Item Search

Name	Audit Name	Plugin	Category
2.2.38 (L1) Ensure 'Shut down the system' is set to 'Administrators, Users'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NG	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.38 (L1) Ensure 'Shut down the system' is set to 'Administrators, Users'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NG	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.38 (L1) Ensure 'Shut down the system' is set to 'Administrators, Users'	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
2.2.38 (L1) Ensure 'Shut down the system' is set to 'Administrators, Users'	CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.38 Ensure 'Shut down the system' is set to 'Administrators, Users'	CIS Windows 7 Workstation Level 1 v3.2.0	Windows	ACCESS CONTROL
2.2.38 Ensure 'Shut down the system' is set to 'Administrators, Users'	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0	Windows	ACCESS CONTROL
2.3.7.7 Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higher	CIS Microsoft Windows Server 2022 Stand-alone v2.0.0 L1 MS	Windows	ACCESS CONTROL
2.3.7.7 Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higher	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0	Windows	ACCESS CONTROL
2.3.7.7 Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higher	CIS Microsoft Windows 11 Stand-alone v5.0.0 L1 BL	Windows	ACCESS CONTROL
2.3.7.8 (L1) Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higher	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL
2.3.7.8 (L1) Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higher	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NG	Windows	ACCESS CONTROL
2.3.7.8 Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higher	CIS Microsoft Windows 11 Enterprise v5.0.1 L1 BL	Windows	ACCESS CONTROL
2.3.7.8 Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higher	CIS Microsoft Windows 11 Enterprise v5.0.1 L1	Windows	ACCESS CONTROL
2.3.7.9 (L1) Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higher	CIS Windows Server 2012 MS L1 v3.0.0	Windows	ACCESS CONTROL
2.3.7.9 (L1) Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higher	CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1	Windows	ACCESS CONTROL
2.3.7.9 (L1) Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higher	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NG	Windows	ACCESS CONTROL
2.3.7.9 (L1) Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higher	CIS Microsoft Windows Server 2019 v4.0.0 L1 MS	Windows	ACCESS CONTROL
2.3.7.9 (L1) Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higher	CIS Windows Server 2012 R2 DC L1 v3.0.0	Windows	ACCESS CONTROL
2.3.7.9 Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higher	CIS Microsoft Windows Server 2022 v5.0.0 L1 MS	Windows	ACCESS CONTROL
2.3.7.9 Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higher	CIS Microsoft Windows Server 2025 v2.0.0 L1 DC	Windows	ACCESS CONTROL
2.3.7.9 Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higher	CIS Microsoft Windows Server 2025 v2.0.0 L1 MS	Windows	ACCESS CONTROL
2.3.7.9 Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higher	CIS Microsoft Windows 8.1 v2.4.1 L1	Windows	ACCESS CONTROL
2.3.7.9 Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higher	CIS Microsoft Windows Server 2022 v5.0.0 L1 DC	Windows	ACCESS CONTROL
2.3.14.1 Ensure 'System cryptography: Force strong key protection for user keys stored on the computer' is set to 'User is prompted when the key is first used' or higher	CIS Windows 7 Workstation Level 2 v3.2.0	Windows	IDENTIFICATION AND AUTHENTICATION
4.1.9 Ensure session initiation information is collected - auditctl /var/log/btmp	CIS Aliyun Linux 2 L2 v1.0.0	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
