Item Search

Name	Audit Name	Plugin	Category
1.1.3.12.1 Set 'Recovery console: Allow automatic administrative logon' to 'Disabled'	CIS Windows 8 L1 v1.0.0	Windows	ACCESS CONTROL
1.1.3.13.2 Set 'Shutdown: Allow system to be shut down without having to log on' to 'Enabled'	CIS Windows 8 L1 v1.0.0	Windows	ACCESS CONTROL
1.1.4 Ensure nosuid option set on /tmp partition	CIS Amazon Linux v2.1.0 L1	Unix	ACCESS CONTROL
1.1.9 Ensure nosuid option set on /var/tmp partition	CIS Amazon Linux v2.1.0 L1	Unix	ACCESS CONTROL
1.4.3 Ensure core dump backtraces are disabled	CIS CentOS Linux 7 v4.0.0 L1 Workstation	Unix	ACCESS CONTROL
1.4.3 Ensure core dump backtraces are disabled	CIS Amazon Linux 2 v3.0.0 L1	Unix	ACCESS CONTROL
1.4.6.3 Ensure 'Disable AutoRepublish' is set to Enabled	CIS Microsoft Office Excel 2016 v1.0.1	Windows	ACCESS CONTROL
1.5.1 Ensure core dump storage is disabled	CIS CentOS Linux 8 Server L1 v2.0.0	Unix	ACCESS CONTROL
1.5.3 Ensure core dumps are restricted	CIS Ubuntu Linux 24.04 LTS v1.0.0 L1 Server	Unix	ACCESS CONTROL
1.5.5 Ensure core dumps are restricted	CIS Debian 10 Server L1 v2.0.0	Unix	ACCESS CONTROL
1.7.2 - Miscellaneous Enhancements - at access - 'at.allow includes root'	CIS AIX 5.3/6.1 L2 v1.1.0	Unix	ACCESS CONTROL
1.7.8 - Miscellaneous Enhancements - disable core dumps - 'core = 0'	CIS AIX 5.3/6.1 L2 v1.1.0	Unix	ACCESS CONTROL
2.3.4.2 (L1) Ensure 'Devices: Prevent users from installing printer drivers' is set to 'Enabled'	CIS Windows Server 2012 R2 DC L1 v3.0.0	Windows	ACCESS CONTROL
2.3.4.2 (L1) Ensure 'Devices: Prevent users from installing printer drivers' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.3.4.2 (L1) Ensure 'Devices: Prevent users from installing printer drivers' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL
2.3.4.2 (L1) Ensure 'Devices: Prevent users from installing printer drivers' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL
2.3.10.2 (L1) Ensure 'Network access: Do not allow anonymous enumeration of SAM accounts' is set to 'Enabled'	CIS Microsoft Windows 10 Enterprise v3.0.0 L1	Windows	ACCESS CONTROL
2.3.10.4 Ensure 'Network access: Let Everyone permissions apply to anonymous users' is set to 'Disabled' - Disabled	CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC	Windows	ACCESS CONTROL
2.3.10.5 (L1) Ensure 'Network access: Let Everyone permissions apply to anonymous users' is set to 'Disabled'	CIS Microsoft Windows 10 Enterprise v3.0.0 L1	Windows	ACCESS CONTROL
2.3.10.5 (L1) Ensure 'Network access: Let Everyone permissions apply to anonymous users' is set to 'Disabled'	CIS Microsoft Windows 11 Stand-alone v3.0.0 L1 + BL	Windows	ACCESS CONTROL
2.3.10.9 (L1) Ensure 'Network access: Restrict anonymous access to Named Pipes and Shares' is set to 'Enabled'	CIS Microsoft Windows 11 Stand-alone v3.0.0 L1 + BL	Windows	ACCESS CONTROL
2.3.10.10 (L1) Ensure 'Network access: Restrict anonymous access to Named Pipes and Shares' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL
2.3.13.1 (L1) Ensure 'Shutdown: Allow system to be shut down without having to log on' is set to 'Disabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.3.13.1 (L1) Ensure 'Shutdown: Allow system to be shut down without having to log on' is set to 'Disabled'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL
2.3.13.1 Ensure 'Shutdown: Allow system to be shut down without having to log on' is set to 'Disabled'	CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC	Windows	ACCESS CONTROL
2.3.17.3 (L1) Ensure 'User Account Control: Behavior of the elevation prompt for standard users' is set to 'Automatically deny elevation requests'	CIS Windows Server 2012 DC L1 v3.0.0	Windows	ACCESS CONTROL
