Detections
Analytics

Item Search

NameAudit NamePluginCategory
Access this computer from the networkMSCT Windows Server 2025 MS v1.0.0Windows

ACCESS CONTROL

Accounts: Limit local account use of blank passwords to console logon only - LimitBlankPasswordUseMSCT Windows Server 2025 MS v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

Act as part of the operating systemMSCT Windows Server 2025 MS v1.0.0Windows

ACCESS CONTROL

Allow drag and drop or copy and paste files - Restricted Sites ZoneMSCT Windows Server 2025 MS v1.0.0Windows

CONFIGURATION MANAGEMENT

Allow log on locallyMSCT Windows Server 2025 MS v1.0.0Windows

ACCESS CONTROL

Allow META REFRESHMSCT Windows Server 2025 MS v1.0.0Windows

CONFIGURATION MANAGEMENT

Allow scriptlets - Internet ZoneMSCT Windows Server 2025 MS v1.0.0Windows

CONFIGURATION MANAGEMENT

Allow Windows Ink Workspace - AllowWindowsInkWorkspaceMSCT Windows Server 2025 MS v1.0.0Windows

CONFIGURATION MANAGEMENT

Apply UAC restrictions to local accounts on network logonsMSCT Windows Server 2025 MS v1.0.0Windows

ACCESS CONTROL

Audit Authentication Policy ChangeMSCT Windows Server 2025 MS v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Group MembershipMSCT Windows Server 2025 MS v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit PNP ActivityMSCT Windows Server 2025 MS v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Sensitive Privilege UseMSCT Windows Server 2025 MS v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Special LogonMSCT Windows Server 2025 MS v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit System IntegrityMSCT Windows Server 2025 MS v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings - SCENoApplyLegacyAuditPolicyMSCT Windows Server 2025 MS v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Back up files and directoriesMSCT Windows Server 2025 MS v1.0.0Windows

ACCESS CONTROL

Configure Attack Surface Reduction rules - d3e037e1-3eb8-44c8-a917-57927947596dMSCT Windows Server 2025 MS v1.0.0Windows

SYSTEM AND INFORMATION INTEGRITY

Configure Attack Surface Reduction rules - ExploitGuard_ASR_RulesMSCT Windows Server 2025 MS v1.0.0Windows

SYSTEM AND INFORMATION INTEGRITY

Configure hash algorithms for certificate logon - KDC PKINITSHA512MSCT Windows Server 2025 MS v1.0.0Windows
Configure hash algorithms for certificate logon - Kerberos PKInitHashAlgorithmConfigurationEnabledMSCT Windows Server 2025 MS v1.0.0Windows
Configure hash algorithms for certificate logon - Kerberos PKInitSHA512MSCT Windows Server 2025 MS v1.0.0Windows
Configure Windows Defender SmartScreen - EnableSmartScreenMSCT Windows Server 2025 MS v1.0.0Windows

ACCESS CONTROL

Configure Windows Defender SmartScreen - ShellSmartScreenLevelMSCT Windows Server 2025 MS v1.0.0Windows

ACCESS CONTROL

Control whether or not exclusions are visible to Local AdminsMSCT Windows Server 2025 MS v1.0.0Windows
Create a token objectMSCT Windows Server 2025 MS v1.0.0Windows

ACCESS CONTROL

Disallow Digest authentication - Client - AllowDigestMSCT Windows Server 2025 MS v1.0.0Windows

ACCESS CONTROL

Prevent bypassing SmartScreen Filter warnings about files that are not commonly downloaded from the InternetMSCT Windows Server 2025 DC v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Prevent ignoring certificate errorsMSCT Windows Server 2025 DC v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Prevent per-user installation of ActiveX controlsMSCT Windows Server 2025 DC v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Remove 'Run this time' button for outdated ActiveX controls in Internet ExplorerMSCT Windows Server 2025 DC v1.0.0Windows

CONFIGURATION MANAGEMENT

Run .NET Framework-reliant components not signed with Authenticode - Restricted Sites ZoneMSCT Windows Server 2025 DC v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Scan all downloaded files and attachmentsMSCT Windows Server 2025 DC v1.0.0Windows

SYSTEM AND INFORMATION INTEGRITY

Scripting of Java appletsMSCT Windows Server 2025 DC v1.0.0Windows

CONFIGURATION MANAGEMENT

Set client connection encryption level - MinEncryptionLevelMSCT Windows Server 2025 DC v1.0.0Windows

ACCESS CONTROL

Specify use of ActiveX Installer Service for installation of ActiveX controlsMSCT Windows Server 2025 DC v1.0.0Windows

CONFIGURATION MANAGEMENT

System objects: Strengthen default permissions of internal system objects (e.g. Symbolic Links) - ProtectionModeMSCT Windows Server 2025 DC v1.0.0Windows

CONFIGURATION MANAGEMENT

Turn off multicast name resolution - EnableMulticastMSCT Windows Server 2025 DC v1.0.0Windows

CONFIGURATION MANAGEMENT

Turn off the Security Settings Check featureMSCT Windows Server 2025 DC v1.0.0Windows

CONFIGURATION MANAGEMENT

Turn on behavior monitoringMSCT Windows Server 2025 DC v1.0.0Windows

SYSTEM AND INFORMATION INTEGRITY

Turn on Cross-Site Scripting Filter - Internet ZoneMSCT Windows Server 2025 DC v1.0.0Windows

CONFIGURATION MANAGEMENT

Turn On Virtualization Based Security - EnableVirtualizationBasedSecurityMSCT Windows Server 2025 DC v1.0.0Windows

SYSTEM AND INFORMATION INTEGRITY

Turn On Virtualization Based Security - HypervisorEnforcedCodeIntegrityMSCT Windows Server 2025 DC v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Turn On Virtualization Based Security - LsaCfgFlagsMSCT Windows Server 2025 DC v1.0.0Windows

SYSTEM AND INFORMATION INTEGRITY

Use Pop-up Blocker - Internet ZoneMSCT Windows Server 2025 DC v1.0.0Windows

CONFIGURATION MANAGEMENT

Use Pop-up Blocker - Restricted Sites ZoneMSCT Windows Server 2025 DC v1.0.0Windows

CONFIGURATION MANAGEMENT

User Account Control: Run all administrators in Admin Approval Mode - EnableLUAMSCT Windows Server 2025 DC v1.0.0Windows

ACCESS CONTROL

Userdata persistence - Internet ZoneMSCT Windows Server 2025 DC v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Userdata persistence - Restricted Sites ZoneMSCT Windows Server 2025 DC v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Web sites in less privileged Web content zones can navigate into this zone - Internet ZoneMSCT Windows Server 2025 DC v1.0.0Windows

ACCESS CONTROL