System32
Sysmon
Events
Compliance
Validator
TLS/SSL
GeoIP
Tools
Security Technical Implementation Guides (STIGs)
Product
Microsoft Windows 10
(91)
Severity
Medium
(72)
High
(15)
Low
(4)
SRG
SRG-OS-000480-GPOS-00227
(25)
SRG-OS-000095-GPOS-00049
(14)
SRG-OS-000134-GPOS-00068
(6)
SRG-OS-000324-GPOS-00125
(4)
SRG-OS-000138-GPOS-00069
(3)
SRG-OS-000341-GPOS-00132
(3)
SRG-OS-000368-GPOS-00154
(3)
SRG-OS-000373-GPOS-00156
(3)
SRG-OS-000373-GPOS-00157
(3)
SRG-OS-000021-GPOS-00005
(2)
SRG-OS-000042-GPOS-00020
(2)
SRG-OS-000057-GPOS-00027
(2)
SRG-OS-000073-GPOS-00041
(2)
SRG-OS-000076-GPOS-00044
(2)
SRG-OS-000080-GPOS-00048
(2)
SRG-OS-000023-GPOS-00006
(1)
SRG-OS-000029-GPOS-00010
(1)
SRG-OS-000062-GPOS-00031
(1)
SRG-OS-000069-GPOS-00037
(1)
SRG-OS-000074-GPOS-00042
(1)
SRG-OS-000075-GPOS-00043
(1)
SRG-OS-000077-GPOS-00045
(1)
SRG-OS-000078-GPOS-00046
(1)
SRG-OS-000104-GPOS-00051
(1)
SRG-OS-000120-GPOS-00061
(1)
SRG-OS-000121-GPOS-00062
(1)
SRG-OS-000329-GPOS-00128
(1)
SRG-OS-000433-GPOS-00192
(1)
SRG-OS-000474-GPOS-00219
(1)
SRG-OS-000480-GPOS-00229
(1)
CCIs
CCI-000366
(25)
CCI-000381
(14)
CCI-001084
(6)
CCI-002038
(6)
CCI-002235
(4)
CCI-001090
(3)
CCI-001764
(3)
CCI-001849
(3)
CCI-000135
(2)
CCI-000162,CCI-000163,CCI-000164
(2)
CCI-000213
(2)
CCI-004062,CCI-000196
(2)
CCI-000044
(1)
CCI-000044,CCI-002238
(1)
CCI-000048,CCI-000050,CCI-001384,CCI-001385,CCI-001386,CCI-001387,CCI-001388
(1)
CCI-000057
(1)
CCI-000169
(1)
CCI-000172
(1)
CCI-000192,CCI-000193,CCI-000194,CCI-001619
(1)
CCI-000197
(1)
CCI-000366
(1)
CCI-000764
(1)
CCI-000803
(1)
CCI-000804
(1)
CCI-002238
(1)
CCI-002824
(1)
CCI-004061
(1)
CCI-004066,CCI-000198
(1)
CCI-004066,CCI-000199
(1)
CCI-004066,CCI-000199
(1)
CCI-004066,CCI-000205
(1)
STIG IDs
WN10-00-000040
(1)
WN10-00-000045
(1)
WN10-00-000050
(1)
WN10-00-000090
(1)
WN10-00-000100
(1)
WN10-00-000110
(1)
WN10-00-000135
(1)
WN10-00-000150
(1)
WN10-00-000155
(1)
WN10-00-000165
(1)
WN10-00-000170
(1)
WN10-AC-000005
(1)
WN10-AC-000010
(1)
WN10-AC-000015
(1)
WN10-AC-000020
(1)
WN10-AC-000025
(1)
WN10-AC-000030
(1)
WN10-AC-000035
(1)
WN10-AC-000040
(1)
WN10-AC-000045
(1)
WN10-AU-000090
(1)
WN10-AU-000500
(1)
WN10-AU-000505
(1)
WN10-AU-000510
(1)
WN10-AU-000520
(1)
WN10-AU-000525
(1)
WN10-CC-000020
(1)
WN10-CC-000037
(1)
WN10-CC-000038
(1)
WN10-CC-000040
(1)
WN10-CC-000050
(1)
WN10-CC-000066
(1)
WN10-CC-000068
(1)
WN10-CC-000075
(1)
WN10-CC-000085
(1)
WN10-CC-000090
(1)
WN10-CC-000100
(1)
WN10-CC-000110
(1)
WN10-CC-000120
(1)
WN10-CC-000130
(1)
WN10-CC-000145
(1)
WN10-CC-000150
(1)
WN10-CC-000155
(1)
WN10-CC-000175
(1)
WN10-CC-000180
(1)
WN10-CC-000185
(1)
WN10-CC-000190
(1)
WN10-CC-000200
(1)
WN10-CC-000205
(1)
WN10-CC-000210
(1)
WN10-CC-000225
(1)
WN10-CC-000230
(1)
WN10-CC-000235
(1)
WN10-CC-000250
(1)
WN10-CC-000280
(1)
WN10-CC-000295
(1)
WN10-CC-000300
(1)
WN10-CC-000305
(1)
WN10-CC-000325
(1)
WN10-CC-000326
(1)
WN10-SO-000005
(1)
WN10-SO-000010
(1)
WN10-SO-000015
(1)
WN10-SO-000020
(1)
WN10-SO-000025
(1)
WN10-SO-000030
(1)
WN10-SO-000050
(1)
WN10-SO-000055
(1)
WN10-SO-000070
(1)
WN10-SO-000075
(1)
WN10-SO-000085
(1)
WN10-SO-000110
(1)
WN10-SO-000145
(1)
WN10-SO-000150
(1)
WN10-SO-000165
(1)
WN10-SO-000167
(1)
WN10-SO-000180
(1)
WN10-SO-000190
(1)
WN10-SO-000195
(1)
WN10-SO-000210
(1)
WN10-SO-000245
(1)
WN10-SO-000250
(1)
WN10-SO-000255
(1)
WN10-SO-000260
(1)
WN10-SO-000265
(1)
WN10-SO-000270
(1)
WN10-SO-000275
(1)
WN10-UR-000030
(1)
WN10-UR-000065
(1)
WN10-UR-000085
(1)
WN10-UR-000095
(1)
Rule IDs
SV-220745r1016407_rule
(1)
SV-220706r1050597_rule
(1)
