Item Search

NameAudit NamePluginCategory
2.2.9 Ensure 'Allow log on locally' is set to 'Administrators' (STIG only)CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DCWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.9 Ensure 'Allow log on locally' is set to 'Administrators' (STIG only)CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MSWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.26 Ensure 'Deny log on as a batch job' to include 'Guests' (STIG DC only)CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DCWindows

ACCESS CONTROL

2.3.8.2 (L1) Ensure 'Microsoft network client: Digitally sign communications (if server agrees)' is set to 'Enabled'CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BLWindows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.8.2 (L1) Ensure 'Microsoft network client: Digitally sign communications (if server agrees)' is set to 'Enabled'CIS Windows Server 2012 MS L1 v3.0.0Windows

IDENTIFICATION AND AUTHENTICATION

2.3.8.2 (L1) Ensure 'Microsoft network client: Digitally sign communications (if server agrees)' is set to 'Enabled'CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1Windows

IDENTIFICATION AND AUTHENTICATION

2.3.8.2 (L1) Ensure 'Microsoft network client: Digitally sign communications (if server agrees)' is set to 'Enabled'CIS Microsoft Windows Server 2025 v1.0.0 L1 MSWindows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.8.2 (L1) Ensure 'Microsoft network client: Digitally sign communications (if server agrees)' is set to 'Enabled'CIS Microsoft Windows 11 Stand-alone v4.0.0 L1Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.8.2 (L1) Ensure 'Microsoft network client: Digitally sign communications (if server agrees)' is set to 'Enabled'CIS Microsoft Windows 11 Enterprise v4.0.0 L1Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.8.2 Ensure 'Microsoft network client: Digitally sign communications (if server agrees)' is set to 'Enabled'CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 Domain ControllerWindows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

6.1.2 Configuring syslog - remote logging - auth.info in /etc/syslog.confCIS IBM AIX 7.1 L2 v2.1.0Unix

AUDIT AND ACCOUNTABILITY

7.2.2 Ensure syslog is configured to send logs to a remote log hostCIS IBM AIX 7 v1.0.0 L2Unix

AUDIT AND ACCOUNTABILITY

18.6.8.2 (L1) Ensure 'Require Encryption' is set to 'Enabled'CIS Microsoft Windows Server 2022 v4.0.0 L1 MSWindows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

18.6.8.7 (L1) Ensure 'Require Encryption' is set to 'Enabled'CIS Microsoft Windows Server 2025 v1.0.0 L1 DCWindows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

18.6.8.7 (L1) Ensure 'Require Encryption' is set to 'Enabled'CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BLWindows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

18.6.8.7 (L1) Ensure 'Require Encryption' is set to 'Enabled'CIS Microsoft Windows 11 Enterprise v4.0.0 L1Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

18.6.11.3 (L1) Ensure 'Require domain users to elevate when setting a network's location' is set to 'Enabled'CIS Windows Server 2012 MS L1 v3.0.0Windows

ACCESS CONTROL

18.6.11.3 (L1) Ensure 'Require domain users to elevate when setting a network's location' is set to 'Enabled'CIS Windows Server 2012 R2 DC L1 v3.0.0Windows

ACCESS CONTROL

18.6.11.4 (L1) Ensure 'Require domain users to elevate when setting a network's location' is set to 'Enabled'CIS Microsoft Windows Server 2016 v3.0.0 L1 DCWindows

ACCESS CONTROL

18.9.11.1.3 (BL) Ensure 'Choose how BitLocker-protected fixed drives can be recovered: Allow data recovery agent' is set to 'Enabled: True'CIS Microsoft Windows 8.1 v2.4.1 L2 BitlockerWindows

ACCESS CONTROL, CONTINGENCY PLANNING

18.9.11.1.14 (BL) Ensure 'Configure use of passwords for fixed data drives' is set to 'Disabled'CIS Microsoft Windows 8.1 v2.4.1 L2 BitlockerWindows

CONFIGURATION MANAGEMENT

18.9.11.2.11 Ensure 'Require additional authentication at startup' is set to 'Enabled'CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0Windows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

18.9.11.3.3 (BL) Ensure 'Choose how BitLocker-protected removable drives can be recovered: Allow data recovery agent' is set to 'Enabled: True'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

ACCESS CONTROL, CONTINGENCY PLANNING

18.9.20.1.3 (L2) Ensure 'Turn off handwriting personalization data sharing' is set to 'Enabled'CIS Microsoft Windows 11 Enterprise v4.0.0 L2Windows

CONFIGURATION MANAGEMENT

18.9.20.1.3 (L2) Ensure 'Turn off handwriting personalization data sharing' is set to 'Enabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L2 BLWindows

CONFIGURATION MANAGEMENT

18.9.59.3.9.1 Ensure 'Always prompt for password upon connection' is set to 'Enabled'CIS Microsoft Windows 8.1 v2.4.1 L1Windows

IDENTIFICATION AND AUTHENTICATION

18.9.65.3.9.1 Ensure 'Always prompt for password upon connection' is set to 'Enabled'CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MSWindows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

