Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.6.6 Ensure when the cloud recording is going to be permanently deleted from trash is set to enabledCIS Zoom L1 v1.0.0Zoom

CONFIGURATION MANAGEMENT

1.9 Ensure That Cloud KMS Cryptokeys Are Not Anonymously or Publicly AccessibleCIS Google Cloud Platform Foundation v4.0.0 L1GCP

ACCESS CONTROL, MEDIA PROTECTION

2.5 Ensure That the Log Metric Filter and Alerts Exist for Audit Configuration ChangesCIS Google Cloud Platform Foundation v4.0.0 L1GCP

AUDIT AND ACCOUNTABILITY

2.6 Ensure That the Log Metric Filter and Alerts Exist for Custom Role ChangesCIS Google Cloud Platform Foundation v4.0.0 L1GCP

AUDIT AND ACCOUNTABILITY

2.7.3 iCloud DriveCIS Apple OSX 10.11 El Capitan L2 v1.1.0Unix
2.10.1 (L1) Ensure 'Enable Google Cloud Print Proxy' is set to 'Disabled'CIS Google Chrome Group Policy v1.0.0 L1Windows

CONFIGURATION MANAGEMENT

2.21.3 Ensure 'Block Signing into Office' is set to Enabled (None allowed)CIS Microsoft Office 2016 v1.1.0Windows

ACCESS CONTROL

4.6 Ensure that the REQUIRE_STORAGE_INTEGRATION_FOR_STAGE_OPERATION account parameter is set to trueCIS Snowflake Foundations v1.0.0 L1Snowflake

AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY

4.8 Ensure that the PREVENT_UNLOAD_TO_INLINE_URL account parameter is set to trueCIS Snowflake Foundations v1.0.0 L1Snowflake

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY

5.2.2 Prefer using dedicated GCP Service Accounts and Workload IdentityCIS Google Kubernetes Engine GKE v1.9.0 L2 GCPGCP

IDENTIFICATION AND AUTHENTICATION

5.5 Ensure alerts are enabled for malicious files detected by WildFireCIS Palo Alto Firewall 10 v1.3.0 L1Palo_Alto

SYSTEM AND INFORMATION INTEGRITY

5.5 Ensure alerts are enabled for malicious files detected by WildFireCIS Palo Alto Firewall 11 v1.2.0 L1Palo_Alto

SYSTEM AND INFORMATION INTEGRITY

5.6 Ensure alerts are enabled for malicious files detected by WildFireCIS Palo Alto Firewall 7 Benchmark L1 v1.0.0Palo_Alto

SYSTEM AND INFORMATION INTEGRITY

5.6 Ensure alerts are enabled for malicious files detected by WildFire - log-type 'wildfire'CIS Palo Alto Firewall 8 Benchmark L1 v1.0.0Palo_Alto

AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY

5.6 Ensure alerts are enabled for malicious files detected by WildFire - log-type 'wildfire'CIS Palo Alto Firewall 9 v1.1.0 L1Palo_Alto

SYSTEM AND INFORMATION INTEGRITY

6.1.3 Ensure That the 'Local_infile' Database Flag for a Cloud SQL MySQL Instance Is Set to 'Off'CIS Google Cloud Platform Foundation v4.0.0 L1GCP

CONFIGURATION MANAGEMENT

6.4 Ensure That the Cloud SQL Database Instance Requires All Incoming Connections To Use SSLCIS Google Cloud Platform Foundation v4.0.0 L1GCP

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

8.1.3.1 Ensure that Defender for Servers is set to 'On'CIS Microsoft Azure Foundations v5.0.0 L2microsoft_azure

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

18.10.13.2 (L2) Ensure 'Turn off cloud optimized content' is set to 'Enabled'CIS Microsoft Windows Server 2025 Stand-alone v1.0.0 L2 MSWindows

CONFIGURATION MANAGEMENT

18.10.57.2.2 Ensure 'Disable Cloud Clipboard integration for server-to-client data transfer' is set to 'Enabled'CIS Microsoft Windows 11 Enterprise v5.0.1 L2Windows

CONFIGURATION MANAGEMENT

61.1 (L2) Ensure 'Disallow Cloud Notification' is set to 'Allow'CIS Microsoft Intune for Windows 11 v4.0.0 L2Windows

CONFIGURATION MANAGEMENT

61.1 (L2) Ensure 'Disallow Cloud Notification' is set to 'Allow'CIS Microsoft Intune for Windows 10 v4.0.0 L2Windows

CONFIGURATION MANAGEMENT

AIOS-02-080004 - Apple iOS must not allow backup to remote systems (iCloud Keychain).AirWatch - DISA Apple iOS 10 v1r3MDM

