Item Search

Name	Audit Name	Plugin	Category
1.2.3 Limit SSH Login Attempts to 3 or less	CIS Cisco NX-OS v1.2.0 L1	Cisco	CONFIGURATION MANAGEMENT, MAINTENANCE
1.2.5 Ensure Exec Timeout for Remote Administrative Sessions (VTY) is set to less than 10	CIS Cisco NX-OS v1.2.0 L1	Cisco	CONFIGURATION MANAGEMENT, MAINTENANCE
1.2.6 Set the Maximum Number of VTY Sessions	CIS Cisco NX-OS v1.2.0 L1	Cisco	CONFIGURATION MANAGEMENT, MAINTENANCE
1.5.2 Log all Successful and Failed Administrative Logins	CIS Cisco NX-OS v1.2.0 L2	Cisco	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION
1.14 (L1) Ensure 'DNS interception checks enabled' is set to 'Enabled'	CIS Google Chrome L1 v3.0.0	Windows	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
4.1.7 Ensure login and logout events are collected - auditctl /var/run/faillock/	CIS CentOS 6 Workstation L2 v3.0.0	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
4.1.7 Ensure login and logout events are collected - auditctl faillog	CIS Debian Family Server L2 v1.0.0	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
4.1.7 Ensure login and logout events are collected - auditctl lastlog	CIS Debian Family Server L2 v1.0.0	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
4.1.7 Ensure login and logout events are collected - auditctl tallylog	CIS Debian Family Workstation L2 v1.0.0	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
4.1.7 Ensure login and logout events are collected - rules.d /var/run/faillock/	CIS CentOS 6 Workstation L2 v3.0.0	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
4.1.8 Ensure login and logout events are collected - auditctl lastlog	CIS Debian 9 Workstation L2 v1.0.1	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
4.1.8 Ensure login and logout events are collected - auditctl tallylog	CIS Debian 9 Server L2 v1.0.1	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
4.1.8 Ensure login and logout events are collected - tallylog	CIS Debian 9 Server L2 v1.0.1	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
4.1.8 Ensure session initiation information is collected - /var/run/utmp	CIS Debian Family Workstation L2 v1.0.0	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
4.1.8 Ensure session initiation information is collected - auditctl btmp	CIS Fedora 19 Family Linux Server L2 v1.0.0	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
4.1.8 Ensure session initiation information is collected - btmp	CIS Fedora 19 Family Linux Server L2 v1.0.0	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
4.1.8 Ensure session initiation information is collected - rules.d /var/log/wtmp	CIS CentOS 6 Server L2 v3.0.0	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
4.1.9 Ensure session initiation information is collected - /var/log/wtmp	CIS Debian 9 Workstation L2 v1.0.1	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
4.1.9 Ensure session initiation information is collected - /var/run/utmp	CIS Aliyun Linux 2 L2 v1.0.0	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
4.1.9 Ensure session initiation information is collected - auditctl /var/log/btmp	CIS Aliyun Linux 2 L2 v1.0.0	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
4.1.9 Ensure session initiation information is collected - auditctl /var/log/wtmp	CIS Debian 9 Workstation L2 v1.0.1	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
4.1.9 Ensure session initiation information is collected - auditctl /var/run/utmp	CIS Debian 9 Server L2 v1.0.1	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
4.1.15 Ensure system administrator actions (sudolog) are collected	CIS Ubuntu Linux 18.04 LXD Host L2 Workstation v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.15 Ensure system administrator actions (sudolog) are collected	CIS Ubuntu Linux 18.04 LXD Host L2 Server v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.15 Ensure system administrator actions (sudolog) are collected - auditctl	CIS Ubuntu Linux 18.04 LXD Host L2 Workstation v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.15 Ensure system administrator actions (sudolog) are collected - auditctl	CIS Ubuntu Linux 18.04 LXD Host L2 Server v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.16 