Item Search

Name	Audit Name	Plugin	Category
2.3.2.1 (L1) Ensure 'Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings' is set to 'Enabled'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL	Windows	AUDIT AND ACCOUNTABILITY
2.3.2.1 (L1) Ensure 'Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings' is set to 'Enabled'	CIS Microsoft Windows Server 2022 v4.0.0 L1 MS	Windows	AUDIT AND ACCOUNTABILITY
2.3.2.1 (L1) Ensure 'Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings' is set to 'Enabled'	CIS Microsoft Windows 11 Stand-alone v4.0.0 L1	Windows	AUDIT AND ACCOUNTABILITY
2.3.2.1 (L1) Ensure 'Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings' is set to 'Enabled'	CIS Microsoft Windows 11 Enterprise v4.0.0 L1	Windows	AUDIT AND ACCOUNTABILITY
3.3.4 Ensure suspicious packets are logged	CIS Debian 10 Server L1 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY
3.3.4 Ensure suspicious packets are logged	CIS Debian 10 Workstation L1 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY
3.3.5 Ensure suspicious packets are logged	CIS Amazon Linux 2 STIG v2.0.0 L1 Server	Unix	AUDIT AND ACCOUNTABILITY
3.3.9 Ensure suspicious packets are logged	CIS Ubuntu Linux 18.04 LTS v2.2.0 L1 Server	Unix	AUDIT AND ACCOUNTABILITY
3.3.9 Ensure suspicious packets are logged	CIS Ubuntu Linux 18.04 LTS v2.2.0 L1 Workstation	Unix	AUDIT AND ACCOUNTABILITY
3.3.9 Ensure suspicious packets are logged	CIS SUSE Linux Enterprise 15 v2.0.1 L1 Server	Unix	AUDIT AND ACCOUNTABILITY
6.3.3.11 Ensure session initiation information is collected	CIS SUSE Linux Enterprise 15 v2.0.1 L2 Workstation	Unix	AUDIT AND ACCOUNTABILITY
6.7 (L1) Ensure 'Audit Authentication Policy Change' is set to include 'Success'	CIS Microsoft Intune for Windows 11 v4.0.0 L1	Windows	AUDIT AND ACCOUNTABILITY
6.9 (L1) Ensure 'Audit Changes to Audit Policy' is set to include 'Success'	CIS Microsoft Intune for Windows 11 v4.0.0 L1	Windows	AUDIT AND ACCOUNTABILITY
6.10 (L1) Ensure 'Audit File Share Access' is set to 'Success and Failure'	CIS Microsoft Intune for Windows 10 v4.0.0 L1	Windows	AUDIT AND ACCOUNTABILITY
6.11 (L1) Ensure 'Audit Other Logon Logoff Events' is set to 'Success and Failure'	CIS Microsoft Intune for Windows 10 v4.0.0 L1	Windows	AUDIT AND ACCOUNTABILITY
6.11 (L1) Ensure 'Audit Other Logon Logoff Events' is set to 'Success and Failure'	CIS Microsoft Intune for Windows 11 v4.0.0 L1	Windows	AUDIT AND ACCOUNTABILITY
6.12 (L1) Ensure 'Audit Security Group Management' is set to include 'Success'	CIS Microsoft Intune for Windows 10 v4.0.0 L1	Windows	AUDIT AND ACCOUNTABILITY
6.22 (L1) Ensure 'Policy Change Audit Other Policy Change Events' is set to include 'Failure'	CIS Microsoft Intune for Windows 11 v4.0.0 L1	Windows	AUDIT AND ACCOUNTABILITY
17.2.2 (L1) Ensure 'Audit Security Group Management' is set to include 'Success'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NG	Windows	AUDIT AND ACCOUNTABILITY
17.2.2 (L1) Ensure 'Audit Security Group Management' is set to include 'Success'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1	Windows	AUDIT AND ACCOUNTABILITY
17.2.2 (L1) Ensure 'Audit Security Group Management' is set to include 'Success'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL	Windows	AUDIT AND ACCOUNTABILITY
17.2.5 (L1) Ensure 'Audit Security Group Management' is set to include 'Success'	CIS Microsoft Windows Server 2022 v4.0.0 L1 DC	Windows	AUDIT AND ACCOUNTABILITY
17.5.1 (L1) Ensure 'Audit Account Lockout' is set to include 'Failure'	CIS Microsoft Windows 11 Stand-alone v4.0.0 L1	Windows	AUDIT AND ACCOUNTABILITY
17.5.1 (L1) Ensure 'Audit Account Lockout' is set to include 'Failure'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL	Windows	AUDIT AND ACCOUNTABILITY
17.5.3 (L1) Ensure 'Audit Logoff' is set to include 'Success'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NG	Windows	AUDIT AND ACCOUNTABILITY
17.5.3 (L1) Ensure 'Audit Logoff' is set to include 'Success'	CIS Microsoft Windows Server 2022 v4.0.0 L1 MS	Windows	AUDIT AND ACCOUNTABILITY
