Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.2.3.2.6 Set 'Enumerate local users on domain-joined computers' to 'Disabled'CIS Windows 8 L1 v1.0.0Windows

ACCESS CONTROL

2.1 Run BIND as a non-root User - UIDCIS BIND DNS v3.0.1 Authoritative Name ServerUnix

ACCESS CONTROL

2.3.10.7 (L1) Ensure 'Network access: Remotely accessible registry paths' is configuredCIS Microsoft Windows Server 2022 Stand-alone v1.0.0 L1 MSWindows

ACCESS CONTROL

2.3.10.8 (L1) Ensure 'Network access: Remotely accessible registry paths and sub-paths' is configuredCIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BLWindows

ACCESS CONTROL

2.3.10.8 (L1) Ensure 'Network access: Remotely accessible registry paths and sub-paths' is configuredCIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BLWindows

ACCESS CONTROL

3.1 Ensure that role-based access control is enabled and configured appropriatelyCIS MongoDB 3.2 Database Audit L1 v1.0.0MongoDB

ACCESS CONTROL

3.4 Ensure that each role for each MongoDB database is needed and grants only the necessary privilegesCIS MongoDB 3.4 Database Audit L2 v1.0.0MongoDB

ACCESS CONTROL

5.2.4 Ensure SSH access is limitedCIS SUSE Linux Enterprise 12 v3.2.1 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

5.2.4 Ensure SSH access is limitedCIS SUSE Linux Enterprise 12 v3.2.1 L1 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

5.2.14 Ensure SSH access is limitedCIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1Unix

ACCESS CONTROL, MEDIA PROTECTION

5.3.6 Ensure SSH access is limitedCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

5.3.6 Ensure SSH access is limitedCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

6.9 Restrict at/cron To Authorized Users - should pass if /etc/cron.d/cron.deny does not exist.CIS Solaris 10 L1 v5.2Unix

ACCESS CONTROL

6.13 Restrict at/cron to Authorized Users - /etc/cron.d/cron.allow permsCIS Solaris 11.2 L1 v1.1.0Unix

ACCESS CONTROL

7.1 Establish an administrator groupCIS IBM DB2 9 Benchmark v3.0.1 Level 2 OS LinuxUnix

ACCESS CONTROL

7.4 Secure SYSMON AuthorityCIS IBM DB2 v10 v1.1.0 Linux OS Level 1Unix

ACCESS CONTROL

7.4 Secure SYSMON AuthorityCIS IBM DB2 v10 v1.1.0 Windows OS Level 1Windows

ACCESS CONTROL

9.5 Verify No UID 0 Accounts Exist Other than rootCIS Solaris 11 L1 v1.1.0Unix

ACCESS CONTROL

10.3 Restrict manager applicationCIS Apache Tomcat 8 L2 v1.1.0 MiddlewareUnix

ACCESS CONTROL

13.5 Verify No UID 0 Accounts Exist Other Than rootCIS Debian Linux 7 L1 v1.0.0Unix

ACCESS CONTROL

Always install with elevated privilegesMSCT Windows Server v20H2 DC v1.0.0Windows

ACCESS CONTROL

Big Sur - Require Administrator Password to Modify System-Wide PreferencesNIST macOS Big Sur v1.4.0 - 800-53r4 ModerateUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

Catalina - Require Administrator Password to Modify System-Wide PreferencesNIST macOS Catalina v1.5.0 - 800-53r5 ModerateUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

Catalina - Require Administrator Password to Modify System-Wide PreferencesNIST macOS Catalina v1.5.0 - CNSSI 1253Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

Configure Windows Defender SmartScreen - EnableSmartScreenMSCT Windows Server v20H2 MS v1.0.0Windows

ACCESS CONTROL

Create a pagefileMSCT Windows 11 v24H2 v1.0.0Windows

ACCESS CONTROL

Create a token objectMSCT Windows 11 v23H2 v1.0.0Windows

ACCESS CONTROL

Create global objectsMSCT Windows 11 v23H2 v1.0.0Windows

ACCESS CONTROL

Create global objectsMSCT Windows Server 2025 DC v1.0.0Windows

ACCESS CONTROL

Deny access to this computer from the networkMSCT Windows 11 v23H2 v1.0.0Windows

ACCESS CONTROL

Deny log on through Remote Desktop ServicesMSCT Windows 11 v23H2 v1.0.0Windows

ACCESS CONTROL

Disallow WinRM from storing RunAs credentialsMSCT Windows Server v20H2 DC v1.0.0Windows

ACCESS CONTROL

Enable computer and user accounts to be trusted for delegationMSCT Windows 11 v23H2 v1.0.0Windows

ACCESS CONTROL

Ensure noexec option set on /dev/shm partitionTenable Cisco Firepower Management Center OS Best Practices AuditUnix

ACCESS CONTROL

Ensure root login is restricted to system consoleTenable Cisco Firepower Management Center OS Best Practices AuditUnix

ACCESS CONTROL

Enumerate local users on domain-joined computersMSCT Windows Server v20H2 MS v1.0.0Windows

ACCESS CONTROL

Impersonate a client after authenticationMSCT Windows Server 2025 DC v1.0.0Windows

ACCESS CONTROL

Load and unload device driversMSCT Windows 11 v24H2 v1.0.0Windows

ACCESS CONTROL

Lock pages in memoryMSCT Windows 11 v22H2 v1.0.0Windows

ACCESS CONTROL

Manage auditing and security logMSCT Windows 11 v24H2 v1.0.0Windows

ACCESS CONTROL

Manage auditing and security logMSCT Windows 11 v22H2 v1.0.0Windows

ACCESS CONTROL

Modify firmware environment valuesMSCT Windows 11 v24H2 v1.0.0Windows

ACCESS CONTROL

Modify firmware environment valuesMSCT Windows 11 v23H2 v1.0.0Windows

ACCESS CONTROL

Network security: Allow LocalSystem NULL session fallbackMSCT Windows Server v20H2 DC v1.0.0Windows

ACCESS CONTROL

OpenStack Identity - Disable admin token in /etc/keystone/keystone.confTNS OpenStack Keystone/Identity Security GuideUnix

ACCESS CONTROL

Perform volume maintenance tasksMSCT Windows 11 v22H2 v1.0.0Windows

ACCESS CONTROL

Take ownership of files or other objectsMSCT Windows 11 v24H2 v1.0.0Windows

ACCESS CONTROL

Take ownership of files or other objectsMSCT Windows 11 v22H2 v1.0.0Windows

ACCESS CONTROL

User Account Control: Admin Approval Mode for the Built-in Administrator accountMSCT Windows Server v20H2 MS v1.0.0Windows

ACCESS CONTROL

User Account Control: Behavior of the elevation prompt for administrators in Admin Approval ModeMSCT Windows Server 2019 MS v1.0.0Windows

ACCESS CONTROL