Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.6.6 Ensure when the cloud recording is going to be permanently deleted from trash is set to enabledCIS Zoom L1 v1.0.0Zoom

CONFIGURATION MANAGEMENT

1.9 Ensure That Cloud KMS Cryptokeys Are Not Anonymously or Publicly AccessibleCIS Google Cloud Platform Foundation v4.0.0 L1GCP

ACCESS CONTROL, MEDIA PROTECTION

2.5 Ensure That the Log Metric Filter and Alerts Exist for Audit Configuration ChangesCIS Google Cloud Platform Foundation v4.0.0 L1GCP

AUDIT AND ACCOUNTABILITY

2.6 Ensure That the Log Metric Filter and Alerts Exist for Custom Role ChangesCIS Google Cloud Platform Foundation v4.0.0 L1GCP

AUDIT AND ACCOUNTABILITY

2.7.1 iCloud configurationCIS Apple OSX 10.10 Yosemite L2 v1.2.0Unix
2.7.3 iCloud DriveCIS Apple OSX 10.11 El Capitan L2 v1.1.0Unix
2.21.3 Ensure 'Block Signing into Office' is set to Enabled (None allowed)CIS Microsoft Office 2016 v1.1.0Windows

ACCESS CONTROL

4.6 Ensure that the REQUIRE_STORAGE_INTEGRATION_FOR_STAGE_OPERATION account parameter is set to trueCIS Snowflake Foundations v1.0.0 L1Snowflake

AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY

5.2.2 Prefer using dedicated GCP Service Accounts and Workload IdentityCIS Google Kubernetes Engine GKE v1.9.0 L2 GCPGCP

IDENTIFICATION AND AUTHENTICATION

5.6 Ensure alerts are enabled for malicious files detected by WildFire - log-type 'wildfire'CIS Palo Alto Firewall 8 Benchmark L1 v1.0.0Palo_Alto

AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY

5.6 Ensure alerts are enabled for malicious files detected by WildFire - log-type 'wildfire'CIS Palo Alto Firewall 9 v1.1.0 L1Palo_Alto

SYSTEM AND INFORMATION INTEGRITY

6.1.2 Ensure 'Skip_show_database' Database Flag for Cloud SQL MySQL Instance Is Set to 'On'CIS Google Cloud Platform Foundation v4.0.0 L1GCP

ACCESS CONTROL, MEDIA PROTECTION

6.1.3 Ensure That the 'Local_infile' Database Flag for a Cloud SQL MySQL Instance Is Set to 'Off'CIS Google Cloud Platform Foundation v4.0.0 L1GCP

CONFIGURATION MANAGEMENT

6.4 Ensure That the Cloud SQL Database Instance Requires All Incoming Connections To Use SSLCIS Google Cloud Platform Foundation v4.0.0 L1GCP

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

6.23 Ensure that 'Cloud Inline Categorization' on URL Filtering profiles are enabled if 'Advanced Threat Prevention' is availableCIS Palo Alto Firewall 11 v1.2.0 L1Palo_Alto

SYSTEM AND COMMUNICATIONS PROTECTION

8.1.3.1 Ensure that Defender for Servers is set to 'On'CIS Microsoft Azure Foundations v5.0.0 L2microsoft_azure

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

18.9.52.1 Ensure 'Prevent the usage of OneDrive for file storage' is set to 'Enabled'CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0Windows

ACCESS CONTROL

18.9.58.1 (L1) Ensure 'Prevent the usage of OneDrive for file storage' is set to 'Enabled'CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1Windows

ACCESS CONTROL

18.9.58.1 (L1) Ensure 'Prevent the usage of OneDrive for file storage' is set to 'Enabled'CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1Windows

ACCESS CONTROL

18.10.12.2 (L1) Ensure 'Turn off cloud optimized content' is set to 'Enabled'CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1Windows

CONFIGURATION MANAGEMENT

18.10.13.2 (L2) Ensure 'Turn off cloud optimized content' is set to 'Enabled'CIS Microsoft Windows 10 Stand-alone v4.0.0 L2 BL NGWindows

CONFIGURATION MANAGEMENT

18.10.13.2 (L2) Ensure 'Turn off cloud optimized content' is set to 'Enabled'CIS Microsoft Windows Server 2025 Stand-alone v1.0.0 L2 MSWindows

CONFIGURATION MANAGEMENT

18.10.13.2 Ensure 'Turn off cloud optimized content' is set to 'Enabled'CIS Microsoft Windows Server 2022 v5.0.0 L2 MSWindows

CONFIGURATION MANAGEMENT

18.10.50.1 Ensure 'Prevent the usage of OneDrive for file storage' is set to 'Enabled'CIS Microsoft Windows 11 Enterprise v5.0.1 L2 BLWindows

CONFIGURATION MANAGEMENT

18.10.50.1 Ensure 'Prevent the usage of OneDrive for file storage' is set to 'Enabled'CIS Microsoft Windows 11 Stand-alone v5.0.0 L2 BLWindows

