Detections
Analytics

Item Search

NameAudit NamePluginCategory
2.3.9.4 (L1) Ensure 'Microsoft network server: Disconnect clients when logon hours expire' is set to 'Enabled'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

ACCESS CONTROL

2.3.11.6 (L1) Ensure 'Network security: Force logoff when logon hours expire' is set to 'Enabled'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

ACCESS CONTROL

2.3.11.6 Ensure 'Network security: Force logoff when logon hours expire' is set to 'Enabled'CIS Windows Server 2012 R2 DC L1 v2.4.0Windows

ACCESS CONTROL

4.1.4 Ensure login and logout events are collected - faillogCIS Oracle Linux 8 Server L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.5 Ensure session initiation information is collected - auditctl btmpCIS Oracle Linux 8 Server L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.5 Ensure session initiation information is collected - auditctl wtmpCIS Oracle Linux 8 Workstation L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.5 Ensure session initiation information is collected - btmpCIS Oracle Linux 8 Server L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.5 Ensure session initiation information is collected - btmpCIS Oracle Linux 8 Workstation L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.7 Ensure login and logout events are collected - /var/log/faillogCIS Ubuntu Linux 20.04 LTS Server L2 v1.1.0Unix
4.1.7 Ensure login and logout events are collected - /var/log/faillogCIS Ubuntu Linux 20.04 LTS Workstation L2 v1.1.0Unix
4.1.7 Ensure login and logout events are collected - auditctl /var/log/tallylogCIS Ubuntu Linux 20.04 LTS Workstation L2 v1.1.0Unix
4.1.8 Ensure login and logout events are collected - auditctl /var/run/faillockCIS Amazon Linux 2 v1.0.0 L2Unix

AUDIT AND ACCOUNTABILITY

4.1.8 Ensure session initiation information is collected - auditctl wtmpCIS Ubuntu Linux 20.04 LTS Server L2 v1.1.0Unix
4.1.8 Ensure session initiation information is collected - btmpCIS Ubuntu Linux 20.04 LTS Workstation L2 v1.1.0Unix
4.1.9 Ensure session initiation information is collected - /var/log/btmpCIS Amazon Linux 2 v1.0.0 L2Unix

AUDIT AND ACCOUNTABILITY

4.1.9 Ensure session initiation information is collected - /var/log/wtmpCIS Amazon Linux 2 v1.0.0 L2Unix

AUDIT AND ACCOUNTABILITY

4.1.9 Ensure session initiation information is collected - auditctl /var/log/btmpCIS Debian 9 Workstation L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