SV-220707r1016358_rule
(1)
SV-220708r958472_rule
(1)
SV-220716r1051019_rule
(1)
SV-220718r958478_rule
(1)
SV-220720r958478_rule
(1)
SV-220724r991589_rule
(1)
SV-220727r958928_rule
(1)
SV-220728r958478_rule
(1)
SV-220730r958478_rule
(1)
SV-220731r958478_rule
(1)
SV-220739r958736_rule
(1)
SV-220740r958388_rule
(1)
SV-220741r958388_rule
(1)
SV-220742r1000079_rule
(1)
SV-220743r1038967_rule
(1)
SV-220744r1016406_rule
(1)
SV-220746r1051023_rule
(1)
SV-220747r1051024_rule
(1)
SV-220766r991583_rule
(1)
SV-220779r958752_rule
(1)
SV-220780r958752_rule
(1)
SV-220781r958752_rule
(1)
SV-220783r958434_rule
(1)
SV-220784r958434_rule
(1)
SV-220795r991589_rule
(1)
SV-220799r958518_rule
(1)
SV-220800r958478_rule
(1)
SV-220802r991589_rule
(1)
SV-220809r958422_rule
(1)
SV-220810r991589_rule
(1)
SV-220812r991589_rule
(1)
SV-220813r991589_rule
(1)
SV-220814r991589_rule
(1)
SV-220815r958478_rule
(1)
SV-220817r958478_rule
(1)
SV-220819r958478_rule
(1)
SV-220820r958478_rule
(1)
SV-220821r1051027_rule
(1)
SV-220822r1051028_rule
(1)
SV-220823r958524_rule
(1)
SV-220826r958478_rule
(1)
SV-220827r958804_rule
(1)
SV-220828r958804_rule
(1)
SV-220829r958804_rule
(1)
SV-220832r958518_rule
(1)
SV-220834r991589_rule
(1)
SV-220836r958478_rule
(1)
SV-220839r991589_rule
(1)
SV-220840r991589_rule
(1)
SV-220841r991589_rule
(1)
SV-220844r991589_rule
(1)
SV-220850r1051030_rule
(1)
SV-220853r991589_rule
(1)
SV-220854r958478_rule
(1)
SV-220855r958478_rule
(1)
SV-220859r991591_rule
(1)
SV-220860r958422_rule
(1)
SV-220908r958482_rule
(1)
SV-220909r958504_rule
(1)
SV-220910r991589_rule
(1)
SV-220911r991589_rule
(1)
SV-220912r991589_rule
(1)
SV-220913r958442_rule
(1)
SV-220917r991589_rule
(1)
SV-220918r991589_rule
(1)
SV-220920r958402_rule
(1)
SV-220921r958390_rule
(1)
SV-220923r991589_rule
(1)
SV-220926r987796_rule
(1)
SV-220929r991589_rule
(1)
SV-220930r958524_rule
(1)
SV-220932r958524_rule
(1)
SV-220933r1081053_rule
(1)
SV-220934r991589_rule
(1)
SV-220936r971535_rule
(1)
SV-220937r1051034_rule
(1)
SV-220939r991589_rule
(1)
SV-220944r1051035_rule
(1)
SV-220945r958518_rule
(1)
SV-220947r1051036_rule
(1)
SV-220948r958518_rule
(1)
SV-220949r958518_rule
(1)
SV-220950r1051037_rule
(1)
SV-220951r958518_rule
(1)
SV-220960r958726_rule
(1)
SV-220967r958726_rule
(1)
SV-220971r958472_rule
(1)
SV-220973r958726_rule
(1)
SV-250319r991589_rule
(1)
Tags
AppLocker
All AppLocker events
EventSentry
All EventSentry events
Security
All Windows Security events
stig
All stig events
Vulnerability ID
Severity
Description
V-220706
High
Windows 10 systems must be maintained at a supported servicing level
V-220832
Medium
Windows 10 administrator accounts must not be enumerated during elevation
V-220743
Medium
The maximum password age must be configured to 60 days or less.
V-220911
Medium
The built-in administrator account must be renamed
V-220745
Medium
Passwords must, at a minimum, be 14 characters
V-220744
Medium
The minimum password age must be configured to at least 1 day
V-220826
Low
The Application Compatibility Program Inventory must be prevented from collecting data and sendin...
V-220912
Medium
The built-in guest account must be renamed
V-220971
Medium
The Deny log on locally user right on workstations must be configured to prevent access from high...
V-220973
Medium
The Enable computer and user accounts to be trusted for delegation user right must not be assigne...
V-220910
Medium
Local accounts with blank passwords must be restricted to prevent access from the network
V-220799
Medium
