Item Search

Name	Audit Name	Plugin	Category
1.5.1 Ensure address space layout randomization is enabled	CIS Ubuntu Linux 20.04 LTS v3.0.0 L1 Workstation	Unix	SYSTEM AND INFORMATION INTEGRITY
1.5.3 Ensure address space layout randomization (ASLR) is enabled	CIS CentOS Linux 8 Workstation L1 v2.0.0	Unix	SYSTEM AND INFORMATION INTEGRITY
1.5.3 Ensure address space layout randomization (ASLR) is enabled	CIS Fedora 28 Family Linux Server L1 v2.0.0	Unix	SYSTEM AND INFORMATION INTEGRITY
1.5.3 Ensure address space layout randomization (ASLR) is enabled	CIS Fedora 28 Family Linux Workstation L1 v2.0.0	Unix	SYSTEM AND INFORMATION INTEGRITY
4.2.5 Ensure that the --streaming-connection-idle-timeout argument is not set to 0	CIS Kubernetes v1.11.1 L1 Worker Node	Unix	SYSTEM AND INFORMATION INTEGRITY
4.5 Ensure Double-Encoded requests will be rejected - Default	CIS IIS 10 v1.2.1 Level 1	Windows	SYSTEM AND INFORMATION INTEGRITY
5.2 Ensure that, if applicable, an AppArmor Profile is enabled	CIS Docker v1.8.0 L1 OS Linux	Unix	SYSTEM AND INFORMATION INTEGRITY
18.4.4 (L1) Ensure 'Enable Structured Exception Handling Overwrite Protection (SEHOP)' is set to 'Enabled'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NG	Windows	SYSTEM AND INFORMATION INTEGRITY
18.4.4 (L1) Ensure 'Enable Structured Exception Handling Overwrite Protection (SEHOP)' is set to 'Enabled'	CIS Microsoft Windows Server 2022 Stand-alone v1.0.0 L1 MS	Windows	SYSTEM AND INFORMATION INTEGRITY
18.7.2 (L1) Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled'	CIS Microsoft Windows 11 Stand-alone v4.0.0 L1	Windows	SYSTEM AND INFORMATION INTEGRITY
18.8.5.3 (NG) Ensure 'Turn On Virtualization Based Security: Virtualization Based Protection of Code Integrity' is set to 'Enabled with UEFI lock'	CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 NG DC	Windows	SYSTEM AND INFORMATION INTEGRITY
18.8.5.6 (NG) Ensure 'Turn On Virtualization Based Security: Credential Guard Configuration' is set to 'Disabled' (DC Only)	CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 NG DC	Windows	SYSTEM AND INFORMATION INTEGRITY
18.8.5.6 Ensure 'Turn On Virtualization Based Security: Credential Guard Configuration' is set to 'Disabled' (DC Only) - Disabled	CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 DC NG	Windows	SYSTEM AND INFORMATION INTEGRITY
18.8.5.7 (NG) Ensure 'Turn On Virtualization Based Security: Secure Launch Configuration' is set to 'Enabled'	CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 NG DC	Windows	SYSTEM AND INFORMATION INTEGRITY
18.8.14.1 Ensure 'Boot-Start Driver Initialization Policy' is set to 'Enabled: Good, unknown and bad but critical'	CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC	Windows	SYSTEM AND INFORMATION INTEGRITY
18.8.40.1 Ensure 'Configure validation of ROCA-vulnerable WHfB keys during authentication' is set to 'Enabled: Audit' or higher (DC only)	CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC	Windows	SYSTEM AND INFORMATION INTEGRITY
18.9.4.1 (L1) Ensure 'Encryption Oracle Remediation' is set to 'Enabled: Force Updated Clients'	CIS Microsoft Windows Server 2025 v1.0.0 L1 DC	Windows	SYSTEM AND INFORMATION INTEGRITY
18.9.4.1 (L1) Ensure 'Encryption Oracle Remediation' is set to 'Enabled: Force Updated Clients'	CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BL	Windows	SYSTEM AND INFORMATION INTEGRITY
