Item Search

Name	Audit Name	Plugin	Category
1.35 WN19-00-000350	CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II	Windows	CONFIGURATION MANAGEMENT
1.37 WN19-00-000370	CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II	Windows	CONFIGURATION MANAGEMENT
2.1 Ensure 'Ad Hoc Distributed Queries' Server Configuration Option is set to '0'	CIS SQL Server 2014 Database L1 AWS RDS v1.5.0	MS_SQLDB	SYSTEM AND INFORMATION INTEGRITY
2.2 Ensure 'CLR Enabled' Server Configuration Option is set to '0'	CIS SQL Server 2012 Database L1 AWS RDS v1.6.0	MS_SQLDB	CONFIGURATION MANAGEMENT
2.3 Ensure 'Cross DB Ownership Chaining' Server Configuration Option is set to '0'	CIS Microsoft SQL Server 2022 v1.2.1 L1 Database Engine	MS_SQLDB	ACCESS CONTROL, MEDIA PROTECTION
2.6 Ensure 'Remote Access' Server Configuration Option is set to '0'	CIS SQL Server 2014 Database L1 AWS RDS v1.5.0	MS_SQLDB	SYSTEM AND INFORMATION INTEGRITY
2.8 Ensure 'Scan For Startup Procs' Server Configuration Option is set to '0'	CIS SQL Server 2016 Database L1 AWS RDS v1.4.0	MS_SQLDB	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
2.14 Ensure 'sa' Login Account has been renamed	CIS SQL Server 2014 Database L1 AWS RDS v1.5.0	MS_SQLDB	CONFIGURATION MANAGEMENT
2.16 Ensure no login exists with the name 'sa'	CIS Microsoft SQL Server 2022 v1.2.1 L1 Database Engine	MS_SQLDB	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
2.17 Ensure no login exists with the name 'sa'	CIS SQL Server 2014 Database L1 AWS RDS v1.5.0	MS_SQLDB	CONFIGURATION MANAGEMENT
3.1 Ensure 'Server Authentication' Property is set to 'Windows Authentication Mode'	CIS Microsoft SQL Server 2022 v1.2.1 L1 Database Engine	MS_SQLDB	ACCESS CONTROL
3.4 Ensure SQL Authentication is not used in contained databases	CIS SQL Server 2016 Database L1 AWS RDS v1.4.0	MS_SQLDB	ACCESS CONTROL
3.4 Ensure SQL Authentication is not used in contained databases	CIS Microsoft SQL Server 2019 v1.5.2 L1 AWS RDS	MS_SQLDB	ACCESS CONTROL
3.6 Ensure the SQL Server's SQLAgent Service Account is Not an Administrator	CIS Microsoft SQL Server 2022 v1.2.1 L1 Database Engine	MS_SQLDB	ACCESS CONTROL
3.7 Ensure the SQL Server's Full-Text Service Account is Not an Administrator	CIS Microsoft SQL Server 2022 v1.2.1 L1 Database Engine	MS_SQLDB	ACCESS CONTROL
3.8 Ensure only the default permissions specified by Microsoft are granted to the public server role	CIS SQL Server 2014 Database L1 AWS RDS v1.5.0	MS_SQLDB	ACCESS CONTROL
3.8 Ensure only the default permissions specified by Microsoft are granted to the public server role	CIS SQL Server 2016 Database L1 AWS RDS v1.4.0	MS_SQLDB	ACCESS CONTROL, MEDIA PROTECTION
3.8 Ensure only the default permissions specified by Microsoft are granted to the public server role	CIS Microsoft SQL Server 2022 v1.2.1 L1 Database Engine	MS_SQLDB	ACCESS CONTROL, MEDIA PROTECTION
4.1 Ensure 'MUST_CHANGE' Option is set to 'ON' for All SQL Authenticated Logins	CIS Microsoft SQL Server 2022 v1.2.1 L1 Database Engine	MS_SQLDB	IDENTIFICATION AND AUTHENTICATION