4.1.9 Ensure session initiation information is collected - auditctl /var/run/utmp	CIS Aliyun Linux 2 L2 v1.0.0	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
5.2.6 Ensure SSH X11 forwarding is disabled	CIS Aliyun Linux 2 L2 v1.0.0	Unix	SYSTEM AND INFORMATION INTEGRITY
5.25 Ensure 'SNMP Service (SNMP)' is set to 'Disabled' or 'Not Installed'	CIS Windows 7 Workstation Level 2 v3.2.0	Windows	CONFIGURATION MANAGEMENT
5.32 Ensure 'Windows Event Collector (Wecsvc)' is set to 'Disabled'	CIS Windows 7 Workstation Level 2 v3.2.0	Windows	CONFIGURATION MANAGEMENT
9.3.1 Set SSH Protocol to 2	CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0	Unix	CONFIGURATION MANAGEMENT
18.4.11 Ensure 'MSS: (TcpMaxDataRetransmissions IPv6) How many times unacknowledged data is retransmitted' is set to 'Enabled: 3'	CIS Windows 7 Workstation Level 2 v3.2.0	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.5.9.2 Ensure 'Turn on Responder (RSPNDR) driver' is set to 'Disabled' - AllowRspndrOndomain	CIS Windows 7 Workstation Level 2 v3.2.0	Windows	CONFIGURATION MANAGEMENT
18.5.20.1 Ensure 'Configuration of wireless settings using Windows Connect Now' is set to 'Disabled' - DisableWPDRegistrar	CIS Windows 7 Workstation Level 2 v3.2.0	Windows	CONFIGURATION MANAGEMENT
18.8.22.1.2 Ensure 'Turn off handwriting personalization data sharing' is set to 'Enabled'	CIS Windows 7 Workstation Level 2 v3.2.0	Windows	ACCESS CONTROL
18.8.22.1.3 Ensure 'Turn off handwriting recognition error reporting' is set to 'Enabled'	CIS Windows 7 Workstation Level 2 v3.2.0	Windows	SYSTEM AND INFORMATION INTEGRITY
18.8.22.1.6 Ensure 'Turn off Internet File Association service' is set to 'Enabled'	CIS Windows 7 Workstation Level 2 v3.2.0	Windows	CONFIGURATION MANAGEMENT
18.8.22.1.11 Ensure 'Turn off the 'Publish to Web' task for files and folders' is set to 'Enabled' - Enabled	CIS Windows 7 Workstation Level 2 v3.2.0	Windows	CONFIGURATION MANAGEMENT
18.9.39.2 Ensure 'Turn off location' is set to 'Enabled'	CIS Windows 7 Workstation Level 2 v3.2.0	Windows	ACCESS CONTROL
18.9.98.1 Ensure 'Allow Remote Shell Access' is set to 'Disabled'	CIS Windows 7 Workstation Level 2 v3.2.0	Windows	ACCESS CONTROL
18.10.82.1 (L1) Ensure 'Configure the transmission of the user's password in the content of MPR notifications sent by winlogon.' is set to 'Disabled'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NG	Windows	CONFIGURATION MANAGEMENT
Enable IKE Version 1/2 - rekey	Tenable Cisco Viptela SD-WAN - vEdge	Cisco_Viptela	ACCESS CONTROL
Interactive logon: Smart card removal behavior	MSCT Windows 10 1909 v1.0.0	Windows	ACCESS CONTROL
Interactive logon: Smart card removal behavior	MSCT Windows 10 v21H1 v1.0.0	Windows	ACCESS CONTROL
Interactive logon: Smart card removal behavior	MSCT Windows Server v2004 MS v1.0.0	Windows	ACCESS CONTROL
Interactive logon: Smart card removal behavior	MSCT Windows Server 2012 R2 MS v1.0.0	Windows	ACCESS CONTROL
Interactive logon: Smart card removal behavior	MSCT Windows Server 2019 DC v1.0.0	Windows	ACCESS CONTROL
Interactive logon: Smart card removal behavior	MSCT Windows 10 v22H2 v1.0.0	Windows	ACCESS CONTROL
Interactive logon: Smart card removal behavior	MSCT Windows 11 v22H2 v1.0.0	Windows	ACCESS CONTROL
Interactive logon: Smart card removal behavior - ScRemoveOption	MSCT Windows Server 2025 DC v1.0.0	Windows	ACCESS CONTROL
JUEX-L2-000040 - The Juniper EX switch must be configured to manage excess bandwidth to limit the effects of packet flooding types of denial-of-service (DoS) attacks.	DISA Juniper EX Series Layer 2 Switch v2r4	Juniper	SYSTEM AND COMMUNICATIONS PROTECTION

Detections

Analytics

Item Search