Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1 Verify all Apple provided software is currentCIS Apple macOS 10.12 L1 v1.2.0Unix

SYSTEM AND INFORMATION INTEGRITY

1.4 Enable system data files and security update installs - 'ConfigDataInstall'CIS Apple macOS 10.12 L1 v1.2.0Unix

SYSTEM AND INFORMATION INTEGRITY

1.11 (L2) Host hardware must secure unused external hardware portsCIS VMware ESXi 8.0 v1.2.0 L2VMware

CONFIGURATION MANAGEMENT

2.1.1 Turn off Bluetooth, if no paired devices existCIS Apple macOS 10.12 L1 v1.2.0Unix

CONFIGURATION MANAGEMENT

2.2.1 Enable 'Set time and date automatically' - Set time and date automaticallyCIS Apple macOS 10.12 L1 v1.2.0Unix

AUDIT AND ACCOUNTABILITY

2.3.1 Set an inactivity interval of 20 minutes or less for the screen saverCIS Apple macOS 10.12 L1 v1.2.0Unix

ACCESS CONTROL

2.3.9.5 (L1) Ensure 'Microsoft network server: Server SPN target name validation level' is set to 'Accept if provided by client' or higherCIS Microsoft Windows Server 2019 Stand-alone v2.0.0 L1 MSWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.3.9.5 (L1) Ensure 'Microsoft network server: Server SPN target name validation level' is set to 'Accept if provided by client' or higher (MS only)CIS Microsoft Windows Server 2016 v3.0.0 L1 MSWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.3.9.5 (L1) Ensure 'Microsoft network server: Server SPN target name validation level' is set to 'Accept if provided by client' or higher (MS only)CIS Microsoft Windows Server 2025 v1.0.0 L1 MSWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.3.9.5 Ensure 'Microsoft network server: Server SPN target name validation level' is set to 'Accept if provided by client' or higher (MS only)CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 MSWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.3.10.7 Configure 'Network access: Remotely accessible registry paths' is configured - Network access: Remotely accessible registry paths is configuredCIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DCWindows

ACCESS CONTROL

2.3.10.7 Configure 'Network access: Remotely accessible registry paths' is configured - Network access: Remotely accessible registry paths is configuredCIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MSWindows

ACCESS CONTROL

2.3.10.7 Ensure 'Network access: Remotely accessible registry paths'CIS Microsoft Windows 8.1 v2.4.1 L1Windows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.3.11.6 Ensure 'Network security: LAN Manager authentication level' is set to 'Send NTLMv2 response only. Refuse LM & NTLM' - Send NTLMv2 response only. Refuse LM & NTLMCIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MSWindows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.4.7 Disable Bluetooth SharingCIS Apple macOS 10.12 L1 v1.2.0Unix

CONFIGURATION MANAGEMENT

2.4.8 Disable File Sharing - AppleFileServerCIS Apple macOS 10.12 L1 v1.2.0Unix

CONFIGURATION MANAGEMENT

2.4.9 Disable Remote ManagementCIS Apple macOS 10.12 L1 v1.2.0Unix

CONFIGURATION MANAGEMENT

2.5.4.1 (L1) Ensure 'Do not allow Home Page URL to be set in folder Properties' is set to 'Enabled'CIS Microsoft Intune for Office v1.1.0 L1Windows

CONFIGURATION MANAGEMENT

2.6.3 Enable FirewallCIS Apple macOS 10.12 L1 v1.2.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

2.10 Enable Secure Keyboard Entry in terminal.appCIS Apple macOS 10.12 L1 v1.2.0Unix

CONFIGURATION MANAGEMENT

2.12 (L2) Host must enable volatile key destructionCIS VMware ESXi 8.0 v1.2.0 L2VMware

CONFIGURATION MANAGEMENT, MAINTENANCE

3.1 (L1) Host should deactivate SSHCIS VMware ESXi 8.0 v1.2.0 L1VMware

CONFIGURATION MANAGEMENT

3.2 (L1) Host must deactivate the ESXi shellCIS VMware ESXi 8.0 v1.2.0 L1VMware

CONFIGURATION MANAGEMENT

3.4 Control access to audit records - /etc/security/audit_controlCIS Apple macOS 10.12 L1 v1.2.0Unix
3.11 (L1) Host must enforce password complexityCIS VMware ESXi 8.0 v1.2.0 L1VMware

IDENTIFICATION AND AUTHENTICATION

3.21 (L2) Host should enable strict lockdown modeCIS VMware ESXi 8.0 v1.2.0 L2VMware

ACCESS CONTROL

3.24 (L1) Host must display a login banner for the DCUI and Host ClientCIS VMware ESXi 8.0 v1.2.0 L1VMware

CONFIGURATION MANAGEMENT, MAINTENANCE

4.1 (L1) Host must configure a persistent log location for all locally stored system logsCIS VMware ESXi 8.0 v1.2.0 L1VMware

