System32
Sysmon
Events
Compliance
Validator
TLS/SSL
GeoIP
Tools
Security Technical Implementation Guides (STIGs)
Product
macOS 26 - Tahoe
(16)
macOS 15 - Sequoia
(14)
Microsoft Windows Server 2016
(4)
Microsoft Windows Server 2025
(4)
Microsoft Windows 10
(3)
Microsoft Windows 11
(3)
Microsoft Windows Server 2019
(3)
Microsoft Windows Server 2022
(3)
Ubuntu 22.04
(3)
Severity
Medium
(53)
SRG
SRG-OS-000057-GPOS-00027
(53)
CCIs
CCI-000162
(22)
CCI-000162,CCI-000163,CCI-000164
(11)
CCI-000162,CCI-000163,CCI-000164,CCI-001493,CCI-001494,CCI-001495
(6)
CCI-000162,CCI-000163,CCI-000164,CCI-000171,CCI-001493,CCI-001494,CCI-001495
(4)
CCI-000162,CCI-000163,CCI-000164,CCI-000171,CCI-001914
(4)
CCI-000162,CCI-000163,CCI-000164,CCI-000172,CCI-001493,CCI-001494,CCI-001495,CCI-003938,CCI-002884
(4)
CCI-000162,CCI-000163
(1)
CCI-000162,CCI-000171
(1)
STIG IDs
APPL-15-001012
(1)
APPL-15-001013
(1)
APPL-15-001014
(1)
APPL-15-001015
(1)
APPL-15-001016
(1)
APPL-15-001017
(1)
APPL-15-001020
(1)
APPL-15-001021
(1)
APPL-15-001022
(1)
APPL-15-001023
(1)
APPL-15-001110
(1)
APPL-15-001120
(1)
APPL-15-001130
(1)
APPL-15-001140
(1)
APPL-26-000030
(1)
APPL-26-000031
(1)
APPL-26-001012
(1)
APPL-26-001013
(1)
APPL-26-001014
(1)
APPL-26-001015
(1)
APPL-26-001016
(1)
APPL-26-001017
(1)
APPL-26-001020
(1)
APPL-26-001021
(1)
APPL-26-001022
(1)
APPL-26-001023
(1)
APPL-26-001110
(1)
APPL-26-001120
(1)
APPL-26-001130
(1)
APPL-26-001140
(1)
UBTU-22-653045
(1)
UBTU-22-653050
(1)
UBTU-22-653055
(1)
WN10-AU-000520
(1)
WN10-AU-000525
(1)
WN10-UR-000130
(1)
WN11-AU-000520
(1)
WN11-AU-000525
(1)
WN11-UR-000130
(1)
WN16-AU-000030
(1)
WN16-AU-000040
(1)
WN16-AU-000050
(1)
WN16-UR-000260
(1)
WN19-AU-000040
(1)
WN19-AU-000050
(1)
WN19-UR-000170
(1)
WN22-AU-000040
(1)
WN22-AU-000050
(1)
WN22-UR-000170
(1)
WN25-AU-000030
(1)
WN25-AU-000040
(1)
WN25-AU-000050
(1)
WN25-UR-000170
(1)
Rule IDs
SV-205641r958434_rule
(1)
SV-205642r958434_rule
(1)
SV-205643r958434_rule
(1)
SV-220783r958434_rule
(1)
SV-220784r958434_rule
(1)
SV-220978r958434_rule
(1)
SV-253341r958434_rule
(1)
SV-253342r958434_rule
(1)
SV-253501r958434_rule
(1)
SV-254297r958434_rule
(1)
SV-254298r958434_rule
(1)
SV-254507r958434_rule
(1)
SV-260597r958434_rule
(1)
SV-260598r958434_rule
(1)
SV-260599r958434_rule
(1)
SV-268456r1034308_rule
(1)
SV-268457r1034311_rule
(1)
SV-268458r1034314_rule
(1)
SV-268459r1034317_rule
(1)
SV-268460r1034320_rule
(1)
SV-268461r1034323_rule
(1)
SV-268462r1034326_rule
(1)
SV-268463r1034329_rule
(1)
SV-268464r1034332_rule
(1)
SV-268465r1034335_rule
(1)
SV-268473r1034359_rule
(1)
SV-268474r1034362_rule
(1)
SV-268475r1034365_rule
(1)
SV-269095r1034760_rule
(1)
SV-277040r1148572_rule
(1)
SV-277041r1148575_rule
(1)
SV-277063r1148641_rule
(1)
SV-277064r1148644_rule
(1)
SV-277065r1148647_rule
(1)
SV-277066r1148650_rule
(1)
SV-277067r1148653_rule
(1)
SV-277068r1148656_rule
(1)
SV-277069r1148659_rule
(1)
SV-277070r1148662_rule
(1)
SV-277071r1148665_rule
(1)
SV-277072r1148668_rule
(1)
SV-277080r1148692_rule
(1)
SV-277081r1148695_rule
(1)
SV-277082r1148698_rule
(1)
SV-277083r1148701_rule
(1)
SV-278043r1180835_rule
(1)
SV-278044r1182051_rule
(1)
SV-278045r1180841_rule
(1)
SV-278257r1182225_rule
(1)
Tags
AppLocker
All AppLocker events
EventSentry
All EventSentry events
Security
All Windows Security events
stig
All stig events
Vulnerability ID
Severity
Description
V-254297
Medium
Windows Server 2022 permissions for the Security event log must prevent access by nonprivileged a...
