Detections
Analytics

Item Search

NameAudit NamePluginCategory
2.3.11.13 (L1) Ensure 'Network security: Restrict NTLM: Outgoing NTLM traffic to remote servers' is set to 'Audit all' or higherCIS Microsoft Windows 11 Enterprise v4.0.0 L1Windows

AUDIT AND ACCOUNTABILITY

4.2.18 Ensure SSH MaxAuthTries is set to 4 or lessCIS Debian 10 Workstation L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

5.4 Ensure All Export Activities Are AuditedCIS Oracle Database 23ai v1.0.0 L1 RDBMSOracleDB

AUDIT AND ACCOUNTABILITY

6.3.3.5 Ensure events that modify the system's network environment are collectedCIS SUSE Linux Enterprise 15 v2.0.1 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.3.3.7 Ensure unsuccessful file access attempts are collectedCIS SUSE Linux Enterprise 15 v2.0.1 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.3.3.13 Ensure file deletion events by users are collectedCIS SUSE Linux Enterprise 15 v2.0.1 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.3.3.19 Ensure kernel module loading unloading and modification is collectedCIS SUSE Linux Enterprise 15 v2.0.1 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.3.3.21 Ensure the running and on disk configuration is the sameCIS SUSE Linux Enterprise 15 v2.0.1 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.6 (L1) Ensure 'Account Management Audit Application Group Management' is set to 'Success and Failure'CIS Microsoft Intune for Windows 10 v4.0.0 L1Windows

AUDIT AND ACCOUNTABILITY

6.19 (L1) Ensure 'Object Access Audit Other Object Access Events' is set to 'Success and Failure'CIS Microsoft Intune for Windows 11 v4.0.0 L1Windows

AUDIT AND ACCOUNTABILITY

6.20 (L1) Ensure 'Object Access Audit Removable Storage' is set to 'Success and Failure'CIS Microsoft Intune for Windows 11 v4.0.0 L1Windows

AUDIT AND ACCOUNTABILITY

6.27 (L1) Ensure 'System Audit System Integrity' is set to 'Success and Failure'CIS Microsoft Intune for Windows 11 v4.0.0 L1Windows

AUDIT AND ACCOUNTABILITY

7.1.1.4 Ensure that logging for Azure Key Vault is 'Enabled'CIS Microsoft Azure Foundations v4.0.0 L1microsoft_azure

AUDIT AND ACCOUNTABILITY

7.1.2.6 Ensure that Activity Log Alert exists for Delete Security SolutionCIS Microsoft Azure Foundations v4.0.0 L1microsoft_azure

AUDIT AND ACCOUNTABILITY

7.1.2.7 Ensure that Activity Log Alert exists for Create or Update SQL Server Firewall RuleCIS Microsoft Azure Foundations v4.0.0 L1microsoft_azure

AUDIT AND ACCOUNTABILITY

17.1.1 (L1) Ensure 'Audit Credential Validation' is set to 'Success and Failure'CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BLWindows

AUDIT AND ACCOUNTABILITY

17.2.1 (L1) Ensure 'Audit Application Group Management' is set to 'Success and Failure'CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BLWindows

AUDIT AND ACCOUNTABILITY

17.2.3 (L1) Ensure 'Audit User Account Management' is set to 'Success and Failure'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NGWindows

AUDIT AND ACCOUNTABILITY

17.2.3 (L1) Ensure 'Audit User Account Management' is set to 'Success and Failure'CIS Microsoft Windows 11 Stand-alone v4.0.0 L1Windows

AUDIT AND ACCOUNTABILITY

17.2.4 (L1) Ensure 'Audit Other Account Management Events' is set to include 'Success' (DC only)CIS Microsoft Windows Server 2022 v4.0.0 L1 DCWindows

AUDIT AND ACCOUNTABILITY

17.2.6 (L1) Ensure 'Audit User Account Management' is set to 'Success and Failure'CIS Microsoft Windows Server 2022 v4.0.0 L1 DCWindows

AUDIT AND ACCOUNTABILITY

17.3.2 (L1) Ensure 'Audit Process Creation' is set to include 'Success'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NGWindows

AUDIT AND ACCOUNTABILITY

17.3.2 (L1) Ensure 'Audit Process Creation' is set to include 'Success'CIS Microsoft Windows Server 2022 v4.0.0 L1 MSWindows

AUDIT AND ACCOUNTABILITY

17.3.2 (L1) Ensure 'Audit Process Creation' is set to include 'Success'CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLockerWindows

AUDIT AND ACCOUNTABILITY

17.5.2 (L1) Ensure 'Audit Group Membership' is set to include 'Success'CIS Microsoft Windows Server 2022 v4.0.0 L1 DCWindows

