Detections
Analytics

Item Search

NameAudit NamePluginCategory
2.2.6 Ensure 'Adjust memory quotas for a process' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE'CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DCWindows

ACCESS CONTROL

3.10 Ensure Windows local groups are not SQL LoginsCIS SQL Server 2022 Database L1 AWS RDS v1.1.0MS_SQLDB

ACCESS CONTROL, MEDIA PROTECTION

17.2.2 (L1) Ensure 'Audit Distribution Group Management' is set to include 'Success and Failure' (DC only)CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DCWindows

AUDIT AND ACCOUNTABILITY

17.2.3 (L1) Ensure 'Audit Distribution Group Management' is set to include 'Success' (DC only)CIS Microsoft Windows Server 2025 v1.0.0 L1 DCWindows

AUDIT AND ACCOUNTABILITY

17.2.3 (L1) Ensure 'Audit Distribution Group Management' is set to include 'Success' (DC only)CIS Microsoft Windows Server 2022 v4.0.0 L1 DCWindows

AUDIT AND ACCOUNTABILITY

17.2.3 (L1) Ensure 'Audit Distribution Group Management' is set to include 'Success' (DC only)CIS Microsoft Windows Server 2016 v3.0.0 L1 DCWindows

AUDIT AND ACCOUNTABILITY

17.2.3 Ensure 'Audit Distribution Group Management' is set to include 'Success' (DC only)CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 Domain ControllerWindows

AUDIT AND ACCOUNTABILITY

17.2.3 Ensure 'Audit Distribution Group Management' is set to include 'Success' (DC only)CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Domain ControllerWindows

AUDIT AND ACCOUNTABILITY

18.8.37.1 (L1) Ensure 'Enable RPC Endpoint Mapper Client Authentication' is set to 'Enabled' (MS only)CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MSWindows

CONFIGURATION MANAGEMENT

18.8.37.1 Ensure 'Enable RPC Endpoint Mapper Client Authentication' is set to 'Enabled'CIS Windows 7 Workstation Level 1 v3.2.0Windows

IDENTIFICATION AND AUTHENTICATION

18.9.36.1 (L1) Ensure 'Enable RPC Endpoint Mapper Client Authentication' is set to 'Enabled' (MS only)CIS Microsoft Windows Server 2019 v3.0.1 L1 MSWindows

CONFIGURATION MANAGEMENT

18.9.36.1 (L1) Ensure 'Enable RPC Endpoint Mapper Client Authentication' is set to 'Enabled' (MS only)CIS Microsoft Windows Server 2025 v1.0.0 L1 MSWindows

CONFIGURATION MANAGEMENT

18.9.77.3.2 (L2) Ensure 'Join Microsoft MAPS' is set to 'Disabled'CIS Microsoft Windows 8.1 v2.4.1 L2 BitlockerWindows

CONFIGURATION MANAGEMENT

18.9.90.1 (L1) Ensure 'Allow user control over installs' is set to 'Disabled'CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DCWindows

CONFIGURATION MANAGEMENT

18.9.90.1 (L1) Ensure 'Allow user control over installs' is set to 'Disabled'CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MSWindows

CONFIGURATION MANAGEMENT

18.10.6.1 (L1) Ensure 'Allow Microsoft accounts to be optional' is set to 'Enabled'CIS Microsoft Windows 11 Stand-alone v4.0.0 L1Windows

ACCESS CONTROL

18.10.6.1 (L1) Ensure 'Allow Microsoft accounts to be optional' is set to 'Enabled'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1Windows

ACCESS CONTROL

18.10.6.1 (L1) Ensure 'Allow Microsoft accounts to be optional' is set to 'Enabled'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NGWindows

ACCESS CONTROL

18.10.6.1 (L1) Ensure 'Allow Microsoft accounts to be optional' is set to 'Enabled'CIS Microsoft Windows 11 Enterprise v4.0.0 L1Windows

ACCESS CONTROL

18.10.6.1 (L1) Ensure 'Allow Microsoft accounts to be optional' is set to 'Enabled'CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLockerWindows

ACCESS CONTROL

18.10.37.1.1 (L2) Ensure 'Turn off Windows Location Provider' is set to 'Enabled'CIS Windows Server 2012 R2 DC L2 v3.0.0Windows

