Item Search

Name	Audit Name	Plugin	Category
2.3.17.4 (L1) Ensure 'User Account Control: Detect application installations and prompt for elevation' is set to 'Enabled'	CIS Microsoft Windows Server 2019 v4.0.0 L1 MS	Windows	ACCESS CONTROL
2.3.17.4 (L1) Ensure 'User Account Control: Detect application installations and prompt for elevation' is set to 'Enabled'	CIS Microsoft Windows Server 2025 v1.0.0 L1 DC	Windows	ACCESS CONTROL
2.3.17.4 (L1) Ensure 'User Account Control: Detect application installations and prompt for elevation' is set to 'Enabled'	CIS Microsoft Windows Server 2025 v1.0.0 L1 MS	Windows	ACCESS CONTROL
2.3.17.4 (L1) Ensure 'User Account Control: Detect application installations and prompt for elevation' is set to 'Enabled'	CIS Windows Server 2012 DC L1 v3.0.0	Windows	ACCESS CONTROL
2.3.17.4 (L1) Ensure 'User Account Control: Detect application installations and prompt for elevation' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL
2.3.17.4 (L1) Ensure 'User Account Control: Detect application installations and prompt for elevation' is set to 'Enabled'	CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MS	Windows	ACCESS CONTROL
2.3.17.4 (L1) Ensure 'User Account Control: Detect application installations and prompt for elevation' is set to 'Enabled'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1	Windows	ACCESS CONTROL
2.3.17.4 (L1) Ensure 'User Account Control: Detect application installations and prompt for elevation' is set to 'Enabled'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG	Windows	ACCESS CONTROL
2.3.17.4 (L1) Ensure 'User Account Control: Detect application installations and prompt for elevation' is set to 'Enabled'	CIS Microsoft Windows Server 2022 v4.0.0 L1 MS	Windows	ACCESS CONTROL
2.3.17.4 (L1) Ensure 'User Account Control: Detect application installations and prompt for elevation' is set to 'Enabled'	CIS Microsoft Windows Server 2022 Stand-alone v1.0.0 L1 MS	Windows	ACCESS CONTROL
2.3.17.4 (L1) Ensure 'User Account Control: Detect application installations and prompt for elevation' is set to 'Enabled'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NG	Windows	ACCESS CONTROL
2.3.17.4 (L1) Ensure 'User Account Control: Detect application installations and prompt for elevation' is set to 'Enabled'	CIS Microsoft Windows Server 2019 v4.0.0 L1 DC	Windows	ACCESS CONTROL
2.3.17.4 (L1) Ensure 'User Account Control: Detect application installations and prompt for elevation' is set to 'Enabled'	CIS Microsoft Windows Server 2016 v3.0.0 L1 DC	Windows	ACCESS CONTROL
2.3.17.4 (L1) Ensure 'User Account Control: Detect application installations and prompt for elevation' is set to 'Enabled'	CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DC	Windows	ACCESS CONTROL
2.3.17.4 (L1) Ensure 'User Account Control: Detect application installations and prompt for elevation' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.3.17.4 Ensure 'User Account Control: Detect application installations and prompt for elevation' is set to 'Enabled'	CIS Windows 7 Workstation Level 1 v3.2.0	Windows	ACCESS CONTROL
2.3.17.5 Ensure 'User Account Control: Detect application installations and prompt for elevation' is set to 'Enabled'	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC	Windows	ACCESS CONTROL
2.3.17.5 Ensure 'User Account Control: Detect application installations and prompt for elevation' is set to 'Enabled'	CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS	Windows	ACCESS CONTROL
2.3.17.5 Ensure 'User Account Control: Detect application installations and prompt for elevation' is set to 'Enabled'	CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 Domain Controller	Windows	ACCESS CONTROL
2.3.17.5 Ensure 'User Account Control: Detect application installations and prompt for elevation' is set to 'Enabled'	CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Member Server	Windows	ACCESS CONTROL
2.3.17.6 Ensure 'User Account Control: Detect application installations and prompt for elevation' is set to 'Enabled'	CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 MS	Windows	ACCESS CONTROL
18.10.43.4.1 (L1) Ensure 'Enable EDR in block mode' is set to 'Enabled'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NG	Windows	SYSTEM AND INFORMATION INTEGRITY
18.10.43.4.1 (L1) Ensure 'Enable EDR in block mode' is set to 'Enabled'	CIS Microsoft Windows Server 2022 Stand-alone v1.0.0 L1 MS	Windows	SYSTEM AND INFORMATION INTEGRITY
18.10.43.4.1 (L1) Ensure 'Enable EDR in block mode' is set to 'Enabled'	CIS Microsoft Windows Server 2025 v1.0.0 L1 DC	Windows	SYSTEM AND INFORMATION INTEGRITY
18.10.43.4.1 (L1) Ensure 'Enable EDR in block mode' is set to 'Enabled'	CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker	Windows	SYSTEM AND INFORMATION INTEGRITY
18.10.43.4.1 (L1) Ensure 'Enable EDR in block mode' is set to 'Enabled'	CIS Microsoft Windows 11 Stand-alone v4.0.0 L1	Windows	SYSTEM AND INFORMATION INTEGRITY
18.10.43.4.1 (L1) Ensure 'Enable EDR in block mode' is set to 'Enabled'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1	Windows	SYSTEM AND INFORMATION INTEGRITY
