Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.2.2 Ensure filesystem integrity is regularly checkedCIS Debian 10 Workstation L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

2.3.11.12 (L1) Ensure 'Network security: Restrict NTLM: Audit Incoming NTLM Traffic' is set to 'Enable auditing for all accounts'CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BLWindows

AUDIT AND ACCOUNTABILITY

2.3.11.12 (L1) Ensure 'Network security: Restrict NTLM: Outgoing NTLM traffic to remote servers' is set to 'Audit all' or higherCIS Microsoft Windows 10 Enterprise v4.0.0 L1 BLWindows

AUDIT AND ACCOUNTABILITY

2.3.11.12 (L1) Ensure 'Network security: Restrict NTLM: Outgoing NTLM traffic to remote servers' is set to 'Audit all' or higherCIS Microsoft Windows 10 Enterprise v4.0.0 L1 NGWindows

AUDIT AND ACCOUNTABILITY

2.3.11.13 (L1) Ensure 'Network security: Restrict NTLM: Outgoing NTLM traffic to remote servers' is set to 'Audit all' or higherCIS Microsoft Windows 11 Stand-alone v4.0.0 L1Windows

AUDIT AND ACCOUNTABILITY

3.1.21 Ensure 'log_disconnections' is enabledCIS PostgreSQL 17 v1.0.0 L1 PostgreSQLPostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.24 Ensure 'log_line_prefix' is set correctlyCIS PostgreSQL 17 v1.0.0 L1 PostgreSQLPostgreSQLDB

AUDIT AND ACCOUNTABILITY

4.1.3.12 Ensure discretionary access control permission modification events are collectedCIS Amazon Linux 2 STIG v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

4.1.3.14 Ensure events that modify user/group information are collectedCIS Amazon Linux 2 STIG v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

4.2.8 Ensure that the kubeAPIQPS [--event-qps] argument is set to 0 or a level which ensures appropriate event captureCIS Red Hat OpenShift Container Platform v1.7.0 L2OpenShift

AUDIT AND ACCOUNTABILITY

4.2.16 Ensure sshd MaxAuthTries is configuredCIS Amazon Linux 2 v3.0.0 L1Unix

AUDIT AND ACCOUNTABILITY

4.3.3 Ensure sudo log file existsCIS CentOS Linux 7 v4.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

4.3.3 Ensure sudo log file existsCIS Debian 10 Workstation L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

5.1 Ensure All Auditable System Actions Commands Are AuditedCIS Oracle Database 23ai v1.0.0 L1 RDBMSOracleDB

AUDIT AND ACCOUNTABILITY

5.2.3 Ensure sudo log file existsCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

5.4 Ensure 'SQL Server Audit' is set to capture both 'failed' and 'successful logins'CIS Microsoft SQL Server 2019 v1.5.0 L1 AWS RDSMS_SQLDB

AUDIT AND ACCOUNTABILITY

5.4 Ensure 'SQL Server Audit' is set to capture both 'failed' and 'successful logins'CIS Microsoft SQL Server 2019 v1.5.0 L1 Database EngineMS_SQLDB

AUDIT AND ACCOUNTABILITY

5.5 Ensure The Use Of SYS* Privileges Is AuditedCIS Oracle Database 23ai v1.0.0 L1 RDBMSOracleDB

AUDIT AND ACCOUNTABILITY

6.16 (L1) Ensure 'Detailed Tracking Audit PNP Activity' is set to include 'Success'CIS Microsoft Intune for Windows 11 v4.0.0 L1Windows

AUDIT AND ACCOUNTABILITY

6.17 (L1) Ensure 'Detailed Tracking Audit Process Creation' is set to include 'Success'CIS Microsoft Intune for Windows 11 v4.0.0 L1Windows

AUDIT AND ACCOUNTABILITY

17.2.1 (L1) Ensure 'Audit Application Group Management' is set to 'Success and Failure'CIS Microsoft Windows 11 Enterprise v4.0.0 L1Windows

AUDIT AND ACCOUNTABILITY

17.2.1 (L1) Ensure 'Audit Application Group Management' is set to 'Success and Failure'CIS Microsoft Windows 11 Stand-alone v4.0.0 L1Windows

AUDIT AND ACCOUNTABILITY

17.2.3 (L1) Ensure 'Audit Distribution Group Management' is set to include 'Success' (DC only)CIS Microsoft Windows Server 2022 v4.0.0 L1 DCWindows

AUDIT AND ACCOUNTABILITY

17.3.1 (L1) Ensure 'Audit PNP Activity' is set to include 'Success'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NGWindows

AUDIT AND ACCOUNTABILITY

17.3.1 (L1) Ensure 'Audit PNP Activity' is set to include 'Success'CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BLWindows

