Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.125 WN19-CC-000320CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT IIIWindows

CONFIGURATION MANAGEMENT

1.133 WN19-CC-000400CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT IIWindows

IDENTIFICATION AND AUTHENTICATION

1.135 WN19-CC-000420CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT IIWindows

ACCESS CONTROL

1.239 WN19-SO-000320CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT IIWindows

IDENTIFICATION AND AUTHENTICATION

2.2.8 Ensure 'SQLNET.ENCRYPTION_TYPES_CLIENT' Is Set To 'AES256'CIS Oracle Database 19c v2.0.0 L1 RDBMS On Host OS WindowsWindows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.2.9 Ensure 'SQLNET.ENCRYPTION_TYPES_SERVER' Is Set To AES256CIS Oracle Database 19c v2.0.0 L1 RDBMS On Host OS WindowsWindows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.2.9 Ensure 'SQLNET.ENCRYPTION_TYPES_SERVER' Is Set To AES256CIS Oracle Database 23ai v1.1.0 L1 RDBMS On Linux Host OS UnixUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.12 Ensure 'Hide Instance' option is set to 'Yes' for Production SQL Server instancesCIS Microsoft SQL Server 2025 v1.0.0 L1 Database Engine MS_SQLDBMS_SQLDB

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.13 Ensure 'Hide Instance' option is set to 'Yes' for Production SQL Server instancesCIS SQL Server 2008 R2 DB OS L1 v1.7.0Windows

SYSTEM AND INFORMATION INTEGRITY

3.5.1 Protect database object text in syscommentsCIS Sybase 15.0 L1 DB v1.1.0SybaseDB
5.1.1.1 Ensure 'EXECUTE' is revoked from 'PUBLIC' on 'Network' Packages - Network PackagesCIS Oracle Server 18c DB Traditional Auditing v1.1.0OracleDB

ACCESS CONTROL

5.1.1.5 Ensure 'EXECUTE' is revoked from 'PUBLIC' on 'Job Scheduler' PackagesCIS Oracle Server 12c DB Unified Auditing v3.0.0OracleDB

ACCESS CONTROL

5.1.1.5 Ensure 'EXECUTE' is revoked from 'PUBLIC' on 'Job Scheduler' Packages - Job Scheduler PackagesCIS Oracle Server 18c DB Unified Auditing v1.1.0OracleDB

ACCESS CONTROL

5.2.8 Ensure 'EXEMPT ACCESS POLICY' Is Revoked from Unauthorized 'GRANTEE'CIS Oracle Server 12c DB Traditional Auditing v3.0.0OracleDB

ACCESS CONTROL

6.1.8 Ensure 'LOGMINING' Is Revoked From Unauthorized 'GRANTEE'CIS Oracle Database 19c v2.0.0 L1 RDBMSOracleDB

ACCESS CONTROL, MEDIA PROTECTION

6.1.8 Ensure 'LOGMINING' Is Revoked From Unauthorized 'GRANTEE'CIS Oracle Database 23ai v1.1.0 L1 RDBMSOracleDB

ACCESS CONTROL, MEDIA PROTECTION

6.1.9 Ensure the 'DIRECTORY' Audit Option Is EnabledCIS Oracle Server 12c DB Traditional Auditing v3.0.0OracleDB

AUDIT AND ACCOUNTABILITY

8.1 Ensure 'SQL Server Browser Service' is configured correctlyCIS SQL Server 2008 R2 DB Engine L1 v1.7.0MS_SQLDB

SYSTEM AND INFORMATION INTEGRITY

8.1 Ensure 'SQL Server Browser Service' is configured correctlyCIS Microsoft SQL Server 2022 v1.2.1 L1 Database EngineMS_SQLDB

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

MYS8-00-007400 - The MySQL Database Server 8.0 and associated applications must reserve the use of dynamic code execution for situations that require it.DISA Oracle MySQL 8.0 v2r2 DBMySQLDB

SYSTEM AND INFORMATION INTEGRITY

MYS8-00-007500 - The MySQL Database Server 8.0 and associated applications, when making use of dynamic code execution, must scan input data for invalid values that may indicate a code injection attack.DISA Oracle MySQL 8.0 v2r2 DBMySQLDB

SYSTEM AND INFORMATION INTEGRITY

SQL2-00-003000 - SQL Server must not grant users direct access to the View any definition permission.DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

