Detections
Analytics

Item Search

NameAudit NamePluginCategory
2.3.10.2 (L1) Ensure 'Network access: Do not allow anonymous enumeration of SAM accounts' is set to 'Enabled' (MS only)CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

ACCESS CONTROL

2.3.10.3 (L1) Ensure 'Network access: Do not allow anonymous enumeration of SAM accounts and shares' is set to 'Enabled' (MS only)CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1Windows

ACCESS CONTROL

2.3.10.3 Ensure 'Network access: Do not allow anonymous enumeration of SAM accounts' is set to 'Enabled' (STIG only)CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MSWindows

ACCESS CONTROL

2.3.10.4 Ensure 'Network access: Do not allow anonymous enumeration of SAM accounts and shares' is set to 'Enabled' (MS only)CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 MSWindows

ACCESS CONTROL

2.3.10.5 (L1) Ensure 'Network access: Let Everyone permissions apply to anonymous users' is set to 'Disabled'CIS Windows Server 2012 MS L1 v3.0.0Windows

ACCESS CONTROL

2.3.10.5 (L1) Ensure 'Network access: Let Everyone permissions apply to anonymous users' is set to 'Disabled'CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1Windows

ACCESS CONTROL

2.3.10.5 (L1) Ensure 'Network access: Let Everyone permissions apply to anonymous users' is set to 'Disabled'CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1Windows

ACCESS CONTROL

2.3.10.5 (L1) Ensure 'Network access: Let Everyone permissions apply to anonymous users' is set to 'Disabled'CIS Windows Server 2012 R2 DC L1 v3.0.0Windows

ACCESS CONTROL

2.3.10.5 Ensure 'Network access: Do not allow anonymous enumeration of SAM accounts and shares' is set to 'Enabled' (STIG only)CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MSWindows

ACCESS CONTROL

2.3.10.7 Ensure 'Network access: Let Everyone permissions apply to anonymous users' is set to 'Disabled'CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MSWindows

ACCESS CONTROL

2.3.10.10 (L1) Ensure 'Network access: Restrict anonymous access to Named Pipes and Shares' is set to 'Enabled'CIS Windows Server 2012 R2 MS L1 v3.0.0Windows

ACCESS CONTROL

2.3.10.10 (L1) Ensure 'Network access: Restrict anonymous access to Named Pipes and Shares' is set to 'Enabled'CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

ACCESS CONTROL

2.3.10.10 (L1) Ensure 'Network access: Restrict anonymous access to Named Pipes and Shares' is set to 'Enabled'CIS Windows Server 2012 R2 DC L1 v3.0.0Windows

ACCESS CONTROL

2.3.10.12 Ensure 'Network access: Restrict anonymous access to Named Pipes and Shares' is set to 'Enabled'CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MSWindows

ACCESS CONTROL

2.3.11.2 (L1) Ensure 'Network security: Allow LocalSystem NULL session fallback' is set to 'Disabled'CIS Windows Server 2012 MS L1 v3.0.0Windows

ACCESS CONTROL

2.3.11.2 (L1) Ensure 'Network security: Allow LocalSystem NULL session fallback' is set to 'Disabled'CIS Windows Server 2012 DC L1 v3.0.0Windows

ACCESS CONTROL

2.3.11.2 Ensure 'Network security: Allow LocalSystem NULL session fallback' is set to 'Disabled'CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MSWindows

ACCESS CONTROL

2.3.13.1 Ensure 'Shutdown: Allow system to be shut down without having to log on' is set to 'Disabled'CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 DCWindows

ACCESS CONTROL

2.3.13.1 Ensure 'Shutdown: Allow system to be shut down without having to log on' is set to 'Disabled'CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 MSWindows

ACCESS CONTROL

2.3.17.3 (L1) Ensure 'User Account Control: Behavior of the elevation prompt for standard users' is set to 'Automatically deny elevation requests'CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1Windows

ACCESS CONTROL

2.3.17.5 Ensure 'User Account Control: Behavior of the elevation prompt for standard users' is set to 'Automatically deny elevation requests'CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 DCWindows

ACCESS CONTROL

2.7 Configure 'Remove Security tab'CIS Windows 8 L1 v1.0.0Windows

ACCESS CONTROL

18.5.11.3 (L1) Ensure 'Require domain users to elevate when setting a network's location' is set to 'Enabled'CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1Windows

