Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.3.1 Ensure 'Minimum Password Complexity' is enabledCIS Palo Alto Firewall 6 Benchmark L1 v1.0.0Palo_Alto

IDENTIFICATION AND AUTHENTICATION

2.10 Ensure Unnecessary SQL Server Protocols are set to 'Disabled' - 'Shared Memory protocol is disabled'CIS SQL Server 2014 Database L1 OS v1.5.0Windows

SYSTEM AND INFORMATION INTEGRITY

2.11 Ensure Unnecessary SQL Server Protocols are set to 'Disabled' - 'TCP/IP protocol is disabled'CIS SQL Server 2008 R2 DB OS L1 v1.7.0Windows

SYSTEM AND INFORMATION INTEGRITY

2.12 Ensure 'Hide Instance' option is set to 'Yes' for Production SQL Server instancesCIS Microsoft SQL Server 2022 v1.2.1 L1 Database EngineMS_SQLDB

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.12 Ensure 'Hide Instance' option is set to 'Yes' for Production SQL Server instancesCIS SQL Server 2014 Database L1 DB v1.5.0MS_SQLDB

SYSTEM AND INFORMATION INTEGRITY

2.12 Ensure 'Hide Instance' option is set to 'Yes' for Production SQL Server instancesCIS Microsoft SQL Server 2019 v1.5.0 L1 Database EngineMS_SQLDB

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.9 Ensure Windows BUILTIN groups are not SQL LoginsCIS Microsoft SQL Server 2019 v1.5.0 L1 Database EngineMS_SQLDB

ACCESS CONTROL, MEDIA PROTECTION

3.9 Ensure Windows BUILTIN groups are not SQL LoginsCIS Microsoft SQL Server 2022 v1.2.1 L1 Database EngineMS_SQLDB

ACCESS CONTROL, MEDIA PROTECTION

3.9 Ensure Windows BUILTIN groups are not SQL LoginsCIS SQL Server 2017 Database L1 DB v1.3.0MS_SQLDB

ACCESS CONTROL, MEDIA PROTECTION

3.9 Ensure Windows BUILTIN groups are not SQL LoginsCIS SQL Server 2016 Database L1 AWS RDS v1.4.0MS_SQLDB

ACCESS CONTROL, MEDIA PROTECTION

5.1.1.6 Ensure 'EXECUTE' is revoked from 'PUBLIC' on 'SQL Injection Helper' PackagesCIS Oracle Server 12c DB Unified Auditing v3.0.0OracleDB

ACCESS CONTROL

5.7.3 Apply Security Context to Your Pods and ContainersCIS Kubernetes v1.23 Benchmark v1.0.1 L2 MasterUnix

CONFIGURATION MANAGEMENT

6.2.13 Ensure 'SQL_FIREWALL_ADMIN' Is Revoked From Unauthorized 'GRANTEE'CIS Oracle Database 23ai v1.1.0 L1 RDBMSOracleDB

ACCESS CONTROL, MEDIA PROTECTION

7.1 Ensure 'Symmetric Key encryption algorithm' is set to 'AES_128' or higher in non-system databasesCIS SQL Server 2008 R2 DB Engine L1 v1.7.0MS_SQLDB

SYSTEM AND COMMUNICATIONS PROTECTION

7.1 Ensure 'Symmetric Key encryption algorithm' is set to 'AES_128' or higher in non-system databasesCIS SQL Server 2012 Database L1 AWS RDS v1.6.0MS_SQLDB

SYSTEM AND COMMUNICATIONS PROTECTION

7.1 Ensure 'Symmetric Key encryption algorithm' is set to 'AES_128' or higher in non-system databasesCIS Microsoft SQL Server 2022 v1.2.1 L1 AWS RDSMS_SQLDB

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.1 Ensure 'Symmetric Key encryption algorithm' is set to 'AES_128' or higher in non-system databasesCIS Microsoft SQL Server 2022 v1.2.1 L1 Database EngineMS_SQLDB

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.1 Ensure 'Symmetric Key encryption algorithm' is set to 'AES_128' or higher in non-system databasesCIS Microsoft SQL Server 2019 v1.5.0 L1 AWS RDSMS_SQLDB

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.1 Ensure 'Symmetric Key encryption algorithm' is set to 'AES_128' or higher in non-system databasesCIS SQL Server 2014 Database L1 DB v1.5.0MS_SQLDB

SYSTEM AND COMMUNICATIONS PROTECTION

8.1 Ensure 'SQL Server Browser Service' is configured correctlyCIS SQL Server 2014 Database L1 DB v1.5.0MS_SQLDB

SYSTEM AND INFORMATION INTEGRITY

8.1 Ensure 'SQL Server Browser Service' is configured correctlyCIS SQL Server 2008 R2 DB Engine L1 v1.7.0MS_SQLDB

SYSTEM AND INFORMATION INTEGRITY

8.1 Ensure 'SQL Server Browser Service' is configured correctlyCIS Microsoft SQL Server 2019 v1.5.0 L1 Database EngineMS_SQLDB

