Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.5.1 Ensure core dump storage is disabledCIS CentOS Linux 8 Workstation L1 v2.0.0Unix

ACCESS CONTROL

1.5.2 Ensure core dump backtraces are disabledCIS Fedora 28 Family Linux Workstation L1 v2.0.0Unix

ACCESS CONTROL

2.2.4.6.2 (L1) Ensure 'Disable AutoRepublish' is set to 'Enabled'CIS Microsoft Intune for Office v1.1.0 L1Windows

ACCESS CONTROL

2.3.5.1 (L1) Ensure 'Domain controller: Allow server operators to schedule tasks' is set to 'Disabled' (DC only)CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1Windows

ACCESS CONTROL

2.3.10.3 (L1) Ensure 'Network access: Do not allow anonymous enumeration of SAM accounts and shares' is set to 'Enabled' (MS only)CIS Microsoft Windows Server 2025 v1.0.0 L1 MSWindows

ACCESS CONTROL

2.3.10.5 (L1) Ensure 'Network access: Let Everyone permissions apply to anonymous users' is set to 'Disabled'CIS Windows Server 2012 DC L1 v3.0.0Windows

ACCESS CONTROL

2.3.10.5 (L1) Ensure 'Network access: Let Everyone permissions apply to anonymous users' is set to 'Disabled'CIS Microsoft Windows Server 2025 v1.0.0 L1 MSWindows

ACCESS CONTROL

2.3.10.10 (L1) Ensure 'Network access: Restrict anonymous access to Named Pipes and Shares' is set to 'Enabled'CIS Windows Server 2012 DC L1 v3.0.0Windows

ACCESS CONTROL

2.3.10.10 (L1) Ensure 'Network access: Restrict anonymous access to Named Pipes and Shares' is set to 'Enabled'CIS Microsoft Windows Server 2025 v1.0.0 L1 DCWindows

ACCESS CONTROL

2.3.10.10 (L1) Ensure 'Network access: Restrict clients allowed to make remote calls to SAM' is set to 'Administrators: Remote Access: Allow' (MS only)CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MSWindows

ACCESS CONTROL

2.3.11.2 (L1) Ensure 'Network security: Allow LocalSystem NULL session fallback' is set to 'Disabled'CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1Windows

ACCESS CONTROL

2.3.11.2 (L1) Ensure 'Network security: Allow LocalSystem NULL session fallback' is set to 'Disabled'CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MSWindows

ACCESS CONTROL

2.3.11.2 (L1) Ensure 'Network security: Allow LocalSystem NULL session fallback' is set to 'Disabled'CIS Microsoft Windows Server 2025 v1.0.0 L1 DCWindows

ACCESS CONTROL

2.3.11.2 (L1) Ensure 'Network security: Allow LocalSystem NULL session fallback' is set to 'Disabled'CIS Microsoft Windows Server 2025 v1.0.0 L1 MSWindows

ACCESS CONTROL

2.3.11.2 Ensure 'Network security: Allow LocalSystem NULL session fallback' is set to 'Disabled'CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DCWindows

ACCESS CONTROL

2.3.13.1 (L1) Ensure 'Shutdown: Allow system to be shut down without having to log on' is set to 'Disabled'CIS Microsoft Windows Server 2025 v1.0.0 L1 MSWindows

ACCESS CONTROL

2.3.17.2 (L1) Ensure 'User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode' is set to 'Prompt for consent on the secure desktop' or higherCIS Windows Server 2012 DC L1 v3.0.0Windows

ACCESS CONTROL

2.3.17.2 (L1) Ensure 'User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode' is set to 'Prompt for consent on the secure desktop' or higherCIS Windows Server 2012 R2 DC L1 v3.0.0Windows

ACCESS CONTROL

2.3.17.3 (L1) Ensure 'User Account Control: Behavior of the elevation prompt for standard users' is set to 'Automatically deny elevation requests'CIS Microsoft Windows Server 2025 v1.0.0 L1 DCWindows

ACCESS CONTROL

2.3.17.3 Ensure 'User Account Control: Behavior of the elevation prompt for standard users' is set to 'Automatically deny elevation requests'CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DCWindows

ACCESS CONTROL

2.3.17.4 (L1) Ensure 'User Account Control: Detect application installations and prompt for elevation' is set to 'Enabled'CIS Windows Server 2012 R2 DC L1 v3.0.0Windows

ACCESS CONTROL

2.3.17.6 (L1) Ensure 'User Account Control: Run all administrators in Admin Approval Mode' is set to 'Enabled'CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1Windows

ACCESS CONTROL

2.3.17.6 (L1) Ensure 'User Account Control: Run all administrators in Admin Approval Mode' is set to 'Enabled'CIS Microsoft Windows Server 2025 v1.0.0 L1 MSWindows

