Item Search

Name	Audit Name	Plugin	Category
1.1 Ensure Latest SQL Server Cumulative and Security Updates are Installed	CIS Microsoft SQL Server 2022 v1.2.1 L1 AWS RDS	MS_SQLDB	SYSTEM AND SERVICES ACQUISITION
2.14 Ensure 'sa' Login Account is set to 'Disabled'	CIS SQL Server 2008 R2 DB Engine L1 v1.7.0	MS_SQLDB	ACCESS CONTROL
2.15 Ensure 'xp_cmdshell' Server Configuration Option is set to '0'	CIS SQL Server 2016 Database L1 AWS RDS v1.4.0	MS_SQLDB	SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.15 Ensure 'xp_cmdshell' Server Configuration Option is set to '0'	CIS SQL Server 2016 Database L1 DB v1.4.0	MS_SQLDB	SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.15 Ensure 'xp_cmdshell' Server Configuration Option is set to '0'	CIS SQL Server 2017 Database L1 DB v1.3.0	MS_SQLDB	SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION
3.4 Ensure the SQL Server's MSSQL Service Account is Not an Administrator	CIS SQL Server 2008 R2 DB OS L1 v1.7.0	Windows	ACCESS CONTROL
3.5 Ensure the SQL Server's MSSQL Service Account is Not an Administrator	CIS SQL Server 2017 Database L1 AWS RDS v1.3.0	MS_SQLDB	ACCESS CONTROL
3.5 Ensure the SQL Server's MSSQL Service Account is Not an Administrator	CIS Microsoft SQL Server 2019 v1.5.2 L1 AWS RDS	MS_SQLDB	ACCESS CONTROL
3.5 Ensure the SQL Server's MSSQL Service Account is Not an Administrator	CIS Microsoft SQL Server 2019 v1.5.2 L1 Database Engine	MS_SQLDB	ACCESS CONTROL
3.6 Ensure the SQL Server's SQLAgent Service Account is Not an Administrator	CIS SQL Server 2016 Database L1 OS v1.4.0	Windows	ACCESS CONTROL
3.7 Ensure the SQL Server's Full-Text Service Account is Not an Administrator	CIS Microsoft SQL Server 2022 v1.2.1 L1 AWS RDS	MS_SQLDB	ACCESS CONTROL
3.7 Ensure the SQL Server's Full-Text Service Account is Not an Administrator	CIS Microsoft SQL Server 2019 v1.5.2 L1 Database Engine	MS_SQLDB	ACCESS CONTROL
3.7 Ensure the SQL Server's Full-Text Service Account is Not an Administrator	CIS SQL Server 2012 Database L1 OS v1.6.0	Windows	ACCESS CONTROL
3.7 Ensure the SQL Server's Full-Text Service Account is Not an Administrator	CIS Microsoft SQL Server 2022 v1.2.1 L1 Database Engine	MS_SQLDB	ACCESS CONTROL
3.11 Ensure 'encryption providers' are locked down	CIS IIS 8.0 v1.5.1 Level 2	Windows	ACCESS CONTROL
3.11 Ensure the public role in the msdb database is not granted access to SQL Agent proxies	CIS Microsoft SQL Server 2019 v1.5.2 L1 Database Engine	MS_SQLDB	ACCESS CONTROL, MEDIA PROTECTION
3.11 Ensure the public role in the msdb database is not granted access to SQL Agent proxies	CIS Microsoft SQL Server 2022 v1.2.1 L1 Database Engine	MS_SQLDB	ACCESS CONTROL, MEDIA PROTECTION
3.11 Ensure the public role in the msdb database is not granted access to SQL Agent proxies	CIS SQL Server 2014 Database L1 DB v1.5.0	MS_SQLDB	ACCESS CONTROL
4.1 Ensure 'MUST_CHANGE' Option is set to 'ON' for All SQL Authenticated Logins	CIS SQL Server 2014 Database L1 DB v1.5.0	MS_SQLDB	IDENTIFICATION AND AUTHENTICATION
4.2 Ensure 'CHECK_EXPIRATION' Option is set to 'ON' for All SQL Authenticated Logins Within the Sysadmin Role	CIS SQL Server 2017 Database L1 DB v1.3.0	MS_SQLDB	ACCESS CONTROL
4.5 Configure Solaris Auditing - active user default audit flags	CIS Solaris 11.2 L1 v1.1.0	Unix	AUDIT AND ACCOUNTABILITY
4.5 Configure Solaris Auditing - configured audit policies	CIS Solaris 11.2 L1 v1.1.0	Unix	AUDIT AND ACCOUNTABILITY
4.5 Configure Solaris Auditing - configured user default audit flags	CIS Solaris 11.2 L1 v1.1.0	Unix	AUDIT AND ACCOUNTABILITY
4.5 Configure Solaris Auditing - p_minfree	CIS Solaris 11.2 L1 v1.1.0	Unix	AUDIT AND ACCOUNTABILITY
4.5 Configure Solaris Auditing - Plugin	CIS Solaris 11.2 L1 v1.1.0	Unix	AUDIT AND ACCOUNTABILITY
5.1 Ensure 'Maximum number of error log files' is set to greater than or equal to '12'	CIS Microsoft SQL Server 2019 v1.5.2 L1 AWS RDS	MS_SQLDB	AUDIT AND ACCOUNTABILITY
O19C-00-010500 - The Oracle _TRACE_FILES_PUBLIC parameter if present must be set to FALSE.	DISA Oracle Database 19c STIG v1r3 OracleDB	OracleDB	CONFIGURATION MANAGEMENT
O112-BP-023900 - The Oracle _TRACE_FILES_PUBLIC parameter if present must be set to FALSE.	DISA STIG Oracle 11.2g v2r5 Database	OracleDB	CONFIGURATION MANAGEMENT
O112-BP-025800 - Changes to configuration options must be audited.	DISA STIG Oracle 11.2g v2r5 Database	OracleDB	CONFIGURATION MANAGEMENT
O121-BP-022100 - The Oracle SQL92_SECURITY parameter must be set to TRUE.	DISA Oracle Database 12c STIG v3r5 OracleDB	OracleDB	CONFIGURATION MANAGEMENT
