Item Search

Name	Audit Name	Plugin	Category
1.1.3 Ensure nodev option set on /tmp partition	CIS Amazon Linux v2.1.0 L1	Unix	ACCESS CONTROL
1.1.14 Ensure nodev option set on /home partition	CIS Amazon Linux v2.1.0 L1	Unix	ACCESS CONTROL
1.1.15 Ensure nodev option set on /dev/shm partition	CIS Amazon Linux v2.1.0 L1	Unix	ACCESS CONTROL
1.4.4 Ensure core dump storage is disabled	CIS CentOS Linux 7 v4.0.0 L1 Workstation	Unix	ACCESS CONTROL
1.5.2 Ensure core dump backtraces are disabled	CIS CentOS Linux 8 Workstation L1 v2.0.0	Unix	ACCESS CONTROL
1.5.3 Ensure core dumps are restricted	CIS Debian Linux 12 v1.1.0 L1 Workstation	Unix	ACCESS CONTROL
2.3.10.3 (L1) Ensure 'Network access: Do not allow anonymous enumeration of SAM accounts and shares' is set to 'Enabled'	CIS Microsoft Windows 10 Enterprise v3.0.0 L1 + NG	Windows	ACCESS CONTROL
2.3.10.5 (L1) Ensure 'Network access: Let Everyone permissions apply to anonymous users' is set to 'Disabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.3.10.10 (L1) Ensure 'Network access: Restrict anonymous access to Named Pipes and Shares' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.3.11.2 (L1) Ensure 'Network security: Allow LocalSystem NULL session fallback' is set to 'Disabled'	CIS Windows Server 2012 R2 DC L1 v3.0.0	Windows	ACCESS CONTROL
2.3.11.2 (L1) Ensure 'Network security: Allow LocalSystem NULL session fallback' is set to 'Disabled'	CIS Microsoft Windows 10 Enterprise v3.0.0 L1 + NG	Windows	ACCESS CONTROL
2.3.13.1 (L1) Ensure 'Shutdown: Allow system to be shut down without having to log on' is set to 'Disabled'	CIS Windows Server 2012 R2 DC L1 v3.0.0	Windows	ACCESS CONTROL
2.3.17.2 (L1) Ensure 'User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode' is set to 'Prompt for consent on the secure desktop'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.3.17.2 (L1) Ensure 'User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode' is set to 'Prompt for consent on the secure desktop'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.3.17.2 (L1) Ensure 'User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode' is set to 'Prompt for consent on the secure desktop' or higher	CIS Microsoft Windows 10 Enterprise v3.0.0 L1 + BL + NG	Windows	ACCESS CONTROL
2.3.17.2 (L1) Ensure 'User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode' is set to 'Prompt for consent on the secure desktop' or higher	CIS Microsoft Windows 10 Enterprise v3.0.0 L1 + NG	Windows	ACCESS CONTROL
2.3.17.4 (L1) Ensure 'User Account Control: Detect application installations and prompt for elevation' is set to 'Enabled'	CIS Windows Server 2012 DC L1 v3.0.0	Windows	ACCESS CONTROL
2.3.17.4 (L1) Ensure 'User Account Control: Detect application installations and prompt for elevation' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL
2.3.17.5 (L1) Ensure 'User Account Control: Only elevate UIAccess applications that are installed in secure locations' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.3.17.7 (L1) Ensure 'User Account Control: Switch to the secure desktop when prompting for elevation' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL
2.8 Ensure an IAM policy that allows admin privileges for all services used is created - Review Policy Document	CIS Amazon Web Services Three-tier Web Architecture L1 1.0.0	amazon_aws	ACCESS CONTROL
2.12.9 - Miscellaneous Config - /etc/ftpusers - '/etc/ftpusers contains daemon'	CIS AIX 5.3/6.1 L2 v1.1.0	Unix	ACCESS CONTROL
2.12.9 - Miscellaneous Config - /etc/ftpusers - '/etc/ftpusers contains guest'	CIS AIX 5.3/6.1 L2 v1.1.0	Unix	ACCESS CONTROL
2.12.9 - Miscellaneous Config - /etc/ftpusers - '/etc/ftpusers contains lp'	CIS AIX 5.3/6.1 L2 v1.1.0	Unix	ACCESS CONTROL
2.12.9 - Miscellaneous Config - /etc/ftpusers - '/etc/ftpusers contains sys'	CIS AIX 5.3/6.1 L2 v1.1.0	Unix	ACCESS CONTROL
