Detections
Analytics

Item Search

NameAudit NamePluginCategory
17.1.1 (L1) Ensure 'Audit Credential Validation' is set to 'Success and Failure'CIS Microsoft Windows Server 2025 v1.0.0 L1 MSWindows

AUDIT AND ACCOUNTABILITY

17.1.1 (L1) Ensure 'Audit Credential Validation' is set to 'Success and Failure'CIS Microsoft Windows 11 Enterprise v4.0.0 L1Windows

AUDIT AND ACCOUNTABILITY

17.1.1 (L1) Ensure 'Audit Credential Validation' is set to 'Success and Failure'CIS Microsoft Windows Server 2022 Stand-alone v1.0.0 L1 MSWindows

AUDIT AND ACCOUNTABILITY

17.2.1 (L1) Ensure 'Audit Application Group Management' is set to 'Success and Failure'CIS Windows Server 2012 R2 DC L1 v3.0.0Windows

AUDIT AND ACCOUNTABILITY

17.2.1 (L1) Ensure 'Audit Application Group Management' is set to 'Success and Failure'CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLockerWindows

AUDIT AND ACCOUNTABILITY

17.2.3 (L1) Ensure 'Audit User Account Management' is set to 'Success and Failure'CIS Microsoft Windows 11 Enterprise v4.0.0 L1Windows

AUDIT AND ACCOUNTABILITY

17.3.1 (L1) Ensure 'Audit PNP Activity' is set to include 'Success'CIS Microsoft Windows 11 Enterprise v4.0.0 L1Windows

AUDIT AND ACCOUNTABILITY

17.3.1 (L1) Ensure 'Audit PNP Activity' is set to include 'Success'CIS Microsoft Windows 11 Stand-alone v4.0.0 L1Windows

AUDIT AND ACCOUNTABILITY

17.3.1 (L1) Ensure 'Audit Process Creation' is set to include 'Success'CIS Windows Server 2012 R2 DC L1 v3.0.0Windows

AUDIT AND ACCOUNTABILITY

17.3.2 (L1) Ensure 'Audit Process Creation' is set to include 'Success'CIS Microsoft Windows 11 Enterprise v4.0.0 L1Windows

AUDIT AND ACCOUNTABILITY

17.4.2 (L1) Ensure 'Audit Directory Service Changes' is set to include 'Success' (DC only)CIS Windows Server 2012 R2 DC L1 v3.0.0Windows

AUDIT AND ACCOUNTABILITY

17.4.2 (L1) Ensure 'Audit Directory Service Changes' is set to include 'Success' (DC only)CIS Microsoft Windows Server 2025 v1.0.0 L1 DCWindows

AUDIT AND ACCOUNTABILITY

17.5.2 (L1) Ensure 'Audit Group Membership' is set to include 'Success'CIS Microsoft Windows Server 2022 Stand-alone v1.0.0 L1 MSWindows

AUDIT AND ACCOUNTABILITY

17.5.4 (L1) Ensure 'Audit Logon' is set to 'Success and Failure'CIS Microsoft Windows Server 2025 v1.0.0 L1 DCWindows

AUDIT AND ACCOUNTABILITY

17.5.4 (L1) Ensure 'Audit Logon' is set to 'Success and Failure'CIS Microsoft Windows Server 2025 v1.0.0 L1 MSWindows

AUDIT AND ACCOUNTABILITY

17.5.5 (L1) Ensure 'Audit Other Logon/Logoff Events' is set to 'Success and Failure'CIS Microsoft Windows Server 2022 Stand-alone v1.0.0 L1 MSWindows

AUDIT AND ACCOUNTABILITY

17.5.5 (L1) Ensure 'Audit Special Logon' is set to include 'Success'CIS Windows Server 2012 R2 DC L1 v3.0.0Windows

AUDIT AND ACCOUNTABILITY

17.5.6 (L1) Ensure 'Audit Special Logon' is set to include 'Success'CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BLWindows

AUDIT AND ACCOUNTABILITY

17.6.1 (L1) Ensure 'Audit Detailed File Share' is set to include 'Failure'CIS Microsoft Windows Server 2025 v1.0.0 L1 DCWindows

AUDIT AND ACCOUNTABILITY

17.6.1 (L1) Ensure 'Audit Detailed File Share' is set to include 'Failure'CIS Microsoft Windows Server 2022 Stand-alone v1.0.0 L1 MSWindows

AUDIT AND ACCOUNTABILITY

17.6.1 (L1) Ensure 'Audit Detailed File Share' is set to include 'Failure'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BLWindows

AUDIT AND ACCOUNTABILITY

17.6.2 (L1) Ensure 'Audit File Share' is set to 'Success and Failure'CIS Windows Server 2012 R2 DC L1 v3.0.0Windows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MEDIA PROTECTION

17.6.2 (L1) Ensure 'Audit File Share' is set to 'Success and Failure'CIS Microsoft Windows Server 2025 v1.0.0 L1 DCWindows

AUDIT AND ACCOUNTABILITY

17.6.3 (L1) Ensure 'Audit Other Object Access Events' is set to 'Success and Failure'CIS Windows Server 2012 R2 DC L1 v3.0.0Windows

AUDIT AND ACCOUNTABILITY

17.6.3 (L1) Ensure 'Audit Other Object Access Events' is set to 'Success and Failure'CIS Microsoft Windows Server 2022 Stand-alone v1.0.0 L1 MSWindows

