Item Search

Name	Audit Name	Plugin	Category
3.1.17 Secure permissions for the primary archive log location - LOGARCHMETH1 OS Permissions	CIS IBM DB2 v10 v1.1.0 Linux OS Level 2	Unix
3.1.17 Secure permissions for the primary archive log location - LOGARCHMETH1 OS Permissions	CIS IBM DB2 v10 v1.1.0 Windows OS Level 2	Windows	AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT
3.1.18 Secure permissions for the secondary archive log location - LOGARCHMETH2 OS Permission	CIS IBM DB2 v10 v1.1.0 Linux OS Level 1	Unix
3.1.19 Secure permissions for the tertiary archive log location - FAILARCHPATH OS Permission	CIS IBM DB2 v10 v1.1.0 Linux OS Level 2	Unix
5.2.6 Accept Remote rsyslog Messages Only on Designated Log Hosts - $ModLoad imtcp.so	CIS Red Hat Enterprise Linux 5 L1 v2.2.1	Unix	AUDIT AND ACCOUNTABILITY
5.3 Ensure the Sudo Timeout Period Is Set to Zero	CIS Apple macOS 11.0 Big Sur v4.0.0 L1	Unix	ACCESS CONTROL
5.5.1 Ensure Container-Optimized OS (cos_containerd) is used for GKE node images	CIS Google Kubernetes Engine (GKE) v1.7.0 L1	GCP	CONFIGURATION MANAGEMENT
8.7 Secure the permissions of the IBMLDAPSecurity.ini file	CIS IBM DB2 9 Benchmark v3.0.1 Level 1 OS Linux	Unix
8.7 Secure the permissions of the IBMLDAPSecurity.ini file	CIS IBM DB2 9 Benchmark v3.0.1 Level 1 OS Windows	Windows
9.1.12 Find Un-grouped Files and Directories	CIS Red Hat Enterprise Linux 5 L1 v2.2.1	Unix	ACCESS CONTROL
18.9.31.2 (L2) Ensure 'Allow upload of User Activities' is set to 'Disabled'	CIS Microsoft Windows 11 Stand-alone v4.0.0 L2	Windows	CONFIGURATION MANAGEMENT
18.9.31.2 (L2) Ensure 'Allow upload of User Activities' is set to 'Disabled'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L2 NG	Windows	CONFIGURATION MANAGEMENT
18.9.31.2 (L2) Ensure 'Allow upload of User Activities' is set to 'Disabled'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L2	Windows	CONFIGURATION MANAGEMENT
18.10.92.4.2 (L1) Ensure 'Select when Preview Builds and Feature Updates are received' is set to 'Enabled: 180 or more days'	CIS Microsoft Windows Server 2016 v3.0.0 L1 MS	Windows	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
18.10.92.4.2 (L1) Ensure 'Select when Preview Builds and Feature Updates are received' is set to 'Enabled: 180 or more days'	CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1	Windows	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
18.10.92.4.2 Ensure 'Select when Preview Builds and Feature Updates are received' is set to 'Enabled: 180 or more days'	CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 MS	Windows	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
18.10.92.4.2 Ensure 'Select when Preview Builds and Feature Updates are received' is set to 'Enabled: 180 or more days'	CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 DC	Windows	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
18.10.92.4.2 Ensure 'Select when Preview Builds and Feature Updates are received' is set to 'Enabled: 180 or more days'	CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 Domain Controller	Windows	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
18.10.92.4.2 Ensure 'Select when Preview Builds and Feature Updates are received' is set to 'Enabled: 180 or more days'	CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Member Server	Windows	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
18.10.92.4.2 Ensure 'Select when Preview Builds and Feature Updates are received' is set to 'Enabled: 180 or more days'	CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 MS	Windows	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
18.10.92.4.2 Ensure 'Select when Preview Builds and Feature Updates are received' is set to 'Enabled: 180 or more days'	CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Domain Controller	Windows	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
18.10.93.4.2 (L1) Ensure 'Select when Preview Builds and Feature Updates are received' is set to 'Enabled: 180 or more days'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1	Windows	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
18.10.93.4.2 (L1) Ensure 'Select when Preview Builds and Feature Updates are received' is set to 'Enabled: 180 or more days'	CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker	Windows	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
18.10.93.4.2 (L1) Ensure 'Select when Preview Builds and Feature Updates are received' is set to 'Enabled: 180 or more days'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG	Windows	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
18.10.93.4.2 (L1) Ensure 'Select when Preview Builds and Feature Updates are received' is set to 'Enabled: 180 or more days'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL	Windows	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
18.10.93.4.2 (L1) Ensure 'Select when Preview Builds and Feature Updates are received' is set to 'Enabled: 180 or more days'	CIS Microsoft Windows Server 2022 v4.0.0 L1 DC	Windows	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
