Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.3 Enable 'aaa authentication enable default'CIS Cisco IOS 15 L1 v4.1.1Cisco

ACCESS CONTROL

1.3.4 Ensure 'Maximum lifetime for user ticket renewal' is set to '7 or fewer days' (STIG DC only)CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DCWindows

IDENTIFICATION AND AUTHENTICATION

1.3.4 Ensure 'Maximum lifetime for user ticket renewal' is set to '7 or fewer days' (STIG DC only)CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DCWindows

IDENTIFICATION AND AUTHENTICATION

2.2.4 Set IP address for 'logging host'CIS Cisco IOS XE 16.x v2.1.0 L1Cisco

AUDIT AND ACCOUNTABILITY, INCIDENT RESPONSE, SYSTEM AND INFORMATION INTEGRITY

2.2.4 Set IP address for 'logging host'CIS Cisco IOS XE 17.x v2.1.1 L2Cisco

AUDIT AND ACCOUNTABILITY, INCIDENT RESPONSE, SYSTEM AND INFORMATION INTEGRITY

2.3.1.3 Ensure 'Accounts: Guest account status' is set to 'Disabled' (STIG DC & MS only)CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DCWindows

IDENTIFICATION AND AUTHENTICATION

3.121 - The system does not have a backup administrator accountDISA Windows Vista STIG v6r41Windows

CONFIGURATION MANAGEMENT

4.5.1 Ensure RIP authentication is set to MD5CIS Juniper OS Benchmark v2.1.0 L1Juniper

IDENTIFICATION AND AUTHENTICATION

6.17 Set Retry Limit for Account LockoutCIS Oracle Solaris 11.4 L1 v1.1.0Unix

ACCESS CONTROL

7.2 Set Strong Password Creation Policies - MINALPHA = 2CIS Solaris 11.2 L1 v1.1.0Unix

IDENTIFICATION AND AUTHENTICATION

7.2 Set Strong Password Creation Policies - MINNONALPHA = 1CIS Solaris 11.2 L1 v1.1.0Unix

IDENTIFICATION AND AUTHENTICATION

7.2 Set Strong Password Creation Policies - DICTIONLIST = /usr/share/lib/dict/wordsCIS Solaris 11.1 L1 v1.0.0Unix

IDENTIFICATION AND AUTHENTICATION

7.2 Set Strong Password Creation Policies - DICTIONLIST = /usr/share/lib/dict/wordsCIS Solaris 11 L1 v1.1.0Unix

IDENTIFICATION AND AUTHENTICATION

7.2 Set Strong Password Creation Policies - MINALPHA = 2CIS Solaris 11 L1 v1.1.0Unix

IDENTIFICATION AND AUTHENTICATION

7.2 Set Strong Password Creation Policies - MINLOWER = 1CIS Solaris 11 L1 v1.1.0Unix

IDENTIFICATION AND AUTHENTICATION

7.2 Set Strong Password Creation Policies - NAMECHECK = yesCIS Solaris 11.1 L1 v1.0.0Unix

IDENTIFICATION AND AUTHENTICATION

7.2 Set Strong Password Creation Policies - PASSLENGTH = 8CIS Solaris 11 L1 v1.1.0Unix

IDENTIFICATION AND AUTHENTICATION

18.1.1.1 (L1) Ensure 'Prevent enabling lock screen camera' is set to 'Enabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NGWindows

ACCESS CONTROL

18.1.1.1 (L1) Ensure 'Prevent enabling lock screen camera' is set to 'Enabled'CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BLWindows

ACCESS CONTROL

18.1.1.1 (L1) Ensure 'Prevent enabling lock screen camera' is set to 'Enabled'CIS Microsoft Windows Server 2016 v3.0.0 L1 DCWindows

CONFIGURATION MANAGEMENT

18.1.1.1 (L1) Ensure 'Prevent enabling lock screen camera' is set to 'Enabled'CIS Windows Server 2012 R2 DC L1 v3.0.0Windows

CONFIGURATION MANAGEMENT

18.1.1.1 (L1) Ensure 'Prevent enabling lock screen camera' is set to 'Enabled'CIS Microsoft Windows Server 2025 v1.0.0 L1 MSWindows

CONFIGURATION MANAGEMENT

18.1.1.1 (L1) Ensure 'Prevent enabling lock screen camera' is set to 'Enabled'CIS Microsoft Windows Server 2019 v3.0.1 L1 DCWindows

CONFIGURATION MANAGEMENT

18.1.1.1 (L1) Ensure 'Prevent enabling lock screen camera' is set to 'Enabled'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

CONFIGURATION MANAGEMENT

18.1.1.1 Ensure 'Prevent enabling lock screen camera' is set to 'Enabled'CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 DCWindows

