Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.2.3.2.6 Set 'Enumerate local users on domain-joined computers' to 'Disabled'CIS Windows 8 L1 v1.0.0Windows

ACCESS CONTROL

1.5.1 Ensure core dumps are restricted -'hard core (limits.conf/limits.d)'CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0Unix

ACCESS CONTROL

2.1 Run BIND as a non-root User - UIDCIS BIND DNS v3.0.1 Authoritative Name ServerUnix

ACCESS CONTROL

3.1 Ensure that role-based access control is enabled and configured appropriatelyCIS MongoDB 3.2 Database Audit L1 v1.0.0MongoDB

ACCESS CONTROL

3.4 Ensure that each role for each MongoDB database is needed and grants only the necessary privilegesCIS MongoDB 3.4 Database Audit L2 v1.0.0MongoDB

ACCESS CONTROL

4.7 (L1) Ensure only authorized users and groups belong to the esxAdminsGroup groupCIS VMware ESXi 7.0 v1.5.0 L1VMware

ACCESS CONTROL

5.1.8 Ensure at/cron is restricted to authorized users - '/etc/at.allow'CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0Unix

ACCESS CONTROL

5.2.14 Ensure SSH access is limitedCIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1Unix

ACCESS CONTROL, MEDIA PROTECTION

5.2.18 Ensure SSH access is limitedCIS Debian 8 Server L1 v2.0.2Unix

ACCESS CONTROL

5.3.5 Ensure SSH access is limitedCIS Red Hat 6 Server L1 v3.0.0Unix

ACCESS CONTROL, MEDIA PROTECTION

5.3.6 Ensure SSH access is limitedCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

5.3.6 Ensure SSH access is limitedCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

5.3.6 Ensure SSH access is limitedCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

5.3.6 Ensure SSH access is limitedCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

6.9 Restrict at/cron To Authorized Users - should pass if /etc/cron.d/cron.deny does not exist.CIS Solaris 10 L1 v5.2Unix

ACCESS CONTROL

6.13 Restrict at/cron to Authorized Users - /etc/cron.d/cron.allow permsCIS Solaris 11.2 L1 v1.1.0Unix

ACCESS CONTROL

7.1 Establish an administrator groupCIS IBM DB2 9 Benchmark v3.0.1 Level 2 OS LinuxUnix

ACCESS CONTROL

7.4 Secure SYSMON AuthorityCIS IBM DB2 v10 v1.1.0 Linux OS Level 1Unix

ACCESS CONTROL

7.4 Secure SYSMON AuthorityCIS IBM DB2 v10 v1.1.0 Windows OS Level 1Windows

ACCESS CONTROL

9.5 Verify No UID 0 Accounts Exist Other than rootCIS Solaris 11 L1 v1.1.0Unix

ACCESS CONTROL

10.3 Restrict manager applicationCIS Apache Tomcat 8 L2 v1.1.0 MiddlewareUnix

ACCESS CONTROL

13.5 Verify No UID 0 Accounts Exist Other Than rootCIS Debian Linux 7 L1 v1.0.0Unix

ACCESS CONTROL

Allow user control over installsMSCT Windows 10 v21H2 v1.0.0Windows

ACCESS CONTROL

Always install with elevated privilegesMSCT Windows Server v20H2 DC v1.0.0Windows

ACCESS CONTROL

Always install with elevated privilegesMSCT Windows Server 1903 MS v1.19.9Windows

ACCESS CONTROL

Big Sur - Require Administrator Password to Modify System-Wide PreferencesNIST macOS Big Sur v1.4.0 - 800-53r4 ModerateUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

Catalina - Require Administrator Password to Modify System-Wide PreferencesNIST macOS Catalina v1.5.0 - 800-53r5 ModerateUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

Catalina - Require Administrator Password to Modify System-Wide PreferencesNIST macOS Catalina v1.5.0 - CNSSI 1253Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

Configure Windows Defender SmartScreen - EnableSmartScreenMSCT Windows Server v20H2 MS v1.0.0Windows

ACCESS CONTROL

Configure Windows Defender SmartScreen - EnableSmartScreenMSCT Windows Server 1903 DC v1.19.9Windows

ACCESS CONTROL

Create a pagefileMSCT Windows 11 v24H2 v1.0.0Windows

ACCESS CONTROL

Disallow WinRM from storing RunAs credentialsMSCT Windows Server v20H2 DC v1.0.0Windows

ACCESS CONTROL

Disallow WinRM from storing RunAs credentialsMSCT Windows Server 1903 DC v1.19.9Windows

ACCESS CONTROL

Ensure noexec option set on /dev/shm partitionTenable Cisco Firepower Management Center OS Best Practices AuditUnix

ACCESS CONTROL

Ensure root login is restricted to system consoleTenable Cisco Firepower Management Center OS Best Practices AuditUnix

ACCESS CONTROL

Enumerate local users on domain-joined computersMSCT Windows Server v20H2 MS v1.0.0Windows

ACCESS CONTROL

Network access: Do not allow anonymous enumeration of SAM accountsMSCT Windows 10 v20H2 v1.0.0Windows

ACCESS CONTROL

Network security: Allow LocalSystem NULL session fallbackMSCT Windows Server v20H2 DC v1.0.0Windows

ACCESS CONTROL

Network security: Allow LocalSystem NULL session fallbackMSCT Windows 10 v21H2 v1.0.0Windows

ACCESS CONTROL

OpenStack Identity - Disable admin token in /etc/keystone/keystone.confTNS OpenStack Keystone/Identity Security GuideUnix

ACCESS CONTROL

Turn on convenience PIN sign-inMSCT Windows 10 v20H2 v1.0.0Windows

ACCESS CONTROL

Turn on convenience PIN sign-inMSCT Windows 10 v21H2 v1.0.0Windows

ACCESS CONTROL

Turn on PowerShell Script Block Logging - EnableScriptBlockLoggingMSCT Windows 10 v20H2 v1.0.0Windows

ACCESS CONTROL

Turn on PowerShell Script Block Logging - EnableScriptBlockLoggingMSCT Windows 10 v21H2 v1.0.0Windows

ACCESS CONTROL

User Account Control: Admin Approval Mode for the Built-in Administrator accountMSCT Windows Server v20H2 MS v1.0.0Windows

ACCESS CONTROL

User Account Control: Admin Approval Mode for the Built-in Administrator accountMSCT Windows Server 1903 DC v1.19.9Windows

ACCESS CONTROL

User Account Control: Behavior of the elevation prompt for administrators in Admin Approval ModeMSCT Windows Server 2019 MS v1.0.0Windows

ACCESS CONTROL

User Account Control: Behavior of the elevation prompt for standard usersMSCT Windows 10 v20H2 v1.0.0Windows

ACCESS CONTROL

User Account Control: Behavior of the elevation prompt for standard usersMSCT Windows 10 v21H2 v1.0.0Windows

ACCESS CONTROL

User Account Control: Only elevate UIAccess applications that are installed in secure locationsMSCT Windows 10 v20H2 v1.0.0Windows

ACCESS CONTROL