Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.19 WN19-00-000190CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT IIWindows

ACCESS CONTROL

1.217 WN19-SO-000100CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT IIWindows

IDENTIFICATION AND AUTHENTICATION

2.2 Ensure that MongoDB does not bypass authentication via the localhost exceptionCIS MongoDB 7 v1.2.0 L1 WindowsWindows

IDENTIFICATION AND AUTHENTICATION

2.3 Ensure 'Cross DB Ownership Chaining' Server Configuration Option is set to '0'CIS Microsoft SQL Server 2025 v1.0.0 L1 Database Engine MS_SQLDBMS_SQLDB

ACCESS CONTROL, MEDIA PROTECTION

2.5 Ensure the SharePoint farm service account (database access account) is configured with the minimum privileges on the SQL server.CIS Microsoft SharePoint 2019 DB v1.0.0MS_SQLDB
2.8 Ensure Socket Peer-Credential Authentication is Used AppropriatelyCIS MySQL 5.6 Community Database L2 v2.0.0MySQLDB

CONFIGURATION MANAGEMENT

2.11 Ensure SQL Server is configured to use non-standard portsCIS Microsoft SQL Server 2025 v1.0.0 L1 Database Engine MS_SQLDBMS_SQLDB

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.13 Ensure the 'sa' Login Account is set to 'Disabled'CIS Microsoft SQL Server 2025 v1.0.0 L1 Database Engine MS_SQLDBMS_SQLDB

ACCESS CONTROL

2.14 Ensure the 'sa' Login Account has been renamedCIS Microsoft SQL Server 2025 v1.0.0 L1 Database Engine MS_SQLDBMS_SQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.7 Ensure the SQL Server's Full-Text Service Account is Not an AdministratorCIS Microsoft SQL Server 2025 v1.0.0 L1 Database Engine WindowsWindows

ACCESS CONTROL

4.1 Ensure 'MUST_CHANGE' Option is set to 'ON' for All SQL Authenticated LoginsCIS Microsoft SQL Server 2025 v1.0.0 L1 Database Engine MS_SQLDBMS_SQLDB

IDENTIFICATION AND AUTHENTICATION

4.5 Ensure 'SYS.USER$MIG' Has Been DroppedCIS Oracle Server 18c DB Unified Auditing v1.1.0OracleDB

IDENTIFICATION AND AUTHENTICATION

5.1.1.3 Ensure 'EXECUTE' is revoked from 'PUBLIC' on 'Encryption' Packages - Encryption PackagesCIS Oracle Server 18c DB Traditional Auditing v1.1.0OracleDB

ACCESS CONTROL

5.2 Ensure 'Default Trace Enabled' Server Configuration Option is set to '1'CIS Microsoft SQL Server 2025 v1.0.0 L1 Database Engine MS_SQLDBMS_SQLDB

AUDIT AND ACCOUNTABILITY

5.2.2 Ensure 'DBA_SYS_PRIVS.%' Is Revoked from Unauthorized 'GRANTEE' with 'ADMIN_OPTION' Set to 'YES'CIS Oracle Server 18c DB Traditional Auditing v1.1.0OracleDB

ACCESS CONTROL

5.2.2 Ensure 'DBA_SYS_PRIVS.%' Is Revoked from Unauthorized 'GRANTEE' with 'ADMIN_OPTION' Set to 'YES'CIS Oracle Server 18c DB Unified Auditing v1.1.0OracleDB

ACCESS CONTROL

5.2.5 Ensure 'SELECT ANY DICTIONARY' Is Revoked from Unauthorized 'GRANTEE'CIS Oracle Server 12c DB Traditional Auditing v3.0.0OracleDB

ACCESS CONTROL

5.3.3 Ensure 'DBA' Is Revoked from Unauthorized 'GRANTEE'CIS Oracle Server 18c DB Unified Auditing v1.1.0OracleDB

ACCESS CONTROL

5.3.4 Ensure AUDIT_ADMIN' Is Revoked from Unauthorized 'GRANTEE'CIS Oracle Server 18c DB Unified Auditing v1.1.0OracleDB

ACCESS CONTROL, MEDIA PROTECTION

5.4 Ensure 'SQL Server Audit' is set to capture both 'failed' and 'successful logins'CIS Microsoft SQL Server 2025 v1.0.0 L1 Database Engine MS_SQLDBMS_SQLDB

AUDIT AND ACCOUNTABILITY

6.1.3 Ensure 'IMPORT' And 'EXPORT' 'FULL DATABASE' Is Revoked From Unauthorized 'GRANTEE'CIS Oracle Database 19c v2.0.0 L1 RDBMSOracleDB

