Detections
Analytics

Item Search

NameAudit NamePluginCategory
Act as part of the operating systemMSCT Windows Server 2022 v1.0.0Windows

ACCESS CONTROL

Act as part of the operating systemMSCT Windows Server v20H2 MS v1.0.0Windows

ACCESS CONTROL

Act as part of the operating systemMSCT MSCT Windows Server 2022 DC v1.0.0Windows

ACCESS CONTROL

Act as part of the operating systemMSCT Windows 10 v2004 v1.0.0Windows

ACCESS CONTROL

Act as part of the operating systemMSCT Windows 10 v21H1 v1.0.0Windows

ACCESS CONTROL

Act as part of the operating systemMSCT Windows 10 v21H2 v1.0.0Windows

ACCESS CONTROL

Act as part of the operating systemMSCT Windows Server v2004 DC v1.0.0Windows

ACCESS CONTROL

Audit Account LockoutMSCT Windows 11 v22H2 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Audit Policy ChangeMSCT Windows 11 v24H2 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Authentication Policy ChangeMSCT Windows 10 v22H2 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Authentication Policy ChangeMSCT Windows 11 v23H2 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Credential ValidationMSCT Windows 11 v22H2 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Credential ValidationMSCT Windows 11 v23H2 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Credential ValidationMSCT Windows 11 v24H2 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Detailed File ShareMSCT Windows 11 v22H2 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Detailed File ShareMSCT Windows 11 v23H2 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit MPSSVC Rule-Level Policy ChangeMSCT Windows 11 v24H2 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Other Object Access EventsMSCT Windows 10 v22H2 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Other Object Access EventsMSCT Windows 11 v23H2 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Other Policy Change EventsMSCT Windows 10 v22H2 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Other Policy Change EventsMSCT Windows 11 v23H2 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit PNP ActivityMSCT Windows 11 v23H2 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Process CreationMSCT Windows 10 v22H2 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Process CreationMSCT Windows 11 v23H2 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Removable StorageMSCT Windows 11 v23H2 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Security Group ManagementMSCT Windows 11 v24H2 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Security State ChangeMSCT Windows 11 v22H2 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Security System ExtensionMSCT Windows 11 v23H2 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Sensitive Privilege UseMSCT Windows 11 v23H2 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Special LogonMSCT Windows 10 v22H2 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit System IntegrityMSCT Windows 11 v23H2 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit User Account ManagementMSCT Windows 11 v24H2 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Control whether exclusions are visible to local usersMSCT Windows 11 v24H2 v1.0.0Windows
Disable new DMA devices when this computer is lockedMSCT Windows 11 v24H2 v1.0.0Windows

CONFIGURATION MANAGEMENT

Disable new DMA devices when this computer is lockedMSCT Windows 11 v23H2 v1.0.0Windows

CONFIGURATION MANAGEMENT

MSS: (DisableIPSourceRouting IPv6) IP source routing protection level (protects against packet spoofing)MSCT Windows 10 v22H2 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

MSS: (DisableIPSourceRouting) IP source routing protection levelMSCT Windows 11 v24H2 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

MSS: (DisableIPSourceRouting) IP source routing protection level (protects against packet spoofing)MSCT Windows 11 v22H2 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routesMSCT Windows 11 v22H2 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Network access: Restrict clients allowed to make remote calls to SAMMSCT Windows 11 v24H2 v1.0.0Windows

ACCESS CONTROL

This security setting determines whether the builtin Administrator account is subject to account lockout policy - AllowAdministratorLockoutMSCT Windows 11 v22H2 v1.0.0Windows

ACCESS CONTROL

Turn on 64-bit tab processes when running in Enhanced Protected Mode on 64-bit versions of WindowsMSCT Windows Server v2004 DC v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Turn on 64-bit tab processes when running in Enhanced Protected Mode on 64-bit versions of WindowsMSCT Windows Server 2022 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Turn on 64-bit tab processes when running in Enhanced Protected Mode on 64-bit versions of WindowsMSCT Windows Server 2016 MS v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Turn on 64-bit tab processes when running in Enhanced Protected Mode on 64-bit versions of WindowsMSCT Windows Server v20H2 MS v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Turn on 64-bit tab processes when running in Enhanced Protected Mode on 64-bit versions of WindowsMSCT Windows 10 1909 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Turn on 64-bit tab processes when running in Enhanced Protected Mode on 64-bit versions of WindowsMSCT Windows 10 v20H2 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Turn on 64-bit tab processes when running in Enhanced Protected Mode on 64-bit versions of WindowsMSCT Windows 10 v21H1 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Turn on 64-bit tab processes when running in Enhanced Protected Mode on 64-bit versions of WindowsMSCT Windows 10 v21H2 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Turn on 64-bit tab processes when running in Enhanced Protected Mode on 64-bit versions of WindowsMSCT Windows Server v1909 MS v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION