Item Search

Name	Audit Name	Plugin	Category
2.4 Ensure 'Database Mail XPs' Server Configuration Option is set to '0'	CIS Microsoft SQL Server 2022 v1.2.1 L1 AWS RDS	MS_SQLDB	SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.4 Ensure 'Database Mail XPs' Server Configuration Option is set to '0'	CIS Microsoft SQL Server 2022 v1.2.1 L1 Database Engine	MS_SQLDB	SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.4 Ensure 'Database Mail XPs' Server Configuration Option is set to '0'	CIS SQL Server 2012 Database L1 AWS RDS v1.6.0	MS_SQLDB	SYSTEM AND INFORMATION INTEGRITY
2.4 Ensure 'Database Mail XPs' Server Configuration Option is set to '0'	CIS SQL Server 2012 Database L1 DB v1.6.0	MS_SQLDB	SYSTEM AND INFORMATION INTEGRITY
2.4 Ensure 'Database Mail XPs' Server Configuration Option is set to '0'	CIS SQL Server 2014 Database L1 DB v1.5.0	MS_SQLDB	SYSTEM AND INFORMATION INTEGRITY
2.4 Ensure 'Database Mail XPs' Server Configuration Option is set to '0'	CIS SQL Server 2016 Database L1 DB v1.4.0	MS_SQLDB	SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.4 Ensure 'Database Mail XPs' Server Configuration Option is set to '0'	CIS Microsoft SQL Server 2019 v1.5.2 L1 Database Engine	MS_SQLDB	SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.7 Ensure 'Remote Admin Connections' Server Configuration Option is set to '0'	CIS Microsoft SQL Server 2019 v1.5.2 L1 Database Engine	MS_SQLDB	SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.7 Ensure 'Remote Admin Connections' Server Configuration Option is set to '0'	CIS Microsoft SQL Server 2022 v1.2.1 L1 Database Engine	MS_SQLDB	SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.10 Ensure Unnecessary SQL Server Protocols are set to 'Disabled'	CIS SQL Server 2017 Database L1 OS v1.3.0	Windows	SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.10 Ensure Unnecessary SQL Server Protocols are set to 'Disabled'	CIS SQL Server 2022 Database L1 OS v1.1.0	Windows	SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.15 Ensure 'xp_cmdshell' Server Configuration Option is set to '0'	CIS SQL Server 2012 Database L1 DB v1.6.0	MS_SQLDB	SYSTEM AND INFORMATION INTEGRITY
2.16 Ensure 'xp_cmdshell' Server Configuration Option is set to '0'	CIS SQL Server 2008 R2 DB Engine L1 v1.7.0	MS_SQLDB	SYSTEM AND INFORMATION INTEGRITY
3.1 Ensure 'Server Authentication' Property is set to 'Windows Authentication Mode' - Windows Authentication mode	CIS SQL Server 2014 Database L1 AWS RDS v1.5.0	MS_SQLDB	IDENTIFICATION AND AUTHENTICATION
3.5 Ensure the SQL Server's MSSQL Service Account is Not an Administrator	CIS SQL Server 2016 Database L1 OS v1.4.0	Windows	ACCESS CONTROL
3.11 Ensure the public role in the msdb database is not granted access to SQL Agent proxies	CIS SQL Server 2016 Database L1 DB v1.4.0	MS_SQLDB	ACCESS CONTROL, MEDIA PROTECTION
4.3 Ensure 'CHECK_POLICY' Option is set to 'ON' for All SQL Authenticated Logins	CIS SQL Server 2008 R2 DB Engine L1 v1.7.0	MS_SQLDB	IDENTIFICATION AND AUTHENTICATION
4.3 Ensure 'CHECK_POLICY' Option is set to 'ON' for All SQL Authenticated Logins	CIS SQL Server 2012 Database L1 DB v1.6.0	MS_SQLDB	IDENTIFICATION AND AUTHENTICATION
4.3 Ensure 'CHECK_POLICY' Option is set to 'ON' for All SQL Authenticated Logins	CIS SQL Server 2014 Database L1 AWS RDS v1.5.0	MS_SQLDB	IDENTIFICATION AND AUTHENTICATION
4.3 Ensure 'CHECK_POLICY' Option is set to 'ON' for All SQL Authenticated Logins	CIS SQL Server 2012 Database L1 AWS RDS v1.6.0	MS_SQLDB	IDENTIFICATION AND AUTHENTICATION
4.3 Ensure 'CHECK_POLICY' Option is set to 'ON' for All SQL Authenticated Logins	CIS Microsoft SQL Server 2022 v1.2.1 L1 AWS RDS	MS_SQLDB	IDENTIFICATION AND AUTHENTICATION
4.3.37 Restrict Access to SYSIBM.SYSSTMT	CIS IBM DB2 11 v1.2.0 Database Level 1	IBM_DB2DB	ACCESS CONTROL, MEDIA PROTECTION
5.1 Ensure 'Maximum number of error log files' is set to greater than or equal to '12'	CIS SQL Server 2008 R2 DB Engine L1 v1.7.0	MS_SQLDB	AUDIT AND ACCOUNTABILITY
5.1 Ensure 'Maximum number of error log files' is set to greater than or equal to '12'	CIS SQL Server 2008 R2 DB OS L1 v1.7.0	Windows	AUDIT AND ACCOUNTABILITY
5.1.2.1 Ensure 'EXECUTE' is not granted to 'PUBLIC' on 'Non-default' Packages - Non-default Packages	CIS Oracle Server 18c DB Unified Auditing v1.1.0	OracleDB	ACCESS CONTROL
5.1.2.1 Ensure 'EXECUTE' is not granted to 'PUBLIC' on 'Non-default' Packages - Non-default Packages	CIS Oracle Server 18c DB Traditional Auditing v1.1.0	OracleDB	ACCESS CONTROL
6.1.2.7 Ensure that Activity Log Alert exists for Create or Update SQL Server Firewall Rule	CIS Microsoft Azure Foundations v5.0.0 L1	microsoft_azure	AUDIT AND ACCOUNTABILITY
6.26 Restrict Access to SYSCAT.STATEMENTS	CIS IBM DB2 9 Benchmark v3.0.1 Level 2 DB	IBM_DB2DB	ACCESS CONTROL
DG0142-ORACLE11 - Changes to configuration options must be audited - 'audit_sys_operations = true'	DISA STIG Oracle 11 Instance v9r1 Database	OracleDB
F5BI-LT-000161 - To protect against data mining, the BIG-IP Core implementation providing content filtering must be configured to prevent SQL injection attacks from being launched against data storage objects, including, at a minimum, databases, database records, and database fields.	DISA F5 BIG-IP Local Traffic Manager STIG v2r4	F5	ACCESS CONTROL
