Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1 Ensure Latest SQL Server Cumulative and Security Updates are InstalledCIS Microsoft SQL Server 2019 v1.5.0 L1 Database EngineMS_SQLDB

SYSTEM AND SERVICES ACQUISITION

1.131 WN19-CC-000380CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT IIWindows

ACCESS CONTROL

1.131 WN19-CC-000380CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT IIWindows

ACCESS CONTROL

1.165 WN19-DC-000190CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT IIWindows

AUDIT AND ACCOUNTABILITY

1.205 WN19-PK-000010CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT IIWindows

SYSTEM AND COMMUNICATIONS PROTECTION

2.1 Ensure 'Ad Hoc Distributed Queries' Server Configuration Option is set to '0'CIS Microsoft SQL Server 2019 v1.5.0 L1 Database EngineMS_SQLDB

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.6 Ensure 'Remote Access' Server Configuration Option is set to '0'CIS SQL Server 2008 R2 DB Engine L1 v1.7.0MS_SQLDB

SYSTEM AND INFORMATION INTEGRITY

2.6 Ensure 'Remote Access' Server Configuration Option is set to '0'CIS SQL Server 2012 Database L1 AWS RDS v1.6.0MS_SQLDB

SYSTEM AND INFORMATION INTEGRITY

2.6 Ensure 'Remote Access' Server Configuration Option is set to '0'CIS SQL Server 2012 Database L1 DB v1.6.0MS_SQLDB

SYSTEM AND INFORMATION INTEGRITY

2.9 Ensure 'Trustworthy' Database Property is set to 'Off'CIS Microsoft SQL Server 2019 v1.5.0 L1 Database EngineMS_SQLDB

ACCESS CONTROL, MEDIA PROTECTION

2.10 Ensure Unnecessary SQL Server Protocols are set to 'Disabled' - 'Named Pipes protocol is disabled'CIS SQL Server 2014 Database L1 OS v1.5.0Windows

SYSTEM AND INFORMATION INTEGRITY

2.10 Ensure Unnecessary SQL Server Protocols are set to 'Disabled' - 'VIA protocol is disabled'CIS SQL Server 2014 Database L1 OS v1.5.0Windows

SYSTEM AND INFORMATION INTEGRITY

2.11 Ensure SQL Server is configured to use non-standard portsCIS SQL Server 2014 Database L1 DB v1.5.0MS_SQLDB

SYSTEM AND INFORMATION INTEGRITY

2.11 Ensure SQL Server is configured to use non-standard portsCIS SQL Server 2012 Database L1 AWS RDS v1.6.0MS_SQLDB

SYSTEM AND INFORMATION INTEGRITY

2.12 Ensure SQL Server is configured to use non-standard portsCIS SQL Server 2008 R2 DB OS L1 v1.7.0Windows

SYSTEM AND INFORMATION INTEGRITY

3.3 Ensure 'Orphaned Users' are Dropped From SQL Server DatabasesCIS Microsoft SQL Server 2019 v1.5.0 L1 Database EngineMS_SQLDB

ACCESS CONTROL

3.5 Ensure Relational Database Service is Multi-AZ EnabledCIS Amazon Web Services Three-tier Web Architecture L1 1.0.0amazon_aws

SYSTEM AND INFORMATION INTEGRITY

3.9 Ensure Windows BUILTIN groups are not SQL LoginsCIS SQL Server 2016 Database L1 DB v1.4.0MS_SQLDB

ACCESS CONTROL, MEDIA PROTECTION

6.3.6 Ensure '3625 (trace flag)' Database Flag for all Cloud SQL SQL Server Instances Is Set to 'on'CIS Google Cloud Platform Foundation v4.0.0 L1GCP

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

CIS_Microsoft_Exchange_Server_2019_v1.0.0_Level_1_Edge.audit from CIS Microsoft Exchange Server 2019 Benchmark v1.0.0CIS Microsoft Exchange Server 2019 L1 Edge v1.0.0Windows

SYSTEM AND INFORMATION INTEGRITY

CIS_Microsoft_Exchange_Server_2019_v1.0.0_Level_1_Mailbox.audit from CIS Microsoft Exchange Server 2019 Benchmark v1.0.0CIS Microsoft Exchange Server 2019 L1 Mailbox v1.0.0Windows

SYSTEM AND INFORMATION INTEGRITY

CIS_Microsoft_Exchange_Server_2019_v1.0.0_Level_2_Mailbox.audit from CIS Microsoft Exchange Server 2019 Benchmark v1.0.0CIS Microsoft Exchange Server 2019 L2 Mailbox v1.0.0Windows