CONFIGURATION MANAGEMENT

18.10.77.3 (L1) Ensure 'Automatically send memory dumps for OS-generated error reports' is set to 'Disabled'CIS Windows Server 2012 R2 DC L1 v3.0.0Windows

CONFIGURATION MANAGEMENT

18.10.80.1 (L1) Ensure 'Allow user control over installs' is set to 'Disabled'CIS Microsoft Windows Server 2016 v3.0.0 L1 MSWindows

ACCESS CONTROL

18.10.80.1 Ensure 'Allow user control over installs' is set to 'Disabled'CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

ACCESS CONTROL

18.10.80.1 Ensure 'Allow user control over installs' is set to 'Disabled'CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 DCWindows

ACCESS CONTROL

18.10.80.1 Ensure 'Allow user control over installs' is set to 'Disabled'CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Member ServerWindows

ACCESS CONTROL

18.10.80.1 Ensure 'Allow user control over installs' is set to 'Disabled'CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MSWindows

ACCESS CONTROL

18.10.80.1 Ensure 'Allow user control over installs' is set to 'Disabled'CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MSWindows

ACCESS CONTROL

18.10.80.1 Ensure 'Allow user control over installs' is set to 'Disabled'CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DCWindows

ACCESS CONTROL

18.10.80.1 Ensure 'Allow user control over installs' is set to 'Disabled'CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MSWindows

ACCESS CONTROL

18.10.80.1 Ensure 'Allow user control over installs' is set to 'Disabled'CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Domain ControllerWindows

ACCESS CONTROL

18.10.80.1 Ensure 'Allow user control over installs' is set to 'Disabled'CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 MSWindows

ACCESS CONTROL

18.10.81.1 (L1) Ensure 'Allow user control over installs' is set to 'Disabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NGWindows

ACCESS CONTROL

18.10.81.1 (L1) Ensure 'Allow user control over installs' is set to 'Disabled'CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLockerWindows

ACCESS CONTROL

18.10.81.1 (L1) Ensure 'Allow user control over installs' is set to 'Disabled'CIS Windows Server 2012 R2 MS L1 v3.0.0Windows

CONFIGURATION MANAGEMENT

18.10.81.1 (L1) Ensure 'Allow user control over installs' is set to 'Disabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BLWindows

ACCESS CONTROL

18.10.81.1 (L1) Ensure 'Allow user control over installs' is set to 'Disabled'CIS Microsoft Windows Server 2025 v1.0.0 L1 MSWindows

ACCESS CONTROL

18.10.81.1 (L1) Ensure 'Allow user control over installs' is set to 'Disabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L1Windows

ACCESS CONTROL

18.10.81.1 (L1) Ensure 'Allow user control over installs' is set to 'Disabled'CIS Microsoft Windows Server 2022 v4.0.0 L1 DCWindows

ACCESS CONTROL

Domain member: Disable machine account password changesMSCT Windows 10 1809 v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

Domain member: Disable machine account password changesMSCT Windows 10 1903 v1.19.9Windows

IDENTIFICATION AND AUTHENTICATION

Domain member: Disable machine account password changesMSCT Windows 11 v24H2 v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

Extended Protection for LDAP Authentication (Domain Controllers only) (DEPRECATED)MSCT Windows Server 2025 DC v1.0.0Windows

CONFIGURATION MANAGEMENT

Network security: LAN Manager authentication levelMSCT Windows 10 1909 v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

Network security: LAN Manager authentication levelMSCT Windows 10 v20H2 v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

Network security: LAN Manager authentication levelMSCT Windows 10 v22H2 v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

Network security: LAN Manager authentication levelMSCT Windows Server v2004 DC v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

Network security: LAN Manager authentication levelMSCT Windows Server 2012 R2 DC v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

WN19-MS-000020 - Windows Server 2019 local administrator accounts must have their privileged token filtered to prevent elevated privileges from being used over the network on domain-joined member servers.DISA Microsoft Windows Server 2019 STIG v3r4Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WN22-MS-000020 - Windows Server 2022 local administrator accounts must have their privileged token filtered to prevent elevated privileges from being used over the network on domain-joined member servers.DISA Microsoft Windows Server 2022 STIG v2r4Windows

SYSTEM AND COMMUNICATIONS PROTECTION