Detections
Analytics

Item Search

NameAudit NamePluginCategory
2.4 Ensure 'Database Mail XPs' Server Configuration Option is set to '0'CIS SQL Server 2008 R2 DB Engine L1 v1.7.0MS_SQLDB

SYSTEM AND INFORMATION INTEGRITY

2.4 Ensure 'Database Mail XPs' Server Configuration Option is set to '0'CIS SQL Server 2014 Database L1 AWS RDS v1.5.0MS_SQLDB

SYSTEM AND INFORMATION INTEGRITY

2.4 Ensure 'Database Mail XPs' Server Configuration Option is set to '0'CIS SQL Server 2017 Database L1 AWS RDS v1.3.0MS_SQLDB

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.4 Ensure 'Database Mail XPs' Server Configuration Option is set to '0'CIS SQL Server 2012 Database L1 AWS RDS v1.6.0MS_SQLDB

SYSTEM AND INFORMATION INTEGRITY

2.4 Ensure 'Database Mail XPs' Server Configuration Option is set to '0'CIS SQL Server 2012 Database L1 DB v1.6.0MS_SQLDB

SYSTEM AND INFORMATION INTEGRITY

2.4 Ensure 'Database Mail XPs' Server Configuration Option is set to '0'CIS SQL Server 2016 Database L1 DB v1.4.0MS_SQLDB

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.4 Ensure 'Database Mail XPs' Server Configuration Option is set to '0'CIS SQL Server 2016 Database L1 AWS RDS v1.4.0MS_SQLDB

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.9 Ensure 'SQL Mail XPs' Server Configuration Option is set to '0'CIS SQL Server 2008 R2 DB Engine L1 v1.7.0MS_SQLDB

SYSTEM AND INFORMATION INTEGRITY

2.9 Ensure 'Trustworthy' Database Property is set to 'Off'CIS SQL Server 2012 Database L1 DB v1.6.0MS_SQLDB

ACCESS CONTROL

2.10 Ensure 'Trustworthy' Database Property is set to 'Off'CIS SQL Server 2008 R2 DB Engine L1 v1.7.0MS_SQLDB

ACCESS CONTROL

DISA_IIS_6.0_Web_Server_v6r16.audit from DISA Microsoft IIS 6.0 Server v6r16 STIGDISA STIG IIS 6.0 Server v6r16Windows
DISA_Microsoft_Exchange_2019_Edge_Server_STIG_v2r2.audit from DISA Microsoft Exchange 2019 Edge Server v2r2 STIGDISA Microsoft Exchange 2019 Edge Server STIG v2r2Windows
DISA_Microsoft_Exchange_2019_Mailbox_Server_STIG_v2r2.audit from DISA Microsoft Exchange 2019 Mailbox Server v2r2 STIGDISA Microsoft Exchange 2019 Mailbox Server STIG v2r2Windows
DISA_Microsoft_Windows_Server_2016_STIG_v2r10.audit from DISA Microsoft Windows Server 2016 STIG v2r10DISA Microsoft Windows Server 2016 STIG v2r10Windows
DISA_Microsoft_Windows_Server_2019_STIG_v3r4.audit from DISA Microsoft Windows Server 2019 STIG v3r4DISA Microsoft Windows Server 2019 STIG v3r4Windows
DISA_Microsoft_Windows_Server_2022_STIG_v2r4.audit from DISA Microsoft Windows Server 2022 STIG v2r4DISA Microsoft Windows Server 2022 STIG v2r4Windows
DISA_STIG_Apache_Server-2.4_Unix_v3r2.audit from DISA Apache Server 2.4 UNIX Server v3r2 STIGDISA STIG Apache Server 2.4 Unix Server v3r2Unix
DISA_STIG_Apache_Server-2.4_Windows_v2r3.audit from DISA Apache Server 2.4 Windows Server v2r3 STIGDISA STIG Apache Server 2.4 Windows Server v2r3Windows
DISA_STIG_Apache_Server-2.4_Windows_v3r3.audit from DISA Apache Server 2.4 Windows Server v3r3 STIGDISA STIG Apache Server 2.4 Windows Server v3r3Windows
DISA_STIG_IIS_10.0_Web_Server_v2r10.audit from DISA Microsoft IIS 10.0 Server v2r10 STIGDISA IIS 10.0 Server v2r10Windows
DISA_STIG_IIS_10.0_Web_Server_v3r3.audit from DISA Microsoft IIS 10.0 Server v3r3 STIGDISA IIS 10.0 Server v3r3Windows
DISA_STIG_Microsoft_Exchange_2013_Mailbox_Server_v2r3.audit from DISA Microsoft Exchange 2013 Mailbox Server v2r3 STIGDISA Microsoft Exchange 2013 Mailbox Server STIG v2r3Windows

SYSTEM AND INFORMATION INTEGRITY

DISA_STIG_Microsoft_Exchange_2016_Mailbox_Server_v2r6.audit from DISA Microsoft Exchange 2016 Mailbox Server v2r6 STIGDISA Microsoft Exchange 2016 Mailbox Server STIG v2r6Windows

