Item Search

Name	Audit Name	Plugin	Category
1.1.2.4.1 Ensure separate partition exists for /var	CIS Amazon Linux 2 v3.0.0 L2	Unix	ACCESS CONTROL, MEDIA PROTECTION
2.2.38 (L1) Ensure 'Shut down the system' is set to 'Administrators, Users'	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
2.2.38 (L1) Ensure 'Shut down the system' is set to 'Administrators, Users'	CIS Microsoft Windows 10 Stand-alone v3.0.0 L1	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.38 (L1) Ensure 'Shut down the system' is set to 'Administrators, Users'	CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 NG	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.3.7.8 (L1) Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higher	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL
2.3.7.8 (L1) Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higher	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL
2.3.7.9 (L1) Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higher	CIS Windows Server 2012 DC L1 v3.0.0	Windows	ACCESS CONTROL
2.3.7.9 (L1) Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higher	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG	Windows	ACCESS CONTROL
2.3.7.9 (L1) Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higher	CIS Microsoft Windows Server 2022 v4.0.0 L1 DC	Windows	ACCESS CONTROL
2.3.7.9 (L1) Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higher	CIS Microsoft Windows Server 2019 v3.0.1 L1 DC	Windows	ACCESS CONTROL
2.3.7.9 Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higher	CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 MS	Windows	ACCESS CONTROL
2.3.7.10 Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or 'Force Logoff' (STIG DC & MS only)	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC	Windows	ACCESS CONTROL
2.3.7.10 Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or 'Force Logoff' (STIG DC & MS only)	CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC	Windows	ACCESS CONTROL
2.3.7.10 Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or 'Force Logoff' (STIG only)	CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS	Windows	ACCESS CONTROL
3.2.4 Ensure sctp kernel module is not available	CIS Amazon Linux 2 v3.0.0 L2	Unix	CONFIGURATION MANAGEMENT
4.1.2 Ensure auditd service is enabled	CIS Aliyun Linux 2 L2 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.4 Ensure events that modify date and time information are collected - adjtimex (32-bit)	CIS Aliyun Linux 2 L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.4 Ensure events that modify date and time information are collected - auditctl adjtimex	CIS Aliyun Linux 2 L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.5 Ensure events that modify user/group information are collected	CIS Aliyun Linux 2 L2 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.5 Ensure events that modify user/group information are collected - /etc/shadow	CIS Aliyun Linux 2 L2 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.5 Ensure events that modify user/group information are collected - auditctl /etc/gshadow	CIS Aliyun Linux 2 L2 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.5 Ensure events that modify user/group information are collected - auditctl /etc/passwd	CIS Aliyun Linux 2 L2 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.5 Ensure events that modify user/group information are collected - auditctl /etc/shadow	CIS Aliyun Linux 2 L2 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.6 Ensure events that modify the system's network environment are collected - /etc/hosts	CIS Aliyun Linux 2 L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.6 Ensure events that modify the system's network environment are collected - auditctl sethostname (32-bit)	CIS Aliyun Linux 2 L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.6 Ensure events that modify the system's network environment are collected - auditctl sethostname (64-bit)	CIS Aliyun Linux 2 L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.7 Ensure events that modify the system's Mandatory Access Controls are collected - /usr/share/selinux	CIS Aliyun Linux 2 L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.9 Ensure session initiation information is collected - /var/log/wtmp	CIS Aliyun Linux 2 L2 v1.0.0	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
4.1.17 Ensure kernel module loading and unloading is collected - init_module/delete_module (32-bit)	CIS Aliyun Linux 2 L2 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.17 Ensure kernel module loading and unloading is collected - init_module/delete_module (64-bit)	CIS Aliyun Linux 2 L2 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.17 Ensure kernel module loading and unloading is collected - modprobe	CIS Aliyun Linux 2 L2 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
5.2.3.5 Ensure events that modify the system's network environment are collected	CIS Amazon Linux 2 v3.0.0 L2	Unix	AUDIT AND ACCOUNTABILITY
5.2.3.20 Ensure the audit configuration is immutable	CIS Amazon Linux 2 v3.0.0 L2	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MEDIA PROTECTION
5.2.4.4 Ensure only authorized groups are assigned ownership of audit log files	CIS Amazon Linux 2 v3.0.0 L2	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.2.4.5 Ensure audit configuration files are 640 or more restrictive	CIS Amazon Linux 2 v3.0.0 L2	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.4 CIFS - 'ldap.security.level = 1 or 2'	TNS NetApp Data ONTAP 7G	NetApp	SYSTEM AND COMMUNICATIONS PROTECTION
6.1.14 Audit system file permissions	CIS Amazon Linux 2 v3.0.0 L2	Unix	ACCESS CONTROL, MEDIA PROTECTION
6.2.1 Set SSH Protocol to 2	CIS Red Hat Enterprise Linux 5 L1 v2.2.1	Unix	CONFIGURATION MANAGEMENT
18.7.2 (L1) Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled'	CIS Microsoft Windows Server 2025 v1.0.0 L1 MS	Windows	SYSTEM AND INFORMATION INTEGRITY
18.7.2 (L1) Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled'	CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL NG	Windows	SYSTEM AND INFORMATION INTEGRITY
18.7.2 (L1) Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled'	CIS Microsoft Windows Server 2016 v3.0.0 L1 MS	Windows	SYSTEM AND INFORMATION INTEGRITY
18.7.2 (L1) Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL	Windows	SYSTEM AND INFORMATION INTEGRITY
18.7.2 (L1) Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled'	CIS Microsoft Windows 11 Stand-alone v4.0.0 L1	Windows	SYSTEM AND INFORMATION INTEGRITY
18.7.2 (L1) Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled'	CIS Microsoft Windows 10 Stand-alone v3.0.0 L1	Windows	SYSTEM AND INFORMATION INTEGRITY
18.7.2 Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled'	CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 MS	Windows	SYSTEM AND INFORMATION INTEGRITY
CIS_MS_Windows_7_v3.2.0_Level_1.audit from CIS Microsoft Windows 7 Workstation Benchmark v3.2.0	CIS Windows 7 Workstation Level 1 v3.2.0	Windows
CIS_MS_Windows_7_v3.2.0_Level_2.audit from CIS Microsoft Windows 7 Workstation Benchmark v3.2.0	CIS Windows 7 Workstation Level 2 v3.2.0	Windows
CIS_MS_Windows_8.1_v2.4.1_Level_2.audit from CIS Microsoft Windows 8.1 Workstation Benchmark v2.4.1	CIS Microsoft Windows 8.1 v2.4.1 L2	Windows
SonicWALL - Flood Protection - Layer 2 - Threshold	TNS SonicWALL v5.9	SonicWALL	SYSTEM AND COMMUNICATIONS PROTECTION
WN10-00-000070 - Only accounts responsible for the administration of a system must have Administrator rights on the system.	DISA Microsoft Windows 10 STIG v3r4	Windows	ACCESS CONTROL

Detections

Analytics

Item Search