Item Search

Name	Audit Name	Plugin	Category
1.1.2 (L1) Ensure 'Maximum password age' is set to '365 or fewer days, but not 0'	CIS Windows Server 2012 DC L1 v3.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
1.3.1 Ensure 'Enforce user logon restrictions' is set to 'Enabled' (STIG DC only)	CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC	Windows	ACCESS CONTROL
2.2.5 (L1) Ensure 'Add workstations to domain' is set to 'Administrators' (DC only)	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.5 (L1) Ensure 'Add workstations to domain' is set to 'Administrators' (DC only)	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.5 (L1) Ensure 'Add workstations to domain' is set to 'Administrators' (DC only)	CIS Windows Server 2012 R2 DC L1 v3.0.0	Windows	ACCESS CONTROL
2.2.55 Ensure 'Synchronize directory service data' is set to 'No One' (DC only)	CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 Domain Controller	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.60 Ensure 'Synchronize directory service data' is set to 'No One' (DC only)	CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Domain Controller	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
6.2.3 (L1) Ensure email from external senders is identified	CIS Microsoft 365 Foundations v5.0.0 L1 E3	microsoft_azure	CONFIGURATION MANAGEMENT
17.2.2 Ensure 'Audit Computer Account Management' is set to include 'Success' (DC only)	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC	Windows	AUDIT AND ACCOUNTABILITY
17.2.3 Ensure 'Audit Distribution Group Management' is set to include 'Success' (DC only)	CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 DC	Windows	AUDIT AND ACCOUNTABILITY
18.3.1 (L1) Ensure 'Configure SMB v1 client driver' is set to 'Enabled: Disable driver (recommended)'	CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MS	Windows	CONFIGURATION MANAGEMENT
18.4.1 (L1) Ensure 'Configure SMB v1 client driver' is set to 'Enabled: Disable driver (recommended)'	CIS Microsoft Windows 11 Stand-alone v4.0.0 L1	Windows	CONFIGURATION MANAGEMENT
18.4.2 (L1) Ensure 'Configure SMB v1 client driver' is set to 'Enabled: Disable driver (recommended)'	CIS Microsoft Windows Server 2025 v1.0.0 L1 MS	Windows	CONFIGURATION MANAGEMENT
18.4.2 (L1) Ensure 'Configure SMB v1 server' is set to 'Disabled'	CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BL	Windows	CONFIGURATION MANAGEMENT
18.4.3 (L1) Ensure 'Configure SMB v1 client driver' is set to 'Enabled: Disable driver (recommended)'	CIS Microsoft Windows Server 2016 v3.0.0 L1 DC	Windows	CONFIGURATION MANAGEMENT
18.4.3 (L1) Ensure 'Configure SMB v1 server' is set to 'Disabled'	CIS Microsoft Windows Server 2025 v1.0.0 L1 DC	Windows	CONFIGURATION MANAGEMENT
18.4.3 (L1) Ensure 'Configure SMB v1 server' is set to 'Disabled'	CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL	Windows	CONFIGURATION MANAGEMENT
18.4.3 (L1) Ensure 'Configure SMB v1 server' is set to 'Disabled'	CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL NG	Windows	CONFIGURATION MANAGEMENT
18.4.3 (L1) Ensure 'Configure SMB v1 server' is set to 'Disabled'	CIS Windows Server 2012 R2 MS L1 v3.0.0	Windows	CONFIGURATION MANAGEMENT
18.4.3 (L1) Ensure 'Configure SMB v1 server' is set to 'Disabled'	CIS Microsoft Windows Server 2019 Stand-alone v2.0.0 L1 MS	Windows	CONFIGURATION MANAGEMENT
18.4.3 (L1) Ensure 'Configure SMB v1 server' is set to 'Disabled'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1	Windows	CONFIGURATION MANAGEMENT
18.4.3 (L1) Ensure 'Configure SMB v1 server' is set to 'Disabled'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG	Windows	CONFIGURATION MANAGEMENT
18.4.3 (L1) Ensure 'Configure SMB v1 server' is set to 'Disabled'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NG	Windows	CONFIGURATION MANAGEMENT
18.4.3 Ensure 'Configure SMB v1 client driver' is set to 'Enabled: Disable driver (recommended)'	CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS	Windows	CONFIGURATION MANAGEMENT
18.4.3 Ensure 'Configure SMB v1 client driver' is set to 'Enabled: Disable driver (recommended)'	CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 DC	Windows	CONFIGURATION MANAGEMENT
18.4.3 Ensure 'Configure SMB v1 client driver' is set to 'Enabled: Disable driver (recommended)'	CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC	Windows	CONFIGURATION MANAGEMENT
18.4.3 Ensure 'Configure SMB v1 client driver' is set to 'Enabled: Disable driver (recommended)'	CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Domain Controller	Windows	CONFIGURATION MANAGEMENT
18.4.4 Ensure 'Configure SMB v1 server' is set to 'Disabled'	CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Member Server	Windows	CONFIGURATION MANAGEMENT
18.4.4 Ensure 'Configure SMB v1 server' is set to 'Disabled'	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS	Windows	CONFIGURATION MANAGEMENT
18.4.4 Ensure 'Configure SMB v1 server' is set to 'Disabled'	CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 DC	Windows	CONFIGURATION MANAGEMENT
