Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.3.1.3 Set 'Accounts: Administrator account status' to 'Disabled'.CIS Windows 8 L1 v1.0.0Windows

ACCESS CONTROL

1.1.3.5.4 Set 'Domain member: Maximum machine account password age' to '30 or fewer day(s)'CIS Windows 8 L1 v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

1.1.3.10.5 Set 'Network access: Restrict anonymous access to Named Pipes and Shares' to 'Enabled'CIS Windows 8 L1 v1.0.0Windows

CONFIGURATION MANAGEMENT

1.1.4.21 Set 'Deny log on locally' to 'Guests'CIS Windows 8 L1 v1.0.0Windows

ACCESS CONTROL

1.1.4.33 Configure 'Deny log on as a service'CIS Windows 8 L1 v1.0.0Windows

ACCESS CONTROL

1.1.4.36 Set 'Allow log on locally' to 'Administrators, Users'CIS Windows 8 L1 v1.0.0Windows

ACCESS CONTROL

1.1.4.37 Set 'Lock pages in memory' to 'No One'CIS Windows 8 L1 v1.0.0Windows

ACCESS CONTROL

1.1.4.40 Set 'Replace a process level token' to 'Local Service, Network Service'CIS Windows 8 L1 v1.0.0Windows

ACCESS CONTROL

2.1 Ensure Only Necessary Authentication and Authorization Modules Are Enabled - 'Loaded ldap* modules'CIS Apache HTTP Server 2.2 L1 v3.6.0Unix

CONFIGURATION MANAGEMENT

2.2.16 Ensure 'Deny access to this computer from the network' to include 'Guests, Local account'CIS Windows 7 Workstation Level 1 v3.2.0Windows

ACCESS CONTROL

2.2.16 Ensure 'Deny access to this computer from the network' to include 'Guests, Local account'CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0Windows

ACCESS CONTROL

2.2.19 Ensure 'Deny log on locally' to include 'Guests'CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0Windows

ACCESS CONTROL

2.2.20 Ensure 'Deny log on through Remote Desktop Services' to include 'Guests, Local account'CIS Windows 7 Workstation Level 1 v3.2.0Windows

ACCESS CONTROL

2.2.36 Ensure 'Replace a process level token' is set to 'LOCAL SERVICE, NETWORK SERVICE'CIS Windows 7 Workstation Level 1 v3.2.0Windows

ACCESS CONTROL

2.3.1.2 Ensure 'Accounts: Guest account status' is set to 'Disabled'CIS Windows 7 Workstation Level 1 v3.2.0Windows

ACCESS CONTROL

2.3.6.5 (L1) Ensure 'Domain member: Maximum machine account password age' is set to '30 or fewer days, but not 0'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

CONFIGURATION MANAGEMENT

2.3.10.2 (L1) Ensure 'Network access: Do not allow anonymous enumeration of SAM accounts' is set to 'Enabled'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

CONFIGURATION MANAGEMENT

3.4.1 Ensure 'Allow simple value' is set to 'Disabled'MobileIron - CIS Apple iOS 12 v1.0.0 Institution Owned L1MDM

IDENTIFICATION AND AUTHENTICATION

5.1.8 Ensure at/cron is restricted to authorized users - cron.denyCIS Distribution Independent Linux Workstation L1 v2.0.0Unix

ACCESS CONTROL

5.2.6 Ensure SSH X11 forwarding is disabledCIS Distribution Independent Linux Server L2 v2.0.0Unix

SYSTEM AND INFORMATION INTEGRITY

5.2.12 Ensure SSH PermitUserEnvironment is disabledCIS Distribution Independent Linux Workstation L1 v2.0.0Unix

CONFIGURATION MANAGEMENT

5.3.3 Ensure password reuse is limited - password-authCIS Amazon Linux v2.1.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

5.3.3 Ensure password reuse is limited - system-authCIS Amazon Linux v2.1.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

5.4.1.1 Ensure password expiration is 365 days or less - login.defsCIS Amazon Linux v2.1.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

5.4.2 Ensure system accounts are non-loginCIS Debian 8 Workstation L1 v2.0.2Unix

ACCESS CONTROL

5.4.4 Ensure default user umask is 027 or more restrictive - /etc/profileCIS Amazon Linux v2.1.0 L1Unix

ACCESS CONTROL

6.2.17 Ensure no duplicate GIDs existCIS CentOS 6 Workstation L1 v3.0.0Unix

ACCESS CONTROL

6.2.18 Ensure no duplicate user names existCIS CentOS 6 Server L1 v3.0.0Unix

ACCESS CONTROL

6.2.18 Ensure no duplicate user names existCIS CentOS 6 Workstation L1 v3.0.0Unix

ACCESS CONTROL

6.2.19 Ensure no duplicate group names existCIS CentOS 6 Server L1 v3.0.0Unix

ACCESS CONTROL

6.2.19 Ensure no duplicate group names existCIS Distribution Independent Linux Workstation L1 v2.0.0Unix

ACCESS CONTROL

Allow log on locallyMSCT Windows Server 2016 DC v1.0.0Windows

ACCESS CONTROL

Allow log on locallyMSCT Windows Server 2019 MS v1.0.0Windows

ACCESS CONTROL

Allow log on locallyMSCT Windows Server v20H2 DC v1.0.0Windows

ACCESS CONTROL

Allow log on locallyMSCT Windows 10 v20H2 v1.0.0Windows

ACCESS CONTROL

Allow log on through Remote Desktop ServicesMSCT Windows Server 2016 DC v1.0.0Windows

ACCESS CONTROL

Allow log on through Remote Desktop ServicesMSCT Windows Server 2019 DC v1.0.0Windows

ACCESS CONTROL

Deny access to this computer from the networkMSCT Windows Server 2012 R2 MS v1.0.0Windows

ACCESS CONTROL

Deny access to this computer from the networkMSCT Windows Server 2016 MS v1.0.0Windows

ACCESS CONTROL

Deny access to this computer from the networkMSCT Windows Server v20H2 MS v1.0.0Windows

ACCESS CONTROL

Deny access to this computer from the networkMSCT Windows 10 v20H2 v1.0.0Windows

ACCESS CONTROL

Deny log on as a serviceMSCT Windows Server 2012 R2 MS v1.0.0Windows

ACCESS CONTROL

Deny log on through Remote Desktop ServicesMSCT Windows Server 2012 R2 DC v1.0.0Windows

ACCESS CONTROL

Deny log on through Remote Desktop ServicesMSCT Windows Server v20H2 MS v1.0.0Windows

ACCESS CONTROL

Deny log on through Remote Desktop ServicesMSCT Windows 10 v21H2 v1.0.0Windows

ACCESS CONTROL

Generate security auditsMSCT Windows Server 2016 DC v1.0.0Windows

ACCESS CONTROL

Lock pages in memoryMSCT Windows Server 2012 R2 MS v1.0.0Windows

ACCESS CONTROL

Network security: Allow Local System to use computer identity for NTLMMSCT Windows Server 2016 DC v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

Network security: Force logoff when logon hours expireMSCT Windows Server 2012 R2 MS v1.0.0Windows

ACCESS CONTROL

Network security: Force logoff when logon hours expireMSCT Windows Server 2016 MS v1.0.0Windows

ACCESS CONTROL