2.3.17.3 (L1) Ensure 'User Account Control: Behavior of the elevation prompt for standard users' is set to 'Automatically deny elevation requests'	CIS Windows Server 2012 R2 DC L1 v3.0.0	Windows	ACCESS CONTROL
2.3.17.3 (L1) Ensure 'User Account Control: Behavior of the elevation prompt for standard users' is set to 'Automatically deny elevation requests'	CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1	Windows	ACCESS CONTROL
2.3.17.3 (L1) Ensure 'User Account Control: Behavior of the elevation prompt for standard users' is set to 'Automatically deny elevation requests'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL
2.5.2 - NFS - no suid on NFS client mounts - 'All NFS client mounts have nosuid option'	CIS AIX 5.3/6.1 L1 v1.1.0	Unix	ACCESS CONTROL
2.12.13 - Miscellaneous Config - authorized users in at.allow - 'at.allow contains %USERNAME%'	CIS AIX 5.3/6.1 L1 v1.1.0	Unix	ACCESS CONTROL
2.12.14 - Miscellaneous Config - authorized users in cron.allow - 'cron.allow contains %USERNAME%'	CIS AIX 5.3/6.1 L1 v1.1.0	Unix	ACCESS CONTROL
3.2 Restrict Core Dumps to Protected Directory - Check if COREADM_INIT_CONTENT is set to default	CIS Solaris 10 L1 v5.2	Unix	ACCESS CONTROL
3.10.25.2 (L1) Ensure 'Do not display network selection UI' is set to 'Enabled'	CIS Microsoft Intune for Windows 10 v3.0.1 L1	Windows	ACCESS CONTROL
3.10.25.3 (L1) Ensure 'Do not enumerate connected users on domain-joined computers' is set to 'Enabled'	CIS Microsoft Intune for Windows 10 v3.0.1 L1	Windows	ACCESS CONTROL
3.10.25.3 (L1) Ensure 'Do not enumerate connected users on domain-joined computers' is set to 'Enabled'	CIS Microsoft Intune for Windows 11 v3.0.1 L1	Windows	ACCESS CONTROL
3.10.25.4 (L1) Ensure 'Enumerate local users on domain-joined computers' is set to 'Disabled'	CIS Microsoft Intune for Windows 10 v3.0.1 L1	Windows	ACCESS CONTROL
4.1 Restrict Core Dumps - limits.conf	CIS Debian Linux 7 L1 v1.0.0	Unix	ACCESS CONTROL
18.1.2.2 (L1) Ensure 'Allow users to enable online speech recognition services' is set to 'Disabled'	CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MS	Windows	ACCESS CONTROL
18.5.11.3 (L1) Ensure 'Require domain users to elevate when setting a network's location' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
18.8.28.2 Ensure 'Do not display network selection UI' is set to 'Enabled'	CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS	Windows	ACCESS CONTROL
18.9.16.1 (L1) Ensure 'Enumerate administrator accounts on elevation' is set to 'Disabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
18.9.16.1 (L1) Ensure 'Enumerate administrator accounts on elevation' is set to 'Disabled'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL
18.9.27.2 (L1) Ensure 'Do not enumerate connected users on domain-joined computers' is set to 'Enabled'	CIS Windows Server 2012 DC L1 v3.0.0	Windows	ACCESS CONTROL
18.9.27.2 (L1) Ensure 'Do not enumerate connected users on domain-joined computers' is set to 'Enabled'	CIS Windows Server 2012 R2 DC L1 v3.0.0	Windows	ACCESS CONTROL
18.9.27.5 (L1) Ensure 'Turn off picture password sign-in' is set to 'Enabled'	CIS Windows Server 2012 R2 DC L1 v3.0.0	Windows	ACCESS CONTROL
18.9.28.4 (L1) Ensure 'Enumerate local users on domain-joined computers' is set to 'Disabled'	CIS Microsoft Windows 10 Enterprise v3.0.0 L1	Windows	ACCESS CONTROL
18.9.100.2 Ensure 'Turn on PowerShell Transcription' is set to 'Disabled'	CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC	Windows	ACCESS CONTROL
18.10.87.2 (L1) Ensure 'Turn on PowerShell Transcription' is set to 'Enabled'	CIS Windows Server 2012 R2 DC L1 v3.0.0	Windows	ACCESS CONTROL
48.4 (L1) Ensure 'MSI Allow user control over installs' is set to 'Disabled'	CIS Microsoft Intune for Windows 10 v3.0.1 L1	Windows	ACCESS CONTROL

Detections

Analytics

Item Search