Item Search

Name	Audit Name	Plugin	Category
2.3.6.2 Ensure 'Domain member: Digitally encrypt secure channel data (when possible)' is set to 'Enabled'	CIS Windows 7 Workstation Level 1 v3.2.0	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.6.2 Ensure 'Domain member: Digitally encrypt secure channel data (when possible)' is set to 'Enabled'	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0	Windows	IDENTIFICATION AND AUTHENTICATION
3.5 Ensure the SQL Server's MSSQL Service Account is Not an Administrator	CIS SQL Server 2017 Database L1 AWS RDS v1.3.0	MS_SQLDB	ACCESS CONTROL
3.5 Ensure the SQL Server's MSSQL Service Account is Not an Administrator	CIS SQL Server 2022 Database L1 AWS RDS v1.1.0	MS_SQLDB	ACCESS CONTROL
3.6 Ensure the SQL Server's SQLAgent Service Account is Not an Administrator	CIS SQL Server 2016 Database L1 OS v1.4.0	Windows	ACCESS CONTROL
3.7 Ensure the SQL Server's Full-Text Service Account is Not an Administrator	CIS SQL Server 2016 Database L1 AWS RDS v1.4.0	MS_SQLDB	ACCESS CONTROL
3.13 Ensure membership in admin roles in MSDB database is limited	CIS SQL Server 2022 Database L1 DB v1.1.0	MS_SQLDB	ACCESS CONTROL
3.043 - Outgoing secure channel traffic is not encrypted when possible.	DISA Windows Vista STIG v6r41	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
6.2.3 Review Role Members	CIS IBM DB2 11 v1.1.0 Database Level 1	IBM_DB2DB	ACCESS CONTROL, MEDIA PROTECTION
17.2.1 (L1) Ensure 'Audit Application Group Management' is set to 'Success and Failure'	CIS Windows Server 2012 R2 MS L1 v3.0.0	Windows	AUDIT AND ACCOUNTABILITY
18.7.2 (L1) Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1	Windows	SYSTEM AND INFORMATION INTEGRITY
18.7.2 (L1) Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled'	CIS Microsoft Windows Server 2025 v1.0.0 L1 DC	Windows	SYSTEM AND INFORMATION INTEGRITY
18.7.2 (L1) Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled'	CIS Microsoft Windows Server 2022 v4.0.0 L1 DC	Windows	SYSTEM AND INFORMATION INTEGRITY
18.7.2 (L1) Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled'	CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BL	Windows	SYSTEM AND INFORMATION INTEGRITY
18.7.2 (L1) Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1	Windows	SYSTEM AND INFORMATION INTEGRITY
18.7.2 (L1) Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled'	CIS Microsoft Windows Server 2022 Stand-alone v1.0.0 L1 MS	Windows	SYSTEM AND INFORMATION INTEGRITY
18.7.2 (L1) Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled'	CIS Microsoft Windows Server 2019 v4.0.0 L1 MS	Windows	SYSTEM AND INFORMATION INTEGRITY
18.7.2 Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled'	CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 Domain Controller	Windows	SYSTEM AND INFORMATION INTEGRITY
18.7.2 Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled'	CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 DC	Windows	SYSTEM AND INFORMATION INTEGRITY
18.7.2 Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled'	CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Domain Controller	Windows	SYSTEM AND INFORMATION INTEGRITY
18.9.11.2.8 (BL) Ensure 'Choose how BitLocker-protected operating system drives can be recovered: Save BitLocker recovery information to AD DS for operating system drives' is set to 'Enabled: True'	CIS Microsoft Windows 8.1 v2.4.1 L2 Bitlocker	Windows	ACCESS CONTROL, CONTINGENCY PLANNING
18.9.11.2.8 (BL) Ensure 'Choose how BitLocker-protected operating system drives can be recovered: Save BitLocker recovery information to AD DS for operating system drives' is set to 'Enabled: True'	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker	Windows	ACCESS CONTROL, CONTINGENCY PLANNING
18.9.11.2.8 Ensure 'Choose how BitLocker-protected operating system drives can be recovered: Configure storage of BitLocker recovery information to AD DS:' is set to 'Enabled: Store recovery passwords and key packages'	CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0	Windows	CONTINGENCY PLANNING, SYSTEM AND COMMUNICATIONS PROTECTION
18.9.11.2.8 Ensure 'Choose how BitLocker-protected operating system drives can be recovered: Configure storage of BitLocker recovery information to AD DS:' is set to 'Enabled: Store recovery passwords and key packages'	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0	Windows	CONTINGENCY PLANNING, SYSTEM AND COMMUNICATIONS PROTECTION
