Item Search

Name	Audit Name	Plugin	Category
Big Sur - Configure the System to Notify upon Account Disabled Actions	NIST macOS Big Sur v1.4.0 - 800-53r4 High	Unix	ACCESS CONTROL
Big Sur - Configure the System to Notify upon Account Enabled Actions	NIST macOS Big Sur v1.4.0 - 800-53r4 High	Unix	ACCESS CONTROL
Big Sur - Configure the System to Notify upon Account Modified Actions	NIST macOS Big Sur v1.4.0 - 800-53r4 High	Unix	ACCESS CONTROL
CASA-ND-000090 - The Cisco ASA must be configured to automatically audit account creation - Buffer Enabled	DISA STIG Cisco ASA NDM v1r6	Cisco	ACCESS CONTROL
Catalina - Configure the System to Notify upon Account Disabled Actions	NIST macOS Catalina v1.5.0 - CNSSI 1253	Unix	ACCESS CONTROL
Catalina - Configure the System to Notify upon Account Enabled Actions	NIST macOS Catalina v1.5.0 - CNSSI 1253	Unix	ACCESS CONTROL
Catalina - Configure the System to Notify upon Account Enabled Actions	NIST macOS Catalina v1.5.0 - All Profiles	Unix	ACCESS CONTROL
Catalina - Configure the System to Notify upon Account Modified Actions	NIST macOS Catalina v1.5.0 - CNSSI 1253	Unix	ACCESS CONTROL
FGFW-ND-000005 - The FortiGate device must automatically audit account creation	DISA Fortigate Firewall NDM STIG v1r4	FortiGate	ACCESS CONTROL
GEN002750 - The audit system must be configured to audit account creation - '/etc/security/audit/config USER_Create exists'	DISA STIG AIX 5.3 v1r2	Unix	ACCESS CONTROL
GEN002750 - The audit system must be configured to audit account creation - '/etc/security/audit/events USER_Create exists'	DISA STIG AIX 5.3 v1r2	Unix	ACCESS CONTROL
GEN002750 - The audit system must be configured to audit account creation - 'User audit class assignments should be reviewed'	DISA STIG AIX 5.3 v1r2	Unix	ACCESS CONTROL
GEN002751 - The audit system must be configured to audit account modification - '/etc/security/audit/config USER_Change exists'	DISA STIG AIX 5.3 v1r2	Unix	ACCESS CONTROL
GEN002751 - The audit system must be configured to audit account modification - '/etc/security/audit/events USER_Change exists'	DISA STIG AIX 5.3 v1r2	Unix	ACCESS CONTROL
GEN002751 - The audit system must be configured to audit account modification - 'User audit class assignments should be reviewed'	DISA STIG AIX 5.3 v1r2	Unix	ACCESS CONTROL
GEN002752 - The audit system must be configured to audit account disabling - '/etc/security/audit/config USER_Change exists'	DISA STIG AIX 5.3 v1r2	Unix	ACCESS CONTROL
GEN002752 - The audit system must be configured to audit account disabling - '/etc/security/audit/config USER_Locked exists'	DISA STIG AIX 5.3 v1r2	Unix	ACCESS CONTROL
GEN002752 - The audit system must be configured to audit account disabling - '/etc/security/audit/events USER_Change exists'	DISA STIG AIX 5.3 v1r2	Unix	ACCESS CONTROL
GEN002752 - The audit system must be configured to audit account disabling - 'User audit class assignments should be reviewed'	DISA STIG AIX 5.3 v1r2	Unix	ACCESS CONTROL
GEN002753 - The audit system must be configured to audit account termination - '/etc/security/audit/config USER_Remove exists'	DISA STIG AIX 5.3 v1r2	Unix	ACCESS CONTROL
GEN002753 - The audit system must be configured to audit account termination - '/etc/security/audit/events USER_Remove exists'	DISA STIG AIX 5.3 v1r2	Unix	ACCESS CONTROL
GEN002753 - The audit system must be configured to audit account termination - 'User audit class assignments should be reviewed'	DISA STIG AIX 5.3 v1r2	Unix	ACCESS CONTROL
Monterey - Configure the System to Notify upon Account Enabled Actions	NIST macOS Monterey v1.0.0 - 800-53r4 Moderate	Unix	ACCESS CONTROL
Monterey - Configure the System to Notify upon Account Modified Actions	NIST macOS Monterey v1.0.0 - 800-53r4 Moderate	Unix	ACCESS CONTROL