ACCESS CONTROL

18.6.11.3 (L1) Ensure 'Require domain users to elevate when setting a network's location' is set to 'Enabled'CIS Windows Server 2012 DC L1 v3.0.0Windows

ACCESS CONTROL

18.6.11.4 Ensure 'Require domain users to elevate when setting a network's location' is set to 'Enabled'CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 MSWindows

ACCESS CONTROL

18.9.27.2 (L1) Ensure 'Do not enumerate connected users on domain-joined computers' is set to 'Enabled'CIS Windows Server 2012 MS L1 v3.0.0Windows

ACCESS CONTROL

18.9.27.2 (L1) Ensure 'Do not enumerate connected users on domain-joined computers' is set to 'Enabled'CIS Windows Server 2012 R2 MS L1 v3.0.0Windows

ACCESS CONTROL

18.9.27.5 (L1) Ensure 'Turn off picture password sign-in' is set to 'Enabled'CIS Windows Server 2012 DC L1 v3.0.0Windows

ACCESS CONTROL

18.9.27.6 (L1) Ensure 'Turn on convenience PIN sign-in' is set to 'Disabled'CIS Windows Server 2012 R2 MS L1 v3.0.0Windows

ACCESS CONTROL

18.9.28.2 Ensure 'Do not display network selection UI' is set to 'Enabled'CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MSWindows

ACCESS CONTROL

18.9.39.2 Ensure 'Turn off location' is set to 'Enabled'CIS Windows 7 Workstation Level 2 v3.2.0Windows

ACCESS CONTROL

18.9.77.3.1 Ensure 'Join Microsoft MAPS' is set to 'Disabled'CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0Windows

ACCESS CONTROL

18.9.100.2 (L1) Ensure 'Turn on PowerShell Transcription' is set to 'Disabled'CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1Windows

ACCESS CONTROL

18.10.14.2 Ensure 'Enumerate administrator accounts on elevation' is set to 'Disabled'CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 DCWindows

ACCESS CONTROL

20.43 Ensure 'Organization created Active Directory Organizational Unit (OU) objects have proper access control permissions' (STIG DC only)CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

ACCESS CONTROL

Allow user control over installsMSCT Windows 10 v21H1 v1.0.0Windows

ACCESS CONTROL

Allow user control over installsMSCT Windows 11 v1.0.0Windows

ACCESS CONTROL

Always install with elevated privilegesMSCT Windows 10 v22H2 v1.0.0Windows

ACCESS CONTROL

Configure Windows Defender SmartScreen - EnableSmartScreenMSCT Windows 11 v1.0.0Windows

ACCESS CONTROL

Configure Windows Defender SmartScreen - ShellSmartScreenLevelMSCT Windows 10 v20H2 v1.0.0Windows

ACCESS CONTROL

Configure Windows Defender SmartScreen - ShellSmartScreenLevelMSCT Windows 11 v1.0.0Windows

ACCESS CONTROL

Disallow WinRM from storing RunAs credentialsMSCT Windows 10 v22H2 v1.0.0Windows

ACCESS CONTROL

Disallow WinRM from storing RunAs credentialsMSCT Windows 11 v1.0.0Windows

ACCESS CONTROL

Enable local admin password managementMSCT Windows 11 v1.0.0Windows

ACCESS CONTROL

Network access: Do not allow anonymous enumeration of SAM accountsMSCT Windows 10 v22H2 v1.0.0Windows

ACCESS CONTROL

Network access: Do not allow anonymous enumeration of SAM accounts and sharesMSCT Windows 10 v22H2 v1.0.0Windows

ACCESS CONTROL

Turn on PowerShell Script Block Logging - EnableScriptBlockInvocationLoggingMSCT Windows 10 v21H1 v1.0.0Windows

ACCESS CONTROL

Turn on PowerShell Script Block Logging - EnableScriptBlockInvocationLoggingMSCT Windows 10 v22H2 v1.0.0Windows

ACCESS CONTROL

Turn on PowerShell Script Block Logging - EnableScriptBlockLoggingMSCT Windows Server 2022 v1.0.0Windows

ACCESS CONTROL

Turn on PowerShell Script Block Logging - EnableScriptBlockLoggingMSCT Windows 10 v22H2 v1.0.0Windows

ACCESS CONTROL