Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.2.2 Ensure filesystem integrity is regularly checkedCIS Ubuntu Linux 18.04 LTS v2.2.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

4.1.3.2 Ensure actions as another user are always loggedCIS CentOS Linux 8 Workstation L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.3.4 Ensure events that modify date and time information are collectedCIS CentOS Linux 8 Server L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.3.4 Ensure events that modify date and time information are collectedCIS CentOS Linux 8 Workstation L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.3.6 Ensure use of privileged commands are collectedCIS Fedora 28 Family Linux Server L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.3.8 Ensure events that modify user/group information are collectedCIS Fedora 28 Family Linux Server L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.3.9 Ensure discretionary access control permission modification events are collectedCIS Fedora 28 Family Linux Workstation L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.3.10 Ensure successful file system mounts are collectedCIS Fedora 28 Family Linux Workstation L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.3.14 Ensure events that modify the system's Mandatory Access Controls are collectedCIS Fedora 28 Family Linux Workstation L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.3.21 Ensure the running and on disk configuration is the sameCIS Fedora 28 Family Linux Workstation L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.4 Ensure events that modify user/group information are collectedCIS SUSE Linux Enterprise 12 v3.2.1 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

4.1.4 Ensure events that modify user/group information are collectedCIS SUSE Linux Enterprise 12 v3.2.1 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

4.1.10 Ensure unsuccessful unauthorized file access attempts are collectedCIS SUSE Linux Enterprise 12 v3.2.1 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

4.1.12 Ensure successful file system mounts are collectedCIS SUSE Linux Enterprise 12 v3.2.1 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

4.1.15 Ensure system administrator actions (sudolog) are collectedCIS SUSE Linux Enterprise 12 v3.2.1 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

4.3.3 Ensure sudo log file existsCIS Ubuntu Linux 18.04 LTS v2.2.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

6.2.2 Ensure That the 'Log_connections' Database Flag for Cloud SQL PostgreSQL Instance Is Set to 'On'CIS Google Cloud Platform Foundation v4.0.0 L1GCP

AUDIT AND ACCOUNTABILITY

6.2.3 Ensure That the 'Log_disconnections' Database Flag for Cloud SQL PostgreSQL Instance Is Set to 'On'CIS Google Cloud Platform Foundation v4.0.0 L1GCP

AUDIT AND ACCOUNTABILITY

6.2.4 Ensure 'Log_statement' Database Flag for Cloud SQL PostgreSQL Instance Is Set AppropriatelyCIS Google Cloud Platform Foundation v4.0.0 L2GCP

AUDIT AND ACCOUNTABILITY

6.3.3.5 Ensure events that modify sethostname and setdomainname are collectedCIS Red Hat Enterprise Linux 10 v1.0.1 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.3.3.6 Ensure events that modify /etc/issue and /etc/issue.net are collectedCIS Red Hat Enterprise Linux 10 v1.0.1 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.3.3.10 Ensure use of privileged commands are collectedCIS Red Hat Enterprise Linux 10 v1.0.1 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.3.3.12 Ensure events that modify /etc/group information are collectedCIS Red Hat Enterprise Linux 10 v1.0.1 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.3.3.13 Ensure events that modify /etc/passwd information are collectedCIS Red Hat Enterprise Linux 10 v1.0.1 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.3.3.14 Ensure events that modify /etc/shadow and /etc/gshadow are collectedCIS Red Hat Enterprise Linux 10 v1.0.1 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.3.3.24 Ensure unlink file deletion events by users are collectedCIS Red Hat Enterprise Linux 10 v1.0.1 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.3.3.26 Ensure events that modify the system's Mandatory Access Controls are collectedCIS Red Hat Enterprise Linux 10 v1.0.1 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.3.3.31 Ensure kernel module loading unloading and modification is collectedCIS Red Hat Enterprise Linux 10 v1.0.1 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.3.3.33 Ensure kernel "delete_module" loading unloading and modification is collectedCIS Red Hat Enterprise Linux 10 v1.0.1 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.3.3.33 Ensure kernel "delete_module" loading unloading and modification is collectedCIS Red Hat Enterprise Linux 10 v1.0.1 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.3.3.34 Ensure kernel query_module loading unloading and modification is collectedCIS Red Hat Enterprise Linux 10 v1.0.1 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.3.3.34 Ensure kernel query_module loading unloading and modification is collectedCIS Red Hat Enterprise Linux 10 v1.0.1 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

