Item Search

Name	Audit Name	Plugin	Category
2.3.6.4 (L1) Ensure 'Domain member: Disable machine account password changes' is set to 'Disabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.6.4 (L1) Ensure 'Domain member: Disable machine account password changes' is set to 'Disabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.6.6 (L1) Ensure 'Domain member: Require strong (Windows 2000 or later) session key' is set to 'Enabled'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NG	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
3.13 Ensure no admin role membership in MSDB database	CIS Microsoft SQL Server 2019 v1.5.2 L1 Database Engine	MS_SQLDB	ACCESS CONTROL
8.2 Review Role Members	CIS IBM DB2 v10 v1.1.0 Database Level 1	IBM_DB2DB
8.2 Review Role Members	CIS IBM DB2 v10 v1.1.0 Database Level 2	IBM_DB2DB
18.2.1 Ensure LAPS AdmPwd GPO Extension / CSE is installed	CIS Microsoft Windows 8.1 v2.4.1 L1	Windows	IDENTIFICATION AND AUTHENTICATION
18.9.26.8 Ensure 'Post-authentication actions: Actions' is set to 'Enabled: Reset the password and logoff the managed account' or higher	CIS Microsoft Windows Server 2022 v5.0.0 L1 MS	Windows	IDENTIFICATION AND AUTHENTICATION
18.9.28.2 (L1) Ensure 'Do not display network selection UI' is set to 'Enabled'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1	Windows	ACCESS CONTROL
18.9.28.2 (L1) Ensure 'Do not display network selection UI' is set to 'Enabled'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NG	Windows	ACCESS CONTROL
18.9.28.2 (L1) Ensure 'Do not display network selection UI' is set to 'Enabled'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NG	Windows	ACCESS CONTROL
18.9.29.2 Ensure 'Do not display network selection UI' is set to 'Enabled'	CIS Microsoft Windows 11 Stand-alone v5.0.0 L1	Windows	ACCESS CONTROL
18.9.35.1 (L1) Ensure 'Configure Offer Remote Assistance' is set to 'Disabled'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG	Windows	CONFIGURATION MANAGEMENT
18.10.10.2.2 (BL) Ensure 'Allow Secure Boot for integrity validation' is set to 'Enabled'	CIS Microsoft Windows 10 Stand-alone v4.0.0 BL	Windows	SYSTEM AND INFORMATION INTEGRITY
18.10.10.2.2 (BL) Ensure 'Allow Secure Boot for integrity validation' is set to 'Enabled'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NG	Windows	SYSTEM AND INFORMATION INTEGRITY
18.10.42.5.1 Ensure 'Configure local setting override for reporting to Microsoft MAPS' is set to 'Disabled'	CIS Microsoft Windows 11 Enterprise v5.0.1 L1 BL	Windows	CONFIGURATION MANAGEMENT
18.10.42.10.2 Ensure 'Scan all downloaded files and attachments' is set to 'Enabled'	CIS Microsoft Windows 11 Enterprise v5.0.1 L1	Windows	SYSTEM AND INFORMATION INTEGRITY
18.10.42.13.3 (L1) Ensure 'Turn on e-mail scanning' is set to 'Enabled'	CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1	Windows	SYSTEM AND INFORMATION INTEGRITY
18.10.42.13.5 Ensure 'Turn on e-mail scanning' is set to 'Enabled'	CIS Microsoft Windows 11 Enterprise v5.0.1 L1	Windows	SYSTEM AND INFORMATION INTEGRITY
18.10.42.13.5 Ensure 'Turn on e-mail scanning' is set to 'Enabled'	CIS Microsoft Windows 11 Enterprise v5.0.1 L1 BL	Windows	SYSTEM AND INFORMATION INTEGRITY
18.10.43.5.1 (L1) Ensure 'Configure local setting override for reporting to Microsoft MAPS' is set to 'Disabled'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NG	Windows	CONFIGURATION MANAGEMENT
18.10.43.5.1 (L1) Ensure 'Configure local setting override for reporting to Microsoft MAPS' is set to 'Disabled'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1	Windows	CONFIGURATION MANAGEMENT
18.10.43.5.2 (L2) Ensure 'Join Microsoft MAPS' is set to 'Disabled'	CIS Microsoft Windows Server 2016 v4.0.0 L2 DC	Windows	CONFIGURATION MANAGEMENT
18.10.43.5.2 (L2) Ensure 'Join Microsoft MAPS' is set to 'Disabled'	CIS Microsoft Windows Server 2016 v4.0.0 L2 MS	Windows	CONFIGURATION MANAGEMENT
18.10.43.10.2 (L1) Ensure 'Scan all downloaded files and attachments' is set to 'Enabled'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1	Windows	SYSTEM AND INFORMATION INTEGRITY