18.9.4.1 (L1) Ensure 'Encryption Oracle Remediation' is set to 'Enabled: Force Updated Clients'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NG	Windows	SYSTEM AND INFORMATION INTEGRITY
18.9.5.1 (NG) Ensure 'Turn On Virtualization Based Security' is set to 'Enabled'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NG	Windows	SYSTEM AND INFORMATION INTEGRITY
18.9.5.2 (L1) Ensure 'Turn On Virtualization Based Security: Select Platform Security Level' is set to 'Secure Boot' or higher	CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BL	Windows	SYSTEM AND INFORMATION INTEGRITY
18.9.5.2 (NG) Ensure 'Turn On Virtualization Based Security: Select Platform Security Level' is set to 'Secure Boot' or higher	CIS Microsoft Windows Server 2025 v1.0.0 NG DC	Windows	SYSTEM AND INFORMATION INTEGRITY
18.9.5.2 (NG) Ensure 'Turn On Virtualization Based Security: Select Platform Security Level' is set to 'Secure Boot' or higher	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NG	Windows	SYSTEM AND INFORMATION INTEGRITY
18.9.5.2 Ensure 'Turn On Virtualization Based Security: Select Platform Security Level' is set to 'Secure Boot' or higher	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS	Windows	SYSTEM AND INFORMATION INTEGRITY
18.9.5.3 (NG) Ensure 'Turn On Virtualization Based Security: Virtualization Based Protection of Code Integrity' is set to 'Enabled with UEFI lock'	CIS Microsoft Windows Server 2025 v1.0.0 NG DC	Windows	SYSTEM AND INFORMATION INTEGRITY
18.9.5.4 (L1) Ensure 'Turn On Virtualization Based Security: Require UEFI Memory Attributes Table' is set to 'True (checked)'	CIS Microsoft Windows 11 Stand-alone v4.0.0 L1	Windows	SYSTEM AND INFORMATION INTEGRITY
18.9.5.4 (NG) Ensure 'Turn On Virtualization Based Security: Require UEFI Memory Attributes Table' is set to 'True (checked)'	CIS Microsoft Windows Server 2016 v3.0.0 NG MS	Windows	SYSTEM AND INFORMATION INTEGRITY
18.9.5.6 (NG) Ensure 'Turn On Virtualization Based Security: Credential Guard Configuration' is set to 'Disabled' (DC Only)	CIS Microsoft Windows Server 2025 v1.0.0 NG DC	Windows	SYSTEM AND INFORMATION INTEGRITY
18.9.5.6 (NG) Ensure 'Turn On Virtualization Based Security: Credential Guard Configuration' is set to 'Disabled' (DC Only)	CIS Microsoft Windows Server 2016 v3.0.0 NG DC	Windows	SYSTEM AND INFORMATION INTEGRITY
18.9.5.7 (NG) Ensure 'Turn On Virtualization Based Security: Secure Launch Configuration' is set to 'Enabled'	CIS Microsoft Windows Server 2025 v1.0.0 NG MS	Windows	SYSTEM AND INFORMATION INTEGRITY
18.9.7.1.3 (BL) Ensure 'Prevent installation of devices using drivers that match these device setup classes: Also apply to matching devices that are already installed.' is set to 'True' (checked)	CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BL	Windows	SYSTEM AND INFORMATION INTEGRITY
18.9.13.1 (L1) Ensure 'Boot-Start Driver Initialization Policy' is set to 'Enabled: Good, unknown and bad but critical'	CIS Microsoft Windows Server 2016 v3.0.0 L1 MS	Windows	SYSTEM AND INFORMATION INTEGRITY
18.9.47.5.1.2 Ensure 'Configure Attack Surface Reduction rules: Set the state for each ASR rule' is configured - 7674ba52-37eb-4a4f-a9a1-f0f9a1619a2c	CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS	Windows	SYSTEM AND INFORMATION INTEGRITY