18.10.93.4.2 (L1) Ensure 'Select when Preview Builds and Feature Updates are received' is set to 'Enabled: 180 or more days'	CIS Microsoft Windows 11 Stand-alone v4.0.0 L1	Windows	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
18.10.93.4.2 (L1) Ensure 'Select when Preview Builds and Feature Updates are received' is set to 'Enabled: 180 or more days'	CIS Microsoft Windows Server 2022 Stand-alone v1.0.0 L1 MS	Windows	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
103.2 (L1) Ensure 'Defer Feature Updates Period in Days' is set to 'Enabled: 180 or more days'	CIS Microsoft Intune for Windows 11 v4.0.0 L1	Windows	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
103.2 (L1) Ensure 'Defer Feature Updates Period in Days' is set to 'Enabled: 180 or more days'	CIS Microsoft Intune for Windows 10 v4.0.0 L1	Windows	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
105.5 (L1) Ensure 'Post-authentication actions' is set to 'Reset the password and logoff the managed account' or higher	CIS Microsoft Intune for Windows 11 v4.0.0 L1	Windows	IDENTIFICATION AND AUTHENTICATION
ALMA-09-015640 - AlmaLinux OS 9 must enforce a delay of at least four seconds between logon prompts following a failed logon attempt.	DISA CloudLinux AlmaLinux OS 9 STIG v1r2	Unix	CONFIGURATION MANAGEMENT
ALMA-09-020260 - AlmaLinux OS 9 must not forward source-routed packets.	DISA CloudLinux AlmaLinux OS 9 STIG v1r2	Unix	CONFIGURATION MANAGEMENT
ALMA-09-024330 - AlmaLinux OS 9 security patches and updates must be installed and up to date.	DISA CloudLinux AlmaLinux OS 9 STIG v1r2	Unix	CONFIGURATION MANAGEMENT
ALMA-09-033350 - AlmaLinux OS 9 must have the opensc package installed.	DISA CloudLinux AlmaLinux OS 9 STIG v1r2	Unix	IDENTIFICATION AND AUTHENTICATION
ALMA-09-035210 - AlmaLinux OS 9 must have the USBGuard package installed.	DISA CloudLinux AlmaLinux OS 9 STIG v1r2	Unix	IDENTIFICATION AND AUTHENTICATION
ALMA-09-053260 - AlmaLinux OS 9 must take action when allocated audit record storage volume reaches 95 percent of the audit record storage capacity.	DISA CloudLinux AlmaLinux OS 9 STIG v1r2	Unix	AUDIT AND ACCOUNTABILITY
APPL-14-003030 The macOS system must allow smart card authentication.	DISA Apple macOS 14 (Sonoma) STIG v2r3	Unix	IDENTIFICATION AND AUTHENTICATION
APPL-15-001130 - The macOS system must configure audit_control owner to mode 440 or less permissive.	DISA Apple macOS 15 (Sequoia) STIG v1r3	Unix	AUDIT AND ACCOUNTABILITY
APPL-15-001140 - The macOS system must configure audit_control to not contain access control lists (ACLs).	DISA Apple macOS 15 (Sequoia) STIG v1r3	Unix	AUDIT AND ACCOUNTABILITY
APPL-15-001150 - The macOS system must disable password authentication for SSH.	DISA Apple macOS 15 (Sequoia) STIG v1r3	Unix	IDENTIFICATION AND AUTHENTICATION, MAINTENANCE
EX19-MB-000146 - Exchange antimalware agent must be enabled and configured.	DISA Microsoft Exchange 2019 Mailbox Server STIG v2r2	Windows	SYSTEM AND INFORMATION INTEGRITY
PHTN-30-000020 - The Photon operating system must generate audit records when successful/unsuccessful attempts to access privileges occur.	DISA STIG VMware vSphere 7.0 Photon OS v1r4	Unix	AUDIT AND ACCOUNTABILITY, MAINTENANCE
SLES-15-030650 - The SUSE operating system must have the auditing package installed.	DISA SUSE Linux Enterprise Server 15 STIG v2r4	Unix	AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT
UBTU-16-020330 - The Ubuntu operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/shadow.	DISA STIG Ubuntu 16.04 LTS v2r3	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE
UBTU-18-010244 - The Ubuntu operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/passwd.	DISA STIG Ubuntu 18.04 LTS v2r15	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
UBTU-22-653015 - Ubuntu 22.04 LTS must produce audit records and reports containing information to establish when, where, what type, the source, and the outcome for all DOD-defined auditable events and actions in near real time.	DISA Canonical Ubuntu 22.04 LTS STIG v2r4	Unix	AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT
UBTU-24-100400 - Ubuntu 24.04 LTS must have the "auditd" package installed.	DISA Canonical Ubuntu 24.04 LTS STIG v1r1	Unix	AUDIT AND ACCOUNTABILITY
WN16-DC-000310 - Active Directory user accounts, including administrators, must be configured to require the use of a Common Access Card (CAC), Personal Identity Verification (PIV)-compliant hardware token, or Alternate Logon Token (ALT) for user authentication.	DISA Microsoft Windows Server 2016 STIG v2r10	Windows	IDENTIFICATION AND AUTHENTICATION
WN22-DC-000310 - Windows Server 2022 Active Directory user accounts, including administrators, must be configured to require the use of a Common Access Card (CAC), Personal Identity Verification (PIV)-compliant hardware token, or Alternate Logon Token (ALT) for user authentication.	DISA Microsoft Windows Server 2022 STIG v2r4	Windows	IDENTIFICATION AND AUTHENTICATION

Detections

Analytics

Item Search