18.10.43.10.2 (L1) Ensure 'Scan all downloaded files and attachments' is set to 'Enabled'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1	Windows	SYSTEM AND INFORMATION INTEGRITY
18.10.43.10.3 (L1) Ensure 'Turn off real-time protection' is set to 'Disabled'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL	Windows	SYSTEM AND INFORMATION INTEGRITY
18.10.43.10.3 (L1) Ensure 'Turn off real-time protection' is set to 'Disabled'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NG	Windows	SYSTEM AND INFORMATION INTEGRITY
18.10.43.13.5 (L1) Ensure 'Turn on e-mail scanning' is set to 'Enabled'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1	Windows	SYSTEM AND INFORMATION INTEGRITY
18.10.43.13.5 (L1) Ensure 'Turn on e-mail scanning' is set to 'Enabled'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NG	Windows	SYSTEM AND INFORMATION INTEGRITY
Domain member: Digitally encrypt or sign secure channel data (always)	MSCT Windows 10 1803 v1.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
Domain member: Digitally encrypt or sign secure channel data (always)	MSCT Windows Server 2016 DC v1.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
Domain member: Digitally encrypt or sign secure channel data (always)	MSCT Windows 10 v21H1 v1.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
Domain member: Digitally encrypt or sign secure channel data (always)	MSCT Windows Server v2004 MS v1.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
Domain member: Digitally encrypt or sign secure channel data (always)	MSCT Windows Server 2012 R2 MS v1.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
Domain member: Digitally encrypt or sign secure channel data (always)	MSCT Windows Server 2019 MS v1.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
Domain member: Digitally encrypt or sign secure channel data (always)	MSCT Windows Server 2025 DC v2506 v1.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
Domain member: Digitally encrypt or sign secure channel data (always)	MSCT Windows Server 2025 MS v2506 v1.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
Domain member: Digitally encrypt or sign secure channel data (always)	MSCT Windows 11 v23H2 v1.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
Domain member: Digitally encrypt or sign secure channel data (always)	MSCT Windows 10 1909 v1.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
Domain member: Digitally encrypt or sign secure channel data (always)	MSCT Windows 10 v20H2 v1.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
Domain member: Digitally encrypt or sign secure channel data (always)	MSCT Windows 11 v1.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
Domain member: Digitally encrypt or sign secure channel data (always)	MSCT Windows Server 1903 MS v1.19.9	Windows	IDENTIFICATION AND AUTHENTICATION
Domain member: Digitally encrypt or sign secure channel data (always)	MSCT Windows Server v2004 DC v1.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
Domain member: Digitally encrypt or sign secure channel data (always)	MSCT Windows Server 2022 v1.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
Domain member: Digitally encrypt or sign secure channel data (always)	MSCT Windows Server v20H2 DC v1.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
Domain member: Digitally encrypt or sign secure channel data (always) - requiresignorseal	MSCT Windows Server 2025 DC v1.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
SQL2-00-015400 - SQL Server software installation account(s) must be restricted to authorized users.	DISA STIG SQL Server 2012 Database OS Audit v1r20	Windows	CONFIGURATION MANAGEMENT
SQL4-00-015400 - SQL Server software installation account(s) must be restricted to authorized users.	DISA STIG SQL Server 2014 Instance OS Audit v2r4	Windows	CONFIGURATION MANAGEMENT
WN12-CC-000109 - Automatic download of updates from the Windows Store must be turned off.	DISA Windows Server 2012 and 2012 R2 MS STIG v3r7	Windows	CONFIGURATION MANAGEMENT

Detections

Analytics

Item Search