Detections
Analytics

Item Search

NameAudit NamePluginCategory
2.3.2.1 (L1) Ensure 'Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings' is set to 'Enabled'CIS Microsoft Windows Server 2016 v4.0.0 L1 MSWindows

AUDIT AND ACCOUNTABILITY

2.3.2.1 (L1) Ensure 'Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings' is set to 'Enabled'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BLWindows

AUDIT AND ACCOUNTABILITY

2.3.2.1 (L1) Ensure 'Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings' is set to 'Enabled'CIS Microsoft Windows Server 2019 Stand-alone v3.0.0 L1 MSWindows

AUDIT AND ACCOUNTABILITY

2.3.2.1 (L1) Ensure 'Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings' is set to 'Enabled'CIS Microsoft Windows Server 2019 v4.0.0 L1 MSWindows

AUDIT AND ACCOUNTABILITY

3.3.1.17 Ensure net.ipv4.conf.default.log_martians is configuredCIS Rocky Linux 10 v1.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

3.3.9 Ensure suspicious packets are loggedCIS CentOS Linux 7 v4.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

3.3.9 Ensure suspicious packets are loggedCIS Amazon Linux 2 v3.0.0 L1Unix

AUDIT AND ACCOUNTABILITY

4.1.3.11 Ensure session initiation information is collectedCIS CentOS Linux 8 Server L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

5.2.3.11 Ensure session initiation information is collectedCIS Debian Linux 10 v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

5.2.3.11 Ensure session initiation information is collectedCIS Amazon Linux 2023 v1.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

5.2.3.11 Ensure session initiation information is collectedCIS Oracle Linux 7 v4.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.4 (L1) Ensure 'Account Logon Logoff Audit Logoff' is set to include 'Success'CIS Microsoft Intune for Windows 10 v4.0.0 L1Windows

AUDIT AND ACCOUNTABILITY

6.7 (L1) Ensure 'Audit Authentication Policy Change' is set to include 'Success'CIS Microsoft Intune for Windows 10 v4.0.0 L1Windows

AUDIT AND ACCOUNTABILITY

6.18 (L1) Ensure 'Object Access Audit Detailed File Share' is set to include 'Failure'CIS Microsoft Intune for Windows 10 v4.0.0 L1Windows

AUDIT AND ACCOUNTABILITY

6.21 (L1) Ensure 'Policy Change Audit MPSSVC Rule Level Policy Change' is set to 'Success and Failure'CIS Microsoft Intune for Windows 10 v4.0.0 L1Windows

AUDIT AND ACCOUNTABILITY

17.1.1 (L1) Ensure 'Audit Credential Validation' is set to 'Success and Failure'CIS Microsoft Windows Server 2022 Stand-alone v1.0.0 L1 MSWindows

AUDIT AND ACCOUNTABILITY

17.1.1 (L1) Ensure 'Audit Credential Validation' is set to 'Success and Failure'CIS Microsoft Windows Server 2019 Stand-alone v3.0.0 L1 MSWindows

AUDIT AND ACCOUNTABILITY

17.2.2 (L1) Ensure 'Audit Security Group Management' is set to include 'Success'CIS Microsoft Windows 11 Enterprise v4.0.0 L1Windows

AUDIT AND ACCOUNTABILITY

17.5.1 (L1) Ensure 'Audit Account Lockout' is set to include 'Failure'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NGWindows

AUDIT AND ACCOUNTABILITY

17.5.3 (L1) Ensure 'Audit Logoff' is set to include 'Success'CIS Microsoft Windows Server 2016 v4.0.0 L1 DCWindows

AUDIT AND ACCOUNTABILITY

17.5.3 (L1) Ensure 'Audit Logoff' is set to include 'Success'CIS Microsoft Windows 11 Stand-alone v4.0.0 L1Windows

AUDIT AND ACCOUNTABILITY

17.5.3 (L1) Ensure 'Audit Logoff' is set to include 'Success'CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BLWindows

AUDIT AND ACCOUNTABILITY

17.5.3 (L1) Ensure 'Audit Logoff' is set to include 'Success'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NGWindows

AUDIT AND ACCOUNTABILITY

17.5.3 (L1) Ensure 'Audit Logoff' is set to include 'Success'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NGWindows

AUDIT AND ACCOUNTABILITY

17.5.3 (L1) Ensure 'Audit Logoff' is set to include 'Success'CIS Microsoft Windows Server 2019 v4.0.0 L1 DCWindows

AUDIT AND ACCOUNTABILITY

17.5.5 (L1) Ensure 'Audit Other Logon/Logoff Events' is set to 'Success and Failure'CIS Microsoft Windows Server 2016 v4.0.0 L1 DCWindows

