Detections
Analytics

Item Search

NameAudit NamePluginCategory
2.2.2 Set 'buffer size' for 'logging buffered'CIS Cisco IOS XE 17.x v2.2.0 L1Cisco

AUDIT AND ACCOUNTABILITY

2.2.6 Set 'service timestamps debug datetime'CIS Cisco IOS XE 17.x v2.2.0 L1Cisco

AUDIT AND ACCOUNTABILITY

2.3.11.11 (L1) Ensure 'Network security: Restrict NTLM: Audit Incoming NTLM Traffic' is set to 'Enable auditing for all accounts'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NGWindows

AUDIT AND ACCOUNTABILITY

3.2.2 Ensure that the audit policy covers key security concernsCIS Kubernetes v1.11.1 L2 Master NodeUnix

AUDIT AND ACCOUNTABILITY

4.1.3 Ensure events that modify date and time information are collectedCIS SUSE Linux Enterprise 12 v3.2.1 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

4.1.6 Ensure events that modify the system's Mandatory Access Controls are collectedCIS SUSE Linux Enterprise 12 v3.2.1 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

4.1.10 Ensure unsuccessful unauthorized file access attempts are collectedCIS SUSE Linux Enterprise 12 v3.2.1 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

4.1.14 Ensure changes to system administration scope (sudoers) is collectedCIS SUSE Linux Enterprise 12 v3.2.1 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

5.1.16 Ensure sshd MaxAuthTries is configuredCIS Ubuntu Linux 24.04 LTS v1.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

5.1.16 Ensure sshd MaxAuthTries is configuredCIS Oracle Linux 9 v2.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.1.2 Ensure filesystem integrity is regularly checkedCIS Ubuntu Linux 22.04 LTS v2.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

7.1 Application specific loggingCIS Apache Tomcat 10 L2 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

7.1 Application specific loggingCIS Apache Tomcat 9 L2 v1.2.0Unix

AUDIT AND ACCOUNTABILITY

7.2 Specify file handler in logging.properties files - check if java.util.logging.ConsoleHandler logging is enabled in defaultCIS Apache Tomcat 10 L1 v1.1.0 MiddlewareUnix

AUDIT AND ACCOUNTABILITY

7.2 Specify file handler in logging.properties files - check if java.util.logging.ConsoleHandler logging is enabled in defaultCIS Apache Tomcat 9 L1 v1.2.0Unix

AUDIT AND ACCOUNTABILITY

7.2 Specify file handler in logging.properties files - check if java.util.logging.ConsoleHandler logging is enabled in web applicationCIS Apache Tomcat 10 L1 v1.1.0 MiddlewareUnix

AUDIT AND ACCOUNTABILITY

7.2 Specify file handler in logging.properties files - check if java.util.logging.ConsoleHandler logging is enabled in web applicationCIS Apache Tomcat 9 L1 v1.2.0Unix

AUDIT AND ACCOUNTABILITY

7.2 Specify file handler in logging.properties files - check if org.apache.juli.FileHandler exists in defaultCIS Apache Tomcat 9 L1 v1.2.0Unix

AUDIT AND ACCOUNTABILITY

7.2 Specify file handler in logging.properties files - check if org.apache.juli.FileHandler exists in web applicationCIS Apache Tomcat 9 L1 v1.2.0Unix

AUDIT AND ACCOUNTABILITY

7.2 Specify file handler in logging.properties files - check if org.apache.juli.FileHandler logging is enabled in web applicationCIS Apache Tomcat 10 L1 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

7.2 Specify file handler in logging.properties files - check if org.apache.juli.FileHandler logging is enabled in web applicationCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

AUDIT AND ACCOUNTABILITY

7.3 Ensure className is set correctly in context.xmlCIS Apache Tomcat 10 L2 v1.1.0 MiddlewareUnix

AUDIT AND ACCOUNTABILITY

7.5 Ensure pattern in context.xml is correctCIS Apache Tomcat 10.1 v1.1.0 L1Unix

AUDIT AND ACCOUNTABILITY

7.5 Ensure pattern in context.xml is correctCIS Apache Tomcat 10 L1 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

10.18 Use the logEffectiveWebXml and metadata-complete settings for deploying applications in productionCIS Apache Tomcat 10.1 v1.1.0 L1Unix

AUDIT AND ACCOUNTABILITY

17.2.1 (L1) Ensure 'Audit Application Group Management' is set to 'Success and Failure'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1Windows

AUDIT AND ACCOUNTABILITY

17.2.4 (L1) Ensure 'Audit Other Account Management Events' is set to include 'Success' (DC only)CIS Microsoft Windows Server 2019 v3.0.1 L1 DCWindows

AUDIT AND ACCOUNTABILITY

17.2.6 (L1) Ensure 'Audit User Account Management' is set to 'Success and Failure'CIS Microsoft Windows Server 2025 v1.0.0 L1 MSWindows

