Detections
Analytics

Item Search

NameAudit NamePluginCategory
Access data sources across domains - Internet ZoneMSCT Windows Server v2004 DC v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Act as part of the operating systemMSCT Windows Server v2004 DC v1.0.0Windows

ACCESS CONTROL

Allow active scriptingMSCT Windows Server v2004 DC v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Allow binary and script behaviorsMSCT Windows Server v2004 DC v1.0.0Windows

CONFIGURATION MANAGEMENT

Allow cut, copy or paste operations from the clipboard via script - Internet ZoneMSCT Windows Server v2004 DC v1.0.0Windows

CONFIGURATION MANAGEMENT

Allow drag and drop or copy and paste files - Restricted Sites ZoneMSCT Windows Server v2004 DC v1.0.0Windows

CONFIGURATION MANAGEMENT

Allow indexing of encrypted filesMSCT Windows Server v2004 DC v1.0.0Windows

CONFIGURATION MANAGEMENT

Allow loading of XAML files - Restricted Sites ZoneMSCT Windows Server v2004 DC v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Allow VBScript to run in Internet Explorer - Internet ZoneMSCT Windows Server v2004 DC v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Always install with elevated privilegesMSCT Windows Server v2004 DC v1.0.0Windows

ACCESS CONTROL

Audit Audit Policy ChangeMSCT Windows Server v2004 DC v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Authentication Policy ChangeMSCT Windows Server v2004 DC v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Computer Account ManagementMSCT Windows Server v2004 DC v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Credential ValidationMSCT Windows Server v2004 DC v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Kerberos Authentication ServiceMSCT Windows Server v2004 DC v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Other Object Access EventsMSCT Windows Server v2004 DC v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit PNP ActivityMSCT Windows Server v2004 DC v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Removable StorageMSCT Windows Server v2004 DC v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Sensitive Privilege UseMSCT Windows Server v2004 DC v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Check for signatures on downloaded programsMSCT Windows Server v2004 DC v1.0.0Windows

CONFIGURATION MANAGEMENT

Configure Attack Surface Reduction rules - 3b576869-a4ec-4529-8536-b80a7769e899MSCT Windows Server v2004 DC v1.0.0Windows

SYSTEM AND INFORMATION INTEGRITY

Configure Attack Surface Reduction rules - 75668c1f-73b5-4cf0-bb93-3ecf5cb7cc84MSCT Windows Server v2004 DC v1.0.0Windows

SYSTEM AND INFORMATION INTEGRITY

Configure Attack Surface Reduction rules - 26190899-1602-49e8-8b27-eb1d0a1ce869MSCT Windows Server v2004 DC v1.0.0Windows

SYSTEM AND INFORMATION INTEGRITY

Configure Attack Surface Reduction rules - b2b3f03d-6a65-4f7b-a9c7-1c7ef74a9ba4MSCT Windows Server v2004 DC v1.0.0Windows

SYSTEM AND INFORMATION INTEGRITY

Configure Attack Surface Reduction rules - ExploitGuard_ASR_RulesMSCT Windows Server v2004 DC v1.0.0Windows

SYSTEM AND INFORMATION INTEGRITY

Configure detection for potentially unwanted applicationsMSCT Windows Server v2004 DC v1.0.0Windows

CONFIGURATION MANAGEMENT

Configure registry policy processing - NoGPOListChangesMSCT Windows Server v2004 DC v1.0.0Windows

CONFIGURATION MANAGEMENT

Configure SMB v1 client driverMSCT Windows Server v2004 DC v1.0.0Windows

CONFIGURATION MANAGEMENT

Disallow WinRM from storing RunAs credentialsMSCT Windows Server v2004 DC v1.0.0Windows

ACCESS CONTROL

Prevent downloading of enclosuresMSCT Windows Server v20H2 MS v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Prevent enabling lock screen slide showMSCT Windows Server v20H2 MS v1.0.0Windows

CONFIGURATION MANAGEMENT

Profile single processMSCT Windows Server v20H2 MS v1.0.0Windows

ACCESS CONTROL

Require secure RPC communicationMSCT Windows Server v20H2 MS v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Restrict Unauthenticated RPC clientsMSCT Windows Server v20H2 MS v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

Run .NET Framework-reliant components signed with Authenticode - Restricted Sites ZoneMSCT Windows Server v20H2 MS v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Run ActiveX controls and pluginsMSCT Windows Server v20H2 MS v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Script ActiveX controls marked safe for scriptingMSCT Windows Server v20H2 MS v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Set the default behavior for AutoRunMSCT Windows Server v20H2 MS v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Specify the maximum log file size (KB) - ApplicationMSCT Windows Server v20H2 MS v1.0.0Windows

AUDIT AND ACCOUNTABILITY

System objects: Strengthen default permissions of internal system objects (e.g. Symbolic Links)MSCT Windows Server v20H2 MS v1.0.0Windows

CONFIGURATION MANAGEMENT

Turn off blocking of outdated ActiveX controls for Internet ExplorerMSCT Windows Server v20H2 MS v1.0.0Windows

CONFIGURATION MANAGEMENT

Turn on 64-bit tab processes when running in Enhanced Protected Mode on 64-bit versions of WindowsMSCT Windows Server v20H2 MS v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Turn on Cross-Site Scripting Filter - Restricted Sites ZoneMSCT Windows Server v20H2 MS v1.0.0Windows

CONFIGURATION MANAGEMENT

Turn on Protected Mode - Internet ZoneMSCT Windows Server v20H2 MS v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Turn on Protected Mode - Restricted Sites ZoneMSCT Windows Server v20H2 MS v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Turn on the auto-complete feature for user names and passwords on forms - FormSuggest MainMSCT Windows Server v20H2 MS v1.0.0Windows

CONFIGURATION MANAGEMENT

Use Pop-up Blocker - Restricted Sites ZoneMSCT Windows Server v20H2 MS v1.0.0Windows

CONFIGURATION MANAGEMENT

User Account Control: Behavior of the elevation prompt for administrators in Admin Approval ModeMSCT Windows Server v20H2 MS v1.0.0Windows

ACCESS CONTROL

User Account Control: Behavior of the elevation prompt for standard usersMSCT Windows Server v20H2 MS v1.0.0Windows

ACCESS CONTROL

User Account Control: Only elevate UIAccess applications that are installed in secure locationsMSCT Windows Server v20H2 MS v1.0.0Windows

ACCESS CONTROL