Item Search

Name	Audit Name	Plugin	Category
1.1.15 - AirWatch - Enable 'Encrypt phone'	AirWatch - CIS Google Android 4 v1.0.0 L1	MDM	ACCESS CONTROL
1.1.15 - MobileIron - Enable 'Encrypt phone'	MobileIron - CIS Google Android 4 v1.0.0 L1	MDM	ACCESS CONTROL
2.1.9 - MobileIron - Enable 'Require encryption on the device'	MobileIron - CIS Google Android 4 v1.0.0 L1	MDM	ACCESS CONTROL
4.11.7.2.10 (BL) Ensure 'Require additional authentication at startup: Configure TPM startup key and PIN:' is set to 'Enabled: Do not allow startup key and PIN with TPM'	CIS Microsoft Intune for Windows 11 v4.0.0 BL	Windows	ACCESS CONTROL
4.11.7.2.13 (BL) Ensure 'Require additional authentication at startup: Configure TPM startup:' is set to 'Enabled: Do not allow TPM'	CIS Microsoft Intune for Windows 11 v4.0.0 BL	Windows	ACCESS CONTROL
18.10.9.1.1 (BL) Ensure 'Allow access to BitLocker-protected fixed data drives from earlier versions of Windows' is set to 'Disabled'	CIS Microsoft Windows 10 Stand-alone v3.0.0 L2 BL	Windows	ACCESS CONTROL
18.10.9.1.1 (BL) Ensure 'Allow access to BitLocker-protected fixed data drives from earlier versions of Windows' is set to 'Disabled'	CIS Microsoft Windows 10 Stand-alone v3.0.0 L2 BL NG	Windows	ACCESS CONTROL
18.10.9.1.1 (BL) Ensure 'Allow access to BitLocker-protected fixed data drives from earlier versions of Windows' is set to 'Disabled'	CIS Microsoft Windows 10 Stand-alone v3.0.0 BL	Windows	ACCESS CONTROL
18.10.9.1.1 (BL) Ensure 'Allow access to BitLocker-protected fixed data drives from earlier versions of Windows' is set to 'Disabled'	CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL NG	Windows	ACCESS CONTROL
18.10.9.1.10 (BL) Ensure 'Configure use of hardware-based encryption for fixed data drives' is set to 'Disabled'	CIS Microsoft Windows 10 Stand-alone v3.0.0 BL	Windows	ACCESS CONTROL
18.10.9.2.11 (BL) Ensure 'Configure use of hardware-based encryption for operating system drives' is set to 'Disabled'	CIS Microsoft Windows 10 Stand-alone v3.0.0 L2 BL	Windows	ACCESS CONTROL
18.10.9.2.11 (BL) Ensure 'Configure use of hardware-based encryption for operating system drives' is set to 'Disabled'	CIS Microsoft Windows 10 Stand-alone v3.0.0 L2 BL NG	Windows	ACCESS CONTROL
18.10.9.2.11 (BL) Ensure 'Configure use of hardware-based encryption for operating system drives' is set to 'Disabled'	CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL	Windows	ACCESS CONTROL
18.10.9.2.11 (BL) Ensure 'Configure use of hardware-based encryption for operating system drives' is set to 'Disabled'	CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL NG	Windows	ACCESS CONTROL
18.10.9.2.11 (L1) Ensure 'Configure use of hardware-based encryption for operating system drives' is set to 'Disabled'	CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1	Windows	ACCESS CONTROL
18.10.9.2.13 (BL) Ensure 'Require additional authentication at startup' is set to 'Enabled'	CIS Microsoft Windows 10 Stand-alone v3.0.0 L2 BL NG	Windows	ACCESS CONTROL
18.10.9.2.13 (BL) Ensure 'Require additional authentication at startup' is set to 'Enabled'	CIS Microsoft Windows 10 Stand-alone v3.0.0 BL	Windows	ACCESS CONTROL
18.10.9.2.13 (BL) Ensure 'Require additional authentication at startup' is set to 'Enabled'	CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL	Windows	ACCESS CONTROL
18.10.9.2.14 (BL) Ensure 'Require additional authentication at startup: Allow BitLocker without a compatible TPM' is set to 'Enabled: False'	CIS Microsoft Windows 10 Stand-alone v3.0.0 BL	Windows	ACCESS CONTROL
18.10.9.3.1 (BL) Ensure 'Allow access to BitLocker-protected removable data drives from earlier versions of Windows' is set to 'Disabled'	CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL	Windows	ACCESS CONTROL
18.10.9.3.1 (L1) Ensure 'Allow access to BitLocker-protected removable data drives from earlier versions of Windows' is set to 'Disabled'	CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1	Windows	ACCESS CONTROL
18.10.9.3.10 (BL) Ensure 'Configure use of hardware-based encryption for removable data drives' is set to 'Disabled'	CIS Microsoft Windows 10 Stand-alone v3.0.0 BL	Windows	ACCESS CONTROL
18.10.10.1.1 (BL) Ensure 'Allow access to BitLocker-protected fixed data drives from earlier versions of Windows' is set to 'Disabled'	CIS Microsoft Windows 10 Enterprise v4.0.0 BL	Windows	ACCESS CONTROL
18.10.10.1.1 (BL) Ensure 'Allow access to BitLocker-protected fixed data drives from earlier versions of Windows' is set to 'Disabled'	CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker	Windows	ACCESS CONTROL
18.10.10.1.1 (BL) Ensure 'Allow access to BitLocker-protected fixed data drives from earlier versions of Windows' is set to 'Disabled'	CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BL	Windows	ACCESS CONTROL