AUDIT AND ACCOUNTABILITY

17.2.6 (L1) Ensure 'Audit User Account Management' is set to 'Success and Failure'CIS Microsoft Windows Server 2019 v3.0.1 L1 MSWindows

AUDIT AND ACCOUNTABILITY

17.3.1 (L1) Ensure 'Audit PNP Activity' is set to include 'Success'CIS Microsoft Windows Server 2019 v3.0.1 L1 MSWindows

AUDIT AND ACCOUNTABILITY

17.3.1 (L1) Ensure 'Audit PNP Activity' is set to include 'Success'CIS Microsoft Windows Server 2022 Stand-alone v1.0.0 L1 MSWindows

AUDIT AND ACCOUNTABILITY

17.5.2 (L1) Ensure 'Audit Group Membership' is set to include 'Success'CIS Microsoft Windows Server 2025 v1.0.0 L1 MSWindows

AUDIT AND ACCOUNTABILITY

17.6.3 (L1) Ensure 'Audit Other Object Access Events' is set to 'Success and Failure'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BLWindows

AUDIT AND ACCOUNTABILITY

17.6.4 (L1) Ensure 'Audit Removable Storage' is set to 'Success and Failure'CIS Microsoft Windows Server 2019 v3.0.1 L1 DCWindows

AUDIT AND ACCOUNTABILITY

17.7.4 (L1) Ensure 'Audit MPSSVC Rule-Level Policy Change' is set to 'Success and Failure'CIS Microsoft Windows Server 2022 Stand-alone v1.0.0 L1 MSWindows

AUDIT AND ACCOUNTABILITY

17.7.5 (L1) Ensure 'Audit Other Policy Change Events' is set to include 'Failure'CIS Microsoft Windows Server 2025 v1.0.0 L1 DCWindows

AUDIT AND ACCOUNTABILITY

17.7.5 (L1) Ensure 'Audit Other Policy Change Events' is set to include 'Failure'CIS Microsoft Windows Server 2025 v1.0.0 L1 MSWindows

AUDIT AND ACCOUNTABILITY

17.8.1 (L1) Ensure 'Audit Sensitive Privilege Use' is set to 'Success and Failure'CIS Microsoft Windows Server 2025 v1.0.0 L1 MSWindows

AUDIT AND ACCOUNTABILITY

17.8.1 (L1) Ensure 'Audit Sensitive Privilege Use' is set to 'Success and Failure'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BLWindows

AUDIT AND ACCOUNTABILITY

17.8.1 (L1) Ensure 'Audit Sensitive Privilege Use' is set to 'Success and Failure'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NGWindows

AUDIT AND ACCOUNTABILITY

17.9.1 (L1) Ensure 'Audit IPsec Driver' is set to 'Success and Failure'CIS Microsoft Windows Server 2019 v3.0.1 L1 DCWindows

AUDIT AND ACCOUNTABILITY

17.9.1 (L1) Ensure 'Audit IPsec Driver' is set to 'Success and Failure'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1Windows

AUDIT AND ACCOUNTABILITY

17.9.3 (L1) Ensure 'Audit Security State Change' is set to include 'Success'CIS Microsoft Windows Server 2025 v1.0.0 L1 MSWindows

AUDIT AND ACCOUNTABILITY

17.9.4 (L1) Ensure 'Audit Security System Extension' is set to include 'Success'CIS Microsoft Windows Server 2025 v1.0.0 L1 DCWindows

AUDIT AND ACCOUNTABILITY

17.9.5 (L1) Ensure 'Audit System Integrity' is set to 'Success and Failure'CIS Microsoft Windows Server 2019 v3.0.1 L1 DCWindows

AUDIT AND ACCOUNTABILITY

17.9.5 (L1) Ensure 'Audit System Integrity' is set to 'Success and Failure'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BLWindows

AUDIT AND ACCOUNTABILITY

18.6.8.2 (L1) Ensure 'Audit server does not support encryption' is set to 'Enabled'CIS Microsoft Windows Server 2025 v1.0.0 L1 DCWindows

AUDIT AND ACCOUNTABILITY

18.6.8.3 (L1) Ensure 'Audit server does not support signing' is set to 'Enabled'CIS Microsoft Windows Server 2025 v1.0.0 L1 DCWindows

AUDIT AND ACCOUNTABILITY

18.6.8.3 (L1) Ensure 'Audit server does not support signing' is set to 'Enabled'CIS Microsoft Windows Server 2025 v1.0.0 L1 MSWindows

AUDIT AND ACCOUNTABILITY

18.10.16.5 (L1) Ensure 'Enable OneSettings Auditing' is set to 'Enabled'CIS Microsoft Windows Server 2022 Stand-alone v1.0.0 L1 MSWindows

AUDIT AND ACCOUNTABILITY