Item Search

Name	Audit Name	Plugin	Category
3.9 Ensure Windows local groups are not SQL Logins	CIS SQL Server 2008 R2 DB Engine L1 v1.7.0	MS_SQLDB	ACCESS CONTROL
3.10 Ensure Windows local groups are not SQL Logins	CIS SQL Server 2022 Database L1 AWS RDS v1.1.0	MS_SQLDB	ACCESS CONTROL, MEDIA PROTECTION
3.10 Ensure Windows local groups are not SQL Logins	CIS SQL Server 2016 Database L1 AWS RDS v1.4.0	MS_SQLDB	ACCESS CONTROL, MEDIA PROTECTION
3.10 Ensure Windows local groups are not SQL Logins	CIS SQL Server 2022 Database L1 DB v1.1.0	MS_SQLDB	ACCESS CONTROL, MEDIA PROTECTION
3.10 Ensure Windows local groups are not SQL Logins	CIS Microsoft SQL Server 2019 v1.5.0 L1 AWS RDS	MS_SQLDB	ACCESS CONTROL, MEDIA PROTECTION
3.10 Ensure Windows local groups are not SQL Logins	CIS SQL Server 2012 Database L1 DB v1.6.0	MS_SQLDB	ACCESS CONTROL
3.10 Ensure Windows local groups are not SQL Logins	CIS SQL Server 2016 Database L1 DB v1.4.0	MS_SQLDB	ACCESS CONTROL, MEDIA PROTECTION
5.140 - The HBSS McAfee Agent is not installed. - FrameworkService	DISA Windows Vista STIG v6r41	Windows	CONFIGURATION MANAGEMENT
9.5 Ensure the Timeout Limits for Request Headers is Set to 40 or Less - mod_reqtimeout	CIS Apache HTTP Server 2.2 L1 v3.6.0 Middleware	Unix	CONFIGURATION MANAGEMENT
18.6.11.3 (L1) Ensure 'Require domain users to elevate when setting a network's location' is set to 'Enabled'	CIS Windows Server 2012 R2 MS L1 v3.0.0	Windows	ACCESS CONTROL
18.6.11.4 (L1) Ensure 'Require domain users to elevate when setting a network's location' is set to 'Enabled'	CIS Microsoft Windows Server 2016 v3.0.0 L1 MS	Windows	ACCESS CONTROL
18.6.11.4 (L1) Ensure 'Require domain users to elevate when setting a network's location' is set to 'Enabled'	CIS Microsoft Windows Server 2019 v3.0.1 L1 DC	Windows	ACCESS CONTROL
18.6.11.4 (L1) Ensure 'Require domain users to elevate when setting a network's location' is set to 'Enabled'	CIS Microsoft Windows Server 2025 v1.0.0 L1 DC	Windows	ACCESS CONTROL
18.6.11.4 Ensure 'Require domain users to elevate when setting a network's location' is set to 'Enabled'	CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 DC	Windows	ACCESS CONTROL
18.6.11.4 Ensure 'Require domain users to elevate when setting a network's location' is set to 'Enabled'	CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Member Server	Windows	ACCESS CONTROL
18.6.11.4 Ensure 'Require domain users to elevate when setting a network's location' is set to 'Enabled'	CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 MS	Windows	ACCESS CONTROL
18.9.11.3.3 Ensure 'Choose how BitLocker-protected removable drives can be recovered: Allow data recovery agent' is set to 'Enabled: True'	CIS Windows 7 Workstation Bitlocker v3.2.0	Windows	CONTINGENCY PLANNING, SYSTEM AND COMMUNICATIONS PROTECTION
18.9.20.1.3 (L2) Ensure 'Turn off handwriting personalization data sharing' is set to 'Enabled'	CIS Microsoft Windows 11 Enterprise v4.0.0 L2 BitLocker	Windows	CONFIGURATION MANAGEMENT
18.9.20.1.3 (L2) Ensure 'Turn off handwriting personalization data sharing' is set to 'Enabled'	CIS Microsoft Windows 11 Stand-alone v4.0.0 L2	Windows	CONFIGURATION MANAGEMENT
18.9.20.1.3 (L2) Ensure 'Turn off handwriting personalization data sharing' is set to 'Enabled'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L2	Windows	CONFIGURATION MANAGEMENT
18.9.20.1.3 (L2) Ensure 'Turn off handwriting personalization data sharing' is set to 'Enabled'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L2 BL	Windows	CONFIGURATION MANAGEMENT
18.9.20.1.3 (L2) Ensure 'Turn off handwriting personalization data sharing' is set to 'Enabled'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L2 BL NG	Windows	CONFIGURATION MANAGEMENT
18.9.20.1.3 (L2) Ensure 'Turn off handwriting personalization data sharing' is set to 'Enabled'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L2 NG	Windows	CONFIGURATION MANAGEMENT
18.9.108.1.3 (L1) Ensure 'No auto-restart with logged on users for scheduled automatic updates installations' is set to 'Disabled'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
18.9.108.1.3 (L1) Ensure 'No auto-restart with logged on users for scheduled automatic updates installations' is set to 'Disabled'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
18.10.6.1 Ensure 'Turn off Inventory Collector' is set to 'Enabled' (STIG only)	CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS	Windows	CONFIGURATION MANAGEMENT
18.10.6.1 Ensure 'Turn off Inventory Collector' is set to 'Enabled' (STIG only)	CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS	Windows	CONFIGURATION MANAGEMENT
18.10.6.1 Ensure 'Turn off Inventory Collector' is set to 'Enabled' (STIG only)	CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC	Windows	CONFIGURATION MANAGEMENT