Local administrator accounts must have their privileged token filtered to prevent elevated privil...
V-220908
Medium
The built-in administrator account must be disabled
V-220909
Medium
The built-in guest account must be disabled
V-220708
High
Local volumes must be formatted using NTFS
V-220855
Medium
Indexing of encrypted files must be turned off
V-220960
Medium
The Back up files and directories user right must only be assigned to the Administrators group
V-220766
Medium
The system must be configured to audit Object Access - Removable Storage successes
V-220739
Medium
Windows 10 account lockout duration must be configured to 15 minutes or greater
V-220810
Medium
Windows 10 must be configured to enable Remote host allows delegation of non-exportable credentials
V-220859
Medium
Automatically signing in the last interactive user after a system-initiated restart must be disabled
V-220746
Medium
The built-in Microsoft password complexity filter must be enabled
V-220741
Medium
The period of time before the bad logon counter is reset must be configured to 15 minutes
V-220747
High
Reversible password encryption must be disabled
V-220917
Low
The computer account password must not be prevented from being reset
V-220740
Medium
The number of allowed bad logon attempts must be configured to 3 or less
V-220944
Medium
User Account Control approval mode for the built-in Administrator must be enabled
V-220947
Medium
User Account Control must automatically deny elevation requests for standard users
V-220950
Medium
User Account Control must run all administrators in Admin Approval Mode, enabling UAC
V-220948
Medium
User Account Control must be configured to detect application installations and prompt for elevation
V-220951
Medium
User Account Control must virtualize file and registry write failures to per-user locations
V-220945
Medium
User Account Control must, at minimum, prompt administrators for consent on the secure desktop
V-220949
Medium
User Account Control must only elevate UIAccess applications that are installed in secure locations
V-220821
Medium
Users must be prompted for a password on resume from sleep (on battery)
V-220822
Medium
The user must be prompted for a password on resume from sleep (plugged in)
V-220809
Medium
Command line data must be included in process creation events
V-220779
Medium
The Application event log size must be configured to 32768 KB or greater
V-220780
Medium
The Security event log size must be configured to 1024000 KB or greater
V-220781
Medium
The System event log size must be configured to 32768 KB or greater
V-220913
Medium
Audit policy using subcategories must be enabled
V-220783
Medium
Windows 10 permissions for the Security event log must prevent access by non-privileged accounts
V-220784
Medium
Windows 10 permissions for the System event log must prevent access by non-privileged accounts
V-220827
High
Autoplay must be turned off for non-volume devices
V-220829
High
Autoplay must be disabled for all drives
V-220828
Medium
The default autorun behavior must be configured to prevent autorun commands
V-220800
Medium
WDigest Authentication must be disabled
V-220967
High
The Debug programs user right must only be assigned to the Administrators group
V-220812
High
Credential Guard must be running on Windows 10 domain-joined systems
V-220923
Low
Caching of logon credentials must be limited
V-220814
Medium
Group Policy objects must be reprocessed even if they have not changed
V-250319
Medium
Hardened UNC paths must be defined to require mutual authentication and integrity for at least th...
