Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1 Ensure single sign-on (SSO) is configured for your account / organizationCIS Snowflake Foundations v1.0.0 L1Snowflake

ACCESS CONTROL

1.1.2 Enable 'aaa authentication login'CIS Cisco IOS 15 L1 v4.1.1Cisco

ACCESS CONTROL

1.1.7 Set 'aaa accounting connection'CIS Cisco IOS XE 16.x v2.1.0 L2Cisco

ACCESS CONTROL

1.3.1 Ensure sudo is installedCIS Debian Family Server L1 v1.0.0Unix

ACCESS CONTROL

1.3.1 Ensure sudo is installedCIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0Unix

ACCESS CONTROL

1.3.2 Ensure sudo commands use ptyCIS Debian Family Server L1 v1.0.0Unix

ACCESS CONTROL

1.3.2 Ensure sudo commands use ptyCIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0Unix

ACCESS CONTROL

1.4.2.1 Ensure 'TACACS+/RADIUS' is configured correctly - protocolCIS Cisco Firewall v8.x L1 v4.2.0Cisco

ACCESS CONTROL

1.4.3.3 Ensure 'aaa authentication secure-http-client' is configured correctlyCIS Cisco Firewall ASA 9 L1 v4.1.0Cisco

ACCESS CONTROL

2.1 Ensure that Remote Radius is used for Authentication OnlyCIS F5 Networks v1.0.0 L2F5

ACCESS CONTROL

2.2.5 (L1) Ensure 'Add workstations to domain' is set to 'Administrators' (DC only)CIS Windows Server 2012 DC L1 v3.0.0Windows

ACCESS CONTROL

2.3.1.1 (L1) Ensure 'Accounts: Block Microsoft accounts' is set to 'Users can't add or log on with Microsoft accounts'CIS Microsoft Windows Server 2016 v3.0.0 L1 MSWindows

ACCESS CONTROL

2.3.1.1 (L1) Ensure 'Accounts: Block Microsoft accounts' is set to 'Users can't add or log on with Microsoft accounts'CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1Windows

ACCESS CONTROL

2.3.9.4 (L1) Ensure 'Microsoft network server: Disconnect clients when logon hours expire' is set to 'Enabled'CIS Windows Server 2012 DC L1 v3.0.0Windows

ACCESS CONTROL

2.3.9.4 Ensure 'Microsoft network server: Disconnect clients when logon hours expire' is set to 'Enabled'CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Member ServerWindows

ACCESS CONTROL

2.3.11.6 (L1) Ensure 'Network security: Force logoff when logon hours expire' is set to 'Enabled'CIS Microsoft Windows Server 2016 v3.0.0 L1 DCWindows

ACCESS CONTROL

2.3.11.6 (L1) Ensure 'Network security: Force logoff when logon hours expire' is set to 'Enabled'CIS Microsoft Windows Server 2016 v3.0.0 L1 MSWindows

ACCESS CONTROL

2.3.11.6 (L1) Ensure 'Network security: Force logoff when logon hours expire' is set to 'Enabled'CIS Microsoft Windows Server 2025 v1.0.0 L1 MSWindows

ACCESS CONTROL

2.3.17.1 Ensure 'User Account Control: Admin Approval Mode for the Built-in Administrator account' is set to 'Enabled'CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 Domain ControllerWindows

ACCESS CONTROL

4.3 Ensure 'DBA_USERS.AUTHENTICATION_TYPE' Is Not Set to 'EXTERNAL' for Any UserCIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