ACCESS CONTROL

2.3.17.7 (L1) Ensure 'User Account Control: Switch to the secure desktop when prompting for elevation' is set to 'Enabled'CIS Microsoft Windows Server 2025 v1.0.0 L1 MSWindows

ACCESS CONTROL

18.1.2.2 Ensure 'Allow users to enable online speech recognition services' is set to 'Disabled'CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MSWindows

ACCESS CONTROL

18.6.11.3 (L1) Ensure 'Require domain users to elevate when setting a network's location' is set to 'Enabled'CIS Windows Server 2012 R2 DC L1 v3.0.0Windows

ACCESS CONTROL

18.7.10 Ensure 'Point and Print Restrictions: When installing drivers for a new connection' is set to 'Enabled: Show warning and elevation prompt'CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Domain ControllerWindows

ACCESS CONTROL

18.7.12 (L1) Ensure 'Point and Print Restrictions: When installing drivers for a new connection' is set to 'Enabled: Show warning and elevation prompt'CIS Microsoft Windows Server 2025 v1.0.0 L1 DCWindows

ACCESS CONTROL

18.9.16.2 Ensure 'Enumerate administrator accounts on elevation' is set to 'Disabled'CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MSWindows

ACCESS CONTROL

18.9.27.4 (L1) Ensure 'Turn off app notifications on the lock screen' is set to 'Enabled'CIS Windows Server 2012 R2 DC L1 v3.0.0Windows

ACCESS CONTROL

18.9.100.2 Ensure 'Turn on PowerShell Transcription' is set to 'Disabled'CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MSWindows

ACCESS CONTROL

18.10.14.2 (L1) Ensure 'Enumerate administrator accounts on elevation' is set to 'Disabled'CIS Windows Server 2012 R2 DC L1 v3.0.0Windows

ACCESS CONTROL

18.10.59.3 (L2) Ensure 'Set what information is shared in Search' is set to 'Enabled: Anonymous info'CIS Windows Server 2012 R2 DC L2 v3.0.0Windows

ACCESS CONTROL

Apply UAC restrictions to local accounts on network logonsMSCT Windows 11 v1.0.0Windows

ACCESS CONTROL

Configure Windows Defender SmartScreen - ShellSmartScreenLevelMSCT Windows Server 1903 DC v1.19.9Windows

ACCESS CONTROL

Configure Windows Defender SmartScreen - ShellSmartScreenLevelMSCT Windows Server v20H2 DC v1.0.0Windows

ACCESS CONTROL

Disallow WinRM from storing RunAs credentialsMSCT MSCT Windows Server 2022 DC v1.0.0Windows

ACCESS CONTROL

Do not show AutoRepublish warning alertMSCT M365 Apps for enterprise 2412 v1.0.0Windows

ACCESS CONTROL

Enumerate local users on domain-joined computersMSCT Windows 10 v22H2 v1.0.0Windows

ACCESS CONTROL

Join Microsoft MAPSMSCT Windows Server 2019 DC v1.0.0Windows

ACCESS CONTROL

Network access: Do not allow anonymous enumeration of SAM accountsMSCT MSCT Windows Server 2022 DC v1.0.0Windows

ACCESS CONTROL

Network access: Restrict clients allowed to make remote calls to SAMMSCT Windows 10 v22H2 v1.0.0Windows

ACCESS CONTROL

Network access: Restrict clients allowed to make remote calls to SAMMSCT Windows Server 1903 MS v1.19.9Windows

ACCESS CONTROL

Network access: Restrict clients allowed to make remote calls to SAMMSCT Windows Server v1909 MS v1.0.0Windows

ACCESS CONTROL

Network security: Allow LocalSystem NULL session fallbackMSCT MSCT Windows Server 2022 DC v1.0.0Windows

ACCESS CONTROL

Recovery console: Allow automatic administrative logonMSCT Windows Server 2012 R2 MS v1.0.0Windows

ACCESS CONTROL

Turn on PowerShell Script Block Logging - EnableScriptBlockLoggingMSCT MSCT Windows Server 2022 DC v1.0.0Windows

ACCESS CONTROL

User Account Control: Admin Approval Mode for the Built-in Administrator accountMSCT Windows 11 v1.0.0Windows

ACCESS CONTROL

User Account Control: Detect application installations and prompt for elevationMSCT MSCT Windows Server 2022 DC v1.0.0Windows

ACCESS CONTROL

User Account Control: Only elevate UIAccess applications that are installed in secure locationsMSCT Windows 10 v22H2 v1.0.0Windows

ACCESS CONTROL