Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.1.7 Ensure udf kernel module is not availableCIS Amazon Linux 2 v3.0.0 L2Unix

CONFIGURATION MANAGEMENT

1.1.2.5.1 Ensure separate partition exists for /var/tmpCIS Amazon Linux 2 v3.0.0 L2Unix

ACCESS CONTROL, MEDIA PROTECTION

1.1.7 Ensure separate partition exists for /var/tmpCIS Aliyun Linux 2 L2 v1.0.0Unix

CONFIGURATION MANAGEMENT

2.2.20 Ensure X window server services are not in useCIS Amazon Linux 2 v3.0.0 L2Unix

CONFIGURATION MANAGEMENT

2.3.7.8 (L1) Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higherCIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1Windows

ACCESS CONTROL

2.3.7.8 (L1) Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higherCIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

ACCESS CONTROL

2.3.7.9 (L1) Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higherCIS Microsoft Windows Server 2025 v1.0.0 L1 DCWindows

ACCESS CONTROL

2.3.7.9 (L1) Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higherCIS Microsoft Windows 10 EMS Gateway v3.0.0 L1Windows

ACCESS CONTROL

2.3.7.9 Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higherCIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Member ServerWindows

ACCESS CONTROL

2.3.7.10 Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or 'Force Logoff' (STIG DC & MS only)CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MSWindows

ACCESS CONTROL

4.1.1.3 Ensure audit logs are not automatically deletedCIS Aliyun Linux 2 L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.4 Ensure events that modify date and time information are collected - auditctl clock_settime (32-bit)CIS Aliyun Linux 2 L2 v1.0.0Unix

CONFIGURATION MANAGEMENT

4.1.5 Ensure events that modify user/group information are collected - /etc/security/opasswdCIS Aliyun Linux 2 L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.6 Ensure events that modify the system's network environment are collected - /etc/sysconfig/network-scriptsCIS Aliyun Linux 2 L2 v1.0.0Unix

CONFIGURATION MANAGEMENT

4.1.6 Ensure events that modify the system's network environment are collected - auditctl /etc/hostsCIS Aliyun Linux 2 L2 v1.0.0Unix

CONFIGURATION MANAGEMENT

4.1.6 Ensure events that modify the system's network environment are collected - auditctl /etc/issueCIS Aliyun Linux 2 L2 v1.0.0Unix

CONFIGURATION MANAGEMENT

4.1.8 Ensure login and logout events are collected - /var/log/faillockCIS Aliyun Linux 2 L2 v1.0.0Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

4.1.9 Ensure session initiation information is collected - auditctl /var/run/utmpCIS Aliyun Linux 2 L2 v1.0.0Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

4.1.10 Ensure discretionary access control permission modification events are collected - auditctl setxattr/lsetxattr/fsetxattr (32-bit)CIS Aliyun Linux 2 L2 v1.0.0Unix

CONFIGURATION MANAGEMENT

4.1.10 Ensure discretionary access control permission modification events are collected - chown/fchown/fchownat (64-bit)CIS Aliyun Linux 2 L2 v1.0.0Unix

CONFIGURATION MANAGEMENT

4.1.13 Ensure successful file system mounts are collected - (64-bit)CIS Aliyun Linux 2 L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.14 Ensure file deletion events by users are collected - auditctl (64-bit)CIS Aliyun Linux 2 L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.15 Ensure changes to system administration scope (sudoers) is collected - auditctl /etc/sudoersCIS Aliyun Linux 2 L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.16 Ensure system administrator actions (sudolog) are collectedCIS Aliyun Linux 2 L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.17 Ensure kernel module loading and unloading is collected - auditctl insmodCIS Aliyun Linux 2 L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.5.3.1 Ensure nologin is not listed in /etc/shellsCIS Amazon Linux 2 v3.0.0 L2Unix

IDENTIFICATION AND AUTHENTICATION

5.2.1.1 Ensure audit is installedCIS Amazon Linux 2 v3.0.0 L2Unix

AUDIT AND ACCOUNTABILITY

5.2.3.2 Ensure actions as another user are always loggedCIS Amazon Linux 2 v3.0.0 L2Unix

AUDIT AND ACCOUNTABILITY

5.2.3.15 Ensure successful and unsuccessful attempts to use the chcon command are recordedCIS Amazon Linux 2 v3.0.0 L2Unix

AUDIT AND ACCOUNTABILITY

5.2.3.18 Ensure successful and unsuccessful attempts to use the usermod command are recordedCIS Amazon Linux 2 v3.0.0 L2Unix

AUDIT AND ACCOUNTABILITY

5.2.3.19 Ensure kernel module loading unloading and modification is collectedCIS Amazon Linux 2 v3.0.0 L2Unix

AUDIT AND ACCOUNTABILITY

5.2.4.2 Ensure audit log files are mode 0640 or less permissiveCIS Amazon Linux 2 v3.0.0 L2Unix

ACCESS CONTROL, MEDIA PROTECTION

5.2.4.6 Ensure audit configuration files are owned by rootCIS Amazon Linux 2 v3.0.0 L2Unix

ACCESS CONTROL, MEDIA PROTECTION

5.2.6 Ensure SSH X11 forwarding is disabledCIS Aliyun Linux 2 L2 v1.0.0Unix

SYSTEM AND INFORMATION INTEGRITY

18.7.2 (L1) Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled'CIS Microsoft Windows Server 2019 v4.0.0 L1 MSWindows

SYSTEM AND INFORMATION INTEGRITY

18.7.2 (L1) Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled'CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLockerWindows

SYSTEM AND INFORMATION INTEGRITY

18.7.2 (L1) Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled'CIS Microsoft Windows Server 2019 Stand-alone v3.0.0 L1 MSWindows

SYSTEM AND INFORMATION INTEGRITY

18.7.2 (L1) Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled'CIS Microsoft Windows Server 2025 v1.0.0 L1 MSWindows

SYSTEM AND INFORMATION INTEGRITY

18.7.2 (L1) Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled'CIS Microsoft Windows 11 Stand-alone v4.0.0 L1Windows

SYSTEM AND INFORMATION INTEGRITY

18.7.2 (L1) Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled'CIS Microsoft Windows Server 2016 v3.0.0 L1 MSWindows

SYSTEM AND INFORMATION INTEGRITY

18.7.2 (L1) Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BLWindows

SYSTEM AND INFORMATION INTEGRITY

18.7.2 Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled'CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 MSWindows

SYSTEM AND INFORMATION INTEGRITY

49.11 (L1) Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higherCIS Microsoft Intune for Windows 11 v4.0.0 L1Windows

ACCESS CONTROL

CIS_Docker_1.6_v1.0.0_L2_Docker.audit Level 2CIS Docker 1.6 v1.0.0 L2 DockerUnix
DTOO190 - The encryption type for password protected Office 97 thru Office 2003 must be set.DISA Microsoft Office System 2016 STIG v2r4Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Encryption type for password protected Office 97-2003 filesMSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Encryption type for password protected Office 97-2003 filesMicrosoft 365 Apps for Enterprise 2306 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Encryption type for password protected Office 97-2003 filesMSCT Office 365 ProPlus 1908 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

O365-CO-000008 - Office applications must be configured to specify encryption type in password-protected Office 97-2003 files.DISA STIG Microsoft Office 365 ProPlus v3r3Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WN10-00-000085 - Standard local user accounts must not exist on a system in a domain.DISA Microsoft Windows 10 STIG v3r4Windows

CONFIGURATION MANAGEMENT