Detections
Analytics

Item Search

NameAudit NamePluginCategory
2.2.19 Ensure 'Deny log on through Remote Desktop Services' to include 'Guests, Local account'CIS Microsoft Windows 11 Enterprise v5.0.1 L1 BLWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.19 Ensure 'Deny log on through Remote Desktop Services' to include 'Guests'CIS Microsoft Windows 11 Stand-alone v5.0.0 L1Windows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.20 (L1) Ensure 'Deny log on through Remote Desktop Services' to include 'Guests, Local account'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BLWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.20 (L1) Ensure 'Deny log on through Remote Desktop Services' to include 'Guests'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NGWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.20 Ensure 'Deny log on through Remote Desktop Services' to include 'Guests, Local account'CIS Windows 7 Workstation Level 1 v3.2.0Windows

ACCESS CONTROL

2.3.7.7 (L1) Ensure 'Interactive logon: Require Domain Controller Authentication to unlock workstation' is set to 'Enabled' (MS only)CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1Windows

ACCESS CONTROL

2.3.7.7 (L1) Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higherCIS Microsoft Windows Server 2025 Stand-alone v1.0.0 L1 MSWindows

ACCESS CONTROL

2.3.7.8 (L1) Ensure 'Interactive logon: Require Domain Controller Authentication to unlock workstation' is set to 'Enabled' (MS only)CIS Windows Server 2012 MS L1 v3.0.0Windows

ACCESS CONTROL

2.3.7.8 (L1) Ensure 'Interactive logon: Require Domain Controller Authentication to unlock workstation' is set to 'Enabled' (MS only)CIS Windows Server 2012 R2 MS L1 v3.0.0Windows

ACCESS CONTROL

2.3.7.8 (L1) Ensure 'Interactive logon: Require Domain Controller Authentication to unlock workstation' is set to 'Enabled' (MS only)CIS Microsoft Windows Server 2016 v4.0.0 L1 MSWindows

ACCESS CONTROL

2.3.7.8 (L1) Ensure 'Interactive logon: Require Domain Controller Authentication to unlock workstation' is set to 'Enabled' (MS only)CIS Microsoft Windows Server 2019 v4.0.0 L1 MSWindows

ACCESS CONTROL

2.3.7.8 (L1) Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higherCIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

ACCESS CONTROL

2.3.7.8 (L1) Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higherCIS Microsoft Windows 10 Stand-alone v4.0.0 L1Windows

ACCESS CONTROL

2.3.7.8 (L1) Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higherCIS Microsoft Windows Server 2019 Stand-alone v3.0.0 L1 MSWindows

ACCESS CONTROL

2.3.7.8 (L1) Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higherCIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1Windows

ACCESS CONTROL

2.3.7.8 (L1) Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higherCIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NGWindows

ACCESS CONTROL

2.3.7.8 (L1) Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higherCIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1Windows

ACCESS CONTROL

2.3.7.8 (L1) Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higherCIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BLWindows

ACCESS CONTROL

2.3.7.8 (L1) Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higherCIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1Windows

ACCESS CONTROL

2.3.7.8 (L1) Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higherCIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NGWindows

ACCESS CONTROL

2.3.7.9 (L1) Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higherCIS Microsoft Windows Server 2016 v4.0.0 L1 MSWindows

ACCESS CONTROL

2.3.7.9 (L1) Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higherCIS Windows Server 2012 DC L1 v3.0.0Windows

ACCESS CONTROL

2.3.7.9 (L1) Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higherCIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

ACCESS CONTROL

2.3.7.9 (L1) Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higherCIS Microsoft Windows 10 Enterprise v4.0.0 L1Windows

ACCESS CONTROL

2.3.7.9 (L1) Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higherCIS Microsoft Windows 10 Enterprise v4.0.0 L1 BLWindows

ACCESS CONTROL

2.3.7.9 (L1) Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higherCIS Windows Server 2012 MS L1 v3.0.0Windows

ACCESS CONTROL

2.3.7.9 (L1) Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higherCIS Microsoft Windows 10 EMS Gateway v3.0.0 L1Windows

ACCESS CONTROL

2.3.7.9 (L1) Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higherCIS Microsoft Windows 10 Enterprise v4.0.0 L1 NGWindows

ACCESS CONTROL

2.3.7.9 (L1) Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higherCIS Microsoft Windows Server 2019 v4.0.0 L1 MSWindows

ACCESS CONTROL

2.3.7.9 (L1) Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higherCIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NGWindows

ACCESS CONTROL

2.3.7.9 (L1) Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higherCIS Windows Server 2012 R2 DC L1 v3.0.0Windows

ACCESS CONTROL

2.3.7.9 (L1) Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higherCIS Windows Server 2012 R2 MS L1 v3.0.0Windows

ACCESS CONTROL

2.3.7.9 (L1) Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higherCIS Microsoft Windows Server 2016 v4.0.0 L1 DCWindows

ACCESS CONTROL

2.3.7.9 (L1) Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higherCIS Microsoft Windows Server 2019 v4.0.0 L1 DCWindows

ACCESS CONTROL

18.10.43.3 Ensure 'Allow data persistence for Microsoft Defender Application Guard' is set to 'Disabled'CIS Microsoft Windows 11 Enterprise v5.0.1 L1 BLWindows

CONFIGURATION MANAGEMENT

18.10.43.3 Ensure 'Allow data persistence for Microsoft Defender Application Guard' is set to 'Disabled'CIS Microsoft Windows 11 Stand-alone v5.0.0 L1Windows

CONFIGURATION MANAGEMENT

18.10.43.3 Ensure 'Allow data persistence for Microsoft Defender Application Guard' is set to 'Disabled'CIS Microsoft Windows 11 Stand-alone v5.0.0 L1 BLWindows

CONFIGURATION MANAGEMENT

49.11 (L1) Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higherCIS Microsoft Intune for Windows 11 v4.0.0 L1Windows

ACCESS CONTROL

49.11 (L1) Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higherCIS Microsoft Intune for Windows 10 v4.0.0 L1Windows

ACCESS CONTROL

Enable insecure guest logonsMSCT Windows 10 1903 v1.19.9Windows

IDENTIFICATION AND AUTHENTICATION

Enable insecure guest logonsMSCT Windows 10 v21H1 v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

Enable insecure guest logonsMSCT Windows Server v1909 MS v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

Enable insecure guest logonsMSCT Windows Server 2019 MS v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

Enable remote mailslots - NetworkProviderMSCT Windows 11 v24H2 v1.0.0Windows
Enable remote mailslots - NetworkProviderMSCT Windows 11 v25H2 v1.0.0Windows
Enable remote mailslots - NetworkProvider EnableMailslotsMSCT Windows Server 2025 DC v2506 v1.0.0Windows
Enable remote mailslots - NetworkProvider EnableMailslotsMSCT Windows Server 2025 MS v1.0.0Windows
Enable remote mailslots - NetworkProvider EnableMailslotsMSCT Windows Server 2025 MS v2506 v1.0.0Windows
Require EncryptionMSCT Windows 11 v25H2 v1.0.0Windows
Require EncryptionMSCT Windows 11 v24H2 v1.0.0Windows