18.9.47.5.1.2 Ensure 'Configure Attack Surface Reduction rules: Set the state for each ASR rule' is configured - 26190899-1602-49e8-8b27-eb1d0a1ce869	CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC	Windows	SYSTEM AND INFORMATION INTEGRITY
18.9.47.5.1.2 Ensure 'Configure Attack Surface Reduction rules: Set the state for each ASR rule' is configured - d3e037e1-3eb8-44c8-a917-57927947596d	CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC	Windows	SYSTEM AND INFORMATION INTEGRITY
18.9.47.5.1.2 Ensure 'Configure Attack Surface Reduction rules: Set the state for each ASR rule' is configured - d4f940ab-401b-4efc-aadc-ad5f3c50688a	CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC	Windows	SYSTEM AND INFORMATION INTEGRITY
18.10.28.2 (L1) Ensure 'Turn off Data Execution Prevention for Explorer' is set to 'Disabled'	CIS Microsoft Windows Server 2016 v3.0.0 L1 DC	Windows	SYSTEM AND INFORMATION INTEGRITY
18.10.29.3 (L1) Ensure 'Turn off Data Execution Prevention for Explorer' is set to 'Disabled'	CIS Microsoft Windows Server 2025 v1.0.0 L1 DC	Windows	SYSTEM AND INFORMATION INTEGRITY
18.10.29.3 (L1) Ensure 'Turn off Data Execution Prevention for Explorer' is set to 'Disabled'	CIS Microsoft Windows Server 2022 Stand-alone v1.0.0 L1 MS	Windows	SYSTEM AND INFORMATION INTEGRITY
18.10.43.6.1.1 (L1) Ensure 'Configure Attack Surface Reduction rules' is set to 'Enabled'	CIS Microsoft Windows Server 2025 v1.0.0 L1 DC	Windows	SYSTEM AND INFORMATION INTEGRITY
18.10.43.6.1.1 (L1) Ensure 'Configure Attack Surface Reduction rules' is set to 'Enabled'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NG	Windows	SYSTEM AND INFORMATION INTEGRITY
18.10.43.6.1.2 (L1) Ensure 'Configure Attack Surface Reduction rules: Set the state for each ASR rule' is configured	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NG	Windows	SYSTEM AND INFORMATION INTEGRITY
18.10.43.6.1.2 (L1) Ensure 'Configure Attack Surface Reduction rules: Set the state for each ASR rule' is configured	CIS Microsoft Windows Server 2022 Stand-alone v1.0.0 L1 MS	Windows	SYSTEM AND INFORMATION INTEGRITY
18.10.75.2.1 (L1) Ensure 'Configure Windows Defender SmartScreen' is set to 'Enabled: Warn and prevent bypass'	CIS Microsoft Windows Server 2016 v3.0.0 L1 DC	Windows	SYSTEM AND INFORMATION INTEGRITY
18.10.75.2.1 (L1) Ensure 'Configure Windows Defender SmartScreen' is set to 'Enabled: Warn and prevent bypass'	CIS Microsoft Windows Server 2016 v3.0.0 L1 MS	Windows	SYSTEM AND INFORMATION INTEGRITY
18.10.75.2.2 Ensure 'Configure Windows Defender SmartScreen' is set to 'Enabled: Warn' or 'Enabled: Warn and prevent bypass' (STIG only)	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS	Windows	SYSTEM AND INFORMATION INTEGRITY
18.10.76.1.2 (L1) Ensure 'Notify Malicious' is set to 'Enabled'	CIS Microsoft Windows 11 Stand-alone v4.0.0 L1	Windows	SYSTEM AND INFORMATION INTEGRITY
18.10.76.1.2 (L1) Ensure 'Notify Malicious' is set to 'Enabled'	CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BL	Windows	SYSTEM AND INFORMATION INTEGRITY
18.10.76.1.5 (L1) Ensure 'Service Enabled' is set to 'Enabled'	CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BL	Windows	SYSTEM AND INFORMATION INTEGRITY
18.10.92.2.1 (L1) Ensure 'Prevent users from modifying settings' is set to 'Enabled'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NG	Windows	SYSTEM AND INFORMATION INTEGRITY

Detections

Analytics

Item Search