Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.2.3 Ensure repo_gpgcheck is globally activatedCIS Amazon Linux 2 v4.0.0 L2 ServerUnix

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

1.6.2 Ensure 'SSH version 2' is enabledCIS Cisco ASA 9.x Firewall L1 v1.1.0Cisco

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

2.3.2 Ensure ldap client is not installedCIS Amazon Linux 2 v4.0.0 L2 ServerUnix

CONFIGURATION MANAGEMENT

2.3.7.7 (L1) Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higherCIS Microsoft Windows Server 2025 Stand-alone v1.0.0 L1 MSWindows

ACCESS CONTROL

2.3.7.8 (L1) Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higherCIS Microsoft Windows 10 Stand-alone v4.0.0 L1Windows

ACCESS CONTROL

2.3.7.8 (L1) Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higherCIS Microsoft Windows Server 2019 Stand-alone v3.0.0 L1 MSWindows

ACCESS CONTROL

2.3.7.9 (L1) Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higherCIS Windows Server 2012 DC L1 v3.0.0Windows

ACCESS CONTROL

2.3.7.9 (L1) Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higherCIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

ACCESS CONTROL

2.3.7.9 (L1) Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higherCIS Microsoft Windows 10 Enterprise v4.0.0 L1Windows

ACCESS CONTROL

2.3.7.9 (L1) Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higherCIS Microsoft Windows 10 Enterprise v4.0.0 L1 BLWindows

ACCESS CONTROL

4.1.1 Ensure firewalld is installedCIS Amazon Linux 2 v4.0.0 L2 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.1.2 Ensure firewalld.service state is configuredCIS Amazon Linux 2 v4.0.0 L2 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.1.3 Ensure network interface zone is configuredCIS Amazon Linux 2 v4.0.0 L2 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.1.7 Ensure firewalld services and ports are configuredCIS Amazon Linux 2 v4.0.0 L2 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.3.4 Ensure users must provide password for escalationCIS Amazon Linux 2 v4.0.0 L2 ServerUnix

ACCESS CONTROL

5.4.2.1.4 Ensure password failed attempts lockout includes root accountCIS Amazon Linux 2 v4.0.0 L2 ServerUnix

ACCESS CONTROL

5.29 Ensure 'Web Management Service (WMSvc)' is set to 'Disabled' or 'Not Installed'CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0Windows

CONFIGURATION MANAGEMENT

5.32 Ensure 'Web Management Service (WMSvc)' is set to 'Disabled' or 'Not Installed'CIS Microsoft Windows 11 Stand-alone v5.0.0 L1Windows

CONFIGURATION MANAGEMENT

5.34 (L1) Ensure 'Web Management Service (WMSvc)' is set to 'Disabled' or 'Not Installed'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NGWindows

CONFIGURATION MANAGEMENT

5.117 - Users must be prevented from connecting using Terminal Services.DISA Windows Vista STIG v6r41Windows

ACCESS CONTROL

6.2.1.2 Ensure auditing for processes that start prior to auditd is enabledCIS Amazon Linux 2 v4.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.2.1.3 Ensure audit_backlog_limit is sufficientCIS Amazon Linux 2 v4.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY

6.2.1.4 Ensure auditd service is enabled and activeCIS Amazon Linux 2 v4.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.2.2.1 Ensure audit log storage size is configuredCIS Amazon Linux 2 v4.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.2.2.3 Ensure system is disabled when audit logs are fullCIS Amazon Linux 2 v4.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.2.3.1 Ensure changes to system administration scope (sudoers) is collectedCIS Amazon Linux 2 v4.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.2.3.2 Ensure actions as another user are always loggedCIS Amazon Linux 2 v4.0.0 L2 ServerUnix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

6.2.3.6 Ensure use of privileged commands are collectedCIS Amazon Linux 2 v4.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.2.3.9 Ensure discretionary access control permission modification events are collectedCIS Amazon Linux 2 v4.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.2.3.12 Ensure login and logout events are collectedCIS Amazon Linux 2 v4.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.2.3.14 Ensure events that modify the system's Mandatory Access Controls are collectedCIS Amazon Linux 2 v4.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

6.2.3.15 Ensure successful and unsuccessful attempts to use the chcon command are collectedCIS Amazon Linux 2 v4.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.2.3.16 Ensure successful and unsuccessful attempts to use the setfacl command are collectedCIS Amazon Linux 2 v4.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY

6.2.3.17 Ensure successful and unsuccessful attempts to use the chacl command are collectedCIS Amazon Linux 2 v4.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY

6.2.3.18 Ensure successful and unsuccessful attempts to use the usermod command are collectedCIS Amazon Linux 2 v4.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.2.3.21 Ensure the audit configuration is immutableCIS Amazon Linux 2 v4.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.2.3.22 Ensure the running and on disk configuration is the sameCIS Amazon Linux 2 v4.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.2.4.3 Ensure audit log files owner is configuredCIS Amazon Linux 2 v4.0.0 L2 ServerUnix

CONFIGURATION MANAGEMENT

6.2.4.7 Ensure audit configuration files group owner is configuredCIS Amazon Linux 2 v4.0.0 L2 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

6.2.4.9 Ensure audit tools owner is configuredCIS Amazon Linux 2 v4.0.0 L2 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

6.3 Ensure 'log_error_verbosity' is Set to '2'CIS MySQL 5.7 Enterprise Database L2 v2.0.0MySQLDB

AUDIT AND ACCOUNTABILITY

6.3 Ensure 'log_error_verbosity' is Set to '2'CIS Oracle MySQL Enterprise Edition 8.4 v1.1.0 L2 MySQL RDBMS MySQLDBMySQLDB

AUDIT AND ACCOUNTABILITY

6.3 Ensure 'log_warnings' is Set to '2'CIS MariaDB 10.11 v1.0.0 L2 MariaDB RDBMS MySQLDBMySQLDB

AUDIT AND ACCOUNTABILITY

18.7.2 (L1) Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled'CIS Microsoft Windows Server 2016 v4.0.0 L1 MSWindows

SYSTEM AND INFORMATION INTEGRITY

18.7.2 (L1) Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled'CIS Microsoft Windows Server 2019 v4.0.0 L1 DCWindows

SYSTEM AND INFORMATION INTEGRITY

18.7.2 (L1) Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled'CIS Microsoft Windows Server 2025 Stand-alone v1.0.0 L1 MSWindows

SYSTEM AND INFORMATION INTEGRITY

18.7.2 Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled'CIS Microsoft Windows Server 2022 Stand-alone v2.0.0 L1 MSWindows

SYSTEM AND INFORMATION INTEGRITY

81.34 (L1) Ensure 'Web Management Service (WMSvc)' is set to 'Disabled' or 'Not Installed'CIS Microsoft Intune for Windows 10 v4.0.0 L1Windows

CONFIGURATION MANAGEMENT

89.34 (L1) Ensure 'Shut Down The System' is set to 'Administrators, Users'CIS Microsoft Intune for Windows 11 v4.0.0 L1Windows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

WN10-00-000085 - Standard local user accounts must not exist on a system in a domain.DISA Microsoft Windows 10 STIG v3r6Windows

CONFIGURATION MANAGEMENT