ACCESS CONTROL, CONFIGURATION MANAGEMENT

AIOS-14-009400 - Apple iOS/iPadOS must implement the management setting: Disable Allow MailDrop.AirWatch - DISA Apple iOS/iPadOS 14 v1r3MDM

ACCESS CONTROL, CONFIGURATION MANAGEMENT

AIOS-16-011000 - Apple iOS/iPadOS 16 must implement the management setting: Disable Allow MailDrop.AirWatch - DISA Apple iOS-iPadOS 16 STIG v2r2MDM

ACCESS CONTROL, CONFIGURATION MANAGEMENT

AIOS-17-011000 - Apple iOS/iPadOS 17 must implement the management setting: Disable Allow MailDrop.MobileIron - DISA Apple iOS/iPadOS 17 v2r2MDM

ACCESS CONTROL, CONFIGURATION MANAGEMENT

ARDC-CL-000065 - Adobe Reader DC must disable Cloud Synchronization.DISA STIG Adobe Acrobat Reader DC Classic Track v2r1Windows

CONFIGURATION MANAGEMENT

ARDC-CN-000065 - Adobe Reader DC must disable Cloud Synchronization.DISA STIG Adobe Acrobat Reader DC Continuous Track v2r1Windows

CONFIGURATION MANAGEMENT

Do not suggest third-party content in Windows spotlightMSCT Windows 10 v20H2 v1.0.0Windows

CONFIGURATION MANAGEMENT

Do not suggest third-party content in Windows spotlightMSCT Windows 11 v24H2 v1.0.0Windows

CONFIGURATION MANAGEMENT

Do not suggest third-party content in Windows spotlightMSCT Windows 11 v25H2 v1.0.0Windows

CONFIGURATION MANAGEMENT

DTOO414 - Roaming settings must be stored locally and not synchronized to the Microsoft Office roaming settings web service.DISA STIG Microsoft Office System 2013 v2r2Windows

CONFIGURATION MANAGEMENT

KNOX-07-004900 - The Samsung must be configured to not allow backup to remote systems: Deselect Allow Google Backup.AirWatch - DISA Samsung Android 7 with Knox 2.x v1r1MDM

ACCESS CONTROL

MS.AAD.2.1v1 - Users detected as high risk SHALL be blocked.CISA SCuBA Microsoft 365 Entra ID v1.5.0microsoft_azure

ACCESS CONTROL, SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

MS.AAD.2.3v1 - Sign-ins detected as high risk SHALL be blocked.CISA SCuBA Microsoft 365 Entra ID v1.5.0microsoft_azure

ACCESS CONTROL, SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

MS.AAD.3.1v1 - Phishing-resistant MFA SHALL be enforced for all users.CISA SCuBA Microsoft 365 Entra ID v1.5.0microsoft_azure

ACCESS CONTROL, SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

Turn off Microsoft consumer experiencesMSCT Windows 10 1809 v1.0.0Windows

CONFIGURATION MANAGEMENT

Turn off Microsoft consumer experiencesMSCT Windows 10 v22H2 v1.0.0Windows

CONFIGURATION MANAGEMENT

Turn off Microsoft consumer experiencesMSCT Windows 11 v1.0.0Windows

CONFIGURATION MANAGEMENT

Turn off Microsoft consumer experiencesMSCT Windows 10 v21H1 v1.0.0Windows

CONFIGURATION MANAGEMENT

Turn off Microsoft consumer experiencesMSCT Windows 11 v22H2 v1.0.0Windows

CONFIGURATION MANAGEMENT

Turn off Microsoft consumer experiencesMSCT Windows 10 1903 v1.19.9Windows

CONFIGURATION MANAGEMENT

Turn off Microsoft consumer experiencesMSCT Windows 10 v21H2 v1.0.0Windows

CONFIGURATION MANAGEMENT

Turn off Microsoft consumer experiencesMSCT Windows 11 v25H2 v1.0.0Windows

CONFIGURATION MANAGEMENT

Turn off Microsoft consumer experiencesMSCT Windows 10 v2004 v1.0.0Windows

CONFIGURATION MANAGEMENT

Turn off Microsoft consumer experiencesMSCT Windows 10 v20H2 v1.0.0Windows

CONFIGURATION MANAGEMENT

Turn off Microsoft consumer experiencesMSCT Windows 10 1803 v1.0.0Windows

CONFIGURATION MANAGEMENT

Turn off Microsoft consumer experiencesMSCT Windows 10 1909 v1.0.0Windows

CONFIGURATION MANAGEMENT

Turn off Microsoft consumer experiencesMSCT Windows 11 v24H2 v1.0.0Windows

CONFIGURATION MANAGEMENT

Turn off Microsoft consumer experiencesMSCT Windows 11 v23H2 v1.0.0Windows

CONFIGURATION MANAGEMENT