Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.2.2 vty line authenticationCIS Cisco IOS XR 7.x v1.0.0 L1Cisco

ACCESS CONTROL

1.1.4 Set 'login authentication for 'line con 0'CIS Cisco IOS 15 L1 v4.1.1Cisco

ACCESS CONTROL

1.1.5 Set 'login authentication for 'ip http'CIS Cisco IOS XE 16.x v2.1.0 L1Cisco

ACCESS CONTROL

1.1.6 Set 'login authentication for 'line vty'CIS Cisco IOS 15 L1 v4.1.1Cisco

ACCESS CONTROL

1.3.1 Ensure sudo is installedCIS Debian Family Workstation L1 v1.0.0Unix

ACCESS CONTROL

1.4.2.1 Ensure 'TACACS+/RADIUS' is configured correctly - serverCIS Cisco Firewall v8.x L1 v4.2.0Cisco

ACCESS CONTROL

1.4.3.4 Ensure 'aaa authentication serial console' is configured correctlyCIS Cisco Firewall v8.x L1 v4.2.0Cisco

ACCESS CONTROL

1.4.3.6 Ensure 'aaa authentication telnet console' is configured correctlyCIS Cisco Firewall v8.x L1 v4.2.0Cisco

ACCESS CONTROL

2.2.9 (L1) Ensure 'Allow log on through Remote Desktop Services' is set to 'Administrators, Remote Desktop Users' (MS only)CIS Windows Server 2012 MS L1 v3.0.0Windows

ACCESS CONTROL

2.3.1.1 (L1) Ensure 'Accounts: Block Microsoft accounts' is set to 'Users can't add or log on with Microsoft accounts'CIS Microsoft Windows 10 Enterprise v3.0.0 L1 + NGWindows

ACCESS CONTROL

2.3.1.1 (L1) Ensure 'Accounts: Block Microsoft accounts' is set to 'Users can't add or log on with Microsoft accounts'CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 NGWindows

ACCESS CONTROL

2.3.1.1 Ensure 'Accounts: Block Microsoft accounts' is set to 'Users can't add or log on with Microsoft accounts'CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Member ServerWindows

ACCESS CONTROL

2.3.9.4 (L1) Ensure 'Microsoft network server: Disconnect clients when logon hours expire' is set to 'Enabled'CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1Windows

ACCESS CONTROL

2.3.9.4 (L1) Ensure 'Microsoft network server: Disconnect clients when logon hours expire' is set to 'Enabled'CIS Microsoft Windows 11 Enterprise v4.0.0 L2 BitLockerWindows

ACCESS CONTROL

2.3.9.4 Ensure 'Microsoft network server: Disconnect clients when logon hours expire' is set to 'Enabled'CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 MSWindows

ACCESS CONTROL

2.3.11.6 (L1) Ensure 'Network security: Force logoff when logon hours expire' is set to 'Enabled'CIS Windows Server 2012 MS L1 v3.0.0Windows

ACCESS CONTROL

2.3.11.6 (L1) Ensure 'Network security: Force logoff when logon hours expire' is set to 'Enabled'CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLockerWindows

ACCESS CONTROL

2.3.11.6 (L1) Ensure 'Network security: Force logoff when logon hours expire' is set to 'Enabled'CIS Microsoft Windows 11 Enterprise v4.0.0 L2 BitLockerWindows

ACCESS CONTROL

2.3.11.6 (L1) Ensure 'Network security: Force logoff when logon hours expire' is set to 'Enabled'CIS Microsoft Windows Server 2025 v1.0.0 L1 DCWindows

ACCESS CONTROL

2.3.11.6 (L1) Ensure 'Network security: Force logoff when logon hours expire' is set to 'Enabled'CIS Microsoft Windows 10 Enterprise v3.0.0 L1 + NGWindows

ACCESS CONTROL

2.3.11.6 Ensure 'Network security: Force logoff when logon hours expire' is set to 'Enabled'CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Domain ControllerWindows

ACCESS CONTROL

2.3.11.6 Ensure 'Network security: Force logoff when logon hours expire' is set to 'Enabled'CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Member ServerWindows

ACCESS CONTROL

2.3.17.1 Ensure 'User Account Control: Admin Approval Mode for the Built-in Administrator account' is set to 'Enabled'CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MSWindows

ACCESS CONTROL

2.3.17.1 Ensure 'User Account Control: Admin Approval Mode for the Built-in Administrator account' is set to 'Enabled'CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MSWindows

