Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.8 Ensure auditing is configured for Docker files and directories - containerd.sockCIS Docker v1.8.0 L2 OS LinuxUnix

AUDIT AND ACCOUNTABILITY

1.1.9 Ensure auditing is configured for Docker files and directories - docker.sockCIS Docker v1.8.0 L2 OS LinuxUnix

AUDIT AND ACCOUNTABILITY

1.1.14 Ensure auditing is configured for Docker files and directories - /usr/bin/containerdCIS Docker v1.8.0 L2 OS LinuxUnix

AUDIT AND ACCOUNTABILITY

1.1.16 Ensure auditing is configured for Docker files and directories - /usr/bin/containerd-shim-runc-v1CIS Docker v1.8.0 L2 OS LinuxUnix

AUDIT AND ACCOUNTABILITY

1.1.18 Ensure auditing is configured for Docker files and directories - /usr/bin/runcCIS Docker v1.8.0 L2 OS LinuxUnix

AUDIT AND ACCOUNTABILITY

2.3.11.12 (L1) Ensure 'Network security: Restrict NTLM: Audit Incoming NTLM Traffic' is set to 'Enable auditing for all accounts'CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BLWindows

AUDIT AND ACCOUNTABILITY

2.3.11.12 (L1) Ensure 'Network security: Restrict NTLM: Outgoing NTLM traffic to remote servers' is set to 'Audit all' or higherCIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NGWindows

AUDIT AND ACCOUNTABILITY

2.3.11.12 (L1) Ensure 'Network security: Restrict NTLM: Outgoing NTLM traffic to remote servers' is set to 'Audit all' or higherCIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NGWindows

AUDIT AND ACCOUNTABILITY

2.3.11.13 (L1) Ensure 'Network security: Restrict NTLM: Outgoing NTLM traffic to remote servers' is set to 'Audit all' or higherCIS Microsoft Windows 11 Stand-alone v4.0.0 L1Windows

AUDIT AND ACCOUNTABILITY

6.3.1.1 Ensure auditd packages are installedCIS Ubuntu Linux 20.04 LTS v3.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.3.3.1 Ensure changes to system administration scope (sudoers) is collectedCIS AlmaLinux OS 9 v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.3.3.2 Ensure actions as another user are always loggedCIS Ubuntu Linux 20.04 LTS v3.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.3.3.4 Ensure events that modify date and time information are collectedCIS Ubuntu Linux 20.04 LTS v3.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.3.3.4 Ensure events that modify date and time information are collectedCIS AlmaLinux OS 9 v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.3.3.8 Ensure events that modify user/group information are collectedCIS AlmaLinux OS 9 v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.3.3.9 Ensure discretionary access control permission modification events are collectedCIS Ubuntu Linux 20.04 LTS v3.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.3.3.9 Ensure discretionary access control permission modification events are collectedCIS AlmaLinux OS 9 v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.3.3.14 Ensure events that modify the system's Mandatory Access Controls are collectedCIS AlmaLinux OS 9 v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.3.3.21 Ensure the running and on disk configuration is the sameCIS AlmaLinux OS 9 v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

17.1.1 (L1) Ensure 'Audit Credential Validation' is set to 'Success and Failure'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NGWindows

AUDIT AND ACCOUNTABILITY

17.1.1 (L1) Ensure 'Audit Credential Validation' is set to 'Success and Failure'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NGWindows

AUDIT AND ACCOUNTABILITY

17.2.1 (L1) Ensure 'Audit Application Group Management' is set to 'Success and Failure'CIS Microsoft Windows Server 2025 v1.0.0 L1 DCWindows

AUDIT AND ACCOUNTABILITY

17.2.1 (L1) Ensure 'Audit Application Group Management' is set to 'Success and Failure'CIS Microsoft Windows 11 Stand-alone v4.0.0 L1Windows

AUDIT AND ACCOUNTABILITY

17.2.1 (L1) Ensure 'Audit Application Group Management' is set to 'Success and Failure'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NGWindows

AUDIT AND ACCOUNTABILITY

17.2.3 (L1) Ensure 'Audit Distribution Group Management' is set to include 'Success' (DC only)CIS Microsoft Windows Server 2025 v1.0.0 L1 DCWindows

AUDIT AND ACCOUNTABILITY

17.2.3 (L1) Ensure 'Audit User Account Management' is set to 'Success and Failure'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NGWindows

