Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1 Ensure Latest SQL Server Service Packs and Hotfixes are InstalledCIS SQL Server 2014 Database L1 DB v1.5.0MS_SQLDB

CONFIGURATION MANAGEMENT

1.1 Ensure Latest SQL Server Service Packs and Hotfixes are InstalledCIS SQL Server 2014 Database L1 AWS RDS v1.5.0MS_SQLDB

CONFIGURATION MANAGEMENT

1.2 Ensure Single-Function Member Servers are UsedCIS SQL Server 2012 Database L1 OS v1.6.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

1.53 WN19-AC-000060CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT IIWindows

IDENTIFICATION AND AUTHENTICATION

1.144 WN19-CC-000510CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT IIWindows

ACCESS CONTROL

1.220 WN19-SO-000130CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT IIWindows

ACCESS CONTROL

1.220 WN19-SO-000130CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT IIWindows

ACCESS CONTROL

1.224 WN19-SO-000170CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT IIWindows

IDENTIFICATION AND AUTHENTICATION

1.226 WN19-SO-000190CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT IIWindows

IDENTIFICATION AND AUTHENTICATION

1.227 WN19-SO-000200CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT IIWindows

IDENTIFICATION AND AUTHENTICATION

1.227 WN19-SO-000200CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT IIWindows

IDENTIFICATION AND AUTHENTICATION

2.15 Ensure 'xp_cmdshell' Server Configuration Option is set to '0'CIS SQL Server 2012 Database L1 AWS RDS v1.6.0MS_SQLDB

SYSTEM AND INFORMATION INTEGRITY

2.15 Ensure 'xp_cmdshell' Server Configuration Option is set to '0'CIS SQL Server 2016 Database L1 AWS RDS v1.4.0MS_SQLDB

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.2 Ensure CONNECT permissions on the 'guest' user is Revoked within all SQL Server databasesCIS Microsoft SQL Server 2019 v1.5.0 L1 Database EngineMS_SQLDB

ACCESS CONTROL, MEDIA PROTECTION

3.2 Ensure CONNECT permissions on the 'guest' user is Revoked within all SQL Server databasesCIS Microsoft SQL Server 2022 v1.2.1 L1 Database EngineMS_SQLDB

ACCESS CONTROL, MEDIA PROTECTION

3.9 Ensure Windows BUILTIN groups are not SQL LoginsCIS Microsoft SQL Server 2019 v1.5.0 L1 Database EngineMS_SQLDB

ACCESS CONTROL, MEDIA PROTECTION

3.9 Ensure Windows BUILTIN groups are not SQL LoginsCIS Microsoft SQL Server 2022 v1.2.1 L1 Database EngineMS_SQLDB

ACCESS CONTROL, MEDIA PROTECTION

3.9 Ensure Windows local groups are not SQL LoginsCIS SQL Server 2008 R2 DB Engine L1 v1.7.0MS_SQLDB

ACCESS CONTROL

3.10 Ensure Windows local groups are not SQL LoginsCIS SQL Server 2012 Database L1 AWS RDS v1.6.0MS_SQLDB

ACCESS CONTROL

3.10 Ensure Windows local groups are not SQL LoginsCIS SQL Server 2014 Database L1 AWS RDS v1.5.0MS_SQLDB

ACCESS CONTROL

3.10 Ensure Windows local groups are not SQL LoginsCIS SQL Server 2014 Database L1 DB v1.5.0MS_SQLDB

ACCESS CONTROL

3.10 Ensure Windows local groups are not SQL LoginsCIS SQL Server 2012 Database L1 DB v1.6.0MS_SQLDB

ACCESS CONTROL

3.10 Ensure Windows local groups are not SQL LoginsCIS SQL Server 2016 Database L1 DB v1.4.0MS_SQLDB

ACCESS CONTROL, MEDIA PROTECTION

3.10 Ensure Windows local groups are not SQL LoginsCIS SQL Server 2016 Database L1 AWS RDS v1.4.0MS_SQLDB

ACCESS CONTROL, MEDIA PROTECTION

5.1.1.2 Ensure 'EXECUTE' is revoked from 'PUBLIC' on 'File System' PackagesCIS Oracle Server 12c DB Traditional Auditing v3.0.0OracleDB

ACCESS CONTROL

5.1.1.2 Ensure 'EXECUTE' is revoked from 'PUBLIC' on 'File System' PackagesCIS Oracle Server 12c DB Unified Auditing v3.0.0OracleDB

ACCESS CONTROL

5.1.1.2 Ensure 'EXECUTE' is revoked from 'PUBLIC' on 'File System' Packages - File System PackagesCIS Oracle Server 18c DB Traditional Auditing v1.1.0OracleDB