ACCESS CONTROL

3.4.1 (L1) Ensure 'Apply UAC restrictions to local accounts on network logons' is set to 'Enabled'CIS Microsoft Intune for Windows 10 v3.0.1 L1Windows

ACCESS CONTROL

3.6.9.3 (L1) Ensure 'Require domain users to elevate when setting a network's location' is set to 'Enabled'CIS Microsoft Intune for Windows 10 v3.0.1 L1Windows

ACCESS CONTROL

5.2.9 Ensure SSH MaxAuthTries is set to 4 or lessCIS Amazon Linux 2 STIG v1.0.0 L1Unix

ACCESS CONTROL

5.3.5 Ensure SSH access is limitedCIS CentOS 6 Workstation L1 v3.0.0Unix

ACCESS CONTROL

5.11 DB2CHGPWD_EEE Registry VariableCIS IBM DB2 11 v1.1.0 Windows OS Level 1Windows

ACCESS CONTROL

6.4 Use parental controls for systems that are not centrally managedCIS Apple macOS 10.13 L2 v1.1.0Unix

ACCESS CONTROL

6.14 Disable 'nobody' Access for RPC Encryption Key Storage ServiceCIS Oracle Solaris 11.4 L1 v1.1.0Unix

ACCESS CONTROL

6.16 Restrict root Login to System ConsoleCIS Oracle Solaris 11.4 L1 v1.1.0Unix

ACCESS CONTROL

7.4 Set 'default_password_lifetime' to Require a Yearly Password ChangeCIS MySQL 8.4 Enterprise v1.0.0 L1 DatabaseMySQLDB

ACCESS CONTROL

9.2 Ensure the location attribute in the SSL configurations points to a valid SAF Keyring containing SSL/TLS certificatesCIS IBM WebSphere Liberty v1.0.0 L1Unix

ACCESS CONTROL

18.4.1 (L1) Ensure 'Apply UAC restrictions to local accounts on network logons' is set to 'Enabled'CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLockerWindows

ACCESS CONTROL

18.4.1 (L1) Ensure 'Apply UAC restrictions to local accounts on network logons' is set to 'Enabled'CIS Microsoft Windows 11 Enterprise v4.0.0 L2Windows

ACCESS CONTROL

18.6.11.4 (L1) Ensure 'Require domain users to elevate when setting a network's location' is set to 'Enabled'CIS Microsoft Windows 11 Enterprise v4.0.0 L1Windows

ACCESS CONTROL

18.10.5.1 (L1) Ensure 'Allow Microsoft accounts to be optional' is set to 'Enabled'CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BLWindows

ACCESS CONTROL

18.10.5.1 Ensure 'Allow Microsoft accounts to be optional' is set to 'Enabled'CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Domain ControllerWindows

ACCESS CONTROL

18.10.42.1 (L1) Ensure 'Block all consumer Microsoft account user authentication' is set to 'Enabled'CIS Microsoft Windows Server 2025 v1.0.0 L1 MSWindows

ACCESS CONTROL

18.10.80.2 Ensure 'Always install with elevated privileges' is set to 'Disabled'CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MSWindows

ACCESS CONTROL

18.10.81.2 (L1) Ensure 'Always install with elevated privileges' is set to 'Disabled'CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLockerWindows

ACCESS CONTROL

18.10.81.2 (L1) Ensure 'Always install with elevated privileges' is set to 'Disabled'CIS Microsoft Windows 11 Enterprise v4.0.0 L2Windows

ACCESS CONTROL

19.7.44.1 (L1) Ensure 'Always install with elevated privileges' is set to 'Disabled'CIS Microsoft Windows Server 2025 v1.0.0 L1 DCWindows

ACCESS CONTROL

20.32 Ensure 'krbtgt account password' is no more than '180 days old' (STIG DC only)CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DCWindows

ACCESS CONTROL

20.35 Ensure 'Manually managed application account passwords be changed at least annually or when a system administrator with knowledge of the password leaves the organization'CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MSWindows

ACCESS CONTROL

20.44 Ensure 'Orphaned security identifiers (SIDs) must be removed from user rights'CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MSWindows

ACCESS CONTROL

20.46 Ensure 'Passwords are configured to expire'CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DCWindows

ACCESS CONTROL

20.63 Ensure 'Temporary user accounts must be automatically removed or disabled after 72 hours'CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MSWindows

ACCESS CONTROL

45.1 (L1) Ensure 'Accounts: Block Microsoft accounts' is set to 'Users can't add or log on with Microsoft accounts'CIS Microsoft Intune for Windows 10 v3.0.1 L1Windows

ACCESS CONTROL