5.2.6 Ensure SSH MaxAuthTries is set to 4 or lessCIS Ubuntu Linux 20.04 LTS Server L1 v1.0.0Unix

ACCESS CONTROL

5.2.6 Ensure SSH MaxAuthTries is set to 4 or lessCIS Ubuntu Linux 20.04 LTS Workstation L1 v1.0.0Unix

ACCESS CONTROL

5.2.6 Ensure SSH MaxAuthTries is set to 4 or lessCIS Debian Family Server L1 v1.0.0Unix

ACCESS CONTROL

5.2.6 Ensure SSH MaxAuthTries is set to 4 or lessCIS Debian Family Workstation L1 v1.0.0Unix

ACCESS CONTROL

5.2.7 Ensure SSH MaxAuthTries is set to 4 or lessCIS Oracle Linux 8 Server L1 v1.0.0Unix

ACCESS CONTROL

5.2.7 Ensure SSH MaxAuthTries is set to 4 or lessCIS Distribution Independent Linux Server L1 v2.0.0Unix

ACCESS CONTROL

5.2.7 Ensure SSH MaxAuthTries is set to 4 or lessCIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0Unix

ACCESS CONTROL

5.2.7 Ensure SSH MaxAuthTries is set to 4 or lessCIS Distribution Independent Linux Workstation L1 v2.0.0Unix

ACCESS CONTROL

5.2.7 Ensure SSH MaxAuthTries is set to 4 or lessCIS Debian 9 Workstation L1 v1.0.1Unix

ACCESS CONTROL

5.2.7 Ensure SSH MaxAuthTries is set to 4 or lessCIS Aliyun Linux 2 L1 v1.0.0Unix

ACCESS CONTROL

5.2.7 Ensure SSH MaxAuthTries is set to 4 or lessCIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0Unix

ACCESS CONTROL

5.2.7 Ensure SSH MaxAuthTries is set to 4 or lessCIS Debian 9 Server L1 v1.0.1Unix

ACCESS CONTROL

5.2.7 Ensure SSH MaxAuthTries is set to 4 or lessCIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0Unix

ACCESS CONTROL

5.3 Ensure 'Login Auditing' is set to 'failed logins'CIS SQL Server 2012 Database L1 DB v1.6.0MS_SQLDB

ACCESS CONTROL

5.3 Ensure 'Login Auditing' is set to 'failed logins'CIS SQL Server 2014 Database L1 AWS RDS v1.5.0MS_SQLDB

ACCESS CONTROL

5.3 Ensure 'Login Auditing' is set to 'failed logins'CIS SQL Server 2012 Database L1 AWS RDS v1.6.0MS_SQLDB

ACCESS CONTROL

5.3 Ensure 'Login Auditing' is set to 'failed logins'CIS SQL Server 2014 Database L1 DB v1.5.0MS_SQLDB

ACCESS CONTROL

5.3 Ensure 'Login Auditing' is set to Both 'failed' and 'successful logins'CIS SQL Server 2008 R2 DB Engine L1 v1.7.0MS_SQLDB

ACCESS CONTROL

5.3.8 Ensure SSH MaxAuthTries is set to 4 or lessCIS CentOS 6 Workstation L1 v3.0.0Unix

ACCESS CONTROL

5.3.8 Ensure SSH MaxAuthTries is set to 4 or lessCIS Oracle Linux 6 Workstation L1 v2.0.0Unix

ACCESS CONTROL

5.3.8 Ensure SSH MaxAuthTries is set to 4 or lessCIS Red Hat 6 Server L1 v3.0.0Unix

ACCESS CONTROL

5.3.8 Ensure SSH MaxAuthTries is set to 4 or lessCIS Red Hat 6 Workstation L1 v3.0.0Unix

ACCESS CONTROL

5.3.8 Ensure SSH MaxAuthTries is set to 4 or lessCIS CentOS 6 Server L1 v3.0.0Unix

ACCESS CONTROL

5.3.8 Ensure SSH MaxAuthTries is set to 4 or lessCIS Oracle Linux 6 Server L1 v2.0.0Unix

ACCESS CONTROL

6.2.5 Set SSH MaxAuthTries to 4 or LessCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

ACCESS CONTROL

17.1.2 Ensure 'Audit Kerberos Authentication Service' is set to 'Success and Failure' (DC Only)CIS Microsoft Windows Server 2016 STIG DC L1 v1.0.0Windows
17.5.2 Ensure 'Audit Logoff' is set to include 'Success'CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.2.0Windows
17.5.2 Ensure 'Audit Logoff' is set to include 'Success'CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.2.0Windows
17.5.3 Ensure 'Audit Logoff' is set to include 'Success'CIS Microsoft Windows 10 Enterprise (Release 2004) v1.9.1 L1Windows
17.5.3 Ensure 'Audit Logoff' is set to include 'Success'CIS Microsoft Windows Server 2016 MS L1 v1.3.0Windows
17.5.4 Ensure 'Audit Other Logon/Logoff Events' is set to 'Success and Failure'CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.2.0Windows
17.5.4 Ensure 'Audit Other Logon/Logoff Events' is set to 'Success and Failure'CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.2.0Windows
17.5.5 Ensure 'Audit Special Logon' is set to include 'Success'CIS Windows Server 2012 R2 DC L1 v2.5.0Windows

AUDIT AND ACCOUNTABILITY