Item Search

Name	Audit Name	Plugin	Category
AIX7-00-003102 - AIX must turn on enhanced Role-Based Access Control (RBAC) to isolate security functions from nonsecurity functions, to grant system privileges to other operating system admins, and prohibit user installation of system software without explicit privileged status.	DISA STIG AIX 7.x v3r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION
AS24-W2-000580 - The Apache web server document directory must be in a separate partition from the Apache web servers system files.	DISA STIG Apache Server 2.4 Windows Site v2r1	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
IIST-SI-000224 - The IIS 10.0 website document directory must be in a separate partition from the IIS 10.0 websites system files.	DISA IIS 10.0 Site v2r11	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
MD3X-00-000390 - MongoDB must uniquely identify and authenticate non-organizational users (or processes acting on behalf of non-organizational users).	DISA STIG MongoDB Enterprise Advanced 3.x v2r3 DB	MongoDB	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
MS.POWERPLATFORM.3.1v1 - Power Platform tenant isolation SHALL be enabled.	CISA SCuBA Microsoft 365 Power Platform v1.5.0	microsoft_azure	ACCESS CONTROL, SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, RISK ASSESSMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY
MS.POWERPLATFORM.4.1v1 - Content Security Policy (CSP) SHALL be enforced for model-driven and canvas Power Apps.	CISA SCuBA Microsoft 365 Power Platform v1.5.0	microsoft_azure	ACCESS CONTROL, SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, RISK ASSESSMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY
MS.POWERPLATFORM.5.1v1 - The ability to create Power Pages sites SHOULD be restricted to admins.	CISA SCuBA Microsoft 365 Power Platform v1.5.0	microsoft_azure	ACCESS CONTROL, SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, RISK ASSESSMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY
MS.TEAMS.8.1v1 - URL comparison with a blocklist SHOULD be enabled.	CISA SCuBA Microsoft 365 Teams v1.5.0	microsoft_azure	ACCESS CONTROL, SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY
MS.TEAMS.8.2v1 - User click tracking SHOULD be enabled.	CISA SCuBA Microsoft 365 Teams v1.5.0	microsoft_azure	ACCESS CONTROL, SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY
O121-C2-004100 - Administrators must utilize a separate, distinct administrative account when performing administrative activities, accessing database security functions, or accessing security-relevant information.	DISA STIG Oracle 12c v3r2 Database	OracleDB	SYSTEM AND COMMUNICATIONS PROTECTION
O121-C2-018500 - The DBMS must isolate security functions from nonsecurity functions by means of separate security domains.	DISA STIG Oracle 12c v3r2 Database	OracleDB	SYSTEM AND COMMUNICATIONS PROTECTION
OH12-1X-000282 - OHS must have the Directory directive accompanying the DocumentRoot directive set to a separate partition from the OHS system files.	DISA STIG Oracle HTTP Server 12.1.3 v2r3	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
PGS9-00-004000 - PostgreSQL must isolate security functions from non-security functions.	DISA STIG PostgreSQL 9.x on RHEL OS v2r5	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
SP13-00-000130 - SharePoint must implement security functions as a layered structure minimizing interactions between layers of the design and avoiding any dependence by lower layers on the functionality or correctness of higher layers.	DISA STIG SharePoint 2013 v2r4	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
UBTU-16-010660 - Duplicate User IDs (UIDs) must not exist for interactive users.	DISA STIG Ubuntu 16.04 LTS v2r3	Unix	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
VCSA-70-000095 - The vCenter Server users must have the correct roles assigned.	DISA STIG VMware vSphere 7.0 vCenter v1r3	VMware	CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION
VCSA-80-000095 - The vCenter Server user roles must be verified.	DISA VMware vSphere 8.0 vCenter STIG v2r2	VMware	CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION
WN10-CC-000200 - Administrator accounts must not be enumerated during elevation.	DISA Microsoft Windows 10 STIG v3r4	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
WN10-SO-000265 - User Account Control must only elevate UIAccess applications that are installed in secure locations.	DISA Microsoft Windows 10 STIG v3r4	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
WN10-SO-000275 - User Account Control must virtualize file and registry write failures to per-user locations.	DISA Microsoft Windows 10 STIG v3r4	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
WN12-CC-000077 - Administrator accounts must not be enumerated during elevation.	DISA Windows Server 2012 and 2012 R2 MS STIG v3r7	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
WN12-RG-000003-MS - Local administrator accounts must have their privileged token filtered to prevent elevated privileges from being used over the network on domain systems.	DISA Windows Server 2012 and 2012 R2 MS STIG v3r7	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
WN12-SO-000078 - User Account Control must, at minimum, prompt administrators for consent.	DISA Windows Server 2012 and 2012 R2 DC STIG v3r7	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
WN12-SO-000078 - User Account Control must, at minimum, prompt administrators for consent.	DISA Windows Server 2012 and 2012 R2 MS STIG v3r7	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
WN12-SO-000080 - User Account Control must be configured to detect application installations and prompt for elevation.	DISA Windows Server 2012 and 2012 R2 MS STIG v3r7	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
WN12-SO-000081 - Windows must elevate all applications in User Account Control, not just signed ones.	DISA Windows Server 2012 and 2012 R2 MS STIG v3r7	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
WN12-SO-000084 - User Account Control must switch to the secure desktop when prompting for elevation.	DISA Windows Server 2012 and 2012 R2 MS STIG v3r7	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
WN16-MS-000020 - Local administrator accounts must have their privileged token filtered to prevent elevated privileges from being used over the network on domain systems.	DISA Windows Server 2016 STIG v2r9	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
WN19-SO-000400 - Windows Server 2019 User Account Control must, at a minimum, prompt administrators for consent on the secure desktop.	DISA Microsoft Windows Server 2019 STIG v3r4	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
WN19-SO-000450 - Windows Server 2019 User Account Control (UAC) must virtualize file and registry write failures to per-user locations.	DISA Microsoft Windows Server 2019 STIG v3r4	Windows	SYSTEM AND COMMUNICATIONS PROTECTION

Detections

Analytics

Item Search