4.2 Ensure 'CHECK_EXPIRATION' Option is set to 'ON' for All SQL Authenticated Logins Within the Sysadmin Role	CIS SQL Server 2012 Database L1 AWS RDS v1.6.0	MS_SQLDB	ACCESS CONTROL
4.3 Ensure 'CHECK_POLICY' Option is set to 'ON' for All SQL Authenticated Logins	CIS Microsoft SQL Server 2022 v1.2.1 L1 Database Engine	MS_SQLDB	IDENTIFICATION AND AUTHENTICATION
4.3 Ensure 'CHECK_POLICY' Option is set to 'ON' for All SQL Authenticated Logins	CIS SQL Server 2012 Database L1 AWS RDS v1.6.0	MS_SQLDB	IDENTIFICATION AND AUTHENTICATION
4.3 Ensure 'CHECK_POLICY' Option is set to 'ON' for All SQL Authenticated Logins	CIS SQL Server 2016 Database L1 AWS RDS v1.4.0	MS_SQLDB	IDENTIFICATION AND AUTHENTICATION
5.1 Ensure 'Maximum number of error log files' is set to greater than or equal to '12'	CIS SQL Server 2014 Database L1 AWS RDS v1.5.0	MS_SQLDB	AUDIT AND ACCOUNTABILITY
5.1 Ensure 'Maximum number of error log files' is set to greater than or equal to '12'	CIS SQL Server 2016 Database L1 AWS RDS v1.4.0	MS_SQLDB	AUDIT AND ACCOUNTABILITY
5.2 Ensure 'Default Trace Enabled' Server Configuration Option is set to '1'	CIS SQL Server 2014 Database L1 AWS RDS v1.5.0	MS_SQLDB	AUDIT AND ACCOUNTABILITY
5.2.14 Ensure 'GRANT ANY OBJECT PRIVILEGE' Is Revoked from Unauthorized 'GRANTEE'	CIS Oracle Server 12c DB Unified Auditing v3.0.0	OracleDB	ACCESS CONTROL
5.4 Ensure 'SQL Server Audit' is set to capture both 'failed' and 'successful logins'	CIS SQL Server 2016 Database L1 AWS RDS v1.4.0	MS_SQLDB	AUDIT AND ACCOUNTABILITY
5.4 Ensure 'SQL Server Audit' is set to capture both 'failed' and 'successful logins' - 'SUCCESSFUL_LOGIN_GROUP'	CIS SQL Server 2012 Database L1 AWS RDS v1.6.0	MS_SQLDB	AUDIT AND ACCOUNTABILITY
5.4 Ensure 'SQL Server Audit' is set to capture both 'failed' and 'successful logins' - FAILED_LOGIN_GROUP	CIS SQL Server 2014 Database L1 AWS RDS v1.5.0	MS_SQLDB	AUDIT AND ACCOUNTABILITY
5.4 Ensure 'SQL Server Audit' is set to capture both 'failed' and 'successful logins' - SUCCESSFUL_LOGIN_GROUP	CIS SQL Server 2014 Database L1 AWS RDS v1.5.0	MS_SQLDB	AUDIT AND ACCOUNTABILITY
5.9 Ensure DML/DDL Grants Are Limited to Specific Databases and Users	CIS MySQL 5.6 Community Database L1 v2.0.0	MySQLDB	ACCESS CONTROL, MEDIA PROTECTION
5.9 Ensure DML/DDL Grants Are Limited to Specific Databases and Users	CIS MySQL 5.6 Enterprise Database L1 v2.0.0	MySQLDB	ACCESS CONTROL, MEDIA PROTECTION
5.9 Ensure DML/DDL Grants are Limited to Specific Databases and Users	CIS Oracle MySQL Community Server 8.0 v1.2.0 L1 MySQL RDBMS on Linux MySQLDB	MySQLDB	ACCESS CONTROL, MEDIA PROTECTION
5.9 Ensure DML/DDL Grants are Limited to Specific Databases and Users	CIS Oracle MySQL Enterprise Edition 8.0 v1.5.0 L1 MySQL RDBMS MySQLDB	MySQLDB	ACCESS CONTROL, MEDIA PROTECTION
6.2 Ensure 'CLR Assembly Permission Set' is set to 'SAFE_ACCESS' for All CLR Assemblies	CIS SQL Server 2016 Database L1 AWS RDS v1.4.0	MS_SQLDB	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
