Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.4 Harden the container hostCIS Docker 1.6 v1.0.0 L1 LinuxUnix

CONFIGURATION MANAGEMENT

2.2.7 (L1) Ensure 'Allow log on locally' is set to 'Administrators'CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

ACCESS CONTROL

2.2.10 (L1) Ensure 'Back up files and directories' is set to 'Administrators'CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

ACCESS CONTROL

2.2.13 (L1) Ensure 'Create a pagefile' is set to 'Administrators'CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

ACCESS CONTROL

2.2.14 (L1) Ensure 'Create a token object' is set to 'No One'CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

ACCESS CONTROL

2.2.22 (L1) Ensure 'Deny log on as a service' to include 'Guests'CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

ACCESS CONTROL

2.2.27 (L1) Ensure 'Enable computer and user accounts to be trusted for delegation' is set to 'No One' (MS only)CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

ACCESS CONTROL

2.2.28 (L1) Ensure 'Force shutdown from a remote system' is set to 'Administrators'CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

ACCESS CONTROL

2.2.36 (L1) Ensure 'Manage auditing and security log' is set to 'Administrators' (MS only)CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

ACCESS CONTROL

2.2.39 (L1) Ensure 'Perform volume maintenance tasks' is set to 'Administrators'CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

ACCESS CONTROL

2.2.41 (L1) Ensure 'Replace a process level token' is set to 'LOCAL SERVICE, NETWORK SERVICE'CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

ACCESS CONTROL

2.2.42 (L1) Ensure 'Restore files and directories' is set to 'Administrators'CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

ACCESS CONTROL

2.3.1.2 (L1) Ensure 'Accounts: Guest account status' is set to 'Disabled' (MS only)CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

IDENTIFICATION AND AUTHENTICATION

2.3.1.5 (L1) Configure 'Accounts: Rename guest account'CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

IDENTIFICATION AND AUTHENTICATION

2.3.4.2 (L1) Ensure 'Devices: Prevent users from installing printer drivers' is set to 'Enabled'CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

ACCESS CONTROL

2.3.6.3 (L1) Ensure 'Domain member: Digitally sign secure channel data (when possible)' is set to 'Enabled'CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

IDENTIFICATION AND AUTHENTICATION

2.3.7.8 (L1) Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higherCIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

ACCESS CONTROL

2.3.9.3 (L1) Ensure 'Microsoft network server: Digitally sign communications (if client agrees)' is set to 'Enabled'CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

IDENTIFICATION AND AUTHENTICATION

2.3.10.1 (L1) Ensure 'Network access: Allow anonymous SID/Name translation' is set to 'Disabled'CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

2.3.10.12 (L1) Ensure 'Network access: Sharing and security model for local accounts' is set to 'Classic - local users authenticate as themselves'CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

CONFIGURATION MANAGEMENT

2.3.11.5 (L1) Ensure 'Network security: LDAP client signing requirements' is set to 'Negotiate signing' or higherCIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.15.2 (L1) Ensure 'System objects: Strengthen default permissions of internal system objects (e.g. Symbolic Links)' is set to 'Enabled'CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

CONFIGURATION MANAGEMENT

9.1.1 (L1) Ensure 'Windows Firewall: Domain: Firewall state' is set to 'On (recommended)'CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

9.1.2 (L1) Ensure 'Windows Firewall: Domain: Inbound connections' is set to 'Block (default)'CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

9.1.8 (L1) Ensure 'Windows Firewall: Domain: Logging: Log successful connections' is set to 'Yes'CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION

9.3.6 (L1) Ensure 'Windows Firewall: Public: Settings: Apply local connection security rules' is set to 'No'CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

9.3.8 (L1) Ensure 'Windows Firewall: Public: Logging: Size limit (KB)' is set to '16,384 KB or greater'CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION

10.16 Enable memory leak listenerCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

CONFIGURATION MANAGEMENT

18.4.5 (L2) Ensure 'MSS: (KeepAliveTime) How often keep-alive packets are sent in milliseconds' is set to 'Enabled: 300,000 or 5 minutes (recommended)'CIS Microsoft Windows Server 2008 Member Server Level 2 v3.3.1Windows

