Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.3.17.5 Set 'User Account Control: Only elevate UIAccess applications that are installed in secure locations' to 'Enabled'CIS Windows 8 L1 v1.0.0Windows

ACCESS CONTROL

1.4.3 Ensure interactive boot is not enabledCIS Amazon Linux v2.1.0 L1Unix

SYSTEM AND INFORMATION INTEGRITY

2.1 Run BIND as a non-root User - UIDCIS BIND DNS v3.0.1 Caching Only Name ServerUnix

ACCESS CONTROL

2.3.4.2 Ensure 'Devices: Prevent users from installing printer drivers' is set to 'Enabled'CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0Windows

ACCESS CONTROL

2.3.17.6 Ensure 'User Account Control: Run all administrators in Admin Approval Mode' is set to 'Enabled'CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0Windows

ACCESS CONTROL

2.3.17.7 Ensure 'User Account Control: Switch to the secure desktop when prompting for elevation' is set to 'Enabled'CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0Windows

ACCESS CONTROL

4.2.1.3 Ensure rsyslog default file permissions configured - rsyslog.conf/rsyslog.dCIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0Unix

AUDIT AND ACCOUNTABILITY

4.2.1.3 Ensure rsyslog default file permissions configured - rsyslog.conf/rsyslog.dCIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0Unix

AUDIT AND ACCOUNTABILITY

4.2.2.3 Ensure syslog-ng default file permissions configuredCIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0Unix

AUDIT AND ACCOUNTABILITY

5.3 Ensure Linux Kernel Capabilities are restricted within containersCIS Docker Community Edition v1.1.0 L1 DockerUnix

ACCESS CONTROL

5.6 Ensure access to the su command is restrictedCIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0Unix

ACCESS CONTROL

5.9 Set DCUI.Access to allow trusted users to override lockdown modeCIS VMware ESXi 5.5 v1.2.0 Level 1VMware

ACCESS CONTROL

6.1.13 Audit SUID executablesCIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0Unix

ACCESS CONTROL

6.1.13 Audit SUID executablesCIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0Unix

ACCESS CONTROL

6.2.5 Ensure root is the only UID 0 accountCIS Amazon Linux v2.1.0 L1Unix

ACCESS CONTROL

6.2.5 Ensure root is the only UID 0 accountCIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0Unix

ACCESS CONTROL

7.3 Secure SYSMAINT AuthorityCIS IBM DB2 v10 v1.1.0 Linux OS Level 1Unix

ACCESS CONTROL

7.3 Secure SYSMAINT AuthorityCIS IBM DB2 v10 v1.1.0 Windows OS Level 1Windows

ACCESS CONTROL

7.4 Establish a system monitoring groupCIS IBM DB2 9 Benchmark v3.0.1 Level 1 OS WindowsWindows

ACCESS CONTROL

7.4 Secure SYSMON AuthorityCIS IBM DB2 v10 v1.1.0 Linux OS Level 1Unix

ACCESS CONTROL

7.4 Secure SYSMON AuthorityCIS IBM DB2 v10 v1.1.0 Linux OS Level 2Unix

ACCESS CONTROL

10.3 Set Default Group for root AccountCIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0Unix

ACCESS CONTROL

13.5 Verify No UID 0 Accounts Exist Other Than rootCIS Debian Linux 7 L1 v1.0.0Unix

ACCESS CONTROL

18.5.11.3 Ensure 'Require domain users to elevate when setting a network's location' is set to 'Enabled'CIS Windows 7 Workstation Level 1 v3.2.0Windows

ACCESS CONTROL

18.9.85.1 Ensure 'Allow user control over installs' is set to 'Disabled'CIS Windows 7 Workstation Level 1 v3.2.0Windows

ACCESS CONTROL

18.9.85.1 Ensure 'Allow user control over installs' is set to 'Disabled'CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0Windows

ACCESS CONTROL

Allow user control over installsMSCT Windows Server 2016 MS v1.0.0Windows

ACCESS CONTROL

Allow user control over installsMSCT Windows Server 2019 MS v1.0.0Windows

ACCESS CONTROL

Allow user control over installsMSCT Windows 10 1903 v1.19.9Windows

ACCESS CONTROL

Allow user control over installsMSCT Windows 10 1909 v1.0.0Windows

ACCESS CONTROL

Always install with elevated privilegesMSCT Windows Server v2004 MS v1.0.0Windows

ACCESS CONTROL

Always install with elevated privilegesMSCT Windows Server 2012 R2 MS v1.0.0Windows

ACCESS CONTROL

Always install with elevated privilegesMSCT Windows 10 1903 v1.19.9Windows

ACCESS CONTROL

Configure Solicited Remote Assistance - fAllowToGetHelpMSCT Windows 10 v1507 v1.0.0Windows

ACCESS CONTROL

Configure Solicited Remote Assistance - fAllowToGetHelpMSCT Windows 10 1903 v1.19.9Windows

ACCESS CONTROL

Ensure root is the only UID 0 accountTenable Cisco Firepower Management Center OS Best Practices AuditUnix

ACCESS CONTROL

Ensure root PATH IntegrityTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

User Account Control: Admin Approval Mode for the Built-in Administrator accountMSCT Windows 10 v1507 v1.0.0Windows

ACCESS CONTROL

User Account Control: Admin Approval Mode for the Built-in Administrator accountMSCT Windows 10 1909 v1.0.0Windows

ACCESS CONTROL

User Account Control: Behavior of the elevation prompt for administrators in Admin Approval ModeMSCT Windows Server v2004 DC v1.0.0Windows

ACCESS CONTROL

User Account Control: Behavior of the elevation prompt for standard usersMSCT Windows Server 2012 R2 DC v1.0.0Windows

ACCESS CONTROL

User Account Control: Behavior of the elevation prompt for standard usersMSCT Windows Server 2012 R2 MS v1.0.0Windows

ACCESS CONTROL

User Account Control: Behavior of the elevation prompt for standard usersMSCT Windows Server v20H2 MS v1.0.0Windows

ACCESS CONTROL

User Account Control: Behavior of the elevation prompt for standard usersMSCT Windows 10 1809 v1.0.0Windows

ACCESS CONTROL

User Account Control: Detect application installations and prompt for elevationMSCT Windows Server 2016 DC v1.0.0Windows

ACCESS CONTROL

User Account Control: Detect application installations and prompt for elevationMSCT Windows Server 2019 DC v1.0.0Windows

ACCESS CONTROL

User Account Control: Only elevate UIAccess applications that are installed in secure locationsMSCT Windows Server v2004 MS v1.0.0Windows

ACCESS CONTROL

User Account Control: Only elevate UIAccess applications that are installed in secure locationsMSCT Windows Server 2012 R2 MS v1.0.0Windows

ACCESS CONTROL

User Account Control: Run all administrators in Admin Approval ModeMSCT Windows Server v20H2 MS v1.0.0Windows

ACCESS CONTROL

User Account Control: Run all administrators in Admin Approval ModeMSCT Windows 10 1803 v1.0.0Windows

ACCESS CONTROL