ACCESS CONTROL, MEDIA PROTECTION

6.1.3 Ensure 'IMPORT' And 'EXPORT' 'FULL DATABASE' Is Revoked From Unauthorized 'GRANTEE'CIS Oracle Database 23ai v1.1.0 L1 RDBMSOracleDB

ACCESS CONTROL, MEDIA PROTECTION

6.2.12 Ensure the 'CREATE DATABASE LINK' Action Audit Is EnabledCIS Oracle Server 12c DB Unified Auditing v3.0.0OracleDB

AUDIT AND ACCOUNTABILITY

6.2.12 Ensure the 'CREATE DATABASE LINK' Action Audit Is EnabledCIS Oracle Server 18c DB Unified Auditing v1.1.0OracleDB

AUDIT AND ACCOUNTABILITY

6.2.13 Ensure the 'ALTER DATABASE LINK' Action Audit Is EnabledCIS Oracle Server 12c DB Unified Auditing v3.0.0OracleDB

AUDIT AND ACCOUNTABILITY

6.2.14 Ensure the 'DROP DATABASE LINK' Action Audit Is EnabledCIS Oracle Server 18c DB Unified Auditing v1.1.0OracleDB

AUDIT AND ACCOUNTABILITY

7.2 Ensure Asymmetric Key Size is set to 'greater than or equal to 2048' in non-system databasesCIS Microsoft SQL Server 2025 v1.0.0 L1 Database Engine MS_SQLDBMS_SQLDB

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

DB2X-00-002500 - DB2 must protect its audit features from unauthorized accessDISA STIG IBM DB2 v10.5 LUW v2r1 DatabaseIBM_DB2DB

AUDIT AND ACCOUNTABILITY

MADB-10-005800 - MariaDB and associated applications must reserve the use of dynamic code execution for situations that require it.DISA MariaDB Enterprise 10.x v2r4 DBMySQLDB

SYSTEM AND INFORMATION INTEGRITY

MADB-10-006900 - Execution of software modules (to include stored procedures, functions, and triggers) with elevated privileges must be restricted to necessary cases only.DISA MariaDB Enterprise 10.x v2r4 DBMySQLDB

ACCESS CONTROL

SQL2-00-012100 - SQL Server must produce audit records containing sufficient information to establish the sources (origins) of the events - 'Event ID 20'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL2-00-012100 - SQL Server must produce audit records containing sufficient information to establish the sources (origins) of the events - 'Event ID 102'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL2-00-012100 - SQL Server must produce audit records containing sufficient information to establish the sources (origins) of the events - 'Event ID 103'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL2-00-012100 - SQL Server must produce audit records containing sufficient information to establish the sources (origins) of the events - 'Event ID 105'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL2-00-012100 - SQL Server must produce audit records containing sufficient information to establish the sources (origins) of the events - 'Event ID 106'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL2-00-012100 - SQL Server must produce audit records containing sufficient information to establish the sources (origins) of the events - 'Event ID 107'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL2-00-012100 - SQL Server must produce audit records containing sufficient information to establish the sources (origins) of the events - 'Event ID 108'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL2-00-012100 - SQL Server must produce audit records containing sufficient information to establish the sources (origins) of the events - 'Event ID 111'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL2-00-012100 - SQL Server must produce audit records containing sufficient information to establish the sources (origins) of the events - 'Event ID 112'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL2-00-012100 - SQL Server must produce audit records containing sufficient information to establish the sources (origins) of the events - 'Event ID 115'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL2-00-012100 - SQL Server must produce audit records containing sufficient information to establish the sources (origins) of the events - 'Event ID 118'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL2-00-012100 - SQL Server must produce audit records containing sufficient information to establish the sources (origins) of the events - 'Event ID 128'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL2-00-012100 - SQL Server must produce audit records containing sufficient information to establish the sources (origins) of the events - 'Event ID 131'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL2-00-012100 - SQL Server must produce audit records containing sufficient information to establish the sources (origins) of the events - 'Event ID 132'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL2-00-012100 - SQL Server must produce audit records containing sufficient information to establish the sources (origins) of the events - 'Event ID 133'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL2-00-012100 - SQL Server must produce audit records containing sufficient information to establish the sources (origins) of the events - 'Event ID 134'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL2-00-012100 - SQL Server must produce audit records containing sufficient information to establish the sources (origins) of the events - 'Event ID 135'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL2-00-012100 - SQL Server must produce audit records containing sufficient information to establish the sources (origins) of the events - 'Event ID 176'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-016700 - SQL Server must have the SQL Server Integration Services (SSIS) software component removed if it is unused.DISA STIG SQL Server 2014 Instance OS Audit v2r4Windows

CONFIGURATION MANAGEMENT

SQL4-00-038900 - If SQL Server authentication, using passwords, is employed, SQL Server must enforce the DoD standards for password complexity.DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

IDENTIFICATION AND AUTHENTICATION