ServersCIS MySQL 8.4 Enterprise v1.0.0 L1 DatabaseMySQLDB

PLANNING, SYSTEM AND SERVICES ACQUISITION

6.1 Ensure Database and Application User Input is SanitizedCIS SQL Server 2008 R2 DB Engine L1 v1.7.0MS_SQLDB

SYSTEM AND INFORMATION INTEGRITY

6.1 Ensure Database and Application User Input is SanitizedCIS SQL Server 2014 Database L1 DB v1.5.0MS_SQLDB

SYSTEM AND INFORMATION INTEGRITY

8.1 Ensure 'SQL Server Browser Service' is configured correctlyCIS Microsoft SQL Server 2019 v1.5.0 L1 Database EngineMS_SQLDB

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

SQL2-00-017500 - SQL Server must recover to a known state that is verifiable.DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

CONTINGENCY PLANNING

SQL4-00-022500 - SQL Server must check the validity of all data inputs except those specifically identified by the organization.DISA STIG SQL Server 2014 Database Audit v1r7MS_SQLDB

SYSTEM AND INFORMATION INTEGRITY

SQL4-00-035700 - SQL Server must produce Trace or Audit records when unsuccessful attempts to access security objects occur - Event ID 42DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-035700 - SQL Server must produce Trace or Audit records when unsuccessful attempts to access security objects occur - Event ID 43DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-035700 - SQL Server must produce Trace or Audit records when unsuccessful attempts to access security objects occur - Event ID 83DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-035700 - SQL Server must produce Trace or Audit records when unsuccessful attempts to access security objects occur - Event ID 86DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-035700 - SQL Server must produce Trace or Audit records when unsuccessful attempts to access security objects occur - Event ID 88DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-035700 - SQL Server must produce Trace or Audit records when unsuccessful attempts to access security objects occur - Event ID 89DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-036000 - SQL Server must generate Trace or Audit records when privileges/permissions are added - DATABASE_OBJECT_PERMISSION_CHANGE_GROUPDISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-036000 - SQL Server must generate Trace or Audit records when privileges/permissions are added - Event ID 89DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-036000 - SQL Server must generate Trace or Audit records when privileges/permissions are added - Event ID 90DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-036000 - SQL Server must generate Trace or Audit records when privileges/permissions are added - Event ID 109DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-036000 - SQL Server must generate Trace or Audit records when privileges/permissions are added - Event ID 110DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-036000 - SQL Server must generate Trace or Audit records when privileges/permissions are added - Event ID 177DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-036000 - SQL Server must generate Trace or Audit records when privileges/permissions are added - SERVER_OBJECT_PERMISSION_CHANGE_GROUPDISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-037000 - SQL Server must generate Trace or Audit records when unsuccessful attempts to delete privileges/permissions occur - Event ID 43DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-037000 - SQL Server must generate Trace or Audit records when unsuccessful attempts to delete privileges/permissions occur - Event ID 89DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-037000 - SQL Server must generate Trace or Audit records when unsuccessful attempts to delete privileges/permissions occur - Event ID 91DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-037000 - SQL Server must generate Trace or Audit records when unsuccessful attempts to delete privileges/permissions occur - Event ID 105DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-037000 - SQL Server must generate Trace or Audit records when unsuccessful attempts to delete privileges/permissions occur - Event ID 162DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-037000 - SQL Server must generate Trace or Audit records when unsuccessful attempts to delete privileges/permissions occur - SCHEMA_OBJECT_OWNERSHIP_CHANGE_GROUPDISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-037000 - SQL Server must generate Trace or Audit records when unsuccessful attempts to delete privileges/permissions occur - SERVER_OBJECT_PERMISSION_CHANGE_GROUPDISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-037000 - SQL Server must generate Trace or Audit records when unsuccessful attempts to delete privileges/permissions occur.DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-038100 - SQL Server must generate Trace or Audit records when successful accesses to designated objects occur - Event ID 84DISA STIG SQL Server 2014 Database Audit v1r7MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-038100 - SQL Server must generate Trace or Audit records when successful accesses to designated objects occur - Event ID 85DISA STIG SQL Server 2014 Database Audit v1r7MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-038100 - SQL Server must generate Trace or Audit records when successful accesses to designated objects occur - Event ID 162DISA STIG SQL Server 2014 Database Audit v1r7MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-038200 - SQL Server must generate Trace or Audit records when unsuccessful accesses to designated objects occur - Event ID 162DISA STIG SQL Server 2014 Database Audit v1r7MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-039100 - The SQL Server Browser service must be disabled if its use is not necessary..DISA STIG SQL Server 2014 Instance OS Audit v2r4Windows

CONFIGURATION MANAGEMENT