Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.2.13 Set 'Audit Policy: System: Security State Change' to 'Success and Failure'CIS Windows 8 L1 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

1.1.2.28 Set 'Audit Policy: Object Access: Kernel Object' to 'No Auditing'CIS Windows 8 L1 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

1.1.2.30 Set 'Audit Policy: Object Access: Application Generated' to 'No Auditing'CIS Windows 8 L1 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

1.1.2.51 Set 'Audit Policy: Detailed Tracking: Process Creation' to 'Success'CIS Windows 8 L1 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

1.1.2.54 Set 'Audit Policy: Object Access: File System' to 'No Auditing'CIS Windows 8 L1 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

1.10.11 Ensure 'logging trap severity ' is greater than or equal to '5'Tenable Cisco Firepower Best Practices AuditCisco

AUDIT AND ACCOUNTABILITY

3 - Audit Logging - LoggerTNS Best Practice JBoss 7 LinuxUnix

AUDIT AND ACCOUNTABILITY

3.2 Enable Stack Protection - set noexec_user_stack_log = 1CIS Solaris 11 L1 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

3.3 Configure Security Auditing Flags - 'audit all failed events across all audit classes'CIS Apple OSX 10.11 El Capitan L2 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

3.3 Configure Security Auditing Flags - 'audit all failed events across all audit classes'CIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

AUDIT AND ACCOUNTABILITY

3.3 Configure Security Auditing Flags - 'audit successful/failed file attribute modification events'CIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

AUDIT AND ACCOUNTABILITY

3.3 Configure Security Auditing Flags - 'audit successful/failed login/logout events'CIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

AUDIT AND ACCOUNTABILITY

4.2 Enable Auditing of Incoming Network Connections - AUE_ACCEPT : cisCIS Solaris 11 L1 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

4.2 Enable Auditing of Incoming Network Connections - AUE_CONNECT : cisCIS Solaris 11 L1 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

4.2 Enable Auditing of Incoming Network Connections - AUE_SOCKCONNECT : cisCIS Solaris 11 L1 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

4.3 Enable auditing - sp_configure 'auditing'CIS Sybase 15.0 L1 DB v1.1.0SybaseDB

AUDIT AND ACCOUNTABILITY

4.3 Enable Auditing of File Metadata Modification Events - AUE_CHMOD : cisCIS Solaris 11 L1 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

4.3.3 Ensure 'AUDIT SYSTEM' Is Revoked from Unauthorized 'GRANTEE'CIS Oracle Server 11g R2 DB v2.2.0OracleDB

AUDIT AND ACCOUNTABILITY

4.4 Enable Auditing of Process and Privilege Events - AUE_NICE : cisCIS Solaris 11 L1 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

4.4 Enable Auditing of Process and Privilege Events - AUE_PFEXEC : cisCIS Solaris 11 L1 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

4.4 Enable Auditing of Process and Privilege Events - AUE_SETEGID : cisCIS Solaris 11 L1 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

4.4 Enable Auditing of Process and Privilege Events - AUE_SETEUID : cisCIS Solaris 11 L1 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

4.4 Enable Auditing of Process and Privilege Events - AUE_SETSID : cisCIS Solaris 11 L1 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

4.5 Configure Solaris Auditing - active non-attributable audit flagsCIS Solaris 11.2 L1 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

4.5 Configure Solaris Auditing - audit_flags root = lo,ad,ft,ex,cis:noCIS Solaris 11 L1 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

4.5 Configure Solaris Auditing - var/audit/*.not_terminated.*CIS Solaris 11 L1 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

5.2 - Storage Administrative System Auditing - Event NotificationsNetApp Security Hardening Guide for ONTAP 9 v1.7.0Netapp_API

AUDIT AND ACCOUNTABILITY

5.2 Ensure that audit filters are configured properlyCIS MongoDB L1 Unix Audit v1.0.0Unix

AUDIT AND ACCOUNTABILITY

5.3 Enable 'DROP USER' Audit OptionCIS Oracle Server 11g R2 DB v2.2.0OracleDB

AUDIT AND ACCOUNTABILITY

5.4 CIFS - 'cifs.audit.autosave.ontime.interval has been configured'TNS NetApp Data ONTAP 7GNetApp

AUDIT AND ACCOUNTABILITY

5.4 Ensure that new entries are appended to the end of the log fileCIS MongoDB L2 Unix Audit v1.0.0Unix

AUDIT AND ACCOUNTABILITY

5.13 Enable 'GRANT DIRECTORY' Audit OptionCIS Oracle Server 11g R2 DB v2.2.0OracleDB

AUDIT AND ACCOUNTABILITY

5.17 Enable 'DROP ANY PROCEDURE' Audit OptionCIS Oracle Server 11g R2 DB v2.2.0OracleDB

AUDIT AND ACCOUNTABILITY

8.1.10 Collect Discretionary Access Control Permission Modification Events- '32bit chmod/fchmod/fchmodat'CIS Ubuntu 12.04 LTS Benchmark L2 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

8.2.1 Install the rsyslog packageCIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

17.3.1 Ensure 'Audit Process Creation' is set to include 'Success'CIS Windows 7 Workstation Level 1 v3.2.0Windows

AUDIT AND ACCOUNTABILITY

17.6.1 Ensure 'Audit Detailed File Share' is set to include 'Failure'CIS Windows 7 Workstation Level 1 v3.2.0Windows

AUDIT AND ACCOUNTABILITY

17.6.3 Ensure 'Audit Other Object Access Events' is set to 'Success and Failure'CIS Windows 7 Workstation Level 1 v3.2.0Windows

AUDIT AND ACCOUNTABILITY

17.7.4 Ensure 'Audit MPSSVC Rule-Level Policy Change' is set to 'Success and Failure'CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0Windows

AUDIT AND ACCOUNTABILITY

Audit Detailed File ShareMSCT Windows 10 1803 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Other Policy Change EventsMSCT Windows 10 1803 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Process CreationMSCT Windows 10 1803 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Brocade - Bottleneck alerts must be enabledTenable Best Practices Brocade FabricOSBrocade

AUDIT AND ACCOUNTABILITY

Ensure 'logging buffered severity ' is greater than or equal to '3'Tenable Cisco Firepower Threat Defense Best Practices AuditCisco_Firepower

AUDIT AND ACCOUNTABILITY

Ensure 'logging to Serial console' is disabledTenable Cisco Firepower Best Practices AuditCisco

AUDIT AND ACCOUNTABILITY

Ensure 'logging trap' is enabledTenable Cisco Firepower Threat Defense Best Practices AuditCisco_Firepower

AUDIT AND ACCOUNTABILITY

Ensure 'SNMP traps' is enabled - coldstartTenable Cisco Firepower Threat Defense Best Practices AuditCisco_Firepower

AUDIT AND ACCOUNTABILITY

Ensure 'SNMP traps' is enabled - linkdownTenable Cisco Firepower Threat Defense Best Practices AuditCisco_Firepower

AUDIT AND ACCOUNTABILITY

Ensure 'SNMP traps' is enabled - linkupTenable Cisco Firepower Threat Defense Best Practices AuditCisco_Firepower

AUDIT AND ACCOUNTABILITY

IBM i : Auditing Control (QAUDCTL) - '!= *NONE'IBM System i Security Reference for V7R2AS/400

AUDIT AND ACCOUNTABILITY