Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.2.3 Ensure 'Account lockout threshold' is set to '3 or fewer invalid logon attempt(s), but not 0'CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DCWindows

ACCESS CONTROL

2.2.8 Ensure 'Allow log on through Remote Desktop Services' is set to 'Administrators' (DC only)CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DCWindows

ACCESS CONTROL

2.2.9 Ensure 'Allow log on through Remote Desktop Services' is set to 'Administrators, Remote Desktop Users' (MS only) - Administrators, Remote Desktop UsersCIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MSWindows

ACCESS CONTROL

2.3.4.2 (L1) Ensure 'Devices: Prevent users from installing printer drivers' is set to 'Enabled'CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

ACCESS CONTROL

2.3.9.1 (L1) Ensure 'Microsoft network server: Amount of idle time required before suspending session' is set to '15 or fewer minute(s)'CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

ACCESS CONTROL

2.3.10.4 (L2) Ensure 'Network access: Do not allow storage of passwords and credentials for network authentication' is set to 'Enabled'CIS Microsoft Windows Server 2008 Member Server Level 2 v3.3.1Windows

IDENTIFICATION AND AUTHENTICATION

2.3.14.1 Ensure 'System cryptography: Force strong key protection for user keys stored on the computer' is set to 'User must enter a password each time they use a key' (STIG only)CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.10.44.1.2 (L1) Ensure 'Enable Windows NTP Server' is set to 'Disabled'CIS Microsoft Intune for Windows 10 v4.0.0 L1Windows

AUDIT AND ACCOUNTABILITY

8.4.29 Disable all but VGA mode on virtual machines.CIS VMware ESXi 5.5 v1.2.0 Level 2VMware

SYSTEM AND COMMUNICATIONS PROTECTION

9.2.6 (L1) Ensure 'Windows Firewall: Private: Logging: Size limit (KB)' is set to '16,384 KB or greater'CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION

9.3.1 (L1) Ensure 'Windows Firewall: Public: Firewall state' is set to 'On (recommended)'CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

9.3.3 (L1) Ensure 'Windows Firewall: Public: Outbound connections' is set to 'Allow (default)'CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

18.3.1 (L1) Ensure 'Configure SMB v1 client driver' is set to 'Enabled: Disable driver (recommended)'CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MSWindows

CONFIGURATION MANAGEMENT

18.4.2 (L1) Ensure 'Configure SMB v1 client driver' is set to 'Enabled: Disable driver (recommended)'CIS Microsoft Windows Server 2025 v1.0.0 L1 MSWindows

CONFIGURATION MANAGEMENT

18.4.3 (L1) Ensure 'Configure SMB v1 client driver' is set to 'Enabled: Disable driver (recommended)'CIS Microsoft Windows Server 2016 v3.0.0 L1 DCWindows

CONFIGURATION MANAGEMENT

18.4.3 Ensure 'Configure SMB v1 client driver' is set to 'Enabled: Disable driver (recommended)'CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 DCWindows

CONFIGURATION MANAGEMENT

18.4.3 Ensure 'Configure SMB v1 client driver' is set to 'Enabled: Disable driver (recommended)'CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DCWindows

CONFIGURATION MANAGEMENT

18.4.5 (L2) Ensure 'MSS: (KeepAliveTime) How often keep-alive packets are sent in milliseconds' is set to 'Enabled: 300,000 or 5 minutes (recommended)'CIS Microsoft Windows Server 2008 Member Server Level 2 v3.3.1Windows

CONFIGURATION MANAGEMENT

18.4.7 (L1) Ensure 'WDigest Authentication' is set to 'Disabled'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NGWindows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

18.5.20.2 (L2) Ensure 'Prohibit access of the Windows Connect Now wizards' is set to 'Enabled'CIS Microsoft Windows Server 2008 Member Server Level 2 v3.3.1Windows

CONFIGURATION MANAGEMENT

18.8.22.1.5 (L2) Ensure 'Turn off Internet File Association service' is set to 'Enabled'CIS Microsoft Windows Server 2008 Member Server Level 2 v3.3.1Windows

CONFIGURATION MANAGEMENT

18.8.22.1.8 (L2) Ensure 'Turn off Search Companion content file updates' is set to 'Enabled'CIS Microsoft Windows Server 2008 Member Server Level 2 v3.3.1Windows

CONFIGURATION MANAGEMENT

18.8.22.1.13 (L2) Ensure 'Turn off Windows Error Reporting' is set to 'Enabled'CIS Microsoft Windows Server 2008 Member Server Level 2 v3.3.1Windows

CONFIGURATION MANAGEMENT

18.8.37.2 (L2) Ensure 'Restrict Unauthenticated RPC clients' is set to 'Enabled: Authenticated' (MS only)CIS Microsoft Windows Server 2008 Member Server Level 2 v3.3.1Windows

CONFIGURATION MANAGEMENT

18.8.52.1.2 (L2) Ensure 'Enable Windows NTP Server' is set to 'Disabled'CIS Microsoft Windows 8.1 v2.4.1 L2Windows

CONFIGURATION MANAGEMENT

18.8.52.1.2 (L2) Ensure 'Enable Windows NTP Server' is set to 'Disabled'CIS Microsoft Windows 8.1 v2.4.1 L2 BitlockerWindows

