Item Search

Name	Audit Name	Plugin	Category
1.1 Ensure Latest SQL Server Service Packs and Hotfixes are Installed	CIS SQL Server 2008 R2 DB Engine L1 v1.7.0	MS_SQLDB	CONFIGURATION MANAGEMENT
2.2.24 (L1) Ensure 'Deny log on through Remote Desktop Services' to include 'Guests'	CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DC	Windows	ACCESS CONTROL
2.2.45 Ensure 'Increase scheduling priority' is set to 'Administrators' (STIG only)	CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS	Windows	ACCESS CONTROL
2.3.5.3 (L1) Ensure 'Domain controller: LDAP server channel binding token requirements' is set to 'Always' (DC Only)	CIS Windows Server 2012 R2 DC L1 v3.0.0	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.10.5 Ensure 'Network access: Do not allow anonymous enumeration of SAM accounts and shares' is set to 'Enabled' (STIG DC & MS only)	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC	Windows	ACCESS CONTROL
2.3.10.8 Configure 'Network access: Remotely accessible registry paths and sub-paths' is configured - Network access: Remotely accessible registry paths and sub-paths is configured	CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS	Windows	ACCESS CONTROL
2.3.11.6 Ensure 'Network security: LAN Manager authentication level' is set to 'Send NTLMv2 response only. Refuse LM & NTLM' - Send NTLMv2 response only. Refuse LM & NTLM	CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
4.10.9.1.3 (BL) Ensure 'Prevent installation of devices that match any of these device IDs: Prevent installation of devices that match any of these device IDs' is set to 'PCI\CC_0C0A'	CIS Microsoft Intune for Windows 10 v4.0.0 BL	Windows	MEDIA PROTECTION
5.1.2.1 (L1) Ensure 'Per-user MFA' is disabled	CIS Microsoft 365 Foundations v4.0.0 L1 E3	microsoft_azure	IDENTIFICATION AND AUTHENTICATION
5.42 (L2) Ensure 'WinHTTP Web Proxy Auto-Discovery Service (WinHttpAutoProxySvc)' is set to 'Disabled'	CIS Microsoft Windows 10 Enterprise v4.0.0 L2	Windows	CONFIGURATION MANAGEMENT
8.1 (L1) VMware Tools must be a version that has not reached End of General Support status	CIS VMware ESXi 8.0 v1.2.0 L1	VMware	SYSTEM AND SERVICES ACQUISITION
8.3 (L1) VMware Tools should configure automatic upgrades as appropriate for the environment	CIS VMware ESXi 8.0 v1.2.0 L1	VMware	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
8.6 (L1) VMware Tools must limit the automatic removal of features	CIS VMware ESXi 8.0 v1.2.0 L1	VMware	CONFIGURATION MANAGEMENT, MAINTENANCE
8.10 (L1) VMware Tools must deactivate Guest Store Upgrade operations unless required	CIS VMware ESXi 8.0 v1.2.0 L1	VMware	CONFIGURATION MANAGEMENT
8.11 (L2) VMware Tools must deactivate Service Discovery unless required	CIS VMware ESXi 8.0 v1.2.0 L2	VMware	CONFIGURATION MANAGEMENT
17.7.2 Ensure 'Audit Audit Policy Change' is set to include 'Success and Failure' (STIG only)	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS	Windows	AUDIT AND ACCOUNTABILITY
17.7.3 Ensure 'Audit Audit Policy Change' is set to include 'Success and Failure' (STIG only)	CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC	Windows	AUDIT AND ACCOUNTABILITY
18.8.7.1.2 (BL) Ensure 'Prevent installation of devices that match any of these device IDs: Prevent installation of devices that match any of these device IDs' is set to 'PCI\CC_0C0A'	CIS Microsoft Windows 8.1 v2.4.1 L2 Bitlocker	Windows	MEDIA PROTECTION, SYSTEM AND COMMUNICATIONS PROTECTION
18.9.7.1.2 (BL) Ensure 'Prevent installation of devices that match any of these device IDs: Prevent installation of devices that match any of these device IDs' is set to 'PCI\CC_0C0A'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL	Windows	MEDIA PROTECTION
18.9.7.1.2 (BL) Ensure 'Prevent installation of devices that match any of these device IDs: Prevent installation of devices that match any of these device IDs' is set to 'PCI\CC_0C0A'	CIS Microsoft Windows 10 Stand-alone v3.0.0 L2 BL	Windows	MEDIA PROTECTION
18.9.7.1.2 (BL) Ensure 'Prevent installation of devices that match any of these device IDs: Prevent installation of devices that match any of these device IDs' is set to 'PCI\CC_0C0A'	CIS Microsoft Windows 10 Stand-alone v3.0.0 L2 BL NG	Windows	MEDIA PROTECTION
18.9.7.1.2 (BL) Ensure 'Prevent installation of devices that match any of these device IDs: Prevent installation of devices that match any of these device IDs' is set to 'PCI\CC_0C0A'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG	Windows	MEDIA PROTECTION
18.9.7.1.2 (BL) Ensure 'Prevent installation of devices that match any of these device IDs: Prevent installation of devices that match any of these device IDs' is set to 'PCI\CC_0C0A'	CIS Microsoft Windows 10 Stand-alone v3.0.0 BL	Windows	MEDIA PROTECTION
