Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.3.1.2 Configure 'Accounts: Rename guest account'CIS Windows 8 L1 v1.0.0Windows

ACCESS CONTROL

1.1.3.1.4 Configure 'Accounts: Rename administrator account'CIS Windows 8 L1 v1.0.0Windows

ACCESS CONTROL

1.1.3.11.3 Configure Network access: Shares that can be accessed anonymouslyCIS Windows 8 L1 v1.0.0Windows

ACCESS CONTROL

1.1.4.3 Set 'Deny access to this computer from the network' to 'Guests'CIS Windows 8 L1 v1.0.0Windows

ACCESS CONTROL

2.2.6 Ensure 'Allow log on through Remote Desktop Services' is set to 'Administrators, Remote Desktop Users'CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0Windows

ACCESS CONTROL

2.2.20 Ensure 'Deny log on through Remote Desktop Services' to include 'Guests, Local account'CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0Windows

ACCESS CONTROL

2.2.27 Ensure 'Lock pages in memory' is set to 'No One'CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0Windows

ACCESS CONTROL

2.2.31 Ensure 'Modify an object label' is set to 'No One'CIS Windows 7 Workstation Level 1 v3.2.0Windows

ACCESS CONTROL

2.3.1.1 Ensure 'Accounts: Administrator account status' is set to 'Disabled'CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0Windows

ACCESS CONTROL

2.3.1.4 Configure 'Accounts: Rename administrator account'CIS Windows 7 Workstation Level 1 v3.2.0Windows

ACCESS CONTROL

2.3.11.1 Ensure 'Network security: Allow Local System to use computer identity for NTLM' is set to 'Enabled'CIS Windows 7 Workstation Level 1 v3.2.0Windows

IDENTIFICATION AND AUTHENTICATION

2.3.11.6 Ensure 'Network security: Force logoff when logon hours expire' is set to 'Enabled'CIS Windows 7 Workstation Level 1 v3.2.0Windows

ACCESS CONTROL

5.1.8 Ensure at/cron is restricted to authorized users - at.denyCIS Distribution Independent Linux Server L1 v2.0.0Unix

ACCESS CONTROL

5.2.6 Ensure SSH X11 forwarding is disabledCIS Distribution Independent Linux Workstation L1 v2.0.0Unix

CONFIGURATION MANAGEMENT

5.4.1.1 Ensure password expiration is 90 days or less - login.defsCIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0Unix

IDENTIFICATION AND AUTHENTICATION

5.4.1.1 Ensure password expiration is 90 days or less - usersCIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0Unix

IDENTIFICATION AND AUTHENTICATION

5.4.1.1 Ensure password expiration is 365 days or less - usersCIS Amazon Linux v2.1.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

5.4.1.2 Ensure minimum days between password changes is 7 or more - usersCIS Amazon Linux v2.1.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

5.4.1.3 Ensure password expiration warning days is 7 or more - usersCIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0Unix

IDENTIFICATION AND AUTHENTICATION

5.4.1.3 Ensure password expiration warning days is 7 or more - usersCIS Amazon Linux v2.1.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

6.2.1 Ensure password fields are not emptyCIS Amazon Linux v2.1.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

6.2.15 Ensure all groups in /etc/passwd exist in /etc/groupCIS CentOS 6 Server L1 v3.0.0Unix

ACCESS CONTROL

6.2.17 Ensure no duplicate GIDs existCIS CentOS 6 Server L1 v3.0.0Unix

ACCESS CONTROL

6.2.19 Ensure no duplicate group names existCIS Distribution Independent Linux Server L1 v2.0.0Unix

ACCESS CONTROL

Accounts: Administrator account statusMSCT Windows 10 v1507 v1.0.0Windows

ACCESS CONTROL

Accounts: Guest account statusMSCT Windows 10 1803 v1.0.0Windows

ACCESS CONTROL

Allow log on locallyMSCT Windows Server 1903 MS v1.19.9Windows

ACCESS CONTROL

Allow log on locallyMSCT Windows Server v2004 MS v1.0.0Windows

ACCESS CONTROL

Allow log on locallyMSCT Windows Server 2019 DC v1.0.0Windows

ACCESS CONTROL

Allow log on locallyMSCT Windows Server v20H2 MS v1.0.0Windows

ACCESS CONTROL

Allow log on locallyMSCT Windows 10 v1507 v1.0.0Windows

ACCESS CONTROL

Deny access to this computer from the networkMSCT Windows Server v1909 MS v1.0.0Windows

ACCESS CONTROL

Deny access to this computer from the networkMSCT Windows Server 2019 MS v1.0.0Windows

ACCESS CONTROL

Deny log on locallyMSCT Windows Server 2016 DC v1.0.0Windows

ACCESS CONTROL

Deny log on through Remote Desktop ServicesMSCT Windows 10 1803 v1.0.0Windows

ACCESS CONTROL

Deny log on through Remote Desktop ServicesMSCT Windows Server 1903 MS v1.19.9Windows

ACCESS CONTROL

Deny log on through Remote Desktop ServicesMSCT Windows Server v1909 MS v1.0.0Windows

ACCESS CONTROL

Deny log on through Remote Desktop ServicesMSCT Windows Server 2016 DC v1.0.0Windows

ACCESS CONTROL

Deny log on through Remote Desktop ServicesMSCT Windows Server 2016 MS v1.0.0Windows

ACCESS CONTROL

Deny log on through Remote Desktop ServicesMSCT Windows 10 v1507 v1.0.0Windows

ACCESS CONTROL

Domain member: Maximum machine account password ageMSCT Windows 10 1803 v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

Domain member: Maximum machine account password ageMSCT Windows Server 1903 DC v1.19.9Windows

IDENTIFICATION AND AUTHENTICATION

Generate security auditsMSCT Windows Server 2012 R2 DC v1.0.0Windows

ACCESS CONTROL

Generate security auditsMSCT Windows Server 2016 MS v1.0.0Windows

ACCESS CONTROL

Lock pages in memoryMSCT Windows 10 v2004 v1.0.0Windows

ACCESS CONTROL

Lock pages in memoryMSCT Windows Server 1903 DC v1.19.9Windows

ACCESS CONTROL

Lock pages in memoryMSCT Windows Server v2004 MS v1.0.0Windows

ACCESS CONTROL

Network security: Allow Local System to use computer identity for NTLMMSCT Windows Server 2012 R2 DC v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

Network security: Allow Local System to use computer identity for NTLMMSCT Windows Server 2016 MS v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

Network security: Force logoff when logon hours expireMSCT Windows Server 2012 R2 DC v1.0.0Windows

ACCESS CONTROL