Item Search

Name	Audit Name	Plugin	Category
2.2.24 Ensure 'Deny log on as a batch job' to include 'Guests, Enterprise Admins Group, and Domain Admins Group' (STIG MS only)	CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS	Windows	ACCESS CONTROL
2.2.27 Ensure 'Deny log on as a batch job' to include 'Guests, Enterprise Admins Group, and Domain Admins Group' (STIG MS only)	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS	Windows	ACCESS CONTROL
2.2.43 Ensure 'Impersonate a client after authentication' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE' (STIG MS only)	CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS	Windows	ACCESS CONTROL
5.4.1 Ensure password creation requirements are configured - lcredit	CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Workstation	Unix	IDENTIFICATION AND AUTHENTICATION
5.4.1 Ensure password creation requirements are configured - password-auth retry=3	CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Server	Unix	IDENTIFICATION AND AUTHENTICATION
5.4.1 Ensure password creation requirements are configured - password-auth try_first_pass	CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Workstation	Unix	IDENTIFICATION AND AUTHENTICATION
5.4.1 Ensure password creation requirements are configured - system-auth try_first_pass	CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Workstation	Unix	IDENTIFICATION AND AUTHENTICATION
5.4.1 Ensure password creation requirements are configured - ucredit	CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Server	Unix	IDENTIFICATION AND AUTHENTICATION
5.27 (L1) Ensure 'Telnet (TlntSvr)' is set to 'Disabled' or 'Not Installed'	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker	Windows	CONFIGURATION MANAGEMENT
18.4.7 (L1) Ensure 'LSA Protection' is set to 'Enabled'	CIS Microsoft Windows Server 2016 v3.0.0 L1 MS	Windows	SYSTEM AND INFORMATION INTEGRITY
18.6.14.1 (L1) Ensure 'Hardened UNC Paths' is set to 'Enabled, with 'Require Mutual Authentication', 'Require Integrity', and 'Require Privacy' set for all NETLOGON and SYSVOL shares'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1	Windows	IDENTIFICATION AND AUTHENTICATION
18.6.14.1 (L1) Ensure 'Hardened UNC Paths' is set to 'Enabled, with 'Require Mutual Authentication', 'Require Integrity', and 'Require Privacy' set for all NETLOGON and SYSVOL shares'	CIS Microsoft Windows Server 2019 v4.0.0 L1 DC	Windows	IDENTIFICATION AND AUTHENTICATION
18.6.14.1 (L1) Ensure 'Hardened UNC Paths' is set to 'Enabled, with 'Require Mutual Authentication', 'Require Integrity', and 'Require Privacy' set for all NETLOGON and SYSVOL shares'	CIS Microsoft Windows Server 2019 v4.0.0 L1 MS	Windows	IDENTIFICATION AND AUTHENTICATION
18.8.7.2 Ensure 'Allow remote access to the Plug and Play interface' is set to 'Disabled'	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0	Windows	ACCESS CONTROL
18.8.22.1.2 (L2) Ensure 'Turn off handwriting personalization data sharing' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.9.11.1.3 (BL) Ensure 'Choose how BitLocker-protected fixed drives can be recovered: Allow data recovery agent' is set to 'Enabled: True'	CIS Microsoft Windows 8.1 v2.4.1 L2 Bitlocker	Windows	ACCESS CONTROL, CONTINGENCY PLANNING
18.9.11.1.14 (BL) Ensure 'Configure use of passwords for fixed data drives' is set to 'Disabled'	CIS Microsoft Windows 8.1 v2.4.1 L2 Bitlocker	Windows	CONFIGURATION MANAGEMENT
18.9.11.2.11 Ensure 'Require additional authentication at startup' is set to 'Enabled'	CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0	Windows	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.9.11.2.11 Ensure 'Require additional authentication at startup' is set to 'Enabled'	CIS Windows 7 Workstation Bitlocker v3.2.0	Windows	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.9.11.2.13 Ensure 'Require additional authentication at startup: Configure TPM startup:' is set to 'Enabled: Do not allow TPM'	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.9.11.3.3 (BL) Ensure 'Choose how BitLocker-protected removable drives can be recovered: Allow data recovery agent' is set to 'Enabled: True'	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker	Windows	ACCESS CONTROL, CONTINGENCY PLANNING
18.9.11.3.5 Ensure 'Choose how BitLocker-protected removable drives can be recovered: Recovery Key' is set to 'Enabled: Do not allow 256-bit recovery key'	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0	Windows	CONTINGENCY PLANNING, SYSTEM AND COMMUNICATIONS PROTECTION
18.9.20.1.2 (L2) Ensure 'Turn off handwriting personalization data sharing' is set to 'Enabled'	CIS Microsoft Windows Server 2022 Stand-alone v1.0.0 L2 MS	Windows	CONFIGURATION MANAGEMENT
18.9.20.1.2 (L2) Ensure 'Turn off handwriting personalization data sharing' is set to 'Enabled'	CIS Microsoft Windows Server 2025 v1.0.0 L2 DC	Windows	CONFIGURATION MANAGEMENT
18.9.20.1.2 (L2) Ensure 'Turn off handwriting personalization data sharing' is set to 'Enabled'	CIS Windows Server 2012 MS L2 v3.0.0	Windows	CONFIGURATION MANAGEMENT
