Detections
Analytics

Item Search

NameAudit NamePluginCategory
2.2.4 (L1) Ensure 'Act as part of the operating system' is set to 'No One'CIS Windows Server 2012 R2 DC L1 v3.0.0Windows

ACCESS CONTROL

2.2.11 (L1) Ensure 'Change the system time' is set to 'Administrators, LOCAL SERVICE'CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1Windows

ACCESS CONTROL

2.2.12 (L1) Ensure 'Change the time zone' is set to 'Administrators, LOCAL SERVICE'CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1Windows

ACCESS CONTROL

2.2.13 (L1) Ensure 'Create a pagefile' is set to 'Administrators'CIS Windows Server 2012 DC L1 v3.0.0Windows

ACCESS CONTROL

2.2.16 (L1) Ensure 'Create permanent shared objects' is set to 'No One'CIS Windows Server 2012 DC L1 v3.0.0Windows

ACCESS CONTROL

2.2.25 (L1) Ensure 'Deny log on through Remote Desktop Services' to include 'Guests' (DC only)CIS Windows Server 2012 R2 DC L1 v3.0.0Windows

ACCESS CONTROL

2.2.29 Ensure 'Deny log on as a service' to include 'No one' (STIG DC only)CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DCWindows

ACCESS CONTROL

2.2.36 (L2) Ensure 'Log on as a batch job' is set to 'Administrators' (DC Only)CIS Windows Server 2012 R2 DC L2 v3.0.0Windows

ACCESS CONTROL

2.2.37 (L1) Ensure 'Manage auditing and security log' is set to 'Administrators' and (when Exchange is running in the environment) 'Exchange Servers' (DC only)CIS Windows Server 2012 R2 DC L1 v3.0.0Windows

ACCESS CONTROL

2.2.39 (L1) Ensure 'Modify an object label' is set to 'No One'CIS Windows Server 2012 R2 DC L1 v3.0.0Windows

ACCESS CONTROL

2.2.39 (L1) Ensure 'Modify an object label' is set to 'No One'CIS Windows Server 2012 DC L1 v3.0.0Windows

ACCESS CONTROL

2.2.41 (L1) Ensure 'Perform volume maintenance tasks' is set to 'Administrators'CIS Windows Server 2012 R2 DC L1 v3.0.0Windows

ACCESS CONTROL

2.2.42 (L1) Ensure 'Profile single process' is set to 'Administrators'CIS Windows Server 2012 R2 DC L1 v3.0.0Windows

ACCESS CONTROL

2.2.43 (L1) Ensure 'Profile system performance' is set to 'Administrators, NT SERVICE\WdiServiceHost'CIS Windows Server 2012 DC L1 v3.0.0Windows

ACCESS CONTROL

2.2.44 (L1) Ensure 'Replace a process level token' is set to 'LOCAL SERVICE, NETWORK SERVICE'CIS Windows Server 2012 R2 DC L1 v3.0.0Windows

ACCESS CONTROL

2.2.44 Ensure 'Impersonate a client after authentication' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE' (STIG MS only)CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MSWindows

ACCESS CONTROL

2.2.46 (L1) Ensure 'Shut down the system' is set to 'Administrators'CIS Windows Server 2012 R2 DC L1 v3.0.0Windows

ACCESS CONTROL

2.2.47 (L1) Ensure 'Synchronize directory service data' is set to 'No One' (DC only)CIS Windows Server 2012 DC L1 v3.0.0Windows

ACCESS CONTROL

2.3.10.7 (L1) Ensure 'Network access: Remotely accessible registry paths' is configuredCIS Microsoft Windows 10 EMS Gateway v3.0.0 L1Windows

ACCESS CONTROL

2.3.10.8 (L1) Configure 'Network access: Remotely accessible registry paths' is configuredCIS Windows Server 2012 DC L1 v3.0.0Windows

ACCESS CONTROL

2.3.10.8 (L1) Ensure 'Network access: Remotely accessible registry paths and sub-paths' is configuredCIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BLWindows

ACCESS CONTROL

2.3.10.8 (L1) Ensure 'Network access: Remotely accessible registry paths' is configuredCIS Microsoft Windows Server 2022 v4.0.0 L1 DCWindows

ACCESS CONTROL

2.3.10.9 (L1) Configure 'Network access: Remotely accessible registry paths and sub-paths' is configuredCIS Windows Server 2012 R2 DC L1 v3.0.0Windows

ACCESS CONTROL

2.9 Ensure SNS Topics do not Allow Everyone To PublishCIS Amazon Web Services Three-tier Web Architecture L1 1.0.0amazon_aws

ACCESS CONTROL

5.1.2 Check System Wide Applications for appropriate permissionsCIS Apple macOS 10.13 L1 v1.1.0Unix

ACCESS CONTROL

9.3.13 Limit Access via SSHCIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0Unix

ACCESS CONTROL

Create a pagefileMSCT Windows Server 2025 MS v1.0.0Windows

ACCESS CONTROL

Create a pagefileMSCT Windows 11 v24H2 v1.0.0Windows

ACCESS CONTROL

Create a token objectMSCT Windows 11 v23H2 v1.0.0Windows

ACCESS CONTROL

Create global objectsMSCT Windows Server 2025 DC v1.0.0Windows

ACCESS CONTROL

Create global objectsMSCT Windows Server 2025 MS v1.0.0Windows

ACCESS CONTROL

Create global objectsMSCT Windows 11 v23H2 v1.0.0Windows

ACCESS CONTROL

Debug programsMSCT Windows Server 2025 MS v1.0.0Windows

ACCESS CONTROL

Deny access to this computer from the networkMSCT Windows 11 v23H2 v1.0.0Windows

ACCESS CONTROL

Deny log on through Remote Desktop ServicesMSCT Windows 11 v23H2 v1.0.0Windows

ACCESS CONTROL

Enable computer and user accounts to be trusted for delegationMSCT Windows Server 2025 MS v1.0.0Windows

ACCESS CONTROL

Enable computer and user accounts to be trusted for delegationMSCT Windows 11 v24H2 v1.0.0Windows

ACCESS CONTROL

Enable computer and user accounts to be trusted for delegationMSCT Windows 11 v23H2 v1.0.0Windows

ACCESS CONTROL

Impersonate a client after authenticationMSCT Windows Server 2025 DC v1.0.0Windows

ACCESS CONTROL

Load and unload device driversMSCT Windows 11 v24H2 v1.0.0Windows

ACCESS CONTROL

Lock pages in memoryMSCT Windows 11 v22H2 v1.0.0Windows

ACCESS CONTROL

Manage auditing and security logMSCT Windows 11 v22H2 v1.0.0Windows

ACCESS CONTROL

Manage auditing and security logMSCT Windows 11 v24H2 v1.0.0Windows

ACCESS CONTROL

Modify firmware environment valuesMSCT Windows 11 v24H2 v1.0.0Windows

ACCESS CONTROL

Modify firmware environment valuesMSCT Windows 11 v23H2 v1.0.0Windows

ACCESS CONTROL

Perform volume maintenance tasksMSCT Windows 11 v22H2 v1.0.0Windows

ACCESS CONTROL

Profile single processMSCT Windows Server 2025 DC v1.0.0Windows

ACCESS CONTROL

Restore files and directoriesMSCT Windows Server 2025 MS v1.0.0Windows

ACCESS CONTROL

Take ownership of files or other objectsMSCT Windows 11 v22H2 v1.0.0Windows

ACCESS CONTROL

Take ownership of files or other objectsMSCT Windows 11 v24H2 v1.0.0Windows

ACCESS CONTROL