Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1 Ensure Latest SQL Server Cumulative and Security Updates are InstalledCIS Microsoft SQL Server 2019 v1.5.2 L1 AWS RDSMS_SQLDB

SYSTEM AND SERVICES ACQUISITION

1.1 WN19-00-000010CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT IWindows

CONFIGURATION MANAGEMENT

1.11 WN19-00-000110CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT IWindows

SYSTEM AND INFORMATION INTEGRITY

1.27 WN19-00-000270CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT IIWindows

CONFIGURATION MANAGEMENT

1.27 WN19-00-000270CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT IIWindows

CONFIGURATION MANAGEMENT

1.44 WN19-00-000440CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT IIIWindows

AUDIT AND ACCOUNTABILITY

1.102 WN19-CC-000080CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT IIWindows

IDENTIFICATION AND AUTHENTICATION

1.102 WN19-CC-000080CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT IIWindows

IDENTIFICATION AND AUTHENTICATION

1.186 WN19-DC-000400CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT IIWindows

ACCESS CONTROL

1.208 WN19-SO-000010CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT IIWindows

ACCESS CONTROL

1.231 WN19-SO-000240CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT IIWindows

ACCESS CONTROL

1.254 WN19-UR-000010CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT IIWindows

ACCESS CONTROL

1.260 WN19-UR-000070CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT IIWindows

ACCESS CONTROL

1.265 WN19-UR-000120CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT IIWindows

ACCESS CONTROL

1.275 WN19-UR-000220CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT IIWindows

ACCESS CONTROL

2.1 Ensure 'Ad Hoc Distributed Queries' Server Configuration Option is set to '0'CIS Microsoft SQL Server 2019 v1.5.2 L1 AWS RDSMS_SQLDB

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.1.1 Ensure 'extproc' Is Not Present In 'listener.ora'CIS Oracle Database 23ai v1.1.0 L1 RDBMS On Linux Host OS UnixUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.2.8 Ensure 'REMOTE_OS_ROLES' Is Set to 'FALSE'CIS Oracle Server 18c DB Unified Auditing v1.1.0OracleDB

IDENTIFICATION AND AUTHENTICATION

2.2.8 Ensure 'REMOTE_OS_ROLES' Is Set to 'FALSE'CIS Oracle Server 18c DB Traditional Auditing v1.1.0OracleDB

IDENTIFICATION AND AUTHENTICATION

2.3 Ensure 'Cross DB Ownership Chaining' Server Configuration Option is set to '0'CIS Microsoft SQL Server 2019 v1.5.2 L1 AWS RDSMS_SQLDB

ACCESS CONTROL, MEDIA PROTECTION

2.16 Ensure no login exists with the name 'sa'CIS Microsoft SQL Server 2019 v1.5.2 L1 AWS RDSMS_SQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.17 Ensure 'clr strict security' Server Configuration Option is set to '1'CIS Microsoft SQL Server 2019 v1.5.2 L1 AWS RDSMS_SQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

3.5 Ensure the SQL Server's MSSQL Service Account is Not an AdministratorCIS Microsoft SQL Server 2019 v1.5.2 L1 AWS RDSMS_SQLDB

ACCESS CONTROL

3.6 Ensure the SQL Server's SQLAgent Service Account is Not an AdministratorCIS Microsoft SQL Server 2019 v1.5.2 L1 AWS RDSMS_SQLDB

ACCESS CONTROL

3.7 Ensure the SQL Server's Full-Text Service Account is Not an AdministratorCIS Microsoft SQL Server 2019 v1.5.2 L1 AWS RDSMS_SQLDB

ACCESS CONTROL

3.8 Ensure only the default permissions specified by Microsoft are granted to the public server roleCIS Microsoft SQL Server 2019 v1.5.2 L1 AWS RDSMS_SQLDB

ACCESS CONTROL, MEDIA PROTECTION

5.2 Ensure 'Default Trace Enabled' Server Configuration Option is set to '1'CIS Microsoft SQL Server 2019 v1.5.2 L1 AWS RDSMS_SQLDB

AUDIT AND ACCOUNTABILITY

5.2.4 Ensure 'EXECUTE ANY PROCEDURE' Is Revoked from 'DBSNMP'CIS Oracle Server 18c DB Unified Auditing v1.1.0OracleDB

ACCESS CONTROL

5.2.4 Ensure 'EXECUTE ANY PROCEDURE' Is Revoked from 'DBSNMP'CIS Oracle Server 12c DB Traditional Auditing v3.0.0OracleDB

ACCESS CONTROL

5.2.7 Ensure 'AUDIT SYSTEM' Is Revoked from Unauthorized 'GRANTEE'CIS Oracle Server 18c DB Unified Auditing v1.1.0OracleDB