18.9.11.2.16 Ensure 'Require additional authentication at startup: Configure TPM startup key and PIN:' is set to 'Enabled: Do not allow startup key and PIN with TPM'	CIS Windows 7 Workstation Bitlocker v3.2.0	Windows	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.9.11.2.16 Ensure 'Require additional authentication at startup: Configure TPM startup key and PIN:' is set to 'Enabled: Do not allow startup key and PIN with TPM'	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0	Windows	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.9.11.2.16 Ensure 'Require additional authentication at startup: Configure TPM startup key and PIN:' is set to 'Enabled: Do not allow startup key and PIN with TPM'	CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0	Windows	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.9.35.1 Ensure 'Prevent the computer from joining a homegroup' is set to 'Enabled'	CIS Windows 7 Workstation Level 1 v3.2.0	Windows	CONFIGURATION MANAGEMENT
18.9.35.1 Ensure 'Prevent the computer from joining a homegroup' is set to 'Enabled'	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0	Windows	CONFIGURATION MANAGEMENT
18.10.17.3 (L1) Ensure 'Enable App Installer Hash Override' is set to 'Disabled'	CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1	Windows	CONFIGURATION MANAGEMENT
18.10.18.3 (L1) Ensure 'Enable App Installer Hash Override' is set to 'Disabled'	CIS Microsoft Windows 11 Enterprise v4.0.0 L1	Windows	CONFIGURATION MANAGEMENT
18.10.18.3 (L1) Ensure 'Enable App Installer Hash Override' is set to 'Disabled'	CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker	Windows	CONFIGURATION MANAGEMENT
18.10.18.3 (L1) Ensure 'Enable App Installer Hash Override' is set to 'Disabled'	CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BL	Windows	CONFIGURATION MANAGEMENT
18.10.18.3 (L1) Ensure 'Enable App Installer Hash Override' is set to 'Disabled'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1	Windows	CONFIGURATION MANAGEMENT
18.10.18.3 (L1) Ensure 'Enable App Installer Hash Override' is set to 'Disabled'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NG	Windows	CONFIGURATION MANAGEMENT
18.10.18.3 (L1) Ensure 'Enable App Installer Hash Override' is set to 'Disabled'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NG	Windows	CONFIGURATION MANAGEMENT
18.10.18.3 (L1) Ensure 'Enable App Installer Hash Override' is set to 'Disabled'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG	Windows	CONFIGURATION MANAGEMENT
18.10.79.1 (L1) Ensure 'Enable ESS with Supported Peripherals' is set to 'Enabled: 1'	CIS Microsoft Windows 11 Enterprise v4.0.0 L1	Windows	SYSTEM AND INFORMATION INTEGRITY
CNTR-R2-000320 - All audit records must identify any containers associated with the event within Rancher RKE2.	DISA Rancher Government Solutions RKE2 STIG v2r3	Unix	AUDIT AND ACCOUNTABILITY
CNTR-R2-000890 - Rancher RKE2 must terminate all network connections associated with a communications session at the end of the session, or as follows: for in-band management sessions (privileged sessions), the session must be terminated after five minutes of inactivity.	DISA Rancher Government Solutions RKE2 STIG v2r3	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
WN10-SO-000040 - Outgoing secure channel traffic must be encrypted when possible.	DISA Microsoft Windows 10 STIG v3r4	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
WN11-SO-000035 - Outgoing secure channel traffic must be encrypted or signed.	DISA Microsoft Windows 11 STIG v2r3	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
WN11-SO-000040 - Outgoing secure channel traffic must be encrypted.	DISA Microsoft Windows 11 STIG v2r3	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
WN12-SO-000012 - Outgoing secure channel traffic must be encrypted or signed.	DISA Windows Server 2012 and 2012 R2 DC STIG v3r7	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
WN12-SO-000012 - Outgoing secure channel traffic must be encrypted or signed.	DISA Windows Server 2012 and 2012 R2 MS STIG v3r7	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
WN12-SO-000013 - Outgoing secure channel traffic must be encrypted when possible.	DISA Windows Server 2012 and 2012 R2 MS STIG v3r7	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
WN12-SO-000014 - Outgoing secure channel traffic must be signed when possible.	DISA Windows Server 2012 and 2012 R2 DC STIG v3r7	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
WN16-SO-000100 - The setting Domain member: Digitally sign secure channel data (when possible) must be configured to Enabled.	DISA Microsoft Windows Server 2016 STIG v2r10	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
WN19-MS-000040 - Windows Server 2019 must restrict unauthenticated Remote Procedure Call (RPC) clients from connecting to the RPC server on domain-joined member servers and standalone or nondomain-joined systems.	DISA Microsoft Windows Server 2019 STIG v3r4	Windows	IDENTIFICATION AND AUTHENTICATION
WN22-MS-000040 - Windows Server 2022 must restrict unauthenticated Remote Procedure Call (RPC) clients from connecting to the RPC server on domain-joined member servers and standalone or nondomain-joined systems.	DISA Microsoft Windows Server 2022 STIG v2r4	Windows	IDENTIFICATION AND AUTHENTICATION

Detections

Analytics

Item Search