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

SQL2-00-017100 - SQL Server default account sa must be disabled.DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

CONFIGURATION MANAGEMENT

SQL4-00-016826 - SQL Server must have the SQL Server Replication software component removed if it is unused.DISA STIG SQL Server 2014 Instance OS Audit v2r4Windows

CONFIGURATION MANAGEMENT

SQL4-00-036200 - SQL Server must generate Trace or Audit records when privileges/permissions are modified via locally-defined security objects - Event ID 82DISA STIG SQL Server 2014 Database Audit v1r7MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-036200 - SQL Server must generate Trace or Audit records when privileges/permissions are modified via locally-defined security objects - Event ID 83DISA STIG SQL Server 2014 Database Audit v1r7MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-036200 - SQL Server must generate Trace or Audit records when privileges/permissions are modified via locally-defined security objects - Event ID 84DISA STIG SQL Server 2014 Database Audit v1r7MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-036200 - SQL Server must generate Trace or Audit records when privileges/permissions are modified via locally-defined security objects - Event ID 85DISA STIG SQL Server 2014 Database Audit v1r7MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-036200 - SQL Server must generate Trace or Audit records when privileges/permissions are modified via locally-defined security objects - Event ID 87DISA STIG SQL Server 2014 Database Audit v1r7MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-036200 - SQL Server must generate Trace or Audit records when privileges/permissions are modified via locally-defined security objects - Event ID 90DISA STIG SQL Server 2014 Database Audit v1r7MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-036200 - SQL Server must generate Trace or Audit records when privileges/permissions are modified via locally-defined security objects - Event ID 162DISA STIG SQL Server 2014 Database Audit v1r7MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-036200 - SQL Server must generate Trace or Audit records when privileges/permissions are modified via locally-defined security objects - SCHEMA_OBJECT_ACCESS_GROUPDISA STIG SQL Server 2014 Database Audit v1r7MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-036200 - SQL Server must generate Trace or Audit records when privileges/permissions are modified via locally-defined security objects.DISA STIG SQL Server 2014 Database Audit v1r7MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-036500 - SQL Server must generate Trace or Audit records when unsuccessful attempts to modify locally-defined security objects occur - Event ID 47DISA STIG SQL Server 2014 Database Audit v1r7MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-036500 - SQL Server must generate Trace or Audit records when unsuccessful attempts to modify locally-defined security objects occur - Event ID 162DISA STIG SQL Server 2014 Database Audit v1r7MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-036500 - SQL Server must generate Trace or Audit records when unsuccessful attempts to modify locally-defined security objects occur.DISA STIG SQL Server 2014 Database Audit v1r7MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-036900 - SQL Server must generate Trace or Audit records when privileges/permissions are deleted - Event ID 88DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-036900 - SQL Server must generate Trace or Audit records when privileges/permissions are deleted - Event ID 103DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-036900 - SQL Server must generate Trace or Audit records when privileges/permissions are deleted - Event ID 104DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-036900 - SQL Server must generate Trace or Audit records when privileges/permissions are deleted - Event ID 109DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-036900 - SQL Server must generate Trace or Audit records when privileges/permissions are deleted - Event ID 170DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-036900 - SQL Server must generate Trace or Audit records when privileges/permissions are deleted - Event ID 171DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-036900 - SQL Server must generate Trace or Audit records when privileges/permissions are deleted - Event ID 177DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-036900 - SQL Server must generate Trace or Audit records when privileges/permissions are deleted - SCHEMA_OBJECT_OWNERSHIP_CHANGE_GROUPDISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-036900 - SQL Server must generate Trace or Audit records when privileges/permissions are deleted - SERVER_OBJECT_OWNERSHIP_CHANGE_GROUPDISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL6-D0-007400 - Access to Non-Standard extended stored procedures must be disabled or restricted, unless specifically required and approved.DISA STIG SQL Server 2016 Instance DB Audit v3r5MS_SQLDB

CONFIGURATION MANAGEMENT

SQL6-D0-007900 - If DBMS authentication using passwords is employed, SQL Server must enforce the DOD standards for password complexity and lifetime.DISA STIG SQL Server 2016 Instance DB Audit v3r5MS_SQLDB

IDENTIFICATION AND AUTHENTICATION

SQL6-D0-017800 - The SQL Server Browser service must be disabled unless specifically required and approved.DISA STIG SQL Server 2016 Instance OS Audit v3r5Windows

CONFIGURATION MANAGEMENT

SQLI-22-010100 - SQL Server must reveal detailed error messages only to documented and approved individuals or roles.DISA Microsoft SQL Server 2022 Instance STIG v1r1 MS_SQLDBMS_SQLDB

SYSTEM AND INFORMATION INTEGRITY

SQLI-22-016300 - The SQL Server default account [sa] must have its name changed.DISA Microsoft SQL Server 2022 Instance STIG v1r1 MS_SQLDBMS_SQLDB

CONFIGURATION MANAGEMENT