Item Search

Name	Audit Name	Plugin	Category
2.2.26 Ensure 'Deny log on as a service' to include 'No one' (STIG DC only)	CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC	Windows	ACCESS CONTROL
2.2.29 Ensure 'Deny log on as a service' to include 'No one' (STIG DC only)	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC	Windows	ACCESS CONTROL
3.9 Ensure Windows local groups are not SQL Logins	CIS SQL Server 2008 R2 DB Engine L1 v1.7.0	MS_SQLDB	ACCESS CONTROL
3.10 Ensure Windows local groups are not SQL Logins	CIS SQL Server 2022 Database L1 AWS RDS v1.1.0	MS_SQLDB	ACCESS CONTROL, MEDIA PROTECTION
3.10 Ensure Windows local groups are not SQL Logins	CIS Microsoft SQL Server 2019 v1.5.0 L1 AWS RDS	MS_SQLDB	ACCESS CONTROL, MEDIA PROTECTION
18.4.9 (L1) Ensure 'WDigest Authentication' is set to 'Disabled'	CIS Microsoft Windows Server 2019 v3.0.1 L1 MS	Windows	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.5.11.3 (L1) Ensure 'Require domain users to elevate when setting a network's location' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
18.9.30.2 Ensure 'Turn off Data Execution Prevention for Explorer' is set to 'Disabled'	CIS Windows 7 Workstation Level 1 v3.2.0	Windows	CONFIGURATION MANAGEMENT
18.9.41.1 (L2) Ensure 'Turn off location' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.9.41.1 (L2) Ensure 'Turn off location' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.10.6.1 Ensure 'Turn off Inventory Collector' is set to 'Enabled' (STIG only)	CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS	Windows	CONFIGURATION MANAGEMENT
18.10.6.1 Ensure 'Turn off Inventory Collector' is set to 'Enabled' (STIG only)	CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS	Windows	CONFIGURATION MANAGEMENT
18.10.6.1 Ensure 'Turn off Inventory Collector' is set to 'Enabled' (STIG only)	CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC	Windows	CONFIGURATION MANAGEMENT
18.10.9.1.7 (L1) Ensure 'Choose how BitLocker-protected fixed drives can be recovered: Save BitLocker recovery information to AD DS for fixed data drives' is set to 'Enabled: False'	CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.10.9.3.7 (L1) Ensure 'Choose how BitLocker-protected removable drives can be recovered: Save BitLocker recovery information to AD DS for removable data drives' is set to 'Enabled: False'	CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1	Windows	MEDIA PROTECTION
18.10.10.1.7 (BL) Ensure 'Choose how BitLocker-protected fixed drives can be recovered: Save BitLocker recovery information to AD DS for fixed data drives' is set to 'Enabled: False'	CIS Microsoft Windows 10 Enterprise v4.0.0 BL	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.10.10.2.3 (BL) Ensure 'Choose how BitLocker-protected operating system drives can be recovered' is set to 'Enabled'	CIS Microsoft Windows 10 Stand-alone v4.0.0 BL	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.10.10.2.3 (BL) Ensure 'Choose how BitLocker-protected operating system drives can be recovered' is set to 'Enabled'	CIS Microsoft Windows 11 Enterprise v4.0.0 BitLocker	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.10.10.2.3 (BL) Ensure 'Choose how BitLocker-protected operating system drives can be recovered' is set to 'Enabled'	CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BL	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.10.10.2.3 (BL) Ensure 'Choose how BitLocker-protected operating system drives can be recovered' is set to 'Enabled'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NG	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.10.10.3.4 (BL) Ensure 'Choose how BitLocker-protected removable drives can be recovered: Recovery Password' is set to 'Enabled: Do not allow 48-digit recovery password'	CIS Microsoft Windows 10 Stand-alone v4.0.0 BL	Windows	MEDIA PROTECTION
18.10.10.3.4 (BL) Ensure 'Choose how BitLocker-protected removable drives can be recovered: Recovery Password' is set to 'Enabled: Do not allow 48-digit recovery password'	CIS Microsoft Windows 11 Enterprise v4.0.0 BitLocker	Windows	MEDIA PROTECTION
18.10.10.3.4 (BL) Ensure 'Choose how BitLocker-protected removable drives can be recovered: Recovery Password' is set to 'Enabled: Do not allow 48-digit recovery password'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL	Windows	MEDIA PROTECTION
18.10.10.3.4 (BL) Ensure 'Choose how BitLocker-protected removable drives can be recovered: Recovery Password' is set to 'Enabled: Do not allow 48-digit recovery password'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL	Windows	MEDIA PROTECTION
18.10.10.3.5 (BL) Ensure 'Choose how BitLocker-protected removable drives can be recovered: Recovery Key' is set to 'Enabled: Do not allow 256-bit recovery key'	CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BL	Windows	MEDIA PROTECTION