SYSTEM AND INFORMATION INTEGRITY

CIS_Microsoft_Windows_Server_2019_v4.0.0_L2_DC.audit from CIS Microsoft Windows Server 2019 Benchmark v4.0.0CIS Microsoft Windows Server 2019 v4.0.0 L2 DCWindows
CIS_Microsoft_Windows_Server_2019_v4.0.0_L2_MS.audit from CIS Microsoft Windows Server 2019 Benchmark v4.0.0CIS Microsoft Windows Server 2019 v4.0.0 L2 MSWindows
CIS_Microsoft_Windows_Server_2019_v4.0.0_NG_MS.audit from CIS Microsoft Windows Server 2019 Benchmark v4.0.0CIS Microsoft Windows Server 2019 v4.0.0 NG MSWindows
SQL2-00-020100 - SQL Server must protect the integrity of publicly available information and applications.DISA STIG SQL Server 2012 Database OS Audit v1r20Windows

CONFIGURATION MANAGEMENT

SQL4-00-011310 - Where SQL Server Audit is in use, SQL Server must allow only the ISSM (or individuals or roles appointed by the ISSM) to select which auditable events are to be audited at the server level.DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-012100 - SQL Server must produce Trace or Audit records containing sufficient information to establish the sources (origins) of the events - origins of the events.DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-036200 - SQL Server must generate Trace or Audit records when privileges/permissions are modified via locally-defined security objects - Event ID 83DISA STIG SQL Server 2014 Database Audit v1r7MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-036200 - SQL Server must generate Trace or Audit records when privileges/permissions are modified via locally-defined security objects - Event ID 84DISA STIG SQL Server 2014 Database Audit v1r7MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-036200 - SQL Server must generate Trace or Audit records when privileges/permissions are modified via locally-defined security objects - Event ID 87DISA STIG SQL Server 2014 Database Audit v1r7MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-036200 - SQL Server must generate Trace or Audit records when privileges/permissions are modified via locally-defined security objects - Event ID 162DISA STIG SQL Server 2014 Database Audit v1r7MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-036900 - SQL Server must generate Trace or Audit records when privileges/permissions are deleted - Event ID 88DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-036900 - SQL Server must generate Trace or Audit records when privileges/permissions are deleted - Event ID 103DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-036900 - SQL Server must generate Trace or Audit records when privileges/permissions are deleted - Event ID 104DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-036900 - SQL Server must generate Trace or Audit records when privileges/permissions are deleted - Event ID 109DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-036900 - SQL Server must generate Trace or Audit records when privileges/permissions are deleted - Event ID 170DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-036900 - SQL Server must generate Trace or Audit records when privileges/permissions are deleted - Event ID 171DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-036900 - SQL Server must generate Trace or Audit records when privileges/permissions are deleted - Event ID 177DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-036900 - SQL Server must generate Trace or Audit records when privileges/permissions are deleted - SCHEMA_OBJECT_OWNERSHIP_CHANGE_GROUPDISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-036900 - SQL Server must generate Trace or Audit records when privileges/permissions are deleted - SERVER_OBJECT_OWNERSHIP_CHANGE_GROUPDISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-037000 - SQL Server must generate Trace or Audit records when unsuccessful attempts to delete privileges/permissions occur - DB_OBJECT_PERMISSION_CHANGE_GROUPDISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-037000 - SQL Server must generate Trace or Audit records when unsuccessful attempts to delete privileges/permissions occur - Event ID 42DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-037000 - SQL Server must generate Trace or Audit records when unsuccessful attempts to delete privileges/permissions occur - Event ID 83DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-037000 - SQL Server must generate Trace or Audit records when unsuccessful attempts to delete privileges/permissions occur - Event ID 111DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-037000 - SQL Server must generate Trace or Audit records when unsuccessful attempts to delete privileges/permissions occur - Event ID 170DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-037000 - SQL Server must generate Trace or Audit records when unsuccessful attempts to delete privileges/permissions occur - SCHEMA_OBJECT_PERMISSION_CHANGE_GROUPDISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-037000 - SQL Server must generate Trace or Audit records when unsuccessful attempts to delete privileges/permissions occur - SERVER_PERMISSION_CHANGE_GROUPDISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL6-D0-010000 - Access to database files must be limited to relevant processes and to authorized, administrative users.DISA STIG SQL Server 2016 Instance OS Audit v3r5Windows

SYSTEM AND COMMUNICATIONS PROTECTION

SQLD-22-003100 - SQL Server must enforce access restrictions associated with changes to the configuration of the database(s).DISA Microsoft SQL Server 2022 Database STIG v1r1MS_SQLDB

CONFIGURATION MANAGEMENT