17.5.4 (L1) Ensure 'Audit Logon' is set to 'Success and Failure'	CIS Microsoft Windows Server 2022 v4.0.0 L1 DC	Windows	AUDIT AND ACCOUNTABILITY
17.5.4 (L1) Ensure 'Audit Logon' is set to 'Success and Failure'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG	Windows	AUDIT AND ACCOUNTABILITY
17.5.4 (L1) Ensure 'Audit Logon' is set to 'Success and Failure'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NG	Windows	AUDIT AND ACCOUNTABILITY
17.5.4 (L1) Ensure 'Audit Logon' is set to 'Success and Failure'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1	Windows	AUDIT AND ACCOUNTABILITY
17.5.5 (L1) Ensure 'Audit Other Logon/Logoff Events' is set to 'Success and Failure'	CIS Microsoft Windows 11 Enterprise v4.0.0 L1	Windows	AUDIT AND ACCOUNTABILITY
17.5.5 (L1) Ensure 'Audit Other Logon/Logoff Events' is set to 'Success and Failure'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL	Windows	AUDIT AND ACCOUNTABILITY
17.5.5 Ensure 'Audit Other Logon/Logoff Events' is set to 'Success and Failure'	CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 MS	Windows	AUDIT AND ACCOUNTABILITY
17.5.6 (L1) Ensure 'Audit Special Logon' is set to include 'Success'	CIS Microsoft Windows Server 2022 v4.0.0 L1 DC	Windows	AUDIT AND ACCOUNTABILITY
17.5.6 (L1) Ensure 'Audit Special Logon' is set to include 'Success'	CIS Microsoft Windows 11 Stand-alone v4.0.0 L1	Windows	AUDIT AND ACCOUNTABILITY
17.6.1 (L1) Ensure 'Audit Detailed File Share' is set to include 'Failure'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG	Windows	AUDIT AND ACCOUNTABILITY
17.6.1 (L1) Ensure 'Audit Detailed File Share' is set to include 'Failure'	CIS Microsoft Windows 11 Stand-alone v4.0.0 L1	Windows	AUDIT AND ACCOUNTABILITY
17.6.1 (L1) Ensure 'Audit Detailed File Share' is set to include 'Failure'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1	Windows	AUDIT AND ACCOUNTABILITY
17.6.2 (L1) Ensure 'Audit File Share' is set to 'Success and Failure'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NG	Windows	AUDIT AND ACCOUNTABILITY
17.6.2 (L1) Ensure 'Audit File Share' is set to 'Success and Failure'	CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BL	Windows	AUDIT AND ACCOUNTABILITY
17.7.1 (L1) Ensure 'Audit Audit Policy Change' is set to include 'Success'	CIS Microsoft Windows Server 2022 v4.0.0 L1 MS	Windows	AUDIT AND ACCOUNTABILITY
17.7.1 (L1) Ensure 'Audit Audit Policy Change' is set to include 'Success'	CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BL	Windows	AUDIT AND ACCOUNTABILITY
17.7.2 (L1) Ensure 'Audit Authentication Policy Change' is set to include 'Success'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG	Windows	AUDIT AND ACCOUNTABILITY
17.7.2 (L1) Ensure 'Audit Authentication Policy Change' is set to include 'Success'	CIS Microsoft Windows 11 Stand-alone v4.0.0 L1	Windows	AUDIT AND ACCOUNTABILITY
17.7.3 (L1) Ensure 'Audit Authorization Policy Change' is set to include 'Success'	CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker	Windows	AUDIT AND ACCOUNTABILITY
17.7.3 (L1) Ensure 'Audit Authorization Policy Change' is set to include 'Success'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1	Windows	AUDIT AND ACCOUNTABILITY
17.7.4 (L1) Ensure 'Audit MPSSVC Rule-Level Policy Change' is set to 'Success and Failure'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG	Windows	AUDIT AND ACCOUNTABILITY
17.7.4 (L1) Ensure 'Audit MPSSVC Rule-Level Policy Change' is set to 'Success and Failure'	CIS Microsoft Windows 11 Stand-alone v4.0.0 L1	Windows	AUDIT AND ACCOUNTABILITY
17.7.4 Ensure 'Audit Authorization Policy Change' is set to include 'Success'	CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 MS	Windows	AUDIT AND ACCOUNTABILITY
17.7.5 (L1) Ensure 'Audit Other Policy Change Events' is set to include 'Failure'	CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker	Windows	AUDIT AND ACCOUNTABILITY

Detections

Analytics

Item Search