AUDIT AND ACCOUNTABILITY

17.5.2 (L1) Ensure 'Audit Group Membership' is set to include 'Success'CIS Microsoft Windows Server 2022 v4.0.0 L1 MSWindows

AUDIT AND ACCOUNTABILITY

17.6.4 (L1) Ensure 'Audit Removable Storage' is set to 'Success and Failure'CIS Microsoft Windows Server 2022 v4.0.0 L1 DCWindows

AUDIT AND ACCOUNTABILITY

17.6.4 (L1) Ensure 'Audit Removable Storage' is set to 'Success and Failure'CIS Microsoft Windows Server 2022 v4.0.0 L1 MSWindows

AUDIT AND ACCOUNTABILITY

17.7.4 (L1) Ensure 'Audit MPSSVC Rule-Level Policy Change' is set to 'Success and Failure'CIS Microsoft Windows Server 2022 v4.0.0 L1 MSWindows

AUDIT AND ACCOUNTABILITY

17.8.1 Ensure 'Audit Sensitive Privilege Use' is set to 'Success and Failure'CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MSWindows

AUDIT AND ACCOUNTABILITY

17.8.1 Ensure 'Audit Sensitive Privilege Use' is set to 'Success and Failure'CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 MSWindows

AUDIT AND ACCOUNTABILITY

17.9.1 (L1) Ensure 'Audit IPsec Driver' is set to 'Success and Failure'CIS Microsoft Windows 11 Enterprise v4.0.0 L1Windows

AUDIT AND ACCOUNTABILITY

17.9.2 (L1) Ensure 'Audit Other System Events' is set to 'Success and Failure'CIS Microsoft Windows 11 Stand-alone v4.0.0 L1Windows

AUDIT AND ACCOUNTABILITY

17.9.2 (L1) Ensure 'Audit Other System Events' is set to 'Success and Failure'CIS Microsoft Windows 11 Enterprise v4.0.0 L1Windows

AUDIT AND ACCOUNTABILITY

17.9.2 Ensure 'Audit Other System Events' is set to 'Success and Failure'CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MSWindows

AUDIT AND ACCOUNTABILITY

17.9.3 (L1) Ensure 'Audit Security State Change' is set to include 'Success'CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLockerWindows

AUDIT AND ACCOUNTABILITY

17.9.4 (L1) Ensure 'Audit Security System Extension' is set to include 'Success'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NGWindows

AUDIT AND ACCOUNTABILITY

17.9.4 (L1) Ensure 'Audit Security System Extension' is set to include 'Success'CIS Microsoft Windows 11 Stand-alone v4.0.0 L1Windows

AUDIT AND ACCOUNTABILITY

17.9.5 (L1) Ensure 'Audit System Integrity' is set to 'Success and Failure'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NGWindows

AUDIT AND ACCOUNTABILITY

17.9.5 (L1) Ensure 'Audit System Integrity' is set to 'Success and Failure'CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLockerWindows

AUDIT AND ACCOUNTABILITY

17.9.5 Ensure 'Audit System Integrity' is set to 'Success and Failure'CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MSWindows

AUDIT AND ACCOUNTABILITY

18.6.7.1 (L1) Ensure 'Audit client does not support encryption' is set to 'Enabled'CIS Microsoft Windows 11 Stand-alone v4.0.0 L1Windows

AUDIT AND ACCOUNTABILITY

18.6.7.1 (L1) Ensure 'Audit client does not support encryption' is set to 'Enabled'CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLockerWindows

AUDIT AND ACCOUNTABILITY

18.6.7.2 (L1) Ensure 'Audit client does not support signing' is set to 'Enabled'CIS Microsoft Windows 11 Enterprise v4.0.0 L1Windows

AUDIT AND ACCOUNTABILITY

18.6.7.3 (L1) Ensure 'Audit insecure guest logon' is set to 'Enabled'CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLockerWindows

AUDIT AND ACCOUNTABILITY

18.6.8.2 (L1) Ensure 'Audit server does not support encryption' is set to 'Enabled'CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLockerWindows

AUDIT AND ACCOUNTABILITY

18.6.8.3 (L1) Ensure 'Audit server does not support signing' is set to 'Enabled'CIS Microsoft Windows 11 Enterprise v4.0.0 L1Windows

AUDIT AND ACCOUNTABILITY

18.6.8.3 (L1) Ensure 'Audit server does not support signing' is set to 'Enabled'CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLockerWindows

AUDIT AND ACCOUNTABILITY

18.10.16.5 (L1) Ensure 'Enable OneSettings Auditing' is set to 'Enabled'CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BLWindows

AUDIT AND ACCOUNTABILITY

49.27 (L1) Ensure 'Network security: Restrict NTLM: Audit Incoming NTLM Traffic' is set to 'Enable auditing for all accounts'CIS Microsoft Intune for Windows 10 v4.0.0 L1Windows

AUDIT AND ACCOUNTABILITY