AUDIT AND ACCOUNTABILITY

17.6.4 (L1) Ensure 'Audit Removable Storage' is set to 'Success and Failure'CIS Microsoft Windows 11 Enterprise v4.0.0 L1Windows

AUDIT AND ACCOUNTABILITY

17.6.4 (L1) Ensure 'Audit Removable Storage' is set to 'Success and Failure'CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BLWindows

AUDIT AND ACCOUNTABILITY

17.6.4 (L1) Ensure 'Audit Removable Storage' is set to 'Success and Failure'CIS Microsoft Windows Server 2022 Stand-alone v1.0.0 L1 MSWindows

AUDIT AND ACCOUNTABILITY

17.6.4 (L1) Ensure 'Audit Removable Storage' is set to 'Success and Failure'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BLWindows

AUDIT AND ACCOUNTABILITY

17.7.2 (L1) Ensure 'Audit Authentication Policy Change' is set to include 'Success'CIS Microsoft Windows Server 2022 Stand-alone v1.0.0 L1 MSWindows

AUDIT AND ACCOUNTABILITY

17.7.2 (L1) Ensure 'Audit Authentication Policy Change' is set to include 'Success'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1Windows

AUDIT AND ACCOUNTABILITY

17.7.3 (L1) Ensure 'Audit Authorization Policy Change' is set to include 'Success'CIS Windows Server 2012 R2 DC L1 v3.0.0Windows

AUDIT AND ACCOUNTABILITY

17.7.4 (L1) Ensure 'Audit MPSSVC Rule-Level Policy Change' is set to 'Success and Failure'CIS Microsoft Windows Server 2025 v1.0.0 L1 DCWindows

AUDIT AND ACCOUNTABILITY

17.7.4 (L1) Ensure 'Audit MPSSVC Rule-Level Policy Change' is set to 'Success and Failure'CIS Microsoft Windows Server 2025 v1.0.0 L1 MSWindows

AUDIT AND ACCOUNTABILITY

17.7.4 (L1) Ensure 'Audit MPSSVC Rule-Level Policy Change' is set to 'Success and Failure'CIS Microsoft Windows 11 Enterprise v4.0.0 L1Windows

AUDIT AND ACCOUNTABILITY

17.7.4 (L1) Ensure 'Audit MPSSVC Rule-Level Policy Change' is set to 'Success and Failure'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BLWindows

AUDIT AND ACCOUNTABILITY

17.7.5 (L1) Ensure 'Audit Other Policy Change Events' is set to include 'Failure'CIS Windows Server 2012 R2 DC L1 v3.0.0Windows

AUDIT AND ACCOUNTABILITY

17.7.5 (L1) Ensure 'Audit Other Policy Change Events' is set to include 'Failure'CIS Microsoft Windows 11 Enterprise v4.0.0 L1Windows

AUDIT AND ACCOUNTABILITY

17.7.5 (L1) Ensure 'Audit Other Policy Change Events' is set to include 'Failure'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1Windows

AUDIT AND ACCOUNTABILITY

17.7.5 (L1) Ensure 'Audit Other Policy Change Events' is set to include 'Failure'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BLWindows

AUDIT AND ACCOUNTABILITY

17.8.1 (L1) Ensure 'Audit Sensitive Privilege Use' is set to 'Success and Failure'CIS Windows Server 2012 R2 DC L1 v3.0.0Windows

AUDIT AND ACCOUNTABILITY

17.8.1 (L1) Ensure 'Audit Sensitive Privilege Use' is set to 'Success and Failure'CIS Microsoft Windows Server 2025 v1.0.0 L1 DCWindows

AUDIT AND ACCOUNTABILITY

17.8.1 (L1) Ensure 'Audit Sensitive Privilege Use' is set to 'Success and Failure'CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BLWindows

AUDIT AND ACCOUNTABILITY

17.8.1 (L1) Ensure 'Audit Sensitive Privilege Use' is set to 'Success and Failure'CIS Microsoft Windows Server 2022 Stand-alone v1.0.0 L1 MSWindows

AUDIT AND ACCOUNTABILITY

17.9.1 (L1) Ensure 'Audit IPsec Driver' is set to 'Success and Failure'CIS Windows Server 2012 DC L1 v3.0.0Windows

AUDIT AND ACCOUNTABILITY

17.9.1 (L1) Ensure 'Audit IPsec Driver' is set to 'Success and Failure'CIS Windows Server 2012 R2 DC L1 v3.0.0Windows

AUDIT AND ACCOUNTABILITY

17.9.1 (L1) Ensure 'Audit IPsec Driver' is set to 'Success and Failure'CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BLWindows

AUDIT AND ACCOUNTABILITY

17.9.2 (L1) Ensure 'Audit Other System Events' is set to 'Success and Failure'CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLockerWindows

AUDIT AND ACCOUNTABILITY

17.9.2 (L1) Ensure 'Audit Other System Events' is set to 'Success and Failure'CIS Microsoft Windows Server 2022 Stand-alone v1.0.0 L1 MSWindows

AUDIT AND ACCOUNTABILITY

17.9.2 (L1) Ensure 'Audit Other System Events' is set to 'Success and Failure'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1Windows

AUDIT AND ACCOUNTABILITY