18.9.102.3 Ensure 'No auto-restart with logged on users for scheduled automatic updates installations' is set to 'Disabled'CIS Microsoft Windows 8.1 v2.4.1 L1Windows

SYSTEM AND INFORMATION INTEGRITY

18.10.9.1.6 (BL) Ensure 'Choose how BitLocker-protected fixed drives can be recovered: Omit recovery options from the BitLocker setup wizard' is set to 'Enabled: True'CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL NGWindows

SYSTEM AND COMMUNICATIONS PROTECTION

18.10.9.2.7 (BL) Ensure 'Choose how BitLocker-protected operating system drives can be recovered: Omit recovery options from the BitLocker setup wizard' is set to 'Enabled: True'CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL NGWindows

SYSTEM AND COMMUNICATIONS PROTECTION

18.10.44.6 (L1) Ensure 'Turn on Microsoft Defender Application Guard in Managed Mode' is set to 'Enabled: 1'CIS Microsoft Windows 11 Enterprise v4.0.0 L1Windows

SYSTEM AND INFORMATION INTEGRITY

18.10.44.6 (L1) Ensure 'Turn on Microsoft Defender Application Guard in Managed Mode' is set to 'Enabled: 1'CIS Microsoft Windows 11 Stand-alone v4.0.0 L1Windows

SYSTEM AND INFORMATION INTEGRITY

18.10.44.6 (L1) Ensure 'Turn on Microsoft Defender Application Guard in Managed Mode' is set to 'Enabled: 1'CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLockerWindows

SYSTEM AND INFORMATION INTEGRITY

18.10.44.6 (L1) Ensure 'Turn on Microsoft Defender Application Guard in Managed Mode' is set to 'Enabled: 1'CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BLWindows

SYSTEM AND INFORMATION INTEGRITY

CIS Control 2 (2.1(a)) Maintain and Inventory of Authorized SoftwareCAS Implementation Group 1 Audit FileUnix

CONFIGURATION MANAGEMENT

CIS Control 2 (2.1(b)) Maintain and Inventory of Authorized SoftwareCAS Implementation Group 1 Audit FileUnix

CONFIGURATION MANAGEMENT

CIS Control 8 (8.5) Configure Devices to Not Auto Run ContentCAS Implementation Group 1 Audit FileUnix
CIS Security Benchmark For Microsoft IIS 7.0/7.5 v1.8.0 Level I.CIS IIS 7 L1 v1.8.0Windows
CIS Security Benchmark For Microsoft IIS 7.0/7.5 v1.8.0 Level II.CIS IIS 7 L2 v1.8.0Windows
CIS_AIX_7.1_Benchmark_v2.1.0_Level_1.audit from CIS AIX 7.1 Benchmark v2.1.0 Level 1 BenchmarkCIS IBM AIX 7.1 L1 v2.1.0Unix
CIS_Apple_macOS_11.0_Big_Sur_v4.0.0_L2.audit from CIS Apple macOS 11.0 Big Sur Benchmark v4.0.0CIS Apple macOS 11.0 Big Sur v4.0.0 L2Unix
CIS_Oracle_Server_11g_R2_Unix_v2.2.0.audit from CIS Oracle Database Server 11g R2 benchmark v2.2.0CIS Oracle Server 11g R2 Unix v2.2.0Unix
CIS_Oracle_Server_11g_R2_Windows_v2.2.0.audit from CIS Oracle Database Server 11g R2 benchmark v2.2.0CIS Oracle Server 11g R2 Windows v2.2.0Windows
CIS_Red_Hat_EL8_Server_L1_v3.0.0.audit from CIS Red Hat Enterprise Linux 8 Benchmark v3.0.0CIS Red Hat EL8 Server L1 v3.0.0Unix
CIS_Red_Hat_EL8_Server_L2_v3.0.0.audit from CIS Red Hat Enterprise Linux 8 Benchmark v3.0.0CIS Red Hat EL8 Server L2 v3.0.0Unix
CIS_Red_Hat_EL8_Workstation_L1_v3.0.0.audit from CIS Red Hat Enterprise Linux 8 Benchmark v3.0.0CIS Red Hat EL8 Workstation L1 v3.0.0Unix
CIS_Ubuntu_16.04_LTS_Server_v2.0.0_L1.audit from CIS Ubuntu 16.04 LTS Server Benchmark L1 v2.0.0CIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0Unix
CIS_Ubuntu_16.04_LTS_Server_v2.0.0_L2.audit from CIS Ubuntu 16.04 LTS Server Benchmark L2 v2.0.0CIS Ubuntu Linux 16.04 LTS Server L2 v2.0.0Unix
CIS_Ubuntu_16.04_LTS_Workstation_v2.0.0_L1.audit from CIS Ubuntu 16.04 LTS Workstation Benchmark L1 v2.0.0CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0Unix
CIS_Ubuntu_16.04_LTS_Workstation_v2.0.0_L2.audit from CIS Ubuntu 16.04 LTS Workstation Benchmark L2 v2.0.0CIS Ubuntu Linux 16.04 LTS Workstation L2 v2.0.0Unix