V-205641
Medium
Windows Server 2019 permissions for the Security event log must prevent access by non-privileged ...
V-253341
Medium
Windows 11 permissions for the Security event log must prevent access by non-privileged accounts
V-220783
Medium
Windows 10 permissions for the Security event log must prevent access by non-privileged accounts
V-254298
Medium
Windows Server 2022 permissions for the System event log must prevent access by nonprivileged acc...
V-205642
Medium
Windows Server 2019 permissions for the System event log must prevent access by non-privileged ac...
V-253342
Medium
Windows 11 permissions for the System event log must prevent access by non-privileged accounts
V-220784
Medium
Windows 10 permissions for the System event log must prevent access by non-privileged accounts
V-260597
Medium
Ubuntu 22.04 LTS must be configured so that audit log files are not read- or write-accessible by ...
V-260598
Medium
Ubuntu 22.04 LTS must be configured to permit only authorized users ownership of the audit log files
V-260599
Medium
Ubuntu 22.04 LTS must permit only authorized groups ownership of the audit log files
V-224877
Medium
Permissions for the Application event log must prevent access by non-privileged accounts
V-224878
Medium
Permissions for the Security event log must prevent access by non-privileged accounts
V-224879
Medium
Permissions for the System event log must prevent access by non-privileged accounts
V-268456
Medium
The macOS system must configure audit log files to be owned by root
V-268457
Medium
The macOS system must configure audit log folders to be owned by root
V-268458
Medium
The macOS system must configure the audit log files group to wheel
V-268459
Medium
The macOS system must configure the audit log folders group to wheel
V-268460
Medium
The macOS system must configure audit log files to mode 440 or less permissive
V-268461
Medium
The macOS system must configure audit log folders to mode 700 or less permissive
V-268462
Medium
The macOS system must be configured to audit all deletions of object attributes
V-268463
Medium
The macOS system must be configured to audit all changes of object attributes
V-268464
Medium
The macOS system must be configured to audit all failed read actions on the system
V-268465
Medium
The macOS system must be configured to audit all failed write actions on the system
V-268473
Medium
The macOS system must configure audit_control group to wheel
V-268474
Medium
The macOS system must configure audit_control owner to root
V-268475
Medium
The macOS system must configure audit_control owner to mode 440 or less permissive
V-269095
Medium
The macOS system must configure audit_control to not contain access control lists (ACLs)
V-225086
Medium
The Manage auditing and security log user right must only be assigned to the Administrators group
V-278043
Medium
Windows Server 2025 permissions for the Application event log must prevent access by nonprivilege...
V-278044
Medium
Windows Server 2025 permissions for the Security event log must prevent access by nonprivileged a...
V-278045
Medium
Windows Server 2025 permissions for the System event log must prevent access by nonprivileged acc...
V-278257
Medium
The Windows Server 2025 "Manage auditing and security log" user right must only be assigned to th...
V-254507
Medium
Windows Server 2022 manage auditing and security log user right must only be assigned to the Admi...
V-205643
Medium
Windows Server 2019 Manage auditing and security log user right must only be assigned to the Admi...
V-253501
Medium
The "Manage auditing and security log" user right must only be assigned to the Administrators group
V-220978
Medium
The Manage auditing and security log user right must only be assigned to the Administrators group
V-277040
Medium
The macOS system must configure audit log files to not contain access control lists (ACLs)
V-277041
Medium
The macOS system must configure the audit log folder to not contain access control lists (ACLs)
V-277063
Medium
The macOS system must configure audit log files to be owned by root
V-277064
Medium
The macOS system must configure audit log folders to be owned by root
V-277065
Medium
The macOS system must configure the audit log files group to wheel
V-277066
Medium
The macOS system must configure the audit log folders group to wheel
V-277067
Medium
The macOS system must configure audit log files to mode 440 or less permissive
V-277068
Medium
The macOS system must configure audit log folders to mode 700 or less permissive
V-277069
Medium
The macOS system must be configured to audit all deletions of object attributes
V-277070
Medium
The macOS system must be configured to audit all changes of object attributes
V-277071
Medium
The macOS system must be configured to audit all failed read actions on the system
V-277072
Medium
The macOS system must be configured to audit all failed write actions on the system
V-277080
Medium
The macOS system must configure audit_control group to wheel
V-277081
Medium
The macOS system must configure audit_control owner to root
V-277082
Medium
The macOS system must configure audit_control owner to mode 440 or less permissive
V-277083
Medium
The macOS system must configure audit_control to not contain access control lists (ACLs)