MADB-10-009100 - When invalid inputs are received, MariaDB must behave in a predictable and documented manner that reflects organizational and system objectives.	DISA MariaDB Enterprise 10.x v2r4 DB	MySQLDB	SYSTEM AND INFORMATION INTEGRITY
SQL4-00-016800 - SQL Server must have the SQL Server Analysis Services (SSAS) software component removed if it is unused.	DISA STIG SQL Server 2014 Instance OS Audit v2r4	Windows	CONFIGURATION MANAGEMENT
SQL4-00-034000 - SQL Server must produce Trace or Audit records of its enforcement of access restrictions associated with changes to the configuration of the DBMS or database(s) - s.	DISA STIG SQL Server 2014 Instance DB Audit v2r4	MS_SQLDB	CONFIGURATION MANAGEMENT
SQL4-00-034000 - SQL Server must produce Trace or Audit records of its enforcement of access restrictions associated with changes to the configuration of the DBMS or database(s) - SCHEMA_OBJECT_PERMISSION_CHANGE_GROUP	DISA STIG SQL Server 2014 Instance DB Audit v2r4	MS_SQLDB	CONFIGURATION MANAGEMENT
SQL4-00-034000 - SQL Server must produce Trace or Audit records of its enforcement of access restrictions associated with changes to the configuration of the DBMS or database(s) - SERVER_OBJECT_CHANGE_GROUP	DISA STIG SQL Server 2014 Instance DB Audit v2r4	MS_SQLDB	CONFIGURATION MANAGEMENT
SQL4-00-034000 - SQL Server must produce Trace or Audit records of its enforcement of access restrictions associated with changes to the configuration of the DBMS or database(s) - SERVER_OBJECT_OWNERSHIP_CHANGE_GROUP	DISA STIG SQL Server 2014 Instance DB Audit v2r4	MS_SQLDB	CONFIGURATION MANAGEMENT
SQL4-00-035700 - SQL Server must produce Trace or Audit records when unsuccessful attempts to access security objects occur - Event ID 85	DISA STIG SQL Server 2014 Instance DB Audit v2r4	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-035700 - SQL Server must produce Trace or Audit records when unsuccessful attempts to access security objects occur - Event ID 88	DISA STIG SQL Server 2014 Instance DB Audit v2r4	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-035800 - Trace or Audit records must be generated when categorized information (e.g., classification levels/security levels) is accessed.	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-036300 - SQL Server must generate Trace or Audit records when unsuccessful attempts to modify privileges/permissions via locally-defined security objects occur - Event ID 42	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-036300 - SQL Server must generate Trace or Audit records when unsuccessful attempts to modify privileges/permissions via locally-defined security objects occur - Event ID 43	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-036300 - SQL Server must generate Trace or Audit records when unsuccessful attempts to modify privileges/permissions via locally-defined security objects occur - Event ID 82	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-036300 - SQL Server must generate Trace or Audit records when unsuccessful attempts to modify privileges/permissions via locally-defined security objects occur - Event ID 83	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-036300 - SQL Server must generate Trace or Audit records when unsuccessful attempts to modify privileges/permissions via locally-defined security objects occur - Event ID 86	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-036300 - SQL Server must generate Trace or Audit records when unsuccessful attempts to modify privileges/permissions via locally-defined security objects occur - Event ID 87	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-036300 - SQL Server must generate Trace or Audit records when unsuccessful attempts to modify privileges/permissions via locally-defined security objects occur - Event ID 89	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-036300 - SQL Server must generate Trace or Audit records when unsuccessful attempts to modify privileges/permissions via locally-defined security objects occur - Event ID 90	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-036300 - SQL Server must generate Trace or Audit records when unsuccessful attempts to modify privileges/permissions via locally-defined security objects occur - Event ID 91	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-036300 - SQL Server must generate Trace or Audit records when unsuccessful attempts to modify privileges/permissions via locally-defined security objects occur - SCHEMA_OBJECT_ACCESS_GROUP	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL6-D0-007600 - SQL Server must be configured to prohibit or restrict the use of organization-defined protocols as defined in the Ports, Protocols, and Services Management (PPSM) Category Assurance List (CAL) and vulnerability assessments.	DISA MS SQL Server 2016 Instance STIG v3r6 Windows	Windows	CONFIGURATION MANAGEMENT

Detections

Analytics

Item Search