18.9.20.1.2 (L2) Ensure 'Turn off handwriting personalization data sharing' is set to 'Enabled'	CIS Windows Server 2012 R2 MS L2 v3.0.0	Windows	CONFIGURATION MANAGEMENT
18.9.20.1.2 (L2) Ensure 'Turn off handwriting personalization data sharing' is set to 'Enabled'	CIS Microsoft Windows Server 2019 Stand-alone v3.0.0 L2 MS	Windows	CONFIGURATION MANAGEMENT
18.9.20.1.2 (L2) Ensure 'Turn off handwriting personalization data sharing' is set to 'Enabled'	CIS Microsoft Windows Server 2019 v4.0.0 L2 DC	Windows	CONFIGURATION MANAGEMENT
18.9.20.1.2 (L2) Ensure 'Turn off handwriting personalization data sharing' is set to 'Enabled'	CIS Microsoft Windows Server 2019 v4.0.0 L2 MS	Windows	CONFIGURATION MANAGEMENT
18.9.20.1.2 Ensure 'Turn off handwriting personalization data sharing' is set to 'Enabled'	CIS Microsoft Windows Server 2019 STIG v3.0.0 L2 DC	Windows	CONFIGURATION MANAGEMENT
18.9.20.1.2 Ensure 'Turn off handwriting personalization data sharing' is set to 'Enabled'	CIS Microsoft Windows Server 2016 STIG v3.0.0 L2 MS	Windows	CONFIGURATION MANAGEMENT
18.10.10.1.2 (BL) Ensure 'Choose how BitLocker-protected fixed drives can be recovered' is set to 'Enabled'	CIS Microsoft Windows 11 Enterprise v4.0.0 BitLocker	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.10.10.1.2 (BL) Ensure 'Choose how BitLocker-protected fixed drives can be recovered' is set to 'Enabled'	CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BL	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.10.10.1.2 (BL) Ensure 'Choose how BitLocker-protected fixed drives can be recovered' is set to 'Enabled'	CIS Microsoft Windows 10 Stand-alone v4.0.0 BL	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.10.10.2.4 (BL) Ensure 'Choose how BitLocker-protected operating system drives can be recovered: Allow data recovery agent' is set to 'Enabled: False'	CIS Microsoft Windows 11 Enterprise v4.0.0 BitLocker	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.10.10.2.7 (BL) Ensure 'Choose how BitLocker-protected operating system drives can be recovered: Omit recovery options from the BitLocker setup wizard' is set to 'Enabled: True'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.10.10.2.7 (BL) Ensure 'Choose how BitLocker-protected operating system drives can be recovered: Omit recovery options from the BitLocker setup wizard' is set to 'Enabled: True'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.10.10.3.2 (BL) Ensure 'Choose how BitLocker-protected removable drives can be recovered' is set to 'Enabled'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG	Windows	MEDIA PROTECTION
18.10.10.3.2 (BL) Ensure 'Choose how BitLocker-protected removable drives can be recovered' is set to 'Enabled'	CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BL	Windows	MEDIA PROTECTION
18.10.10.3.6 (BL) Ensure 'Choose how BitLocker-protected removable drives can be recovered: Omit recovery options from the BitLocker setup wizard' is set to 'Enabled: True'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NG	Windows	MEDIA PROTECTION
18.10.10.3.11 (BL) Ensure 'Deny write access to removable drives not protected by BitLocker' is set to 'Enabled'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL	Windows	MEDIA PROTECTION
18.10.10.3.14 (BL) Ensure 'Deny write access to removable drives not protected by BitLocker' is set to 'Enabled'	CIS Microsoft Windows 11 Enterprise v4.0.0 BitLocker	Windows	MEDIA PROTECTION
SQL4-00-039020 - When using command-line tools such as SQLCMD in a mixed-mode authentication environment, users must use a logon method that does not expose the password.	DISA STIG SQL Server 2014 Instance DB Audit v2r4	MS_SQLDB	IDENTIFICATION AND AUTHENTICATION
This settings controls whether Network Protection is allowed to be configured into block or audit mode on Windows Server.	MSCT Windows Server 2025 DC v1.0.0	Windows
This settings controls whether Network Protection is allowed to be configured into block or audit mode on Windows Server.	MSCT Windows Server 2025 MS v1.0.0	Windows
VCTR-67-000072 - The vCenter Server services must be ran using a service account instead of a built-in Windows account.	DISA STIG VMware vSphere 6.7 vCenter v1r4	VMware	CONFIGURATION MANAGEMENT
WN11-CC-000038 - WDigest Authentication must be disabled.	DISA Microsoft Windows 11 STIG v2r3	Windows	CONFIGURATION MANAGEMENT
WN19-00-000320 - Windows Server 2019 must not have the Fax Server role installed.	DISA Microsoft Windows Server 2019 STIG v3r4	Windows	CONFIGURATION MANAGEMENT
WN22-00-000320 - Windows Server 2022 must not have the Fax Server role installed.	DISA Microsoft Windows Server 2022 STIG v2r4	Windows	CONFIGURATION MANAGEMENT
WN22-DC-000340 - Windows Server 2022 Access this computer from the network user right must only be assigned to the Administrators, Authenticated Users, and Enterprise Domain Controllers groups on domain controllers.	DISA Microsoft Windows Server 2022 STIG v2r4	Windows	ACCESS CONTROL

Detections

Analytics

Item Search