AUDIT AND ACCOUNTABILITY

17.5.5 (L1) Ensure 'Audit Other Logon/Logoff Events' is set to 'Success and Failure'CIS Microsoft Windows Server 2022 Stand-alone v1.0.0 L1 MSWindows

AUDIT AND ACCOUNTABILITY

17.5.5 (L1) Ensure 'Audit Other Logon/Logoff Events' is set to 'Success and Failure'CIS Microsoft Windows Server 2019 v4.0.0 L1 DCWindows

AUDIT AND ACCOUNTABILITY

17.5.6 (L1) Ensure 'Audit Special Logon' is set to include 'Success'CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BLWindows

AUDIT AND ACCOUNTABILITY

17.5.6 (L1) Ensure 'Audit Special Logon' is set to include 'Success'CIS Microsoft Windows Server 2019 v4.0.0 L1 DCWindows

AUDIT AND ACCOUNTABILITY

17.6.1 (L1) Ensure 'Audit Detailed File Share' is set to include 'Failure'CIS Microsoft Windows Server 2022 Stand-alone v1.0.0 L1 MSWindows

AUDIT AND ACCOUNTABILITY

17.6.1 (L1) Ensure 'Audit Detailed File Share' is set to include 'Failure'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BLWindows

AUDIT AND ACCOUNTABILITY

17.6.1 (L1) Ensure 'Audit Detailed File Share' is set to include 'Failure'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NGWindows

AUDIT AND ACCOUNTABILITY

17.6.1 (L1) Ensure 'Audit Detailed File Share' is set to include 'Failure'CIS Microsoft Windows Server 2019 Stand-alone v3.0.0 L1 MSWindows

AUDIT AND ACCOUNTABILITY

17.6.1 (L1) Ensure 'Audit Detailed File Share' is set to include 'Failure'CIS Microsoft Windows Server 2019 v4.0.0 L1 DCWindows

AUDIT AND ACCOUNTABILITY

17.6.2 (L1) Ensure 'Audit File Share' is set to 'Success and Failure'CIS Microsoft Windows Server 2016 v4.0.0 L1 DCWindows

AUDIT AND ACCOUNTABILITY

17.6.2 (L1) Ensure 'Audit File Share' is set to 'Success and Failure'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NGWindows

AUDIT AND ACCOUNTABILITY

17.7.1 (L1) Ensure 'Audit Audit Policy Change' is set to include 'Success'CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLockerWindows

AUDIT AND ACCOUNTABILITY

17.7.1 (L1) Ensure 'Audit Audit Policy Change' is set to include 'Success'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1Windows

AUDIT AND ACCOUNTABILITY

17.7.1 (L1) Ensure 'Audit Audit Policy Change' is set to include 'Success'CIS Microsoft Windows Server 2019 v4.0.0 L1 MSWindows

AUDIT AND ACCOUNTABILITY

17.7.2 (L1) Ensure 'Audit Authentication Policy Change' is set to include 'Success'CIS Microsoft Windows Server 2022 Stand-alone v1.0.0 L1 MSWindows

AUDIT AND ACCOUNTABILITY

17.7.2 (L1) Ensure 'Audit Authentication Policy Change' is set to include 'Success'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1Windows

AUDIT AND ACCOUNTABILITY

17.7.2 (L1) Ensure 'Audit Authentication Policy Change' is set to include 'Success'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NGWindows

AUDIT AND ACCOUNTABILITY

17.7.2 (L1) Ensure 'Audit Authentication Policy Change' is set to include 'Success'CIS Microsoft Windows Server 2019 v4.0.0 L1 MSWindows

AUDIT AND ACCOUNTABILITY

17.7.3 (L1) Ensure 'Audit Authorization Policy Change' is set to include 'Success'CIS Microsoft Windows Server 2019 Stand-alone v3.0.0 L1 MSWindows

AUDIT AND ACCOUNTABILITY

17.7.4 (L1) Ensure 'Audit MPSSVC Rule-Level Policy Change' is set to 'Success and Failure'CIS Microsoft Windows 11 Enterprise v4.0.0 L1Windows

AUDIT AND ACCOUNTABILITY

17.7.4 (L1) Ensure 'Audit MPSSVC Rule-Level Policy Change' is set to 'Success and Failure'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BLWindows

AUDIT AND ACCOUNTABILITY

17.7.5 (L1) Ensure 'Audit Other Policy Change Events' is set to include 'Failure'CIS Microsoft Windows 11 Enterprise v4.0.0 L1Windows

AUDIT AND ACCOUNTABILITY

17.7.5 (L1) Ensure 'Audit Other Policy Change Events' is set to include 'Failure'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1Windows

AUDIT AND ACCOUNTABILITY

17.7.5 (L1) Ensure 'Audit Other Policy Change Events' is set to include 'Failure'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BLWindows

AUDIT AND ACCOUNTABILITY