Item Search

Name	Audit Name	Plugin	Category
3.1.4.5 NFS - no root access via NFS exports	CIS IBM AIX 7.1 L1 v2.1.0	Unix	CONFIGURATION MANAGEMENT
5.3.17 Ensure only strong MAC algorithms are used - MACs employing FIPS 140-2 approved cryptographic hash algorithms.	CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG	Unix	ACCESS CONTROL
8.4.11 Ensure Shell Action is disabled	CIS VMware ESXi 6.7 v1.3.0 Level 2	VMware	CONFIGURATION MANAGEMENT
18.2.1 (L1) Ensure LAPS AdmPwd GPO Extension / CSE is installed (MS only)	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION
18.2.2 Ensure 'Do not allow password expiration time longer than required by policy' is set to 'Enabled'	CIS Windows 7 Workstation Level 1 v3.2.0	Windows	IDENTIFICATION AND AUTHENTICATION
18.2.3 (L1) Ensure 'Enable Local Admin Password Management' is set to 'Enabled' (MS only)	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION
18.2.4 (L1) Ensure 'Password Settings: Password Complexity' is set to 'Enabled: Large letters + small letters + numbers + special characters'	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker	Windows	IDENTIFICATION AND AUTHENTICATION
18.2.5 Ensure 'Password Settings: Password Length' is set to 'Enabled: 15 or more'	CIS Windows 7 Workstation Level 1 v3.2.0	Windows	IDENTIFICATION AND AUTHENTICATION
18.2.5 Ensure 'Password Settings: Password Length' is set to 'Enabled: 15 or more'	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0	Windows	IDENTIFICATION AND AUTHENTICATION
18.3.1 (L1) Ensure LAPS AdmPwd GPO Extension / CSE is installed (MS only)	CIS Windows Server 2012 R2 MS L1 v3.0.0	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION
18.3.1 (L1) Ensure LAPS AdmPwd GPO Extension / CSE is installed (MS only)	CIS Microsoft Windows Server 2016 v3.0.0 L1 MS	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION
18.3.3 (L1) Ensure 'Enable Local Admin Password Management' is set to 'Enabled' (MS only)	CIS Microsoft Windows Server 2016 v3.0.0 L1 MS	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION
18.3.3 Ensure 'Enable Local Admin Password Management' is set to 'Enabled' (MS only)	CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 MS	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION
18.3.4 (L1) Ensure 'Password Settings: Password Complexity' is set to 'Enabled: Large letters + small letters + numbers + special characters' (MS only)	CIS Windows Server 2012 R2 MS L1 v3.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
18.3.4 Ensure 'Password Settings: Password Complexity' is set to 'Enabled: Large letters + small letters + numbers + special characters' (MS only)	CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 MS	Windows	IDENTIFICATION AND AUTHENTICATION
18.3.5 (L1) Ensure 'Password Settings: Password Length' is set to 'Enabled: 15 or more' (MS only)	CIS Windows Server 2012 MS L1 v3.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
18.6.8.1 (L1) Ensure 'Require Encryption' is set to 'Enabled'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.6.8.1 (L1) Ensure 'Require Encryption' is set to 'Enabled'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NG	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.6.8.2 (L1) Ensure 'Require Encryption' is set to 'Enabled'	CIS Microsoft Windows Server 2022 v4.0.0 L1 DC	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.6.8.6 (L1) Ensure 'Mandate the minimum version of SMB' is set to 'Enabled: 3.1.1'	CIS Microsoft Windows 11 Enterprise v4.0.0 L1	Windows	CONFIGURATION MANAGEMENT
18.6.8.6 (L1) Ensure 'Mandate the minimum version of SMB' is set to 'Enabled: 3.1.1'	CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BL	Windows	CONFIGURATION MANAGEMENT
18.6.8.7 (L1) Ensure 'Require Encryption' is set to 'Enabled'	CIS Microsoft Windows Server 2025 v1.0.0 L1 MS	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.6.8.7 (L1) Ensure 'Require Encryption' is set to 'Enabled'	CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.6.8.7 (L1) Ensure 'Require Encryption' is set to 'Enabled'	CIS Microsoft Windows 11 Stand-alone v4.0.0 L1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.10.35.1 (L1) Ensure 'Disable Internet Explorer 11 as a standalone browser' is set to 'Enabled: Always'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1	Windows	CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION
18.10.35.1 (L1) Ensure 'Disable Internet Explorer 11 as a standalone browser' is set to 'Enabled: Always'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL	Windows	CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION
18.10.35.1 (L1) Ensure 'Disable Internet Explorer 11 as a standalone browser' is set to 'Enabled: Always'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NG	Windows	CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION
18.10.43.4.1 (L1) Ensure 'Enable EDR in block mode' is set to 'Enabled'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NG	Windows	SYSTEM AND INFORMATION INTEGRITY
18.10.43.4.1 (L1) Ensure 'Enable EDR in block mode' is set to 'Enabled'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL	Windows	SYSTEM AND INFORMATION INTEGRITY
18.10.43.4.1 (L1) Ensure 'Enable EDR in block mode' is set to 'Enabled'	CIS Microsoft Windows Server 2019 Stand-alone v3.0.0 L1 MS	Windows	SYSTEM AND INFORMATION INTEGRITY
18.10.43.4.1 (L1) Ensure 'Enable EDR in block mode' is set to 'Enabled'	CIS Microsoft Windows Server 2025 v1.0.0 L1 DC	Windows	SYSTEM AND INFORMATION INTEGRITY
18.10.43.4.1 (L1) Ensure 'Enable EDR in block mode' is set to 'Enabled'	CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker	Windows	SYSTEM AND INFORMATION INTEGRITY
18.10.43.4.1 (L1) Ensure 'Enable EDR in block mode' is set to 'Enabled'	CIS Microsoft Windows 11 Stand-alone v4.0.0 L1	Windows	SYSTEM AND INFORMATION INTEGRITY
CIS_AIX_7.1_Benchmark_v2.1.0_Level_2.audit from CIS AIX 7.1 Benchmark v2.1.0 Level 2 Benchmark	CIS IBM AIX 7.1 L2 v2.1.0	Unix
CISC-RT-000710 - The Cisco PE router must be configured to implement Internet Group Management Protocol (IGMP) or Multicast Listener Discovery (MLD) snooping for each Virtual Private LAN Services (VPLS) bridge domain.	DISA Cisco IOS XE Router RTR STIG v3r3	Cisco	SYSTEM AND COMMUNICATIONS PROTECTION
CISC-RT-000710 - The Cisco PE switch must be configured to implement Internet Group Management Protocol (IGMP) or Multicast Listener Discovery (MLD) snooping for each Virtual Private LAN Services (VPLS) bridge domain.	DISA Cisco NX OS Switch RTR STIG v3r3	Cisco	SYSTEM AND COMMUNICATIONS PROTECTION
CISC-RT-000710 - The Cisco PE switch must be configured to implement Internet Group Management Protocol (IGMP) or Multicast Listener Discovery (MLD) snooping for each Virtual Private LAN Services (VPLS) bridge domain.	DISA Cisco IOS XE Switch RTR STIG v3r2	Cisco	SYSTEM AND COMMUNICATIONS PROTECTION
Configure IPsec Tunnel Parameters - cipher-suite	Tenable Cisco Viptela SD-WAN - vEdge	Cisco_Viptela	ACCESS CONTROL
DG0025-ORACLE11 - DBMS cryptography must be NIST FIPS 140-2 validated - '%ORACLE_HOME%\NETWORK\ADMIN\SQLNET.ora SQLNET.SSLFIPS_140 = TRUE'	DISA STIG Oracle 11 Installation v9r1 Windows	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
GEN000500-2 - The graphical desktop environment must set the idle timeout to no more than 15 minutes.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL
GEN005512 - The SSH client must be configured to only use Message Authentication Codes (MACs) employing FIPS 140-2 approved cryptographic hash algorithms.	DISA STIG Solaris 10 SPARC v2r4	Unix	ACCESS CONTROL
GEN005512 - The SSH client must be configured to only use Message Authentication Codes (MACs) employing FIPS 140-2 approved cryptographic hash algorithms.	DISA STIG Solaris 10 X86 v2r4	Unix	ACCESS CONTROL
HONW-09-008400 - On all Honeywell Mobility Edge Android Pie devices, cryptography must be configured to be in FIPS 140-2 validated mode.	AirWatch - DISA Honeywell Android 9.x COPE v1r2	MDM	CONFIGURATION MANAGEMENT
O365-WD-000008 - Open/Save of Word 2 and earlier binary documents and templates must be blocked.	DISA STIG Microsoft Office 365 ProPlus v3r3	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
OL08-00-010159 - The OL 8 "pam_unix.so" module must be configured in the system-auth file to use a FIPS 140-2 approved cryptographic hashing algorithm for system authentication.	DISA Oracle Linux 8 STIG v2r4	Unix	IDENTIFICATION AND AUTHENTICATION
RHEL-08-010159 - The RHEL 8 pam_unix.so module must be configured in the system-auth file to use a FIPS 140-2 approved cryptographic hashing algorithm for system authentication.	DISA Red Hat Enterprise Linux 8 STIG v2r3	Unix	IDENTIFICATION AND AUTHENTICATION
UBTU-16-010180 - The pam_unix.so module must use a FIPS 140-2 approved cryptographic hashing algorithm for system authentication.	DISA STIG Ubuntu 16.04 LTS v2r3	Unix	IDENTIFICATION AND AUTHENTICATION
WN11-UR-000090 - The 'Deny log on through Remote Desktop Services' user right on Windows 11 workstations must be configured to prevent access from highly privileged domain accounts and local accounts on domain systems and unauthenticated access on all systems.	DISA Microsoft Windows 11 STIG v2r4	Windows	ACCESS CONTROL
WNDF-AV-000031 - Microsoft Defender AV must be configured for automatic remediation action to be taken for threat alert level Severe - 5>2	DISA STIG Microsoft Defender Antivirus v2r4	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
WNDF-AV-000041 - Microsoft Defender AV must be configured for automatic remediation action to be taken for threat alert level Medium - Enabled	DISA STIG Microsoft Defender Antivirus v2r4	Windows	SYSTEM AND COMMUNICATIONS PROTECTION

Detections

Analytics

Item Search