Item Search

Name	Audit Name	Plugin	Category
1.1.3.1.5 Set 'Accounts: Guest account status' to 'Disabled'	CIS Windows 8 L1 v1.0.0	Windows	ACCESS CONTROL
1.1.4.1 Configure 'Allow log on through Remote Desktop Services'	CIS Windows 8 L1 v1.0.0	Windows	ACCESS CONTROL
1.1.4.29 Set 'Deny log on as a batch job' to 'Guests'	CIS Windows 8 L1 v1.0.0	Windows	ACCESS CONTROL
1.1.4.35 Set 'Generate security audits' to 'Local Service, Network Service'	CIS Windows 8 L1 v1.0.0	Windows	ACCESS CONTROL
2.1 Ensure Only Necessary Authentication and Authorization Modules Are Enabled - 'LDAP'	CIS Apache HTTP Server 2.2 L2 v3.6.0	Unix	CONFIGURATION MANAGEMENT
2.1 Ensure that authentication is enabled for Cassandra databases	CIS Apache Cassandra 3.11 L1 Unix Audit v1.0.0	Unix	ACCESS CONTROL
2.2 Ensure that authorization is enabled for Cassandra databases	CIS Apache Cassandra 3.11 L1 Unix Audit v1.0.0	Unix	ACCESS CONTROL
2.2.17 Ensure 'Deny log on as a batch job' to include 'Guests'	CIS Windows 7 Workstation Level 1 v3.2.0	Windows	ACCESS CONTROL
2.2.17 Ensure 'Deny log on as a batch job' to include 'Guests'	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0	Windows	ACCESS CONTROL
2.2.19 Ensure 'Deny log on locally' to include 'Guests'	CIS Windows 7 Workstation Level 1 v3.2.0	Windows	ACCESS CONTROL
2.2.23 Ensure 'Generate security audits' is set to 'LOCAL SERVICE, NETWORK SERVICE'	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0	Windows	ACCESS CONTROL
2.3.1.4 Configure 'Accounts: Rename administrator account'	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0	Windows	ACCESS CONTROL
2.3.9.4 Ensure 'Microsoft network server: Disconnect clients when logon hours expire' is set to 'Enabled'	CIS Windows 7 Workstation Level 1 v3.2.0	Windows	ACCESS CONTROL
2.3.9.4 Ensure 'Microsoft network server: Disconnect clients when logon hours expire' is set to 'Enabled'	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0	Windows	ACCESS CONTROL
2.4.1 Ensure 'Allow simple value' is set to 'Disabled'	MobileIron - CIS Apple iOS 12 v1.0.0 End User Owned L1	MDM	IDENTIFICATION AND AUTHENTICATION
2.4.1 Ensure 'Allow simple value' is set to 'Disabled'	AirWatch - CIS Apple iOS 14 and iPadOS 14 v1.0.0 End User Owned L1	MDM	CONFIGURATION MANAGEMENT
3.4.1 Ensure 'Allow simple value' is set to 'Disabled'	MobileIron - CIS Apple iOS 11 v1.0.0 Institution Owned L1	MDM	IDENTIFICATION AND AUTHENTICATION
5.1.8 Ensure at/cron is restricted to authorized users - at.deny	CIS Distribution Independent Linux Server L1 v2.0.0	Unix	ACCESS CONTROL
5.2.6 Ensure SSH X11 forwarding is disabled	CIS Distribution Independent Linux Workstation L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
5.2.21 Ensure SSH AllowTcpForwarding is disabled	CIS Distribution Independent Linux Workstation L2 v2.0.0	Unix	SYSTEM AND INFORMATION INTEGRITY
5.4.1.2 Ensure minimum days between password changes is 7 or more - login.defs	CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0	Unix	IDENTIFICATION AND AUTHENTICATION
5.4.1.3 Ensure password expiration warning days is 7 or more - users	CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0	Unix	IDENTIFICATION AND AUTHENTICATION
6.2.1 Ensure password fields are not empty	CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0	Unix	IDENTIFICATION AND AUTHENTICATION
6.2.15 Ensure all groups in /etc/passwd exist in /etc/group	CIS CentOS 6 Server L1 v3.0.0	Unix	ACCESS CONTROL
6.2.16 Ensure no duplicate UIDs exist	CIS Distribution Independent Linux Workstation L1 v2.0.0	Unix	ACCESS CONTROL
6.2.17 Ensure no duplicate GIDs exist	CIS CentOS 6 Server L1 v3.0.0	Unix	ACCESS CONTROL
6.2.19 Ensure no duplicate group names exist	CIS Distribution Independent Linux Server L1 v2.0.0	Unix	ACCESS CONTROL
Accounts: Guest account status	MSCT Windows Server 2012 R2 MS v1.0.0	Windows	ACCESS CONTROL
Accounts: Guest account status	MSCT Windows Server 2019 MS v1.0.0	Windows	ACCESS CONTROL
Allow log on locally	MSCT Windows 10 1909 v1.0.0	Windows	ACCESS CONTROL
Allow log on locally	MSCT Windows 10 v2004 v1.0.0	Windows	ACCESS CONTROL
Allow log on locally	MSCT Windows Server v1909 MS v1.0.0	Windows	ACCESS CONTROL
Deny access to this computer from the network	MSCT Windows 10 v2004 v1.0.0	Windows	ACCESS CONTROL
Deny log on as a batch job	MSCT Windows Server 2012 R2 DC v1.0.0	Windows	ACCESS CONTROL
Deny log on as a batch job	MSCT Windows Server 2012 R2 MS v1.0.0	Windows	ACCESS CONTROL
Deny log on locally	MSCT Windows Server 2012 R2 MS v1.0.0	Windows	ACCESS CONTROL
Deny log on through Remote Desktop Services	MSCT Windows 10 v20H2 v1.0.0	Windows	ACCESS CONTROL
Domain member: Maximum machine account password age	MSCT Windows Server 2012 R2 DC v1.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
Domain member: Maximum machine account password age	MSCT Windows Server 2012 R2 MS v1.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
Domain member: Maximum machine account password age	MSCT Windows Server 2016 DC v1.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
Domain member: Maximum machine account password age	MSCT Windows Server 2019 DC v1.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
Generate security audits	MSCT Windows Server 2012 R2 MS v1.0.0	Windows	ACCESS CONTROL
Lock pages in memory	MSCT Windows 10 v21H2 v1.0.0	Windows	ACCESS CONTROL
Lock pages in memory	MSCT Windows Server 1903 MS v1.19.9	Windows	ACCESS CONTROL
Lock pages in memory	MSCT Windows Server v2004 DC v1.0.0	Windows	ACCESS CONTROL
Lock pages in memory	MSCT Windows Server v20H2 DC v1.0.0	Windows	ACCESS CONTROL
Modify an object label	MSCT Windows Server 2012 R2 DC v1.0.0	Windows	ACCESS CONTROL
Network access: Sharing and security model for local accounts	MSCT Windows Server 2012 R2 DC v1.0.0	Windows	CONFIGURATION MANAGEMENT
Network access: Sharing and security model for local accounts	MSCT Windows Server 2012 R2 MS v1.0.0	Windows	CONFIGURATION MANAGEMENT
Network security: Allow Local System to use computer identity for NTLM	MSCT Windows Server 2012 R2 MS v1.0.0	Windows	IDENTIFICATION AND AUTHENTICATION

Detections

Analytics

Item Search