18.10.9.1.4 (L1) Ensure 'Choose how BitLocker-protected fixed drives can be recovered: Recovery Password' is set to 'Enabled: Allow 48-digit recovery password' or higher	CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.10.10.1.7 (BL) Ensure 'Choose how BitLocker-protected fixed drives can be recovered: Save BitLocker recovery information to AD DS for fixed data drives' is set to 'Enabled: False'	CIS Microsoft Windows 10 Enterprise v4.0.0 BL	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.10.10.2.3 (BL) Ensure 'Choose how BitLocker-protected operating system drives can be recovered' is set to 'Enabled'	CIS Microsoft Windows 11 Enterprise v4.0.0 BitLocker	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.10.10.2.3 (BL) Ensure 'Choose how BitLocker-protected operating system drives can be recovered' is set to 'Enabled'	CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BL	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.10.10.2.3 (BL) Ensure 'Choose how BitLocker-protected operating system drives can be recovered' is set to 'Enabled'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NG	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.10.10.3.4 (BL) Ensure 'Choose how BitLocker-protected removable drives can be recovered: Recovery Password' is set to 'Enabled: Do not allow 48-digit recovery password'	CIS Microsoft Windows 11 Enterprise v4.0.0 BitLocker	Windows	MEDIA PROTECTION
18.10.10.3.4 (BL) Ensure 'Choose how BitLocker-protected removable drives can be recovered: Recovery Password' is set to 'Enabled: Do not allow 48-digit recovery password'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL	Windows	MEDIA PROTECTION
18.10.10.3.4 (BL) Ensure 'Choose how BitLocker-protected removable drives can be recovered: Recovery Password' is set to 'Enabled: Do not allow 48-digit recovery password'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL	Windows	MEDIA PROTECTION
18.10.10.3.5 (BL) Ensure 'Choose how BitLocker-protected removable drives can be recovered: Recovery Key' is set to 'Enabled: Do not allow 256-bit recovery key'	CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BL	Windows	MEDIA PROTECTION
18.10.10.3.5 (BL) Ensure 'Choose how BitLocker-protected removable drives can be recovered: Recovery Key' is set to 'Enabled: Do not allow 256-bit recovery key'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL	Windows	MEDIA PROTECTION
18.10.10.3.5 (BL) Ensure 'Choose how BitLocker-protected removable drives can be recovered: Recovery Key' is set to 'Enabled: Do not allow 256-bit recovery key'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NG	Windows	MEDIA PROTECTION
18.10.10.3.12 (BL) Ensure 'Deny write access to removable drives not protected by BitLocker: Do not allow write access to devices configured in another organization' is set to 'Enabled: False'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL	Windows	MEDIA PROTECTION
18.10.37.1 (L2) Ensure 'Turn off location' is set to 'Enabled'	CIS Microsoft Windows Server 2022 Stand-alone v1.0.0 L2 MS	Windows	CONFIGURATION MANAGEMENT
18.10.92.1.1 (L1) Ensure 'No auto-restart with logged on users for scheduled automatic updates installations' is set to 'Disabled'	CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1	Windows	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
18.10.93.1.1 (L1) Ensure 'No auto-restart with logged on users for scheduled automatic updates installations' is set to 'Disabled'	CIS Microsoft Windows Server 2025 v1.0.0 L1 DC	Windows	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
18.10.93.1.1 (L1) Ensure 'No auto-restart with logged on users for scheduled automatic updates installations' is set to 'Disabled'	CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BL	Windows	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
18.10.93.1.1 (L1) Ensure 'No auto-restart with logged on users for scheduled automatic updates installations' is set to 'Disabled'	CIS Microsoft Windows 11 Enterprise v4.0.0 L1	Windows	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
DG0096-ORACLE11 - The DBMS IA policies and procedures should be reviewed annually or more frequently.	DISA STIG Oracle 11 Installation v9r1 Linux	Unix
Extended Protection for LDAP Authentication (Domain Controllers only) (DEPRECATED)	MSCT Windows Server 2025 DC v1.0.0	Windows	CONFIGURATION MANAGEMENT
F5BI-DM-000013 - The BIG-IP appliance must provide automated support for account management functions.	DISA F5 BIG-IP Device Management STIG v2r4	F5	ACCESS CONTROL, CONFIGURATION MANAGEMENT
WN12-SO-000039 - The system must be configured to prevent Internet Control Message Protocol (ICMP) redirects from overriding Open Shortest Path First (OSPF) generated routes.	DISA Windows Server 2012 and 2012 R2 MS STIG v3r7	Windows	CONFIGURATION MANAGEMENT
WN19-DC-000420 - Windows Server 2019 Enable computer and user accounts to be trusted for delegation user right must only be assigned to the Administrators group on domain controllers.	DISA Microsoft Windows Server 2019 STIG v3r4	Windows	ACCESS CONTROL

Detections

Analytics

Item Search