CONFIGURATION MANAGEMENT

18.5.20.1 (L2) Ensure 'Configuration of wireless settings using Windows Connect Now' is set to 'Disabled'CIS Microsoft Windows Server 2008 Member Server Level 2 v3.3.1Windows

CONFIGURATION MANAGEMENT

18.5.20.2 (L2) Ensure 'Prohibit access of the Windows Connect Now wizards' is set to 'Enabled'CIS Microsoft Windows Server 2008 Member Server Level 2 v3.3.1Windows

CONFIGURATION MANAGEMENT

18.6.11.4 (L1) Ensure 'Require domain users to elevate when setting a network's location' is set to 'Enabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L1Windows

ACCESS CONTROL

18.6.11.4 (L1) Ensure 'Require domain users to elevate when setting a network's location' is set to 'Enabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NGWindows

ACCESS CONTROL

18.8.22.1.8 (L2) Ensure 'Turn off Search Companion content file updates' is set to 'Enabled'CIS Microsoft Windows Server 2008 Member Server Level 2 v3.3.1Windows

CONFIGURATION MANAGEMENT

18.8.22.1.10 (L2) Ensure 'Turn off the 'Publish to Web' task for files and folders' is set to 'Enabled'CIS Microsoft Windows Server 2008 Member Server Level 2 v3.3.1Windows

CONFIGURATION MANAGEMENT

18.8.22.1.11 (L2) Ensure 'Turn off the Windows Messenger Customer Experience Improvement Program' is set to 'Enabled'CIS Microsoft Windows Server 2008 Member Server Level 2 v3.3.1Windows

CONFIGURATION MANAGEMENT

18.8.22.1.13 (L2) Ensure 'Turn off Windows Error Reporting' is set to 'Enabled'CIS Microsoft Windows Server 2008 Member Server Level 2 v3.3.1Windows

CONFIGURATION MANAGEMENT

18.10.93.1.1 (L1) Ensure 'No auto-restart with logged on users for scheduled automatic updates installations' is set to 'Disabled'CIS Windows Server 2012 DC L1 v3.0.0Windows

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

18.10.93.1.1 (L1) Ensure 'No auto-restart with logged on users for scheduled automatic updates installations' is set to 'Disabled'CIS Windows Server 2012 R2 MS L1 v3.0.0Windows

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

18.10.93.1.1 (L1) Ensure 'No auto-restart with logged on users for scheduled automatic updates installations' is set to 'Disabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NGWindows

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

18.10.93.1.1 (L1) Ensure 'No auto-restart with logged on users for scheduled automatic updates installations' is set to 'Disabled'CIS Microsoft Windows Server 2016 v4.0.0 L1 DCWindows

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

18.10.93.1.1 (L1) Ensure 'No auto-restart with logged on users for scheduled automatic updates installations' is set to 'Disabled'CIS Microsoft Windows Server 2016 v4.0.0 L1 MSWindows

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

18.10.93.1.1 (L1) Ensure 'No auto-restart with logged on users for scheduled automatic updates installations' is set to 'Disabled'CIS Microsoft Windows Server 2019 v4.0.0 L1 DCWindows

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

18.10.94.1.1 Ensure 'No auto-restart with logged on users for scheduled automatic updates installations' is set to 'Disabled'CIS Microsoft Windows Server 2025 v2.0.0 L1 DCWindows

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

18.10.94.1.1 Ensure 'No auto-restart with logged on users for scheduled automatic updates installations' is set to 'Disabled'CIS Microsoft Windows 11 Stand-alone v5.0.0 L1 BLWindows

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

19.1.3.1 (L1) Ensure 'Enable screen saver' is set to 'Enabled'CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

ACCESS CONTROL

19.1.3.2 Ensure 'Force specific screen saver: Screen saver executable name' is set to 'Enabled: scrnsave.scr'CIS Microsoft Windows 8.1 v2.4.1 L1Windows

ACCESS CONTROL

19.1.3.3 (L1) Ensure 'Password protect the screen saver' is set to 'Enabled'CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

ACCESS CONTROL

19.1.3.4 (L1) Ensure 'Screen saver timeout' is set to 'Enabled: 900 seconds or fewer, but not 0'CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

ACCESS CONTROL

19.7.43.1 (L1) Ensure 'Always install with elevated privileges' is set to 'Disabled'CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

ACCESS CONTROL