7.1 Ensure 'Symmetric Key encryption algorithm' is set to 'AES_128' or higher in non-system databases	CIS SQL Server 2016 Database L1 AWS RDS v1.4.0	MS_SQLDB	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
7.2 Ensure Asymmetric Key Size is set to 'greater than or equal to 2048' in non-system databases	CIS Microsoft SQL Server 2022 v1.2.1 L1 Database Engine	MS_SQLDB	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
7.2 Ensure Asymmetric Key Size is set to 'greater than or equal to 2048' in non-system databases	CIS SQL Server 2016 Database L1 AWS RDS v1.4.0	MS_SQLDB	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
7.2 Ensure Asymmetric Key Size is set to 'greater than or equal to 2048' in non-system databases - greater than or equal to 2048 in non-system databases	CIS SQL Server 2014 Database L1 AWS RDS v1.5.0	MS_SQLDB	SYSTEM AND COMMUNICATIONS PROTECTION
7.2 Ensure Asymmetric Key Size is set to' greater than or equal to 2048' in non-system databases	CIS SQL Server 2012 Database L1 AWS RDS v1.6.0	MS_SQLDB	SYSTEM AND COMMUNICATIONS PROTECTION
CIS_v1.1.0_Oracle_11g_OS_Unix_Linux_Level_1.audit from CIS Security Configuration Benchmark For Oracle Database Server 11g version 1.1.0	CIS v1.1.0 Oracle 11g OS L1	Unix
O19C-00-001800 - Oracle Database must provide audit record generation capability for organization-defined auditable events within the database.	DISA Oracle Database 19c STIG v1r3 OracleDB	OracleDB	AUDIT AND ACCOUNTABILITY
SQL2-00-000900 - SQL Server must allow authorized users to associate security labels to information in the database.	DISA STIG SQL Server 2012 Database Audit v1r20	MS_SQLDB	ACCESS CONTROL
SQL2-00-004000 - SQL Server must enforce access control policies to restrict the Alter trace permission to only authorized roles.	DISA STIG SQL Server 2012 DB Instance Security v1r20	MS_SQLDB	ACCESS CONTROL
SQL2-00-005600 - SQL Server must enforce access control policies to restrict the Alter resources permission to only authorized roles.	DISA STIG SQL Server 2012 DB Instance Security v1r20	MS_SQLDB	ACCESS CONTROL
SQL2-00-006700 - SQL Server must enforce access control policies to restrict the Create availability group permission to only authorized roles.	DISA STIG SQL Server 2012 DB Instance Security v1r20	MS_SQLDB	ACCESS CONTROL
SQL2-00-015700 - Vendor-supported software and patches must be evaluated and patched against newly found vulnerabilities.	DISA STIG SQL Server 2012 DB Instance Security v1r20	MS_SQLDB	CONFIGURATION MANAGEMENT
SQL6-D0-011100 - SQL Server must provide an immediate real-time alert to appropriate support staff of all audit log failures.	DISA MS SQL Server 2016 Instance STIG v3r6 MS_SQLDB	MS_SQLDB	AUDIT AND ACCOUNTABILITY
VCTR-67-000033 - The vCenter Server must use a least-privileges assignment for the vCenter Server database user.	DISA STIG VMware vSphere 6.7 vCenter v1r4	VMware	CONFIGURATION MANAGEMENT

Detections

Analytics

Item Search