18.9.7.1.2 (BL) Ensure 'Prevent installation of devices that match any of these device IDs: Prevent installation of devices that match any of these device IDs' is set to 'PCI\CC_0C0A'	CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL	Windows	MEDIA PROTECTION
18.9.7.1.2 (BL) Ensure 'Prevent installation of devices that match any of these device IDs: Prevent installation of devices that match any of these device IDs' is set to 'PCI\CC_0C0A'	CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL NG	Windows	MEDIA PROTECTION
18.9.7.1.6 (L1) Ensure 'Prevent installation of devices that match any of these device IDs: Prevent installation of devices that match any of these device IDs' is set to 'PCI\CC_0C0A'	CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1	Windows	MEDIA PROTECTION
18.9.18.2 Ensure 'Turn Off user-installed desktop gadgets' is set to 'Enabled'	CIS Windows 7 Workstation Level 1 v3.2.0	Windows	CONFIGURATION MANAGEMENT
18.10.9.1.12 (BL) Ensure 'Configure use of smart cards on fixed data drives' is set to 'Enabled'	CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL NG	Windows	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.10.9.3.12 (BL) Ensure 'Configure use of smart cards on removable data drives' is set to 'Enabled'	CIS Microsoft Windows 10 Stand-alone v3.0.0 L2 BL	Windows	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.10.9.3.12 (BL) Ensure 'Configure use of smart cards on removable data drives' is set to 'Enabled'	CIS Microsoft Windows 10 Stand-alone v3.0.0 L2 BL NG	Windows	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.10.10.1.12 (BL) Ensure 'Configure use of smart cards on fixed data drives' is set to 'Enabled'	CIS Microsoft Windows 11 Enterprise v4.0.0 BitLocker	Windows	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.10.10.3.9 (BL) Ensure 'Configure use of smart cards on removable data drives' is set to 'Enabled'	CIS Microsoft Windows 11 Stand-alone v4.0.0 BL	Windows	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.10.10.3.12 (BL) Ensure 'Configure use of smart cards on removable data drives' is set to 'Enabled'	CIS Microsoft Windows 10 Enterprise v4.0.0 BL	Windows	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.10.28.2 (L1) Ensure 'Turn off Data Execution Prevention for Explorer' is set to 'Disabled'	CIS Microsoft Windows Server 2019 v3.0.1 L1 MS	Windows	SYSTEM AND INFORMATION INTEGRITY
18.10.28.2 (L1) Ensure 'Turn off Data Execution Prevention for Explorer' is set to 'Disabled'	CIS Microsoft Windows Server 2016 v3.0.0 L1 DC	Windows	SYSTEM AND INFORMATION INTEGRITY
18.10.28.2 Ensure 'Turn off Data Execution Prevention for Explorer' is set to 'Disabled'	CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Member Server	Windows	SYSTEM AND INFORMATION INTEGRITY
18.10.28.2 Ensure 'Turn off Data Execution Prevention for Explorer' is set to 'Disabled'	CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 MS	Windows	SYSTEM AND INFORMATION INTEGRITY
18.10.29.3 (L1) Ensure 'Turn off Data Execution Prevention for Explorer' is set to 'Disabled'	CIS Microsoft Windows Server 2025 v1.0.0 L1 DC	Windows	SYSTEM AND INFORMATION INTEGRITY
81.42 (L2) Ensure 'WinHTTP Web Proxy Auto-Discovery Service (WinHttpAutoProxySvc)' is set to 'Disabled'	CIS Microsoft Intune for Windows 10 v4.0.0 L2	Windows	CONFIGURATION MANAGEMENT
CIS_Apple_macOS_10.13_v1.1.0_Level_2.audit from CIS Apple macOS 10.13 Benchmark v1.1.0	CIS Apple macOS 10.13 L2 v1.1.0	Unix
CIS_Apple_macOS_10.14_v2.0.0_L2.audit from CIS Apple macOS 10.14 Benchmark v2.0.0	CIS Apple macOS 10.14 v2.0.0 L2	Unix
CIS_CentOS_6_v3.0.0_Server_L2.audit from CIS CentOS Linux 6 Benchmark v3.0.0	CIS CentOS 6 Server L2 v3.0.0	Unix
CIS_CentOS_8_Workstation_L2_v2.0.0.audit from CIS CentOS Linux 8 Benchmark v2.0.0	CIS CentOS Linux 8 Workstation L2 v2.0.0	Unix
CIS_Microsoft_SharePoint_2019_OS_v1.0.0_Level_1.audit from CIS Microsoft SharePoint 2019 Benchmark v1.0.0	CIS Microsoft SharePoint 2019 OS v1.0.0	Windows
CIS_Mozilla_Firefox_102_ESR_v1.0.0_Windows_Level2.audit for CIS Mozilla Firefox 102 ESR v1.0.0	CIS Mozilla Firefox 102 ESR Windows L2 v1.0.0	Windows
CIS_MySQL_5.6_Enterprise_Benchmark_v2.0.0_LEVEL_1_DB.audit from CIS Oracle MySQL 5.6 Enterprise Edition Benchmark	CIS MySQL 5.6 Enterprise Database L1 v2.0.0	MySQLDB
CIS_MySQL_5.7_Community_Benchmark_v2.0.0_Level_1_OS_MS.audit from CIS Oracle MySQL 5.7 Community Edition Benchmark	CIS MySQL 5.7 Community Windows OS L1 v2.0.0	Windows
CIS_MySQL_5.7_Enterprise_Benchmark_v2.0.0_Level_1_OS_Linux.audit from CIS Oracle MySQL 5.7 Enterprise Edition Benchmark	CIS MySQL 5.7 Enterprise Linux OS L1 v2.0.0	Unix
CIS_Oracle_Linux_8_Server_L2_v3.0.0.audit from CIS Oracle Linux 8 Benchmark v3.0.0	CIS Oracle Linux 8 Server L2 v3.0.0	Unix
CIS_Ubuntu_18.04_LXD_Host_v1.0.0_L2_Workstation.audit from CIS Ubuntu Linux 18.04 LXD Host Benchmark	CIS Ubuntu Linux 18.04 LXD Host L2 Workstation v1.0.0	Unix

Detections

Analytics

Item Search