Monterey - Configure the System to Notify upon Account Removed Actions	NIST macOS Monterey v1.0.0 - 800-53r4 Moderate	Unix	ACCESS CONTROL
PHTN-67-000001 - The Photon operating system must audit all account creations - useradd	DISA STIG VMware vSphere 6.7 Photon OS v1r6	Unix	ACCESS CONTROL
PHTN-67-000046 - The Photon operating system must audit all account disabling actions.	DISA STIG VMware vSphere 6.7 Photon OS v1r6	Unix	ACCESS CONTROL
PHTN-67-000047 - The Photon operating system must audit all account removal actions - groupdel	DISA STIG VMware vSphere 6.7 Photon OS v1r6	Unix	ACCESS CONTROL
SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 14'	DISA STIG SQL Server 2012 DB Instance Security v1r20	MS_SQLDB	ACCESS CONTROL
SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 20'	DISA STIG SQL Server 2012 DB Instance Security v1r20	MS_SQLDB	ACCESS CONTROL
SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 106'	DISA STIG SQL Server 2012 DB Instance Security v1r20	MS_SQLDB	ACCESS CONTROL
SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 108'	DISA STIG SQL Server 2012 DB Instance Security v1r20	MS_SQLDB	ACCESS CONTROL
SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 111'	DISA STIG SQL Server 2012 DB Instance Security v1r20	MS_SQLDB	ACCESS CONTROL
SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 112'	DISA STIG SQL Server 2012 DB Instance Security v1r20	MS_SQLDB	ACCESS CONTROL
SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 118'	DISA STIG SQL Server 2012 DB Instance Security v1r20	MS_SQLDB	ACCESS CONTROL
SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 128'	DISA STIG SQL Server 2012 DB Instance Security v1r20	MS_SQLDB	ACCESS CONTROL
SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 131'	DISA STIG SQL Server 2012 DB Instance Security v1r20	MS_SQLDB	ACCESS CONTROL
SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 132'	DISA STIG SQL Server 2012 DB Instance Security v1r20	MS_SQLDB	ACCESS CONTROL
SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 133'	DISA STIG SQL Server 2012 DB Instance Security v1r20	MS_SQLDB	ACCESS CONTROL
SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 134'	DISA STIG SQL Server 2012 DB Instance Security v1r20	MS_SQLDB	ACCESS CONTROL
SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 135'	DISA STIG SQL Server 2012 DB Instance Security v1r20	MS_SQLDB	ACCESS CONTROL
SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 153'	DISA STIG SQL Server 2012 DB Instance Security v1r20	MS_SQLDB	ACCESS CONTROL
SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 171'	DISA STIG SQL Server 2012 DB Instance Security v1r20	MS_SQLDB	ACCESS CONTROL
SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 172'	DISA STIG SQL Server 2012 DB Instance Security v1r20	MS_SQLDB	ACCESS CONTROL
SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 177'	DISA STIG SQL Server 2012 DB Instance Security v1r20	MS_SQLDB	ACCESS CONTROL
SQL2-00-023300 - SQL Server must notify appropriate individuals when accounts are modified - 'Event ID 18'	DISA STIG SQL Server 2012 DB Instance Security v1r20	MS_SQLDB	ACCESS CONTROL
SQL2-00-023300 - SQL Server must notify appropriate individuals when accounts are modified - 'Event ID 103'	DISA STIG SQL Server 2012 DB Instance Security v1r20	MS_SQLDB	ACCESS CONTROL
SQL2-00-023300 - SQL Server must notify appropriate individuals when accounts are modified - 'Event ID 104'	DISA STIG SQL Server 2012 DB Instance Security v1r20	MS_SQLDB	ACCESS CONTROL
SQL2-00-023300 - SQL Server must notify appropriate individuals when accounts are modified - 'Event ID 107'	DISA STIG SQL Server 2012 DB Instance Security v1r20	MS_SQLDB	ACCESS CONTROL
SQL2-00-023300 - SQL Server must notify appropriate individuals when accounts are modified - 'Event ID 111'	DISA STIG SQL Server 2012 DB Instance Security v1r20	MS_SQLDB	ACCESS CONTROL

Detections

Analytics

Item Search