Ensure system administrator actions (sudolog) are collected	CIS Aliyun Linux 2 L2 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.16 Ensure system administrator actions (sudolog) are collected - auditctl	CIS Aliyun Linux 2 L2 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.17 Ensure system administrator actions (sudolog) are collected	CIS Distribution Independent Linux Server L2 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.17 Ensure system administrator actions (sudolog) are collected	CIS Distribution Independent Linux Workstation L2 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.17 Ensure system administrator actions (sudolog) are collected - auditctl	CIS Distribution Independent Linux Server L2 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.17 Ensure system administrator actions (sudolog) are collected - auditctl	CIS Distribution Independent Linux Workstation L2 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY
5.3.9 Collect Login and Logout Events - /var/log/btmp	CIS Red Hat Enterprise Linux 5 L2 v2.2.1	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
5.3.9 Collect Login and Logout Events - /var/log/faillog	CIS Red Hat Enterprise Linux 5 L2 v2.2.1	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
5.3.9 Collect Login and Logout Events - /var/log/lastlog	CIS Red Hat Enterprise Linux 5 L2 v2.2.1	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
5.3.9 Collect Login and Logout Events - /var/log/tallylog	CIS Red Hat Enterprise Linux 5 L2 v2.2.1	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
5.3.10 Collect Session Initiation Information - /var/log/wtmp	CIS Red Hat Enterprise Linux 5 L2 v2.2.1	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
5.3.10 Collect Session Initiation Information - /var/run/utmp	CIS Red Hat Enterprise Linux 5 L2 v2.2.1	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
5.4 Ensure 'SQL Server Audit' is set to capture both 'failed' and 'successful logins' - 'AUDIT_CHANGE_GROUP'	CIS SQL Server 2012 Database L1 DB v1.6.0	MS_SQLDB	AUDIT AND ACCOUNTABILITY
5.4 Ensure 'SQL Server Audit' is set to capture both 'failed' and 'successful logins' - 'AUDIT_CHANGE_GROUP'	CIS SQL Server 2012 Database L1 AWS RDS v1.6.0	MS_SQLDB	AUDIT AND ACCOUNTABILITY
5.4 Ensure 'SQL Server Audit' is set to capture both 'failed' and 'successful logins' - 'FAILED_LOGIN_GROUP'	CIS SQL Server 2012 Database L1 AWS RDS v1.6.0	MS_SQLDB	AUDIT AND ACCOUNTABILITY
5.4 Ensure 'SQL Server Audit' is set to capture both 'failed' and 'successful logins' - 'FAILED_LOGIN_GROUP'	CIS SQL Server 2012 Database L1 DB v1.6.0	MS_SQLDB	AUDIT AND ACCOUNTABILITY
5.4 Ensure 'SQL Server Audit' is set to capture both 'failed' and 'successful logins' - 'SUCCESSFUL_LOGIN_GROUP'	CIS SQL Server 2012 Database L1 AWS RDS v1.6.0	MS_SQLDB	AUDIT AND ACCOUNTABILITY
5.4 Ensure 'SQL Server Audit' is set to capture both 'failed' and 'successful logins' - 'SUCCESSFUL_LOGIN_GROUP'	CIS SQL Server 2012 Database L1 DB v1.6.0	MS_SQLDB	AUDIT AND ACCOUNTABILITY
5.4 Ensure 'SQL Server Audit' is set to capture both 'failed' and 'successful logins' - AUDIT_CHANGE_GROUP	CIS SQL Server 2014 Database L1 AWS RDS v1.5.0	MS_SQLDB	AUDIT AND ACCOUNTABILITY
5.4 Ensure 'SQL Server Audit' is set to capture both 'failed' and 'successful logins' - AUDIT_CHANGE_GROUP	CIS SQL Server 2014 Database L1 DB v1.5.0	MS_SQLDB	AUDIT AND ACCOUNTABILITY
5.4 Ensure 'SQL Server Audit' is set to capture both 'failed' and 'successful logins' - FAILED_LOGIN_GROUP	CIS SQL Server 2014 Database L1 DB v1.5.0	MS_SQLDB	AUDIT AND ACCOUNTABILITY
5.4 Ensure 'SQL Server Audit' is set to capture both 'failed' and 'successful logins' - FAILED_LOGIN_GROUP	CIS SQL Server 2014 Database L1 AWS RDS v1.5.0	MS_SQLDB	AUDIT AND ACCOUNTABILITY
5.4 Ensure 'SQL Server Audit' is set to capture both 'failed' and 'successful logins' - SUCCESSFUL_LOGIN_GROUP	CIS SQL Server 2014 Database L1 AWS RDS v1.5.0	MS_SQLDB	AUDIT AND ACCOUNTABILITY
5.4 Ensure 'SQL Server Audit' is set to capture both 'failed' and 'successful logins' - SUCCESSFUL_LOGIN_GROUP	CIS SQL Server 2014 Database L1 DB v1.5.0	MS_SQLDB	AUDIT AND ACCOUNTABILITY

Detections

Analytics

Item Search