SYSTEM AND INFORMATION INTEGRITY

DISA_STIG_Oracle_HTTP_Server_12.1.3_v2r3.audit from DISA Oracle HTTP Server 12.1.3 v2r3 STIGDISA STIG Oracle HTTP Server 12.1.3 v2r3Unix
DISA_STIG_Oracle_WebLogic_Server_12c_Linux_v2r2.audit from DISA Oracle WebLogic Server 12c v2r2 STIGOracle WebLogic Server 12c Linux v2r2Unix
DISA_STIG_Oracle_WebLogic_Server_12c_Windows_v2r2.audit from DISA Oracle WebLogic Server 12c v2r2 STIGOracle WebLogic Server 12c Windows v2r2Windows
DISA_STIG_SLES_15_v2r2.audit from DISA SUSE Linux Enterprise Server 15 v2r2 STIGDISA SLES 15 STIG v2r2Unix
DISA_VMware_vSphere_8.0_vCenter_Appliance_Photon_OS_4.0_STIG_v2r1.audit from DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1Unix
GEN000100 - The operating system must be a supported release.DISA STIG Solaris 10 X86 v2r4Unix

CONFIGURATION MANAGEMENT

SQL2-00-008900 - SQL Server processes or services must run under custom, dedicated OS or domain accounts - 'SQL Server Analysis Services'DISA STIG SQL Server 2012 Database OS Audit v1r20Windows

ACCESS CONTROL, CONFIGURATION MANAGEMENT

SQL2-00-010000 - DBA OS or domain accounts must be granted only those host system privileges necessary for the administration of SQL Server.DISA STIG SQL Server 2012 Database OS Audit v1r20Windows

CONFIGURATION MANAGEMENT

SQL2-00-010100 - Use of the SQL Server software installation account must be restricted to SQL Server software installation.DISA STIG SQL Server 2012 Database OS Audit v1r20Windows

CONFIGURATION MANAGEMENT

SQL2-00-015800 - The OS must limit privileges to change SQL Server software resident within software libraries (including privileged programs) - '\110\Shared'DISA STIG SQL Server 2012 Database OS Audit v1r20Windows

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

SQL2-00-025300 - The OS must limit privileges to the SQL Server backup directories and files.DISA STIG SQL Server 2012 Database OS Audit v1r20Windows

CONFIGURATION MANAGEMENT

SQL2-00-039100 - The SQL Server Browser service must be disabled if its use is not necessary.DISA STIG SQL Server 2012 Database OS Audit v1r20Windows

CONFIGURATION MANAGEMENT

SQL4-00-011310 - Where SQL Server Audit is in use, SQL Server must allow only the ISSM (or individuals or roles appointed by the ISSM) to select which auditable events are to be audited at the server level.DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-012100 - SQL Server must produce Trace or Audit records containing sufficient information to establish the sources (origins) of the events - origins of the events.DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-012400 - SQL Server must include organization-defined additional, more detailed information in Trace or Audit records for events identified by type, location, or subject.DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-013000 - Unless it has been determined that availability is paramount, SQL Server must shut down upon the failure of an Audit, or a Trace used for auditing purposes, to include the unavailability of space for more audit/trace log records.DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-037600 - SQL Server must generate Trace or Audit records when unsuccessful logons or connection attempts occur - Event ID 20DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-037600 - SQL Server must generate Trace or Audit records when unsuccessful logons or connection attempts occur - FAILED_LOGIN_GROUPDISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-037600 - SQL Server must generate Trace or Audit records when unsuccessful logons or connection attempts occur.DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-038000 - SQL Server must generate Trace or Audit records when concurrent logons/connections by the same user from different workstations occur - Event ID 16DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-038000 - SQL Server must generate Trace or Audit records when concurrent logons/connections by the same user from different workstations occur - Event ID 17DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-038000 - SQL Server must generate Trace or Audit records when concurrent logons/connections by the same user from different workstations occur - LOGOUT_GROUPDISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-038000 - SQL Server must generate Trace or Audit records when concurrent logons/connections by the same user from different workstations occur.DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL6-D0-004700 - SQL Server must initiate session auditing upon startup.DISA STIG SQL Server 2016 Instance DB Audit v3r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL6-D0-013400 - SQL Server must generate audit records when successful and unsuccessful attempts to add privileges/permissions occur.DISA STIG SQL Server 2016 Instance DB Audit v3r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL6-D0-013600 - SQL Server must generate audit records when successful and unsuccessful attempts to modify privileges/permissions occur.DISA STIG SQL Server 2016 Instance DB Audit v3r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL6-D0-014200 - SQL Server must generate audit records when successful and unsuccessful attempts to delete privileges/permissions occur.DISA STIG SQL Server 2016 Instance DB Audit v3r4MS_SQLDB

AUDIT AND ACCOUNTABILITY