V-220820
Medium
Local users on domain-joined computers must not be enumerated
V-220918
Low
The maximum age for machine account passwords must be configured to 30 days or less
V-220939
Medium
The system must be configured to the required LDAP client signing level
V-220727
High
Structured Exception Handling Overwrite Protection (SEHOP) must be enabled
V-220839
Medium
File Explorer shell protocol must run in protected mode
V-220707
High
The Windows 10 system must use an anti-virus program
V-220815
Medium
Downloading print driver packages over HTTP must be prevented
V-220813
Medium
Early Launch Antimalware, Boot-Start Driver Initialization Policy must prevent boot drivers
V-220718
High
Internet Information System (IIS) or its subcomponents must not be installed on a workstation
V-220920
Medium
The machine inactivity limit must be set to 15 minutes, locking the system with the screensaver
V-220817
Medium
Printing over HTTP must be prevented
V-220823
High
Solicited Remote Assistance must not be allowed
V-220836
Medium
The Windows Defender SmartScreen for Explorer must be enabled
V-220724
Medium
A host-based firewall must be installed and enabled on the system
V-220854
Medium
Basic authentication for RSS feeds over HTTP must not be used
V-220819
Medium
The network selection user interface (UI) must not be displayed on the logon screen
V-220853
Medium
Attachments must be prevented from being downloaded from RSS feeds
V-220921
Medium
The required legal notice must be configured to display before console logon
V-220844
Medium
The Windows Defender SmartScreen filter for Microsoft Edge must be enabled
V-220841
Medium
Users must not be allowed to ignore Windows Defender SmartScreen filter warnings for unverified f...
V-220840
Medium
Users must not be allowed to ignore Windows Defender SmartScreen filter warnings for malicious we...
V-220929
High
Anonymous enumeration of SAM accounts must not be allowed
V-220930
High
Anonymous enumeration of shares must be restricted
V-220802
Medium
Insecure logons to an SMB server must be disabled
V-220936
Medium
Kerberos encryption types must be configured to prevent the use of DES and RC4 encryption suites
V-220937
High
The system must be configured to prevent the storage of the LAN Manager hash of passwords
V-220731
Medium
The Server Message Block (SMB) v1 protocol must be disabled on the SMB client
V-220730
Medium
The Server Message Block (SMB) v1 protocol must be disabled on the SMB server
V-220934
Medium
NTLM must be prevented from falling back to a Null session
V-220932
High
Anonymous access to Named Pipes and Shares must be restricted
V-220933
Medium
Remote calls to the Security Account Manager (SAM) must be restricted to Administrators
V-220926
Medium
Unencrypted passwords must not be sent to third-party SMB Servers
V-220795
Medium
IPv6 source routing must be configured to highest protection
V-220720
Medium
Simple TCP/IP Services must not be installed on the system
V-220742
Medium
The password history must be configured to 24 passwords remembered
V-220716
Medium
Accounts must be configured to require password expiration
V-220860
Medium
PowerShell script block logging must be enabled on Windows 10
V-220728
Medium
The Windows PowerShell 2.0 feature must be disabled on the system
V-220834
Medium
Windows Telemetry must not be configured to Full
V-220850
Medium
Remote Desktop Services must always prompt a client for passwords upon connection