17.2.1 (L1) Ensure 'Audit Application Group Management' is set to 'Success and Failure'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NGWindows

AUDIT AND ACCOUNTABILITY

17.2.1 (L1) Ensure 'Audit Application Group Management' is set to 'Success and Failure'CIS Microsoft Windows Server 2019 v4.0.0 L1 MSWindows

AUDIT AND ACCOUNTABILITY

17.2.4 (L1) Ensure 'Audit Other Account Management Events' is set to include 'Success' (DC only)CIS Microsoft Windows Server 2019 v4.0.0 L1 DCWindows

AUDIT AND ACCOUNTABILITY

17.4.1 (L1) Ensure 'Audit Directory Service Access' is set to include 'Failure' (DC only)CIS Microsoft Windows Server 2019 v4.0.0 L1 DCWindows

AUDIT AND ACCOUNTABILITY

17.6.3 (L1) Ensure 'Audit Other Object Access Events' is set to 'Success and Failure'CIS Microsoft Windows Server 2019 v4.0.0 L1 DCWindows

AUDIT AND ACCOUNTABILITY

17.6.4 (L1) Ensure 'Audit Removable Storage' is set to 'Success and Failure'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BLWindows

AUDIT AND ACCOUNTABILITY

17.8.1 (L1) Ensure 'Audit Sensitive Privilege Use' is set to 'Success and Failure'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NGWindows

AUDIT AND ACCOUNTABILITY

17.9.1 (L1) Ensure 'Audit IPsec Driver' is set to 'Success and Failure'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NGWindows

AUDIT AND ACCOUNTABILITY

17.9.1 (L1) Ensure 'Audit IPsec Driver' is set to 'Success and Failure'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NGWindows

AUDIT AND ACCOUNTABILITY

17.9.1 (L1) Ensure 'Audit IPsec Driver' is set to 'Success and Failure'CIS Microsoft Windows Server 2019 Stand-alone v3.0.0 L1 MSWindows

AUDIT AND ACCOUNTABILITY

17.9.2 (L1) Ensure 'Audit Other System Events' is set to 'Success and Failure'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NGWindows

AUDIT AND ACCOUNTABILITY

17.9.3 (L1) Ensure 'Audit Security State Change' is set to include 'Success'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NGWindows

AUDIT AND ACCOUNTABILITY

17.9.3 (L1) Ensure 'Audit Security State Change' is set to include 'Success'CIS Microsoft Windows Server 2019 v4.0.0 L1 DCWindows

AUDIT AND ACCOUNTABILITY

17.9.3 (L1) Ensure 'Audit Security State Change' is set to include 'Success'CIS Microsoft Windows Server 2019 v4.0.0 L1 MSWindows

AUDIT AND ACCOUNTABILITY

17.9.4 (L1) Ensure 'Audit Security System Extension' is set to include 'Success'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NGWindows

AUDIT AND ACCOUNTABILITY

17.9.4 (L1) Ensure 'Audit Security System Extension' is set to include 'Success'CIS Microsoft Windows Server 2019 v4.0.0 L1 DCWindows

AUDIT AND ACCOUNTABILITY

17.9.5 (L1) Ensure 'Audit System Integrity' is set to 'Success and Failure'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NGWindows

AUDIT AND ACCOUNTABILITY

17.9.5 (L1) Ensure 'Audit System Integrity' is set to 'Success and Failure'CIS Microsoft Windows Server 2019 v4.0.0 L1 DCWindows

AUDIT AND ACCOUNTABILITY