CONFIGURATION MANAGEMENT

18.9.51.1.2 (L1) Ensure 'Enable Windows NTP Server' is set to 'Disabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BLWindows

AUDIT AND ACCOUNTABILITY

18.9.51.1.2 (L1) Ensure 'Enable Windows NTP Server' is set to 'Disabled'CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLockerWindows

AUDIT AND ACCOUNTABILITY

18.9.51.1.2 (L1) Ensure 'Enable Windows NTP Server' is set to 'Disabled'CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1Windows

AUDIT AND ACCOUNTABILITY

18.9.65.3.3.1 (L2) Ensure 'Do not allow COM port redirection' is set to 'Enabled'CIS Microsoft Windows Server 2008 Member Server Level 2 v3.3.1Windows

CONFIGURATION MANAGEMENT

18.9.65.3.10.1 (L2) Ensure 'Set time limit for active but idle Remote Desktop Services sessions' is set to 'Enabled: 15 minutes or less, but not Never (0)'CIS Microsoft Windows Server 2008 Member Server Level 2 v3.3.1Windows

ACCESS CONTROL

20.20 Ensure 'DoD Interoperability Root CA cross-certificates' are installed in the 'Untrusted Certificates Store' on unclassified systems (STIG only)CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DCWindows

SYSTEM AND COMMUNICATIONS PROTECTION

20.67 Ensure 'The system uses an anti-virus program' (STIG only)CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DCWindows

SYSTEM AND INFORMATION INTEGRITY

AADC-CL-000840 - Adobe Acrobat Pro DC Classic privileged file and folder locations must be disabled.DISA STIG Adobe Acrobat Pro DC Classic Track v2r1Windows

CONFIGURATION MANAGEMENT

AADC-CL-001010 - Adobe Acrobat Pro DC Classic Protected Mode must be enabled.DISA STIG Adobe Acrobat Pro DC Classic Track v2r1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

AADC-CL-001280 - Adobe Acrobat Pro DC Classic Default Handler changes must be disabled.DISA STIG Adobe Acrobat Pro DC Classic Track v2r1Windows

CONFIGURATION MANAGEMENT

AADC-CL-001290 - Adobe Acrobat Pro DC Classic Cloud Synchronization must be disabled.DISA STIG Adobe Acrobat Pro DC Classic Track v2r1Windows

CONFIGURATION MANAGEMENT

AADC-CL-001300 - Adobe Acrobat Pro DC Classic third-party web connectors must be disabled.DISA STIG Adobe Acrobat Pro DC Classic Track v2r1Windows

CONFIGURATION MANAGEMENT

AADC-CL-001305 - Adobe Acrobat Pro DC Classic Webmail must be disabled.DISA STIG Adobe Acrobat Pro DC Classic Track v2r1Windows

CONFIGURATION MANAGEMENT

AADC-CL-001325 - Adobe Acrobat Pro DC Classic privileged host locations must be disabled.DISA STIG Adobe Acrobat Pro DC Classic Track v2r1Windows

CONFIGURATION MANAGEMENT

Authentication with Exchange ServerMSCT Office 2016 v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

DTOO280 - Outlook must be configured to force authentication when connecting to an Exchange server.DISA STIG Microsoft Outlook 2016 v2r3Windows

IDENTIFICATION AND AUTHENTICATION

SQL6-D0-007900 - If DBMS authentication using passwords is employed, SQL Server must enforce the DOD standards for password complexity and lifetime.DISA STIG SQL Server 2016 Instance DB Audit v3r4MS_SQLDB

IDENTIFICATION AND AUTHENTICATION

VCWN-65-006000 - The vCenter Server for Windows must disable SNMPv1.DISA STIG VMware vSphere vCenter 6.5 v2r3VMware

IDENTIFICATION AND AUTHENTICATION

WN16-CC-000555 - Windows Server 2016 must have PowerShell Transcription enabled.DISA Microsoft Windows Server 2016 STIG v2r10Windows

AUDIT AND ACCOUNTABILITY

WN16-MS-000030 - Local users on domain-joined computers must not be enumerated.DISA Microsoft Windows Server 2016 STIG v2r10Windows

CONFIGURATION MANAGEMENT

WN16-MS-000410 - The 'Deny log on through Remote Desktop Services' user right on member servers must be configured to prevent access from highly privileged domain accounts and all local accounts on domain systems and from unauthenticated access on all systems.DISA Microsoft Windows Server 2016 STIG v2r10Windows

ACCESS CONTROL

WN19-MS-000080 - Windows Server 2019 'Deny access to this computer from the network' user right on domain-joined member servers must be configured to prevent access from highly privileged domain accounts and local accounts and from unauthenticated access on all systems.DISA Microsoft Windows Server 2019 STIG v3r4Windows

ACCESS CONTROL

WN19-MS-000120 - Windows Server 2019 'Deny log on through Remote Desktop Services' user right on domain-joined member servers must be configured to prevent access from highly privileged domain accounts and all local accounts and from unauthenticated access on all systems.DISA Microsoft Windows Server 2019 STIG v3r4Windows

ACCESS CONTROL

WN19-MS-000130 - Windows Server 2019 'Enable computer and user accounts to be trusted for delegation' user right must not be assigned to any groups or accounts on domain-joined member servers and standalone or nondomain-joined systems.DISA Microsoft Windows Server 2019 STIG v3r4Windows

ACCESS CONTROL