Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.2 Ensure 'host headers' are on all sitesCIS IIS 8.0 v1.5.1 Level 1Windows

CONFIGURATION MANAGEMENT

1.4 Ensure 'application pool identity' is configured for all application poolsCIS IIS 10 v1.2.1 Level 1Windows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2 Ensure Access to Sensitive Site Features Is Restricted To Authenticated Principals Only - DefaultCIS IIS 7 L1 v1.8.0Windows
2.2.4 (L1) Ensure 'Adjust memory quotas for a process' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE'CIS Microsoft Windows Server 2022 Stand-alone v1.0.0 L1 MSWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.4 (L1) Ensure 'Adjust memory quotas for a process' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE'CIS Microsoft Windows Server 2019 Stand-alone v3.0.0 L1 MSWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.6 (L1) Ensure 'Adjust memory quotas for a process' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE'CIS Microsoft Windows Server 2016 v3.0.0 L1 MSWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.6 (L1) Ensure 'Adjust memory quotas for a process' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE'CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1Windows

ACCESS CONTROL

2.2.6 (L1) Ensure 'Adjust memory quotas for a process' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE'CIS Windows Server 2012 DC L1 v3.0.0Windows

ACCESS CONTROL

2.2.6 (L1) Ensure 'Adjust memory quotas for a process' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE'CIS Microsoft Windows Server 2019 v4.0.0 L1 MSWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.6 (L1) Ensure 'Adjust memory quotas for a process' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE'CIS Microsoft Windows Server 2025 v1.0.0 L1 DCWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.6 (L1) Ensure 'Adjust memory quotas for a process' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE'CIS Windows Server 2012 R2 DC L1 v3.0.0Windows

ACCESS CONTROL

2.2.6 (L1) Ensure 'Adjust memory quotas for a process' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE'CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

ACCESS CONTROL

2.2.6 (L1) Ensure 'Adjust memory quotas for a process' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE'CIS Microsoft Windows Server 2016 v3.0.0 L1 DCWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.6 (L1) Ensure 'Adjust memory quotas for a process' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE'CIS Microsoft Windows Server 2022 v4.0.0 L1 DCWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.6 Ensure 'Adjust memory quotas for a process' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE'CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 DCWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.6 Ensure 'Adjust memory quotas for a process' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE'CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 MSWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.6 Ensure 'Adjust memory quotas for a process' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE'CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 MSWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.24 (L1) Ensure 'Impersonate a client after authentication' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE' and (when the Web Server (IIS) Role with Web Services Role Service is installed) 'IIS_IUSRS'CIS Microsoft Windows Server 2022 Stand-alone v1.0.0 L1 MSWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.24 (L1) Ensure 'Impersonate a client after authentication' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE' and (when the Web Server (IIS) Role with Web Services Role Service is installed) 'IIS_IUSRS'CIS Microsoft Windows Server 2019 Stand-alone v3.0.0 L1 MSWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.33 (L1) Ensure 'Impersonate a client after authentication' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE' and (when the Web Server (IIS) Role with Web Services Role Service is installed) 'IIS_IUSRS' (MS only)CIS Microsoft Windows Server 2025 v1.0.0 L1 MSWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.33 (L1) Ensure 'Impersonate a client after authentication' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE' and (when the Web Server (IIS) Role with Web Services Role Service is installed) 'IIS_IUSRS' (MS only)CIS Microsoft Windows Server 2022 v4.0.0 L1 MSWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.36 (L1) Ensure 'Replace a process level token' is set to 'LOCAL SERVICE, NETWORK SERVICE'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

IDENTIFICATION AND AUTHENTICATION

2.5 Ensure 'cookie protection mode' is configured for forms authenticationCIS IIS 8.0 v1.5.1 Level 1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

2.5 Ensure 'cookie protection mode' is configured for forms authentication - ApplicationsCIS IIS 7 L1 v1.8.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