SQL2-00-010400 - SQL Server auditing configuration maximum file size must be configured to reduce the likelihood of storage capacity being exceeded, while meeting organization-defined auditing requirements - 'max_size'	DISA STIG SQL Server 2012 DB Instance Security v1r20	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL2-00-023000 - The system must activate an alarm and/or automatically shut SQL Server down if a failure is detected in its software components.	DISA STIG SQL Server 2012 DB Instance Security v1r20	MS_SQLDB	SYSTEM AND INFORMATION INTEGRITY
SQL4-00-016600 - SQL Server must have the SQL Server Reporting Services (SSRS) software component removed if it is unused.	DISA STIG SQL Server 2014 Instance OS Audit v2r4	Windows	CONFIGURATION MANAGEMENT
SQL4-00-016700 - SQL Server must have the SQL Server Integration Services (SSIS) software component removed if it is unused.	DISA STIG SQL Server 2014 Instance OS Audit v2r4	Windows	CONFIGURATION MANAGEMENT
SQL4-00-017000 - Unused database components that are integrated in SQL Server and cannot be uninstalled must be disabled.	DISA STIG SQL Server 2014 Instance DB Audit v2r4	MS_SQLDB	CONFIGURATION MANAGEMENT
SQL4-00-030600 - Where availability is paramount, the SQL Server must continue processing (preferably overwriting existing records, oldest first), in the event of lack of space for more Audit/Trace log records; and must keep processing after any failure of an Audit/Trace.	DISA STIG SQL Server 2014 Instance DB Audit v2r4	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-036600 - Trace or Audit records must be generated when categorized information (e.g., classification levels/security levels) is created - Event ID 88	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-036600 - Trace or Audit records must be generated when categorized information (e.g., classification levels/security levels) is created - Event ID 89	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-036600 - Trace or Audit records must be generated when categorized information (e.g., classification levels/security levels) is created - Event ID 162	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-036600 - Trace or Audit records must be generated when categorized information (e.g., classification levels/security levels) is created - SCHEMA_OBJECT_ACCESS_GROUP	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-036650 - Trace or Audit records must be generated when categorized information (e.g., classification levels/security levels) is modified - Event ID 86	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-036650 - Trace or Audit records must be generated when categorized information (e.g., classification levels/security levels) is modified - Event ID 89	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-036650 - Trace or Audit records must be generated when categorized information (e.g., classification levels/security levels) is modified - Event ID 90	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-036650 - Trace or Audit records must be generated when categorized information (e.g., classification levels/security levels) is modified - SCHEMA_OBJECT_ACCESS_GROUP	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-037300 - Trace or Audit records must be generated when categorized information (e.g., classification levels/security levels) is deleted - Event ID 84	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-037300 - Trace or Audit records must be generated when categorized information (e.g., classification levels/security levels) is deleted - Event ID 85	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-037300 - Trace or Audit records must be generated when categorized information (e.g., classification levels/security levels) is deleted - Event ID 86	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-037300 - Trace or Audit records must be generated when categorized information (e.g., classification levels/security levels) is deleted - Event ID 89	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-037300 - Trace or Audit records must be generated when categorized information (e.g., classification levels/security levels) is deleted - Event ID 90	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
VCENTER-000008 - The vCenter Server must be installed using a service account instead of a built-in Windows account.	DISA STIG VMWare ESXi vCenter 5 STIG v2r1	VMware	CONFIGURATION MANAGEMENT

Detections

Analytics

Item Search