18.10.43.4.1 (L1) Ensure 'Enable EDR in block mode' is set to 'Enabled'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NG	Windows	SYSTEM AND INFORMATION INTEGRITY
20.2 (L1) Ensure 'Event Logs are protected'	CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1	Windows	ACCESS CONTROL
49.30 (L1) Ensure 'User Account Control: Detect application installations and prompt for elevation' is set to 'Enabled'	CIS Microsoft Intune for Windows 10 v4.0.0 L1	Windows	ACCESS CONTROL
ALMA-09-003320 - AlmaLinux OS 9 must implement DOD-approved encryption ciphers to protect the confidentiality of SSH server connections.	DISA CloudLinux AlmaLinux OS 9 STIG v1r2	Unix	ACCESS CONTROL
CD12-00-002600 - PostgreSQL must allow only the Information System Security Manager (ISSM), or individuals or roles appointed by the ISSM, to select which auditable events are to be audited.	DISA STIG Crunchy Data PostgreSQL OS v3r1	Unix	AUDIT AND ACCOUNTABILITY
DB2X-00-000700 - DB2 must allow only the ISSM (or individuals or roles appointed by the ISSM) to select which auditable events are to be audited	DISA STIG IBM DB2 v10.5 LUW v2r1 Database	IBM_DB2DB	AUDIT AND ACCOUNTABILITY
FGFW-ND-000115 - The FortiGate device must generate an immediate real-time alert of all audit failure events requiring real-time alerts.	DISA Fortigate Firewall NDM STIG v1r4	FortiGate	AUDIT AND ACCOUNTABILITY
JUSX-AG-000150 - The Juniper SRX Services Gateway Firewall must generate an alert that can be forwarded to, at a minimum, the ISSO and ISSM when DoS incidents are detected.	DISA Juniper SRX Services Gateway ALG v3r2	Juniper	SYSTEM AND INFORMATION INTEGRITY
MADB-10-000600 - MariaDB must allow only the ISSM (or individuals or roles appointed by the ISSM) to select which auditable events are to be audited.	DISA MariaDB Enterprise 10.x v2r3 DB	MySQLDB	AUDIT AND ACCOUNTABILITY
O112-C2-020300 - The DBMS must support taking organization-defined list of least disruptive actions to terminate suspicious events.	DISA STIG Oracle 11.2g v2r5 Database	OracleDB	CONFIGURATION MANAGEMENT
OL07-00-020020 - The Oracle Linux operating system must prevent nonprivileged users from executing privileged functions to include disabling, circumventing, or altering implemented security safeguards/countermeasures.	DISA Oracle Linux 7 STIG v3r2	Unix	ACCESS CONTROL
PANW-AG-000122 - The Palo Alto Networks security platform must generate an alert to, at a minimum, the ISSO and ISSM when new active propagation of malware infecting DoD systems or malicious code adversely affecting the operations and/or security of DoD systems is detected.	DISA STIG Palo Alto ALG v3r4	Palo_Alto	SYSTEM AND INFORMATION INTEGRITY
PGS9-00-002600 - PostgreSQL must allow only the ISSM (or individuals or roles appointed by the ISSM) to select which auditable events are to be audited.	DISA STIG PostgreSQL 9.x on RHEL OS v2r5	Unix	AUDIT AND ACCOUNTABILITY
PHTN-40-000079 The Photon operating system must implement only approved ciphers to protect the integrity of remote access sessions.	DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1	Unix	ACCESS CONTROL
PHTN-40-000239 The Photon operating system must implement only approved Message Authentication Codes (MACs) to protect the integrity of remote access sessions.	DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1	Unix	ACCESS CONTROL
RHEL-06-000020 - The system must use a Linux Security Module configured to enforce limits on system services.	DISA Red Hat Enterprise Linux 6 STIG v2r2	Unix	ACCESS CONTROL
RHEL-07-020020 - The Red Hat Enterprise Linux operating system must prevent nonprivileged users from executing privileged functions to include disabling, circumventing, or altering implemented security safeguards/countermeasures.	DISA Red Hat Enterprise Linux 7 STIG v3r15	Unix	ACCESS CONTROL
RHEL-09-255055 - RHEL 9 SSH daemon must be configured to use system-wide crypto policies.	DISA Red Hat Enterprise Linux 9 STIG v2r4	Unix	ACCESS CONTROL
RHEL-09-672050 - RHEL 9 must implement DOD-approved encryption in the bind package.	DISA Red Hat Enterprise Linux 9 STIG v2r4	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
SQL6-D0-004400 - SQL Server must allow only the ISSM (or individuals or roles appointed by the ISSM) to select which auditable events are to be audited.	DISA STIG SQL Server 2016 Instance DB Audit v3r4	MS_SQLDB	AUDIT AND ACCOUNTABILITY
WN12-AD-000009-DC - The directory server supporting (directly or indirectly) system access or resource authorization must run on a machine dedicated to that function - Services	DISA Windows Server 2012 and 2012 R2 DC STIG v3r7	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
WN16-DC-000130 - Domain controllers must run on a machine dedicated to that function.	DISA Microsoft Windows Server 2016 STIG v2r10	Windows	CONFIGURATION MANAGEMENT
WN19-DC-000130 - Windows Server 2019 domain controllers must run on a machine dedicated to that function.	DISA Microsoft Windows Server 2019 STIG v3r4	Windows	CONFIGURATION MANAGEMENT

Detections

Analytics

Item Search