3.5 Ensure ASP.NET stack tracing is not enabled - DefaultCIS IIS 7 L2 v1.8.0Windows

SYSTEM AND INFORMATION INTEGRITY

3.7 Ensure 'cookies' are set with HttpOnly attribute - DefaultCIS IIS 7 L2 v1.8.0Windows

ACCESS CONTROL

3.9 Ensure 'MachineKey validation method - .Net 4.5' is configured - DefaultCIS IIS 7 L1 v1.8.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

4.1 Ensure 'maxAllowedContentLength' is configured - DefaultCIS IIS 7 L2 v1.8.0Windows

SYSTEM AND INFORMATION INTEGRITY

4.4 Ensure non-ASCII characters in URLs are not allowed - DefaultCIS IIS 7 L2 v1.8.0Windows

SYSTEM AND INFORMATION INTEGRITY

4.7 Ensure Unlisted File Extensions are not allowed - ApplicationsCIS IIS 10 v1.2.1 Level 1Windows

SYSTEM AND SERVICES ACQUISITION

4.8 Ensure Handler is not granted Write and Script/Execute - ApplicationsCIS IIS 7 L1 v1.8.0Windows

ACCESS CONTROL

6.1 Ensure FTP requests are encrypted - Control Channel DefaultCIS IIS 7 L1 v1.8.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

6.1 Ensure FTP requests are encrypted - Data Channel SitesCIS IIS 7 L1 v1.8.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

7.1 Ensure HSTS Header is setCIS IIS 7 L2 v1.8.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

7.4 Ensure TLS 1.0 is enabled - enabledCIS IIS 7 L1 v1.8.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

7.11 Ensure Triple DES Cipher Suite is configuredCIS IIS 7 L1 v1.8.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

7.15 Ensure TLS Cipher Suite ordering is configuredCIS IIS 7 L2 v1.8.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

CIS Amazon Linux Benchmark Level 2CIS Amazon Linux v2.1.0 L2Unix
CIS Control 10 (10.4) Protect BackupsCAS Implementation Group 1 Audit FileUnix

CONTINGENCY PLANNING

CIS DNS BIND 9.0 - 9.5 v2.0.0CIS ISC BIND 9.0/9.5 v2.0.0Unix
CIS_IBM_DB2_9_v3.0.1_Level_2_OS_Linux.audit from CIS DB2 9 LinuxCIS IBM DB2 9 Benchmark v3.0.1 Level 2 OS LinuxUnix
CIS_Kubernetes_v1.11.1_L1_Worker_Node.audit from CIS Kubernetes Benchmark v1.11.1CIS Kubernetes v1.11.1 L1 Worker NodeUnix
CIS_Kubernetes_v1.11.1_L2_Master_Node.audit from CIS Kubernetes Benchmark v1.11.1CIS Kubernetes v1.11.1 L2 Master NodeUnix
CIS_MariaDB_10.6_Benchmark_v1.1.0_L1_Linux_OS.audit from CIS MariaDB 10.6 BenchmarkCIS MariaDB 10.6 on Linux L1 v1.1.0Unix
CIS_NGINX_v2.1.0_Level_1_Loadbalancer.audit from CIS NGINX Benchmark v2.1.0CIS NGINX Benchmark v2.1.0 L1 LoadbalancerUnix
CIS_NGINX_v2.1.0_Level_1_Proxy.audit from CIS NGINX Benchmark v2.1.0CIS NGINX Benchmark v2.1.0 L1 ProxyUnix
CIS_NGINX_v2.1.0_Level_2_Loadbalancer.audit from CIS NGINX Benchmark v2.1.0CIS NGINX Benchmark v2.1.0 L2 LoadbalancerUnix
CIS_NGINX_v2.1.0_Level_2_Webserver.audit from CIS NGINX Benchmark v2.1.0CIS NGINX Benchmark v2.1.0 L2 WebserverUnix
IIST-SI-000225 - The IIS 10.0 website must be configured to limit the maxURL.DISA IIS 10.0 Site v2r11Windows

SYSTEM AND COMMUNICATIONS PROTECTION

IISW-SV-000132 - The IIS 8.5 web server must separate the hosted applications from hosted web server management functionality.DISA IIS 8.5 Server v2r7Windows

SYSTEM AND COMMUNICATIONS PROTECTION