AUDIT AND ACCOUNTABILITY

17.3.1 (L1) Ensure 'Audit PNP Activity' is set to include 'Success'CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BLWindows

AUDIT AND ACCOUNTABILITY

17.3.1 (L1) Ensure 'Audit PNP Activity' is set to include 'Success'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NGWindows

AUDIT AND ACCOUNTABILITY

17.3.1 (L1) Ensure 'Audit PNP Activity' is set to include 'Success'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NGWindows

AUDIT AND ACCOUNTABILITY

17.3.2 (L1) Ensure 'Audit Process Creation' is set to include 'Success'CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BLWindows

AUDIT AND ACCOUNTABILITY

17.3.2 (L1) Ensure 'Audit Process Creation' is set to include 'Success'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NGWindows

AUDIT AND ACCOUNTABILITY

17.6.3 (L1) Ensure 'Audit Other Object Access Events' is set to 'Success and Failure'CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BLWindows

AUDIT AND ACCOUNTABILITY

17.6.3 (L1) Ensure 'Audit Other Object Access Events' is set to 'Success and Failure'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NGWindows

AUDIT AND ACCOUNTABILITY

17.6.4 (L1) Ensure 'Audit Removable Storage' is set to 'Success and Failure'CIS Microsoft Windows Server 2025 v1.0.0 L1 MSWindows

AUDIT AND ACCOUNTABILITY

17.9.1 (L1) Ensure 'Audit IPsec Driver' is set to 'Success and Failure'CIS Microsoft Windows Server 2025 v1.0.0 L1 DCWindows

AUDIT AND ACCOUNTABILITY

17.9.2 (L1) Ensure 'Audit Other System Events' is set to 'Success and Failure'CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BLWindows

AUDIT AND ACCOUNTABILITY

17.9.2 (L1) Ensure 'Audit Other System Events' is set to 'Success and Failure'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NGWindows

AUDIT AND ACCOUNTABILITY

17.9.3 (L1) Ensure 'Audit Security State Change' is set to include 'Success'CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BLWindows

AUDIT AND ACCOUNTABILITY

17.9.3 (L1) Ensure 'Audit Security State Change' is set to include 'Success'CIS Microsoft Windows Server 2022 Stand-alone v1.0.0 L1 MSWindows

AUDIT AND ACCOUNTABILITY

17.9.4 (L1) Ensure 'Audit Security System Extension' is set to include 'Success'CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BLWindows

AUDIT AND ACCOUNTABILITY

17.9.5 (L1) Ensure 'Audit System Integrity' is set to 'Success and Failure'CIS Microsoft Windows 11 Stand-alone v4.0.0 L1Windows

AUDIT AND ACCOUNTABILITY

17.9.5 (L1) Ensure 'Audit System Integrity' is set to 'Success and Failure'CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BLWindows

AUDIT AND ACCOUNTABILITY

17.9.5 (L1) Ensure 'Audit System Integrity' is set to 'Success and Failure'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NGWindows

AUDIT AND ACCOUNTABILITY

18.6.7.1 (L1) Ensure 'Audit client does not support encryption' is set to 'Enabled'CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BLWindows

AUDIT AND ACCOUNTABILITY

18.6.7.2 (L1) Ensure 'Audit client does not support signing' is set to 'Enabled'CIS Microsoft Windows 11 Stand-alone v4.0.0 L1Windows

AUDIT AND ACCOUNTABILITY

18.6.8.1 (L1) Ensure 'Audit insecure guest logon' is set to 'Enabled'CIS Microsoft Windows Server 2025 v1.0.0 L1 MSWindows

AUDIT AND ACCOUNTABILITY

18.6.8.2 (L1) Ensure 'Audit server does not support encryption' is set to 'Enabled'CIS Microsoft Windows 11 Stand-alone v4.0.0 L1Windows

AUDIT AND ACCOUNTABILITY

18.10.16.5 (L1) Ensure 'Enable OneSettings Auditing' is set to 'Enabled'CIS Microsoft Windows Server 2025 v1.0.0 L1 MSWindows

AUDIT AND ACCOUNTABILITY

18.10.16.5 (L1) Ensure 'Enable OneSettings Auditing' is set to 'Enabled'CIS Microsoft Windows 11 Stand-alone v4.0.0 L1Windows

AUDIT AND ACCOUNTABILITY

18.10.16.5 (L1) Ensure 'Enable OneSettings Auditing' is set to 'Enabled'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NGWindows

AUDIT AND ACCOUNTABILITY