18.10.10.3.5 (BL) Ensure 'Choose how BitLocker-protected removable drives can be recovered: Recovery Key' is set to 'Enabled: Do not allow 256-bit recovery key'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL	Windows	MEDIA PROTECTION
18.10.10.3.5 (BL) Ensure 'Choose how BitLocker-protected removable drives can be recovered: Recovery Key' is set to 'Enabled: Do not allow 256-bit recovery key'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NG	Windows	MEDIA PROTECTION
18.10.10.3.12 (BL) Ensure 'Deny write access to removable drives not protected by BitLocker: Do not allow write access to devices configured in another organization' is set to 'Enabled: False'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL	Windows	MEDIA PROTECTION
18.10.36.1 (L2) Ensure 'Turn off location' is set to 'Enabled'	CIS Microsoft Windows Server 2019 Stand-alone v2.0.0 L2 MS	Windows	CONFIGURATION MANAGEMENT
18.10.36.1 Ensure 'Turn off location' is set to 'Enabled'	CIS Microsoft Windows Server 2016 STIG v3.0.0 L2 MS	Windows	CONFIGURATION MANAGEMENT
18.10.36.1 Ensure 'Turn off location' is set to 'Enabled'	CIS Microsoft Windows Server 2019 STIG v3.0.0 L2 MS	Windows	CONFIGURATION MANAGEMENT
18.10.37.1 (L2) Ensure 'Turn off location' is set to 'Enabled'	CIS Microsoft Windows Server 2022 Stand-alone v1.0.0 L2 MS	Windows	CONFIGURATION MANAGEMENT
18.10.37.2 (L2) Ensure 'Turn off location' is set to 'Enabled'	CIS Windows Server 2012 R2 MS L2 v3.0.0	Windows	CONFIGURATION MANAGEMENT
18.10.37.2 (L2) Ensure 'Turn off location' is set to 'Enabled'	CIS Windows Server 2012 MS L2 v3.0.0	Windows	CONFIGURATION MANAGEMENT
18.10.92.1.1 (L1) Ensure 'No auto-restart with logged on users for scheduled automatic updates installations' is set to 'Disabled'	CIS Microsoft Windows Server 2016 v3.0.0 L1 MS	Windows	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
18.10.92.1.1 Ensure 'No auto-restart with logged on users for scheduled automatic updates installations' is set to 'Disabled'	CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Member Server	Windows	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
18.10.93.1.1 (L1) Ensure 'No auto-restart with logged on users for scheduled automatic updates installations' is set to 'Disabled'	CIS Windows Server 2012 DC L1 v3.0.0	Windows	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
18.10.93.1.1 (L1) Ensure 'No auto-restart with logged on users for scheduled automatic updates installations' is set to 'Disabled'	CIS Windows Server 2012 MS L1 v3.0.0	Windows	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
18.10.93.1.1 (L1) Ensure 'No auto-restart with logged on users for scheduled automatic updates installations' is set to 'Disabled'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL	Windows	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
18.10.93.1.1 (L1) Ensure 'No auto-restart with logged on users for scheduled automatic updates installations' is set to 'Disabled'	CIS Microsoft Windows Server 2022 v4.0.0 L1 DC	Windows	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
18.10.93.1.1 (L1) Ensure 'No auto-restart with logged on users for scheduled automatic updates installations' is set to 'Disabled'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL	Windows	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
18.10.93.1.1 (L1) Ensure 'No auto-restart with logged on users for scheduled automatic updates installations' is set to 'Disabled'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NG	Windows	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
DG0096-ORACLE11 - The DBMS IA policies and procedures should be reviewed annually or more frequently.	DISA STIG Oracle 11 Installation v9r1 Linux	Unix
F5BI-DM-000013 - The BIG-IP appliance must provide automated support for account management functions.	DISA F5 BIG-IP Device Management STIG v2r4	F5	ACCESS CONTROL, CONFIGURATION MANAGEMENT
SQL2-00-014900 - SQL Server must be monitored to discover unauthorized changes to functions.	DISA STIG SQL Server 2012 Database Audit v1r20	MS_SQLDB	CONFIGURATION MANAGEMENT
SQL2-00-015100 - SQL Server must be monitored to discover unauthorized changes to triggers.	DISA STIG SQL Server 2012 Database Audit v1r20	MS_SQLDB	CONFIGURATION MANAGEMENT
SQL2-00-015200 - SQL Server must be monitored to discover unauthorized changes to stored procedures.	DISA STIG SQL Server 2012 Database Audit v1r20	MS_SQLDB	CONFIGURATION MANAGEMENT
SQL4-00-014900 - SQL Server must be monitored to discover unauthorized changes to functions.	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	CONFIGURATION MANAGEMENT
SQL4-00-015100 - SQL Server must be monitored to discover unauthorized changes to triggers.	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	CONFIGURATION MANAGEMENT
SQL4-00-015200 - SQL Server must be monitored to discover unauthorized changes to stored procedures.	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	CONFIGURATION MANAGEMENT

Detections

Analytics

Item Search