18.10.10.1.1 (BL) Ensure 'Allow access to BitLocker-protected fixed data drives from earlier versions of Windows' is set to 'Disabled'	CIS Microsoft Windows 11 Stand-alone v4.0.0 BL	Windows	ACCESS CONTROL
18.10.10.1.7 (BL) Ensure 'Configure use of hardware-based encryption for fixed data drives' is set to 'Disabled'	CIS Microsoft Windows 11 Stand-alone v4.0.0 BL	Windows	ACCESS CONTROL
18.10.10.1.10 (BL) Ensure 'Configure use of hardware-based encryption for fixed data drives' is set to 'Disabled'	CIS Microsoft Windows 11 Enterprise v4.0.0 BitLocker	Windows	ACCESS CONTROL
18.10.10.2.8 (BL) Ensure 'Configure use of hardware-based encryption for operating system drives' is set to 'Disabled'	CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BL	Windows	ACCESS CONTROL
18.10.10.2.10 (BL) Ensure 'Require additional authentication at startup' is set to 'Enabled'	CIS Microsoft Windows 11 Stand-alone v4.0.0 BL	Windows	ACCESS CONTROL
18.10.10.2.11 (BL) Ensure 'Configure use of hardware-based encryption for operating system drives' is set to 'Disabled'	CIS Microsoft Windows 10 Enterprise v4.0.0 BL	Windows	ACCESS CONTROL
18.10.10.2.11 (BL) Ensure 'Configure use of hardware-based encryption for operating system drives' is set to 'Disabled'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL	Windows	ACCESS CONTROL
18.10.10.2.11 (BL) Ensure 'Configure use of hardware-based encryption for operating system drives' is set to 'Disabled'	CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker	Windows	ACCESS CONTROL
18.10.10.2.13 (BL) Ensure 'Require additional authentication at startup' is set to 'Enabled'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL	Windows	ACCESS CONTROL
18.10.10.2.14 (BL) Ensure 'Require additional authentication at startup: Allow BitLocker without a compatible TPM' is set to 'Enabled: False'	CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker	Windows	ACCESS CONTROL
18.10.10.2.14 (BL) Ensure 'Require additional authentication at startup: Allow BitLocker without a compatible TPM' is set to 'Enabled: False'	CIS Microsoft Windows 11 Enterprise v4.0.0 BitLocker	Windows	ACCESS CONTROL
18.10.10.3.1 (BL) Ensure 'Allow access to BitLocker-protected removable data drives from earlier versions of Windows' is set to 'Disabled'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG	Windows	ACCESS CONTROL
18.10.10.3.1 (BL) Ensure 'Allow access to BitLocker-protected removable data drives from earlier versions of Windows' is set to 'Disabled'	CIS Microsoft Windows 11 Enterprise v4.0.0 BitLocker	Windows	ACCESS CONTROL
18.10.10.3.1 (BL) Ensure 'Allow access to BitLocker-protected removable data drives from earlier versions of Windows' is set to 'Disabled'	CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker	Windows	ACCESS CONTROL
18.10.10.3.1 (BL) Ensure 'Allow access to BitLocker-protected removable data drives from earlier versions of Windows' is set to 'Disabled'	CIS Microsoft Windows 11 Stand-alone v4.0.0 BL	Windows	ACCESS CONTROL
18.10.10.3.7 (BL) Ensure 'Configure use of hardware-based encryption for removable data drives' is set to 'Disabled'	CIS Microsoft Windows 11 Stand-alone v4.0.0 BL	Windows	ACCESS CONTROL
18.10.10.3.7 (BL) Ensure 'Configure use of hardware-based encryption for removable data drives' is set to 'Disabled'	CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BL	Windows	ACCESS CONTROL
18.10.10.3.10 (BL) Ensure 'Configure use of hardware-based encryption for removable data drives' is set to 'Disabled'	CIS Microsoft Windows 10 Enterprise v4.0.0 BL	Windows	ACCESS CONTROL
18.10.10.3.10 (BL) Ensure 'Configure use of hardware-based encryption for removable data drives' is set to 'Disabled'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL	Windows	ACCESS CONTROL
18.10.10.3.10 (BL) Ensure 'Configure use of hardware-based encryption for removable data drives' is set to 'Disabled'	CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker	Windows	ACCESS CONTROL
Android Work Profile Device Configuration - Require Work Profile Password	Tenable Best Practices for Microsoft Intune Android v1.0	microsoft_azure	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION
Windows Device Configuration - Accounts	Tenable Best Practices for Microsoft Intune Windows v1.0	microsoft_azure	ACCESS CONTROL, CONFIGURATION MANAGEMENT
Windows Device Configuration - Browser Pop-ups	Tenable Best Practices for Microsoft Intune Windows v1.0	microsoft_azure	ACCESS CONTROL, CONFIGURATION MANAGEMENT
Windows Device Configuration - Internet sharing	Tenable Best Practices for Microsoft Intune Windows v1.0	microsoft_azure	ACCESS CONTROL, CONFIGURATION MANAGEMENT
Windows Device Configuration - Personalization	Tenable Best Practices for Microsoft Intune Windows v1.0	microsoft_azure	ACCESS CONTROL, CONFIGURATION MANAGEMENT

Detections

Analytics

Item Search