AUDIT AND ACCOUNTABILITY

17.3.2 (L1) Ensure 'Audit Process Creation' is set to include 'Success'CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BLWindows

AUDIT AND ACCOUNTABILITY

17.4.2 (L1) Ensure 'Audit Directory Service Changes' is set to include 'Success' (DC only)CIS Microsoft Windows Server 2022 v4.0.0 L1 DCWindows

AUDIT AND ACCOUNTABILITY

17.6.3 (L1) Ensure 'Audit Other Object Access Events' is set to 'Success and Failure'CIS Microsoft Windows 11 Enterprise v4.0.0 L1Windows

AUDIT AND ACCOUNTABILITY

17.6.3 (L1) Ensure 'Audit Other Object Access Events' is set to 'Success and Failure'CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BLWindows

AUDIT AND ACCOUNTABILITY

17.6.4 (L1) Ensure 'Audit Removable Storage' is set to 'Success and Failure'CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLockerWindows

AUDIT AND ACCOUNTABILITY

17.7.6 Ensure 'Audit Other Policy Change Events' is set to include 'Failure'CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 MSWindows

AUDIT AND ACCOUNTABILITY

17.8.1 (L1) Ensure 'Audit Sensitive Privilege Use' is set to 'Success and Failure'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NGWindows

AUDIT AND ACCOUNTABILITY

17.8.1 (L1) Ensure 'Audit Sensitive Privilege Use' is set to 'Success and Failure'CIS Microsoft Windows 11 Enterprise v4.0.0 L1Windows

AUDIT AND ACCOUNTABILITY

17.9.1 (L1) Ensure 'Audit IPsec Driver' is set to 'Success and Failure'CIS Microsoft Windows Server 2022 v4.0.0 L1 MSWindows

AUDIT AND ACCOUNTABILITY

17.9.2 (L1) Ensure 'Audit Other System Events' is set to 'Success and Failure'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NGWindows

AUDIT AND ACCOUNTABILITY

17.9.2 (L1) Ensure 'Audit Other System Events' is set to 'Success and Failure'CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BLWindows

AUDIT AND ACCOUNTABILITY

17.9.3 (L1) Ensure 'Audit Security State Change' is set to include 'Success'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NGWindows

AUDIT AND ACCOUNTABILITY

17.9.3 (L1) Ensure 'Audit Security State Change' is set to include 'Success'CIS Microsoft Windows Server 2022 v4.0.0 L1 DCWindows

AUDIT AND ACCOUNTABILITY

17.9.3 (L1) Ensure 'Audit Security State Change' is set to include 'Success'CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BLWindows

AUDIT AND ACCOUNTABILITY

17.9.4 (L1) Ensure 'Audit Security System Extension' is set to include 'Success'CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BLWindows

AUDIT AND ACCOUNTABILITY

17.9.5 (L1) Ensure 'Audit System Integrity' is set to 'Success and Failure'CIS Microsoft Windows Server 2022 v4.0.0 L1 DCWindows

AUDIT AND ACCOUNTABILITY

17.9.5 (L1) Ensure 'Audit System Integrity' is set to 'Success and Failure'CIS Microsoft Windows 11 Stand-alone v4.0.0 L1Windows

AUDIT AND ACCOUNTABILITY

17.9.5 (L1) Ensure 'Audit System Integrity' is set to 'Success and Failure'CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BLWindows

AUDIT AND ACCOUNTABILITY

18.6.7.1 (L1) Ensure 'Audit client does not support encryption' is set to 'Enabled'CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BLWindows

AUDIT AND ACCOUNTABILITY

18.6.7.2 (L1) Ensure 'Audit client does not support signing' is set to 'Enabled'CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLockerWindows

AUDIT AND ACCOUNTABILITY

18.6.7.2 (L1) Ensure 'Audit client does not support signing' is set to 'Enabled'CIS Microsoft Windows 11 Stand-alone v4.0.0 L1Windows

AUDIT AND ACCOUNTABILITY

18.6.8.2 (L1) Ensure 'Audit server does not support encryption' is set to 'Enabled'CIS Microsoft Windows 11 Enterprise v4.0.0 L1Windows

AUDIT AND ACCOUNTABILITY

18.6.8.2 (L1) Ensure 'Audit server does not support encryption' is set to 'Enabled'CIS Microsoft Windows 11 Stand-alone v4.0.0 L1Windows

AUDIT AND ACCOUNTABILITY

18.10.16.5 (L1) Ensure 'Enable OneSettings Auditing' is set to 'Enabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BLWindows

AUDIT AND ACCOUNTABILITY

18.10.16.5 (L1) Ensure 'Enable OneSettings Auditing' is set to 'Enabled'CIS Microsoft Windows 11 Stand-alone v4.0.0 L1Windows

AUDIT AND ACCOUNTABILITY