18.4.4 Ensure 'Configure SMB v1 server' is set to 'Disabled'	CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 MS	Windows	CONFIGURATION MANAGEMENT
18.4.4 Ensure 'Configure SMB v1 server' is set to 'Disabled'	CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS	Windows	CONFIGURATION MANAGEMENT
18.4.4 Ensure 'Configure SMB v1 server' is set to 'Disabled'	CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Domain Controller	Windows	CONFIGURATION MANAGEMENT
18.4.4 Ensure 'Configure SMB v1 server' is set to 'Disabled'	CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 MS	Windows	CONFIGURATION MANAGEMENT
18.6.14.1 (L1) Ensure 'Hardened UNC Paths' is set to 'Enabled, with 'Require Mutual Authentication', 'Require Integrity', and 'Require Privacy' set for all NETLOGON and SYSVOL shares'	CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker	Windows	IDENTIFICATION AND AUTHENTICATION
18.6.14.1 (L1) Ensure 'Hardened UNC Paths' is set to 'Enabled, with 'Require Mutual Authentication', 'Require Integrity', and 'Require Privacy' set for all NETLOGON and SYSVOL shares'	CIS Microsoft Windows Server 2025 v1.0.0 L1 DC	Windows	IDENTIFICATION AND AUTHENTICATION
18.6.14.1 (L1) Ensure 'Hardened UNC Paths' is set to 'Enabled, with 'Require Mutual Authentication', 'Require Integrity', and 'Require Privacy' set for all NETLOGON and SYSVOL shares'	CIS Microsoft Windows Server 2025 v1.0.0 L1 MS	Windows	IDENTIFICATION AND AUTHENTICATION
18.6.14.1 (L1) Ensure 'Hardened UNC Paths' is set to 'Enabled, with 'Require Mutual Authentication', 'Require Integrity', and 'Require Privacy' set for all NETLOGON and SYSVOL shares'	CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL NG	Windows	IDENTIFICATION AND AUTHENTICATION
18.6.14.1 (L1) Ensure 'Hardened UNC Paths' is set to 'Enabled, with 'Require Mutual Authentication', 'Require Integrity', and 'Require Privacy' set for all NETLOGON and SYSVOL shares'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NG	Windows	IDENTIFICATION AND AUTHENTICATION
18.6.14.1 (L1) Ensure 'Hardened UNC Paths' is set to 'Enabled, with 'Require Mutual Authentication', 'Require Integrity', and 'Require Privacy' set for all NETLOGON and SYSVOL shares'	CIS Microsoft Windows Server 2016 v3.0.0 L1 DC	Windows	IDENTIFICATION AND AUTHENTICATION
18.6.14.1 (L1) Ensure 'Hardened UNC Paths' is set to 'Enabled, with 'Require Mutual Authentication', 'Require Integrity', and 'Require Privacy' set for all NETLOGON and SYSVOL shares'	CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1	Windows	IDENTIFICATION AND AUTHENTICATION
18.6.14.1 (L1) Ensure 'Hardened UNC Paths' is set to 'Enabled, with 'Require Mutual Authentication', 'Require Integrity', and 'Require Privacy' set for all NETLOGON and SYSVOL shares'	CIS Microsoft Windows 11 Enterprise v4.0.0 L1	Windows	IDENTIFICATION AND AUTHENTICATION
18.6.14.1 (L1) Ensure 'Hardened UNC Paths' is set to 'Enabled, with 'Require Mutual Authentication', 'Require Integrity', and 'Require Privacy' set for all NETLOGON and SYSVOL shares'	CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BL	Windows	IDENTIFICATION AND AUTHENTICATION
18.6.14.1 (L1) Ensure 'Hardened UNC Paths' is set to 'Enabled, with 'Require Mutual Authentication', 'Require Integrity', and 'Require Privacy' set for all NETLOGON and SYSVOL shares'	CIS Microsoft Windows Server 2022 v4.0.0 L1 DC	Windows	IDENTIFICATION AND AUTHENTICATION
18.6.14.1 Ensure 'Hardened UNC Paths' is set to 'Enabled, with 'Require Mutual Authentication', 'Require Integrity', and 'Require Privacy' set for all NETLOGON and SYSVOL shares'	CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 MS	Windows	IDENTIFICATION AND AUTHENTICATION
18.6.14.1 Ensure 'Hardened UNC Paths' is set to 'Enabled, with 'Require Mutual Authentication', 'Require Integrity', and 'Require Privacy' set for all NETLOGON and SYSVOL shares'	CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS	Windows	IDENTIFICATION AND AUTHENTICATION
18.6.14.1 Ensure 'Hardened UNC Paths' is set to 'Enabled, with 'Require Mutual Authentication', 'Require Integrity', and 'Require Privacy' set for all NETLOGON and SYSVOL shares'	CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC	Windows	IDENTIFICATION AND AUTHENTICATION
18.6.14.1 Ensure 'Hardened UNC Paths' is set to 'Enabled, with 'Require Mutual Authentication', 'Require Integrity', and 'Require Privacy' set for all NETLOGON and SYSVOL shares'	CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 MS	Windows	IDENTIFICATION AND AUTHENTICATION
18.6.14.2 Ensure 'Hardened UNC Paths' is set to 'Enabled, with 'Require Mutual Authentication', 'Require Integrity' set for all NETLOGON and SYSVOL shares' (STIG only)	CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS	Windows	IDENTIFICATION AND AUTHENTICATION
20.56 Ensure 'Separate NSA-approved (Type 1) cryptography is used' (STIG DC only)	CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC	Windows	SYSTEM AND COMMUNICATIONS PROTECTION

Detections

Analytics

Item Search