AUDIT AND ACCOUNTABILITY

4.9 (L1) Host must transmit audit records to a remote log collectorCIS VMware ESXi 8.0 v1.2.0 L1VMware

AUDIT AND ACCOUNTABILITY

7.6 (L1) Virtual machines must limit console sharing.CIS VMware ESXi 8.0 v1.2.0 L1VMware

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

7.15 (L2) Virtual machines must remove unnecessary CD/DVD devicesCIS VMware ESXi 8.0 v1.2.0 L2VMware

CONFIGURATION MANAGEMENT

7.16 (L1) Virtual machines must remove unnecessary floppy devicesCIS VMware ESXi 8.0 v1.2.0 L1VMware

CONFIGURATION MANAGEMENT

7.22 (L1) Virtual machines must deactivate virtual disk wiping operationsCIS VMware ESXi 8.0 v1.2.0 L1VMware

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

7.23 (L1) Virtual machines must restrict sharing of memory pages with other VMsCIS VMware ESXi 8.0 v1.2.0 L1VMware

CONFIGURATION MANAGEMENT

8.2 (L1) VMware Tools must have all software updates installedCIS VMware ESXi 8.0 v1.2.0 L1VMware

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

8.7 (L1) VMware Tools must deactivate GlobalConf unless requiredCIS VMware ESXi 8.0 v1.2.0 L1VMware

CONFIGURATION MANAGEMENT

8.9 (L2) VMware Tools must deactivate Appinfo information gathering unless requiredCIS VMware ESXi 8.0 v1.2.0 L2VMware

CONFIGURATION MANAGEMENT

18.8.48.11.1 (L2) Ensure 'Enable/Disable PerfTrack' is set to 'Disabled'CIS Microsoft Windows Server 2008 Domain Controller Level 2 v3.3.1Windows

CONFIGURATION MANAGEMENT

18.8.48.11.1 (L2) Ensure 'Enable/Disable PerfTrack' is set to 'Disabled'CIS Microsoft Windows Server 2008 Member Server Level 2 v3.3.1Windows

CONFIGURATION MANAGEMENT

18.9.46.11.1 (L2) Ensure 'Enable/Disable PerfTrack' is set to 'Disabled'CIS Windows Server 2012 MS L2 v3.0.0Windows

CONFIGURATION MANAGEMENT

18.9.46.11.1 (L2) Ensure 'Enable/Disable PerfTrack' is set to 'Disabled'CIS Windows Server 2012 R2 MS L2 v3.0.0Windows

CONFIGURATION MANAGEMENT

18.9.47.11.1 (L2) Ensure 'Enable/Disable PerfTrack' is set to 'Disabled'CIS Microsoft Windows Server 2019 Stand-alone v2.0.0 L2 MSWindows

CONFIGURATION MANAGEMENT

18.9.47.11.1 (L2) Ensure 'Enable/Disable PerfTrack' is set to 'Disabled'CIS Microsoft Windows Server 2025 v1.0.0 L2 DCWindows

CONFIGURATION MANAGEMENT

18.9.47.11.1 (L2) Ensure 'Enable/Disable PerfTrack' is set to 'Disabled'CIS Microsoft Windows Server 2019 v3.0.1 L2 DCWindows

CONFIGURATION MANAGEMENT

18.9.47.11.1 (L2) Ensure 'Enable/Disable PerfTrack' is set to 'Disabled'CIS Microsoft Windows Server 2016 v3.0.0 L2 DCWindows

CONFIGURATION MANAGEMENT

18.9.47.11.1 Ensure 'Enable/Disable PerfTrack' is set to 'Disabled'CIS Microsoft Windows Server 2022 STIG v2.0.0 L2 Domain ControllerWindows

CONFIGURATION MANAGEMENT

18.9.47.11.1 Ensure 'Enable/Disable PerfTrack' is set to 'Disabled'CIS Microsoft Windows Server 2022 STIG v2.0.0 L2 Member ServerWindows

CONFIGURATION MANAGEMENT

18.9.47.11.1 Ensure 'Enable/Disable PerfTrack' is set to 'Disabled'CIS Microsoft Windows Server 2016 STIG v3.0.0 L2 DCWindows

CONFIGURATION MANAGEMENT

18.10.43.6 (NG) Ensure 'Turn on Microsoft Defender Application Guard in Managed Mode' is set to 'Enabled: 1'CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL NGWindows

SYSTEM AND INFORMATION INTEGRITY

18.10.44.6 (NG) Ensure 'Turn on Microsoft Defender Application Guard in Managed Mode' is set to 'Enabled: 1'CIS Microsoft Windows 10 Enterprise v4.0.0 NGWindows

SYSTEM AND INFORMATION INTEGRITY