ACCESS CONTROL

5.1.1.2 Ensure 'EXECUTE' is revoked from 'PUBLIC' on 'File System' Packages - File System PackagesCIS Oracle Server 18c DB Unified Auditing v1.1.0OracleDB

ACCESS CONTROL

5.1.1.2 Ensure 'EXECUTE' is revoked from 'PUBLIC' on "File System" PackagesCIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

ACCESS CONTROL, MEDIA PROTECTION

5.1.1.2 Ensure 'EXECUTE' is revoked from 'PUBLIC' on "File System" PackagesCIS Oracle Server 19c DB Traditional Auditing v1.2.0OracleDB

ACCESS CONTROL, MEDIA PROTECTION

6.1 Ensure that the SQL Server component to SharePoint is set to listen on non-default ports - TCP 1433CIS Microsoft SharePoint 2016 DB v1.1.0MS_SQLDB
6.1 Ensure that the SQL Server component to SharePoint is set to listen on non-default ports - UDP 1434CIS Microsoft SharePoint 2016 DB v1.1.0MS_SQLDB
6.1 Ensure that the SQL Server component to SharePoint is set to listen on non-default ports, with the defaults (UDP 1434 and TCP 1433) disabledCIS Microsoft SharePoint 2019 DB v1.0.0MS_SQLDB

CONFIGURATION MANAGEMENT

6.3.5 Ensure 'remote access' Database Flag for Cloud SQL SQL Server Instance Is Set to 'off'CIS Google Cloud Platform Foundation v4.0.0 L1GCP

CONFIGURATION MANAGEMENT

6.6 Remove sample databases if installedCIS Sybase 15.0 L1 DB v1.1.0SybaseDB
EX19-MB-000234 - Exchange must provide mailbox databases in a highly available and redundant configuration.DISA Microsoft Exchange 2019 Mailbox Server STIG v2r2Windows

SYSTEM AND COMMUNICATIONS PROTECTION

MADB-10-000300 - MariaDB must enforce approved authorizations for logical access to information and system resources in accordance with applicable access control policies.DISA MariaDB Enterprise 10.x v2r3 DBMySQLDB

ACCESS CONTROL

SP13-00-000165 - The SharePoint farm service account (database access account) must be configured with minimum privileges on the SQL server.DISA STIG SharePoint 2013 v2r4Windows

CONFIGURATION MANAGEMENT

SQL2-00-002700 - SQL Server must enforce access control policies to restrict the Alter any database permission to only authorized roles.DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

ACCESS CONTROL

SQL2-00-009100 - A single SQL Server database connection configuration file (or a single set of credentials) must not be used to configure all database clients - or a single set of credentials must not be used to configure all clients.DISA STIG SQL Server 2012 Database OS Audit v1r20Windows

ACCESS CONTROL, CONFIGURATION MANAGEMENT

SQL2-00-016900 - Unused database components and database objects must be removed.DISA STIG SQL Server 2012 Database Audit v1r20MS_SQLDB

CONFIGURATION MANAGEMENT

SQL2-00-025100 - The OS must limit privileges to the SQL Server Data Root directory and its subordinate directories and files.DISA STIG SQL Server 2012 Database OS Audit v1r20Windows

CONFIGURATION MANAGEMENT

SQL4-00-011900 - SQL Server must produce Trace or Audit records containing sufficient information to establish when the events occurred.DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-012400 - SQL Server must include organization-defined additional, more detailed information in Trace or Audit records for events identified by type, location, or subject.DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-037600 - SQL Server must generate Trace or Audit records when unsuccessful logons or connection attempts occur - Event ID 20DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-037600 - SQL Server must generate Trace or Audit records when unsuccessful logons or connection attempts occur - FAILED_LOGIN_GROUPDISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-037600 - SQL Server must generate Trace or Audit records when unsuccessful logons or connection attempts occur.DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQLI-22-011800 - SQL Server must produce audit records when attempts to modify SQL Server configuration and privileges occur within the database(s).DISA Microsoft SQL Server 2022 Instance STIG v1r1 MS_SQLDBMS_SQLDB

AUDIT AND ACCOUNTABILITY

SQLI-22-012400 - SQL Server services must be configured to run under unique dedicated user accounts.DISA Microsoft SQL Server 2022 Instance STIG v1r1 MS_SQLDBMS_SQLDB

SYSTEM AND COMMUNICATIONS PROTECTION

VCENTER-000008 - The vCenter Server must be installed using a service account instead of a built-in Windows account.DISA STIG VMWare ESXi vCenter 5 STIG v2r1VMware

CONFIGURATION MANAGEMENT