ACCESS CONTROL

SQL2-00-004100 - SQL Server must enforce access control policies to restrict the View server state permission to only authorized roles.DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

ACCESS CONTROL

SQL2-00-004700 - SQL Server must not grant users direct access to the Alter any login permission.DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

ACCESS CONTROL

SQL2-00-004800 - SQL Server must not grant users direct access to the External access assembly permission.DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

ACCESS CONTROL

SQL2-00-005000 - SQL Server must not grant users direct access to the Create trace event notification permission.DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

ACCESS CONTROL

SQL2-00-006000 - SQL Server must not grant users direct access to the Create availability group permission.DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

ACCESS CONTROL

SQL2-00-006100 - SQL Server must not grant users direct access to the Create DDL event notification permission.DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

ACCESS CONTROL

SQL2-00-006300 - SQL Server must not grant users direct access to the Administer bulk operations permission.DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

ACCESS CONTROL

SQL2-00-008000 - SQL Server must not grant users direct access to the Alter any connection permission.DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

ACCESS CONTROL

SQL2-00-008100 - SQL Server must not grant users direct access to the Alter Any Credential permission.DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

ACCESS CONTROL

SQL2-00-011800 - SQL Server must produce audit records containing sufficient information to establish what type of events occurred - 'Event ID 15'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL2-00-011800 - SQL Server must produce audit records containing sufficient information to establish what type of events occurred - 'Event ID 102'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL2-00-011800 - SQL Server must produce audit records containing sufficient information to establish what type of events occurred - 'Event ID 108'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL2-00-011800 - SQL Server must produce audit records containing sufficient information to establish what type of events occurred - 'Event ID 117'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL2-00-011800 - SQL Server must produce audit records containing sufficient information to establish what type of events occurred - 'Event ID 128'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL2-00-011800 - SQL Server must produce audit records containing sufficient information to establish what type of events occurred - 'Event ID 129'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL2-00-011800 - SQL Server must produce audit records containing sufficient information to establish what type of events occurred - 'Event ID 130'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL2-00-011800 - SQL Server must produce audit records containing sufficient information to establish what type of events occurred - 'Event ID 133'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL2-00-023600 - SQL Server must be configured to use Windows Integrated Security.DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

CONFIGURATION MANAGEMENT

SQL4-00-037400 - Trace or Audit records must be generated when unsuccessful attempts to delete categorized information (e.g., classification levels/security levels) occur - Event ID 83DISA STIG SQL Server 2014 Database Audit v1r7MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-037400 - Trace or Audit records must be generated when unsuccessful attempts to delete categorized information (e.g., classification levels/security levels) occur - Event ID 85DISA STIG SQL Server 2014 Database Audit v1r7MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-037400 - Trace or Audit records must be generated when unsuccessful attempts to delete categorized information (e.g., classification levels/security levels) occur - Event ID 86DISA STIG SQL Server 2014 Database Audit v1r7MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-037400 - Trace or Audit records must be generated when unsuccessful attempts to delete categorized information (e.g., classification levels/security levels) occur - Event ID 87DISA STIG SQL Server 2014 Database Audit v1r7MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-037400 - Trace or Audit records must be generated when unsuccessful attempts to delete categorized information (e.g., classification levels/security levels) occur - Event ID 88DISA STIG SQL Server 2014 Database Audit v1r7MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-037400 - Trace or Audit records must be generated when unsuccessful attempts to delete categorized information (e.g., classification levels/security levels) occur - Event ID 90DISA STIG SQL Server 2014 Database Audit v1r7MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-037400 - Trace or Audit records must be generated when unsuccessful attempts to delete categorized information (e.g., classification levels/security levels) occur - Event ID 162DISA STIG SQL Server 2014 Database Audit v1r7MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-037400 - Trace or Audit records must be generated when unsuccessful attempts to delete categorized information (e.g., classification levels/security levels) occur - SCHEMA_OBJECT_ACCESS...DISA STIG SQL Server 2014 Database Audit v1r7MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQLI-22-017200 - The "Remote Access" feature must be disabled unless specifically required and approved.DISA Microsoft SQL Server 2022 Instance STIG v1r4 MS_SQLDBMS_SQLDB

CONFIGURATION MANAGEMENT

WN19-CC-000020 - Windows Server 2019 must have WDigest Authentication disabled.DISA Microsoft Windows Server 2019 STIG v3r8Windows

CONFIGURATION MANAGEMENT