ACCESS CONTROL

5.2.8 Ensure 'EXEMPT ACCESS POLICY' Is Revoked from Unauthorized 'GRANTEE'CIS Oracle Server 18c DB Unified Auditing v1.1.0OracleDB

ACCESS CONTROL

5.2.9 Ensure 'BECOME USER' Is Revoked from Unauthorized 'GRANTEE'CIS Oracle Server 18c DB Traditional Auditing v1.1.0OracleDB

ACCESS CONTROL

5.2.9 Ensure 'BECOME USER' Is Revoked from Unauthorized 'GRANTEE'CIS Oracle Server 18c DB Unified Auditing v1.1.0OracleDB

ACCESS CONTROL

5.2.14 Ensure 'GRANT ANY OBJECT PRIVILEGE' Is Revoked from Unauthorized 'GRANTEE'CIS Oracle Server 18c DB Unified Auditing v1.1.0OracleDB

ACCESS CONTROL

5.2.15 Ensure 'GRANT ANY ROLE' Is Revoked from Unauthorized 'GRANTEE'CIS Oracle Server 18c DB Unified Auditing v1.1.0OracleDB

ACCESS CONTROL

5.4 Ensure 'SQL Server Audit' is set to capture both 'failed' and 'successful logins'CIS Microsoft SQL Server 2019 v1.5.2 L1 AWS RDSMS_SQLDB

AUDIT AND ACCOUNTABILITY

6.1.9 Ensure 'ALTER SYSTEM' Is Revoked From Unauthorized 'GRANTEE'CIS Oracle Database 19c v2.0.0 L1 RDBMSOracleDB

ACCESS CONTROL, MEDIA PROTECTION

6.1.9 Ensure 'ALTER SYSTEM' Is Revoked From Unauthorized 'GRANTEE'CIS Oracle Database 23ai v1.1.0 L1 RDBMSOracleDB

ACCESS CONTROL, MEDIA PROTECTION

6.2 Ensure 'CLR Assembly Permission Set' is set to 'SAFE_ACCESS' for All CLR AssembliesCIS Microsoft SQL Server 2019 v1.5.2 L1 AWS RDSMS_SQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

7.2 Ensure Asymmetric Key Size is set to 'greater than or equal to 2048' in non-system databasesCIS Microsoft SQL Server 2019 v1.5.2 L1 AWS RDSMS_SQLDB

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

DB2X-00-000700 - DB2 must allow only the ISSM (or individuals or roles appointed by the ISSM) to select which auditable events are to be auditedDISA STIG IBM DB2 v10.5 LUW v2r1 DatabaseIBM_DB2DB

AUDIT AND ACCOUNTABILITY

ESXI-70-000081 - The ESXi host must not suppress warnings about unmitigated hyperthreading vulnerabilities.DISA VMware vSphere 7.0 ESXi STIG v1r4 VMwareVMware

CONFIGURATION MANAGEMENT

EX19-ED-000006 - SchUseStrongCrypto must be enabled.DISA Microsoft Exchange 2019 Edge Server STIG v2r2Windows

ACCESS CONTROL

MYS8-00-005700 - Unused database components, MySQL Database Server 8.0 software, and database objects must be removed.DISA Oracle MySQL 8.0 v2r2 DBMySQLDB

CONFIGURATION MANAGEMENT

O112-N1-015602 - When using command-line tools such as Oracle SQL*Plus, which can accept a plain-text password, users must use an alternative login method that does not expose the password.DISA STIG Oracle 11.2g v2r5 WindowsWindows

IDENTIFICATION AND AUTHENTICATION

O112-P3-006200 - The DBMS must protect against an individual using a group account from falsely denying having performed a particular action.DISA STIG Oracle 11.2g v2r5 DatabaseOracleDB

AUDIT AND ACCOUNTABILITY

SQL2-00-000100 - The number of concurrent SQL Server sessions for each system account must be limited.DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

ACCESS CONTROL

SQL4-00-021500 - SQL Server must isolate security functions from nonsecurity functions.DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

SYSTEM AND COMMUNICATIONS PROTECTION

SQL6-D0-005900 - The audit information produced by SQL Server must be protected from unauthorized access, modification, and deletion.DISA MS SQL Server 2016 Instance STIG v3r6 MS_SQLDBMS_SQLDB

AUDIT AND ACCOUNTABILITY

SQLI-22-007700 - SQL Server must be configured to prohibit or restrict the use of organization-defined ports, as defined in the Ports, Protocols, and Services Management (PPSM) Category Assurance List (CAL) and vulnerability assessments.DISA Microsoft SQL Server 2022 Instance STIG v1r4 MS_SQLDBMS_SQLDB

CONFIGURATION MANAGEMENT