2.12.13 - Miscellaneous Config - authorized users in at.allow - 'at.allow contains sys'	CIS AIX 5.3/6.1 L1 v1.1.0	Unix	ACCESS CONTROL
3.7.2 (L1) Ensure 'Point and Print Restrictions: When installing drivers for a new connection' is set to 'Enabled: Show warning and elevation prompt'	CIS Microsoft Intune for Windows 11 v3.0.1 L1	Windows	ACCESS CONTROL
3.10 Disable core dumps - lssec	CIS IBM AIX 7.1 L1 v2.1.0	Unix	ACCESS CONTROL
5.3 Restrict Linux Kernel Capabilities within containers	CIS Docker 1.13.0 v1.0.0 L1 Docker	Unix	ACCESS CONTROL
5.4 Restrict Linux Kernel Capabilities within containers	CIS Docker 1.6 v1.0.0 L1 Docker	Unix	ACCESS CONTROL
6.2.9 Ensure root is the only UID 0 account	CIS CentOS Linux 7 v4.0.0 L1 Server	Unix	ACCESS CONTROL
6.34 Ensure RDS Database is configured to use the Data Tier Security Group	CIS Amazon Web Services Three-tier Web Architecture L1 1.0.0	amazon_aws	ACCESS CONTROL
9.5 Restrict Access to the su Command - pam_wheel	CIS Debian Linux 7 L1 v1.0.0	Unix	ACCESS CONTROL
12.11 Find SGID System Executables	CIS Debian Linux 7 L1 v1.0.0	Unix	ACCESS CONTROL
18.7.5 (L1) Ensure 'Point and Print Restrictions: When installing drivers for a new connection' is set to 'Enabled: Show warning and elevation prompt'	CIS Windows Server 2012 R2 DC L1 v3.0.0	Windows	ACCESS CONTROL
18.9.16.1 (L1) Ensure 'Enumerate administrator accounts on elevation' is set to 'Disabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
18.9.27.4 (L1) Ensure 'Turn off app notifications on the lock screen' is set to 'Enabled'	CIS Windows Server 2012 DC L1 v3.0.0	Windows	ACCESS CONTROL
18.9.27.6 (L1) Ensure 'Turn on convenience PIN sign-in' is set to 'Disabled'	CIS Windows Server 2012 DC L1 v3.0.0	Windows	ACCESS CONTROL
18.9.28.2 (L1) Ensure 'Do not display network selection UI' is set to 'Enabled'	CIS Microsoft Windows 10 Enterprise v3.0.0 L1 + BL	Windows	ACCESS CONTROL
18.9.28.2 (L1) Ensure 'Do not display network selection UI' is set to 'Enabled'	CIS Microsoft Windows 10 Enterprise v3.0.0 L1 + NG	Windows	ACCESS CONTROL
18.9.28.3 (L1) Ensure 'Do not enumerate connected users on domain-joined computers' is set to 'Enabled'	CIS Microsoft Windows 10 Enterprise v3.0.0 L1 + BL	Windows	ACCESS CONTROL
18.9.28.4 (L1) Ensure 'Enumerate local users on domain-joined computers' is set to 'Disabled'	CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1	Windows	ACCESS CONTROL
18.10.6.1 (L1) Ensure 'Turn off Inventory Collector' is set to 'Enabled'	CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1	Windows	ACCESS CONTROL
18.10.14.2 (L1) Ensure 'Enumerate administrator accounts on elevation' is set to 'Disabled'	CIS Windows Server 2012 DC L1 v3.0.0	Windows	ACCESS CONTROL
18.10.14.2 (L1) Ensure 'Enumerate administrator accounts on elevation' is set to 'Disabled'	CIS Microsoft Windows 10 Enterprise v3.0.0 L1 + BL	Windows	ACCESS CONTROL
18.10.80.1 (L1) Ensure 'Allow user control over installs' is set to 'Disabled'	CIS Microsoft Windows 10 Enterprise v3.0.0 L1 + NG	Windows	ACCESS CONTROL
45.18 (L1) Ensure 'Network access: Do not allow anonymous enumeration of SAM accounts' is set to 'Enabled'	CIS Microsoft Intune for Windows 11 v3.0.1 L1	Windows	ACCESS CONTROL
45.29 (L1) Ensure 'User Account Control: Behavior of the elevation prompt for administrators' is set to 'Prompt for consent on the secure desktop' or higher	CIS Microsoft Intune for Windows 11 v3.0.1 L1	Windows	ACCESS CONTROL
45.34 (L1) Ensure 'User Account Control: Switch to the secure desktop when prompting for elevation' is set to 'Enabled'	CIS Microsoft Intune for Windows 10 v3.0.1 L1	Windows	ACCESS CONTROL
45.35 (L1) Ensure 'User Account Control: Run all administrators in Admin Approval Mode' is set to 'Enabled'	CIS Microsoft Intune for Windows 10 v3.0.1 L1	Windows	ACCESS CONTROL

Detections

Analytics

Item Search