ACCESS CONTROL

4.5 Ensure Active Directory is used for local user authenticationCIS VMware ESXi 6.7 v1.3.0 Level 1VMware

ACCESS CONTROL

5.1.5 Ensure that default service accounts are not actively used.CIS Kubernetes v1.20 Benchmark v1.0.1 L1 MasterUnix

ACCESS CONTROL

5.1.5 Ensure that default service accounts are not actively used.CIS Kubernetes v1.24 Benchmark v1.0.0 L1 MasterUnix

ACCESS CONTROL

5.2.7 Ensure SSH MaxAuthTries is set to 4 or lessCIS Fedora 19 Family Linux Server L1 v1.0.0Unix

ACCESS CONTROL

5.2.9 Ensure SSH root login is disabledCIS Debian Family Server L1 v1.0.0Unix

ACCESS CONTROL

5.2.10 Ensure SSH root login is disabledCIS Fedora 19 Family Linux Workstation L1 v1.0.0Unix

ACCESS CONTROL

5.2.17 Ensure SSH access is limitedCIS Debian Family Server L1 v1.0.0Unix

ACCESS CONTROL

5.4.1.4 Ensure inactive password lock is 30 days or less - useraddCIS Fedora 19 Family Linux Server L1 v1.0.0Unix

ACCESS CONTROL

5.4.1.4 Ensure inactive password lock is 30 days or less - useraddCIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1Unix

ACCESS CONTROL

5.4.1.4 Ensure inactive password lock is 30 days or less - usersCIS Fedora 19 Family Linux Workstation L1 v1.0.0Unix

ACCESS CONTROL

5.4.1.4 Ensure inactive password lock is 30 days or less - usersCIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1Unix

ACCESS CONTROL

5.5 Ensure CIM access is limitedCIS VMware ESXi 6.5 v1.0.0 Level 1VMware

ACCESS CONTROL

5.6 Ensure Lockdown mode is enabledCIS VMware ESXi 6.7 v1.3.0 Level 1VMware

ACCESS CONTROL

5.6 Ensure root login is restricted to system consoleCIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0Unix

ACCESS CONTROL

6.2.2 Ensure no legacy "+" entries exist in /etc/passwdCIS Google Container-Optimized OS v1.2.0 L1 ServerUnix

ACCESS CONTROL

6.2.3 Ensure no legacy "+" entries exist in /etc/shadowCIS Google Container-Optimized OS v1.2.0 L1 ServerUnix

ACCESS CONTROL

6.5 Remove Autologin Capabilities from the GNOME desktopCIS Oracle Solaris 11.4 L1 v1.1.0Unix

ACCESS CONTROL

18.10.5.1 (L1) Ensure 'Allow Microsoft accounts to be optional' is set to 'Enabled'CIS Microsoft Windows Server 2016 v3.0.0 L1 MSWindows

ACCESS CONTROL

18.10.5.1 (L1) Ensure 'Allow Microsoft accounts to be optional' is set to 'Enabled'CIS Windows Server 2012 R2 DC L1 v3.0.0Windows

ACCESS CONTROL

18.10.6.1 (L1) Ensure 'Allow Microsoft accounts to be optional' is set to 'Enabled'CIS Microsoft Windows Server 2025 v1.0.0 L1 DCWindows

ACCESS CONTROL

18.10.80.2 (L1) Ensure 'Always install with elevated privileges' is set to 'Disabled'CIS Microsoft Windows Server 2016 v3.0.0 L1 DCWindows

ACCESS CONTROL

18.10.80.2 Ensure 'Always install with elevated privileges' is set to 'Disabled'CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DCWindows

ACCESS CONTROL

18.10.81.2 (L1) Ensure 'Always install with elevated privileges' is set to 'Disabled'CIS Microsoft Windows Server 2025 v1.0.0 L1 MSWindows

ACCESS CONTROL

19.7.42.1 Ensure 'Always install with elevated privileges' is set to 'Disabled'CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 Domain ControllerWindows

ACCESS CONTROL

Catalina - Disable Guest Access to Shared Apple File Protocol FoldersNIST macOS Catalina v1.5.0 - 800-53r5 ModerateUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

Catalina - Disable Guest Access to Shared Apple File Protocol FoldersNIST macOS Catalina v1.5.0 - All ProfilesUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

Catalina - Disable Guest Access to Shared Apple File Protocol FoldersNIST macOS Catalina v1.5.0 - 800-53r4 LowUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

Catalina - Disable Guest Access to Shared Apple File Protocol FoldersNIST macOS Catalina v1.5.0 - 800-53r5 LowUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

Catalina - Disable Guest Access to Shared SMB FoldersNIST macOS Catalina v1.5.0 - All ProfilesUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

Catalina - Disable Guest Access to Shared SMB FoldersNIST macOS Catalina v1.5.0 - 800-171Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION