Item Search

Name	Audit Name	Plugin	Category
1.3.1 Ensure sudo is installed	CIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0	Unix	ACCESS CONTROL
1.3.2 Ensure sudo commands use pty	CIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0	Unix	ACCESS CONTROL
1.4.3.5 Ensure 'aaa authentication ssh console' is configured correctly	CIS Cisco Firewall ASA 9 L1 v4.1.0	Cisco	ACCESS CONTROL
2.2.6 Ensure 'REMOTE_LOGIN_PASSWORDFILE' Is Set to 'NONE'	CIS Oracle Server 19c DB Traditional Auditing v1.2.0	OracleDB	ACCESS CONTROL
2.2.7 Ensure 'REMOTE_OS_AUTHENT' Is Set to 'FALSE'	CIS Oracle Server 19c DB Unified Auditing v1.2.0	OracleDB	ACCESS CONTROL
2.2.8 (L1) Ensure 'Allow log on through Remote Desktop Services' is set to 'Administrators' (DC only)	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.8 Ensure 'REMOTE_OS_ROLES' Is Set to 'FALSE'	CIS Oracle Server 19c DB Unified Auditing v1.2.0	OracleDB	ACCESS CONTROL
2.2.9 (L1) Ensure 'Allow log on through Remote Desktop Services' is set to 'Administrators, Remote Desktop Users' (MS only)	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.3.9.4 (L1) Ensure 'Microsoft network server: Disconnect clients when logon hours expire' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.3.9.4 (L1) Ensure 'Microsoft network server: Disconnect clients when logon hours expire' is set to 'Enabled'	CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1	Windows	ACCESS CONTROL
2.3.9.4 Ensure 'Microsoft network server: Disconnect clients when logon hours expire' is set to 'Enabled'	CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS	Windows	ACCESS CONTROL
2.3.11.3 (L1) Ensure 'Network security: Force logoff when logon hours expire' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL
2.3.11.3 (L1) Ensure 'Network security: Force logoff when logon hours expire' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.3.11.6 (L1) Ensure 'Network security: Force logoff when logon hours expire' is set to 'Enabled'	CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1	Windows	ACCESS CONTROL
2.3.17.1 (L1) Ensure 'User Account Control: Admin Approval Mode for the Built-in Administrator account' is set to 'Enabled'	CIS Windows Server 2012 R2 DC L1 v3.0.0	Windows	ACCESS CONTROL
2.3.17.1 (L1) Ensure 'User Account Control: Admin Approval Mode for the Built-in Administrator account' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL
2.3.17.1 (L1) Ensure 'User Account Control: Admin Approval Mode for the Built-in Administrator account' is set to 'Enabled'	CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DC	Windows	ACCESS CONTROL
2.3.17.1 Ensure 'User Account Control: Admin Approval Mode for the Built-in Administrator account' is set to 'Enabled'	CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC	Windows	ACCESS CONTROL
2.13 Ensure the 'sa' Login Account is set to 'Disabled'	CIS SQL Server 2017 Database L1 AWS RDS v1.3.0	MS_SQLDB	ACCESS CONTROL
2.13 Ensure the 'sa' Login Account is set to 'Disabled'	CIS SQL Server 2017 Database L1 DB v1.3.0	MS_SQLDB	ACCESS CONTROL
2.13 Ensure the 'sa' Login Account is set to 'Disabled'	CIS SQL Server 2022 Database L1 AWS RDS v1.1.0	MS_SQLDB	ACCESS CONTROL
2.13 Ensure the 'sa' Login Account is set to 'Disabled'	CIS Microsoft SQL Server 2019 v1.5.0 L1 AWS RDS	MS_SQLDB	ACCESS CONTROL
3.3 Ensure 'Orphaned Users' are Dropped From SQL Server Databases	CIS SQL Server 2017 Database L1 AWS RDS v1.3.0	MS_SQLDB	ACCESS CONTROL
3.4 Ensure SQL Authentication is not used in contained databases	CIS SQL Server 2022 Database L1 AWS RDS v1.1.0	MS_SQLDB	ACCESS CONTROL
3.4 Ensure that each role for each MongoDB database is needed and grants only the necessary privileges	CIS MongoDB 4 L1 DB v1.0.0	MongoDB	ACCESS CONTROL
3.9 Ensure 'INACTIVE_ACCOUNT_TIME' Is Less than or Equal to '120'	CIS Oracle Server 19c DB Traditional Auditing v1.2.0	OracleDB	ACCESS CONTROL
4.1 Ensure a non-root user account exists for local admin access	CIS VMware ESXi 6.5 v1.0.0 Level 1 Bare Metal	Unix	ACCESS CONTROL
4.2 Ensure 'CHECK_EXPIRATION' Option is set to 'ON' for All SQL Authenticated Logins Within the Sysadmin Role	CIS Microsoft SQL Server 2019 v1.5.0 L1 AWS RDS	MS_SQLDB	ACCESS CONTROL
4.3 Ensure 'DBA_USERS.AUTHENTICATION_TYPE' Is Not Set to 'EXTERNAL' for Any User	CIS Oracle Server 19c DB Traditional Auditing v1.2.0	OracleDB	ACCESS CONTROL
5.1.5 Ensure that default service accounts are not actively used.	CIS Red Hat OpenShift Container Platform v1.7.0 L1	OpenShift	ACCESS CONTROL
5.3.5 Ensure SSH access is limited	CIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0	Unix	ACCESS CONTROL
5.4.1.4 Ensure inactive password lock is 30 days or less - useradd	CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0	Unix	ACCESS CONTROL
5.5.2 Ensure system accounts are secured - unlocked non-root	CIS Oracle Linux 6 Server L1 v2.0.0	Unix	ACCESS CONTROL
5.5.2 Ensure system accounts are secured - unlocked non-root	CIS Oracle Linux 6 Workstation L1 v2.0.0	Unix	ACCESS CONTROL
9.4 Ensure 'safRegistry' is configured	CIS IBM WebSphere Liberty v1.0.0 L1	Unix	ACCESS CONTROL
18.2.2 (L1) Ensure 'Do not allow password expiration time longer than required by policy' is set to 'Enabled' (MS only)	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
18.4.1 (L1) Ensure 'Apply UAC restrictions to local accounts on network logons' is set to 'Enabled'	CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1	Windows	ACCESS CONTROL
18.4.1 Ensure 'Apply UAC restrictions to local accounts on network logons' is set to 'Enabled' (MS only)	CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Member Server	Windows	ACCESS CONTROL
18.9.6.1 (L1) Ensure 'Allow Microsoft accounts to be optional' is set to 'Enabled'	CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MS	Windows	ACCESS CONTROL
18.9.46.1 Ensure 'Block all consumer Microsoft account user authentication' is set to 'Enabled'	CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS	Windows	ACCESS CONTROL
18.10.5.1 Ensure 'Allow Microsoft accounts to be optional' is set to 'Enabled'	CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 Domain Controller	Windows	ACCESS CONTROL
18.10.41.1 Ensure 'Block all consumer Microsoft account user authentication' is set to 'Enabled'	CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Member Server	Windows	ACCESS CONTROL
18.10.42.1 (L1) Ensure 'Block all consumer Microsoft account user authentication' is set to 'Enabled'	CIS Microsoft Windows Server 2025 v1.0.0 L1 DC	Windows	ACCESS CONTROL
18.10.80.2 Ensure 'Always install with elevated privileges' is set to 'Disabled'	CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Member Server	Windows	ACCESS CONTROL
19.7.42.1 (L1) Ensure 'Always install with elevated privileges' is set to 'Disabled'	CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1	Windows	ACCESS CONTROL
19.7.42.1 Ensure 'Always install with elevated privileges' is set to 'Disabled'	CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Member Server	Windows	ACCESS CONTROL
19.7.44.1 (L1) Ensure 'Always install with elevated privileges' is set to 'Disabled'	CIS Microsoft Windows Server 2025 v1.0.0 L1 MS	Windows	ACCESS CONTROL
20.32 Ensure 'krbtgt account password' is no more than '180 days old' (STIG DC only)	CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC	Windows	ACCESS CONTROL
20.44 Ensure 'Orphaned security identifiers (SIDs) must be removed from user rights'	CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC	Windows	ACCESS CONTROL
20.45 Ensure 'Outdated or unused accounts are removed or disabled'	CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS	Windows	ACCESS CONTROL

Detections

Analytics

Item Search