CONFIGURATION MANAGEMENT

18.1.1.1 Ensure 'Prevent enabling lock screen camera' is set to 'Enabled'CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Domain ControllerWindows

CONFIGURATION MANAGEMENT

20.32 Ensure 'krbtgt account password' is no more than '180 days old' (STIG DC only)CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DCWindows

IDENTIFICATION AND AUTHENTICATION

20.32 Ensure 'krbtgt account password' is no more than '180 days old' (STIG DC only)CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

ACCESS CONTROL

20.32 Ensure 'krbtgt account password' is no more than '180 days old' (STIG DC only)CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DCWindows

ACCESS CONTROL

20.49 Ensure 'Permissions for the Security Event Log must prevent access by non-privileged accounts'CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MSWindows

AUDIT AND ACCOUNTABILITY

20.68 Ensure 'Unified Extensible Firmware Interface (UEFI) firmware must be configured and run in UEFI mode, not Legacy BIOS'CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

SYSTEM AND INFORMATION INTEGRITY

20.68 Ensure 'Unified Extensible Firmware Interface (UEFI) firmware must be configured and run in UEFI mode, not Legacy BIOS'CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MSWindows

SYSTEM AND INFORMATION INTEGRITY

20.68 Ensure 'Unified Extensible Firmware Interface (UEFI) firmware must be configured and run in UEFI mode, not Legacy BIOS'CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DCWindows

SYSTEM AND INFORMATION INTEGRITY

20.68 Ensure 'Unified Extensible Firmware Interface (UEFI) firmware must be configured and run in UEFI mode, not Legacy BIOS' (STIG only)CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DCWindows

SYSTEM AND INFORMATION INTEGRITY

AIOS-14-011000 - Apple iOS/iPadOS must implement the management setting: disable paired Apple Watch.MobileIron - DISA Apple iOS/iPadOS 14 v1r3MDM

ACCESS CONTROL, CONFIGURATION MANAGEMENT

ALMA-09-018830 - AlmaLinux OS 9 firewall must employ a deny-all, allow-by-exception policy for allowing connections to other systems.DISA CloudLinux AlmaLinux OS 9 STIG v1r2Unix

CONFIGURATION MANAGEMENT

ALMA-09-042040 - AlmaLinux OS 9 must have the policycoreutils package installed.DISA CloudLinux AlmaLinux OS 9 STIG v1r2Unix

SYSTEM AND COMMUNICATIONS PROTECTION

CISC-ND-001250 - The Cisco router must be configured to generate log records when administrator privileges are deleted.DISA STIG Cisco IOS XE Router NDM v3r2Cisco

AUDIT AND ACCOUNTABILITY

CISC-RT-000250 - The Cisco perimeter router must be configured to enforce approved authorizations for controlling the flow of information between interconnected networks in accordance with applicable policy.DISA Cisco IOS Router RTR STIG v3r3Cisco

ACCESS CONTROL

CISC-RT-000320 - The Cisco perimeter router must be configured to filter traffic destined to the enclave in accordance with the guidelines contained in DoD Instruction 8551.1.DISA STIG Cisco IOS XE Router RTR v3r2Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

CISC-RT-000320 - The Cisco perimeter router must be configured to filter traffic destined to the enclave in accordance with the guidelines contained in DoD Instruction 8551.1.DISA Cisco IOS Router RTR STIG v3r3Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

DNS Profile - Address - DNS Server 2Tenable Cisco ACICisco_ACI

SYSTEM AND COMMUNICATIONS PROTECTION

EX16-ED-000390 - The Exchange Sender Reputation filter must identify the spam block level.DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r5Windows

SYSTEM AND INFORMATION INTEGRITY

HP ProCurve - 'Configure login attempts'TNS HP ProCurveHPProCurve

ACCESS CONTROL

Management Access Policy - HTTP - Admin StateTenable Cisco ACICisco_ACI

CONFIGURATION MANAGEMENT

Number of recent user passwords to storeTenable Cisco ACICisco_ACI

IDENTIFICATION AND AUTHENTICATION

Password Change Interval (hours)Tenable Cisco ACICisco_ACI

IDENTIFICATION AND AUTHENTICATION

User Account Control: Switch to the secure desktop when prompting for elevationMSCT Windows Server 2012 R2 MS v1.0.0Windows

ACCESS CONTROL

User Account Control: Switch to the secure desktop when prompting for elevationMSCT Windows Server 2012 R2 DC v1.0.0Windows

ACCESS CONTROL

WG400 A22 - All interactive programs (CGI) must be placed in a designated directory with appropriate permissions.DISA STIG Apache Site 2.2 Unix v1r11Unix

ACCESS CONTROL