CONFIGURATION MANAGEMENT

18.10.51.1 (L1) Ensure 'Prevent the usage of OneDrive for file storage' is set to 'Enabled'CIS Windows Server 2012 MS L1 v3.0.0Windows

ACCESS CONTROL

18.10.51.1 (L1) Ensure 'Prevent the usage of OneDrive for file storage' is set to 'Enabled'CIS Microsoft Windows Server 2025 Stand-alone v1.0.0 L1 MSWindows

CONFIGURATION MANAGEMENT

18.10.57.2.2 Ensure 'Disable Cloud Clipboard integration for server-to-client data transfer' is set to 'Enabled'CIS Microsoft Windows 11 Enterprise v5.0.1 L2Windows

CONFIGURATION MANAGEMENT

61.1 (L2) Ensure 'Disallow Cloud Notification' is set to 'Allow'CIS Microsoft Intune for Windows 11 v4.0.0 L2Windows

CONFIGURATION MANAGEMENT

61.1 (L2) Ensure 'Disallow Cloud Notification' is set to 'Allow'CIS Microsoft Intune for Windows 10 v4.0.0 L2Windows

CONFIGURATION MANAGEMENT

80.5 (L2) Ensure 'Disable One Drive File Sync' is set to 'Sync Disabled'CIS Microsoft Intune for Windows 10 v4.0.0 L2Windows

CONFIGURATION MANAGEMENT

AIOS-02-080002 - Apple iOS must not allow backup to remote systems (iCloud).MobileIron - DISA Apple iOS 10 v1r3MDM

ACCESS CONTROL, CONFIGURATION MANAGEMENT

AIOS-02-080004 - Apple iOS must not allow backup to remote systems (iCloud Keychain).AirWatch - DISA Apple iOS 10 v1r3MDM

ACCESS CONTROL, CONFIGURATION MANAGEMENT

ARDC-CL-000065 - Adobe Reader DC must disable Cloud Synchronization.DISA STIG Adobe Acrobat Reader DC Classic Track v2r1Windows

CONFIGURATION MANAGEMENT

ARDC-CN-000065 - Adobe Reader DC must disable Cloud Synchronization.DISA STIG Adobe Acrobat Reader DC Continuous Track v2r1Windows

CONFIGURATION MANAGEMENT

BIND-9X-001580 - On the BIND 9.x server, CNAME records must not point to a zone with lesser security for more than six months.DISA BIND 9.x STIG v3r1Unix

CONFIGURATION MANAGEMENT

DTOO414 - Roaming settings must be stored locally and not synchronized to the Microsoft Office roaming settings web service.DISA STIG Microsoft Office System 2013 v2r2Windows

CONFIGURATION MANAGEMENT

KNOX-07-004900 - The Samsung must be configured to not allow backup to remote systems: Deselect Allow Google Backup.AirWatch - DISA Samsung Android 7 with Knox 2.x v1r1MDM

ACCESS CONTROL

MS.AAD.2.3v1 - Sign-ins detected as high risk SHALL be blocked.CISA SCuBA Microsoft 365 Entra ID v1.5.0microsoft_azure

ACCESS CONTROL, SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

MS.AAD.3.1v1 - Phishing-resistant MFA SHALL be enforced for all users.CISA SCuBA Microsoft 365 Entra ID v1.5.0microsoft_azure

ACCESS CONTROL, SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

Turn off Microsoft consumer experiencesMSCT Windows 10 1809 v1.0.0Windows

CONFIGURATION MANAGEMENT

Turn off Microsoft consumer experiencesMSCT Windows 11 v1.0.0Windows

CONFIGURATION MANAGEMENT

Turn off Microsoft consumer experiencesMSCT Windows 10 v22H2 v1.0.0Windows

CONFIGURATION MANAGEMENT

Turn off Microsoft consumer experiencesMSCT Windows 10 1903 v1.19.9Windows

CONFIGURATION MANAGEMENT

Turn off Microsoft consumer experiencesMSCT Windows 10 v21H2 v1.0.0Windows

CONFIGURATION MANAGEMENT

Turn off Microsoft consumer experiencesMSCT Windows 11 v25H2 v1.0.0Windows

CONFIGURATION MANAGEMENT

Turn off Microsoft consumer experiencesMSCT Windows 10 v21H1 v1.0.0Windows

CONFIGURATION MANAGEMENT

Turn off Microsoft consumer experiencesMSCT Windows 11 v22H2 v1.0.0Windows

CONFIGURATION MANAGEMENT

Turn off Microsoft consumer experiencesMSCT Windows 10 v2004 v1.0.0Windows

CONFIGURATION MANAGEMENT

Turn off Microsoft consumer experiencesMSCT Windows 10 v20H2 v1.0.0Windows

CONFIGURATION MANAGEMENT