Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.3.1.5 Set 'Accounts: Guest account status' to 'Disabled'CIS Windows 8 L1 v1.0.0Windows

ACCESS CONTROL

1.1.4.1 Configure 'Allow log on through Remote Desktop Services'CIS Windows 8 L1 v1.0.0Windows

ACCESS CONTROL

1.1.4.29 Set 'Deny log on as a batch job' to 'Guests'CIS Windows 8 L1 v1.0.0Windows

ACCESS CONTROL

1.1.4.35 Set 'Generate security audits' to 'Local Service, Network Service'CIS Windows 8 L1 v1.0.0Windows

ACCESS CONTROL

2.1 Ensure Only Necessary Authentication and Authorization Modules Are Enabled - 'auth*'CIS Apache HTTP Server 2.2 L2 v3.6.0Unix

CONFIGURATION MANAGEMENT

2.2 Ensure that authorization is enabled for Cassandra databasesCIS Apache Cassandra 3.11 L2 Unix Audit v1.0.0Unix

ACCESS CONTROL

2.2.5 Ensure 'Allow log on locally' is set to 'Administrators, Users'CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0Windows

ACCESS CONTROL

2.2.18 Ensure 'Deny log on as a service' to include 'Guests'CIS Windows 7 Workstation Level 1 v3.2.0Windows

ACCESS CONTROL

2.2.31 Ensure 'Modify an object label' is set to 'No One'CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0Windows

ACCESS CONTROL

2.2.36 Ensure 'Replace a process level token' is set to 'LOCAL SERVICE, NETWORK SERVICE'CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0Windows

ACCESS CONTROL

2.3.1.2 Ensure 'Accounts: Guest account status' is set to 'Disabled'CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0Windows

ACCESS CONTROL

2.3.1.5 Configure 'Accounts: Rename guest account'CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0Windows

ACCESS CONTROL

2.3.11.1 Ensure 'Network security: Allow Local System to use computer identity for NTLM' is set to 'Enabled'CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0Windows

IDENTIFICATION AND AUTHENTICATION

2.4.1 Ensure 'Allow simple value' is set to 'Disabled'MobileIron - CIS Apple iOS 11 v1.0.0 End User Owned L1MDM

IDENTIFICATION AND AUTHENTICATION

2.4.1 Ensure 'Allow simple value' is set to 'Disabled'MobileIron - CIS Apple iOS 13 and iPadOS 13 v1.0.0 End User Owned L1MDM

CONFIGURATION MANAGEMENT

2.4.1 Ensure 'Allow simple value' is set to 'Disabled'MobileIron - CIS Apple iOS 14 and iPadOS 14 v1.0.0 End User Owned L1MDM

CONFIGURATION MANAGEMENT

3.2 Ensure CONNECT permissions on the 'guest user' is Revoked within all SQL Server databases excluding the master, msdb and tempdbCIS SQL Server 2012 Database L1 DB v1.6.0MS_SQLDB

ACCESS CONTROL

3.4.1 Ensure 'Allow simple value' is set to 'Disabled'MobileIron - CIS Apple iOS 13 and iPadOS 13 Institution Owned L1MDM

CONFIGURATION MANAGEMENT

5.2.17 Ensure SSH LoginGraceTime is set to one minute or lessCIS Distribution Independent Linux Server L1 v2.0.0Unix

CONFIGURATION MANAGEMENT

5.3.3 Ensure password reuse is limitedCIS Distribution Independent Linux Workstation L1 v2.0.0Unix

ACCESS CONTROL

5.4.2 Ensure system accounts are secured - non loginCIS Distribution Independent Linux Workstation L1 v2.0.0Unix

ACCESS CONTROL

6.2.16 Ensure no duplicate UIDs existCIS Distribution Independent Linux Server L1 v2.0.0Unix

ACCESS CONTROL

6.2.17 Ensure no duplicate GIDs existCIS Oracle Linux 6 Server L1 v2.0.0Unix

ACCESS CONTROL

Accounts: Guest account statusMSCT Windows Server 2016 MS v1.0.0Windows

ACCESS CONTROL

Allow log on locallyMSCT Windows Server v1909 DC v1.0.0Windows

ACCESS CONTROL

Allow log on locallyMSCT Windows Server v2004 DC v1.0.0Windows

ACCESS CONTROL

Allow log on locallyMSCT Windows Server 2016 MS v1.0.0Windows

ACCESS CONTROL

Allow log on through Remote Desktop ServicesMSCT Windows Server v1909 DC v1.0.0Windows

ACCESS CONTROL

Allow log on through Remote Desktop ServicesMSCT Windows Server 2012 R2 MS v1.0.0Windows

ACCESS CONTROL

Allow log on through Remote Desktop ServicesMSCT Windows Server v20H2 DC v1.0.0Windows

ACCESS CONTROL

Allow log on through Remote Desktop ServicesMSCT Windows Server 1903 DC v1.19.9Windows

ACCESS CONTROL

Deny access to this computer from the networkMSCT Windows Server 2012 R2 DC v1.0.0Windows

ACCESS CONTROL

Deny access to this computer from the networkMSCT Windows Server 2016 DC v1.0.0Windows

ACCESS CONTROL

Deny access to this computer from the networkMSCT Windows 10 1909 v1.0.0Windows

ACCESS CONTROL

Deny access to this computer from the networkMSCT Windows 10 v1507 v1.0.0Windows

ACCESS CONTROL

Deny log on locallyMSCT Windows 10 1803 v1.0.0Windows

ACCESS CONTROL

Deny log on through Remote Desktop ServicesMSCT Windows Server v2004 MS v1.0.0Windows

ACCESS CONTROL

Deny log on through Remote Desktop ServicesMSCT Windows 10 1809 v1.0.0Windows

ACCESS CONTROL

Domain member: Maximum machine account password ageMSCT Windows 10 1809 v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

Domain member: Maximum machine account password ageMSCT Windows 10 v1507 v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

Ensure password fields are not emptyTenable Cisco Firepower Management Center OS Best Practices AuditUnix

IDENTIFICATION AND AUTHENTICATION

Lock pages in memoryMSCT Windows Server 2016 DC v1.0.0Windows

ACCESS CONTROL

Lock pages in memoryMSCT Windows Server 2016 MS v1.0.0Windows

ACCESS CONTROL

Lock pages in memoryMSCT Windows 10 1903 v1.19.9Windows

ACCESS CONTROL

Lock pages in memoryMSCT Windows 10 v20H2 v1.0.0Windows

ACCESS CONTROL

Lock pages in memoryMSCT Windows 10 v1507 v1.0.0Windows

ACCESS CONTROL

Microsoft network server: Disconnect clients when logon hours expireMSCT Windows Server 2012 R2 DC v1.0.0Windows

ACCESS CONTROL

Microsoft network server: Disconnect clients when logon hours expireMSCT Windows Server 2012 R2 MS v1.0.0Windows

ACCESS CONTROL

Modify an object labelMSCT Windows Server 2012 R2 MS v1.0.0Windows

ACCESS CONTROL

Network security: Allow Local System to use computer identity for NTLMMSCT Windows 10 v1507 v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION