API → UI component mappings · 90,813 documents
| ID | Document | Source |
|---|---|---|
| a4f2dd38eb7f86ef | SCA Check 15268: Ensure 'Allow indexing of encrypted files' is set to 'Disabled'. Policy: CIS Microsoft Windows Server 2012 R2 Benchmark v3.0.0 Tactics: ['TA0009', 'TA0010'] Techniques: ['T1119',… | wazuh-sca |
| 3ba5af002dd879e9 | SCA Check 15269: Ensure 'Set what information is shared in Search' is set to 'Enabled: Anonymous info'. Policy: CIS Microsoft Windows Server 2012 R2 Benchmark v3.0.0 Tactics: ['TA0007'] Techniques:… | wazuh-sca |
| 74c134da7ee16d1d | SCA Check 15270: Ensure 'Configure Windows Defender SmartScreen' is set to 'Enabled: Warn and prevent bypass'. Policy: CIS Microsoft Windows Server 2012 R2 Benchmark v3.0.0 Tactics: ['TA0002',… | wazuh-sca |
| d2915da1ecf3d9eb | SCA Check 15271: Ensure 'Configure Default consent' is set to 'Enabled: Always ask before sending data'. Policy: CIS Microsoft Windows Server 2012 R2 Benchmark v3.0.0 Tactics: ['TA0005'] Techniques:… | wazuh-sca |
| cee38747cb6193f9 | SCA Check 15272: Ensure 'Automatically send memory dumps for OS-generated error reports' is set to 'Disabled'. Policy: CIS Microsoft Windows Server 2012 R2 Benchmark v3.0.0 Tactics: ['TA0005']… | wazuh-sca |
| bc2452d6b6834afb | SCA Check 15273: Ensure 'Allow user control over installs' is set to 'Disabled'. Policy: CIS Microsoft Windows Server 2012 R2 Benchmark v3.0.0 Tactics: ['TA0005'] Techniques: ['T1036', 'T1564'] This… | wazuh-sca |
| 73a03b580dd2c021 | SCA Check 15274: Ensure 'Always install with elevated privileges' is set to 'Disabled'. Policy: CIS Microsoft Windows Server 2012 R2 Benchmark v3.0.0 Tactics: ['TA0006', 'TA0003'] Techniques:… | wazuh-sca |
| eed9c4c563c4be21 | SCA Check 15275: Ensure 'Prevent Internet Explorer security prompt for Windows Installer scripts' is set to 'Disabled'. Policy: CIS Microsoft Windows Server 2012 R2 Benchmark v3.0.0 Tactics:… | wazuh-sca |
| 5b957f2d0d25be89 | SCA Check 15276: Ensure 'Sign-in and lock last interactive user automatically after a restart' is set to 'Disabled'. Policy: CIS Microsoft Windows Server 2012 R2 Benchmark v3.0.0 Tactics: ['TA0006',… | wazuh-sca |
| c9ba31c88dd1b568 | SCA Check 15277: Ensure 'Turn on PowerShell Script Block Logging' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2012 R2 Benchmark v3.0.0 Tactics: ['TA0005', 'TA0006', 'TA0007']… | wazuh-sca |
| 35d15db189fde61d | SCA Check 15278: Ensure 'Turn on PowerShell Transcription' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2012 R2 Benchmark v3.0.0 Tactics: ['TA0007'] Techniques: ['T1595', 'T1046',… | wazuh-sca |
| 195c81bf6202161c | SCA Check 15279: Ensure 'Allow Basic authentication' is set to 'Disabled'. Policy: CIS Microsoft Windows Server 2012 R2 Benchmark v3.0.0 Tactics: ['TA0009', 'TA0010'] Techniques: ['T1005', 'T1025',… | wazuh-sca |
| eab62631141dad4b | SCA Check 15280: Ensure 'Allow unencrypted traffic' is set to 'Disabled'. Policy: CIS Microsoft Windows Server 2012 R2 Benchmark v3.0.0 Tactics: ['TA0009', 'TA0010'] Techniques: ['T1005', 'T1025',… | wazuh-sca |
| 9ca0b148f2108b02 | SCA Check 15281: Ensure 'Disallow Digest authentication' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2012 R2 Benchmark v3.0.0 Tactics: ['TA0009', 'TA0010'] Techniques: ['T1005',… | wazuh-sca |
| 75e5a14cc79c6f4a | SCA Check 15282: Ensure 'Allow Basic authentication' is set to 'Disabled'. Policy: CIS Microsoft Windows Server 2012 R2 Benchmark v3.0.0 Tactics: ['TA0009', 'TA0010'] Techniques: ['T1005', 'T1025',… | wazuh-sca |
| c700c996f7fe4206 | SCA Check 15283: Ensure 'Allow remote server management through WinRM' is set to 'Disabled'. Policy: CIS Microsoft Windows Server 2012 R2 Benchmark v3.0.0 Tactics: ['TA0005'] Techniques: ['T1036',… | wazuh-sca |
| d0f656ef404199d3 | SCA Check 15284: Ensure 'Allow unencrypted traffic' is set to 'Disabled'. Policy: CIS Microsoft Windows Server 2012 R2 Benchmark v3.0.0 Tactics: ['TA0009', 'TA0010'] Techniques: ['T1005', 'T1025',… | wazuh-sca |
| 3528661e12d5f20b | SCA Check 15285: Ensure 'Disallow WinRM from storing RunAs credentials' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2012 R2 Benchmark v3.0.0 Tactics: ['TA0004', 'TA0005'] Techniques:… | wazuh-sca |
| 9d07b18ddf5a2990 | SCA Check 15286: Ensure 'Allow Remote Shell Access' is set to 'Disabled'. Policy: CIS Microsoft Windows Server 2012 R2 Benchmark v3.0.0 Tactics: ['TA0005'] Techniques: ['T1036', 'T1564'] This policy… | wazuh-sca |
| fb1a5e3d38b32282 | SCA Check 15287: Ensure 'No auto-restart with logged on users for scheduled automatic updates installations' is set to 'Disabled'. Policy: CIS Microsoft Windows Server 2012 R2 Benchmark v3.0.0… | wazuh-sca |
| 5b85b32e2d2d33a6 | SCA Check 15288: Ensure 'Configure Automatic Updates' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2012 R2 Benchmark v3.0.0 Tactics: ['TA0043', 'TA0007'] Techniques: ['T1595', 'T1190',… | wazuh-sca |
| 0b27df1e6e137200 | SCA Check 15289: Ensure 'Configure Automatic Updates: Scheduled install day' is set to '0 - Every day'. Policy: CIS Microsoft Windows Server 2012 R2 Benchmark v3.0.0 Tactics: ['TA0043', 'TA0007']… | wazuh-sca |
| 98c4df4fbec5bcfc | SCA Check 27000: Ensure 'Enforce password history' is set to '24 or more password(s)'. Policy: CIS Microsoft Windows Server 2022 Benchmark v2.0.0 Tactics: ['TA0006', 'TA0003'] Techniques: ['T1078',… | wazuh-sca |
| 087cafb7fa2c8d36 | SCA Check 27001: Ensure 'Maximum password age' is set to '365 or fewer days, but not 0'. Policy: CIS Microsoft Windows Server 2022 Benchmark v2.0.0 Tactics: ['TA0006', 'TA0003'] Techniques: ['T1078',… | wazuh-sca |
| c3609cfe4d324c82 | SCA Check 27002: Ensure 'Minimum password age' is set to '1 or more day(s)'. Policy: CIS Microsoft Windows Server 2022 Benchmark v2.0.0 Tactics: ['TA0006', 'TA0003'] Techniques: ['T1078', 'T1098',… | wazuh-sca |
| 4878a13694f82bde | SCA Check 27003: Ensure 'Minimum password length' is set to '14 or more character(s)'. Policy: CIS Microsoft Windows Server 2022 Benchmark v2.0.0 Tactics: ['TA0006', 'TA0003'] Techniques: ['T1078',… | wazuh-sca |
| af0decc78f41af46 | SCA Check 27004: Ensure 'Relax minimum password length limits' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2022 Benchmark v2.0.0 Tactics: ['TA0006', 'TA0003'] Techniques: ['T1078',… | wazuh-sca |
| 814b88b197e912a1 | SCA Check 27005: Ensure 'Account lockout duration' is set to '15 or more minute(s)'. Policy: CIS Microsoft Windows Server 2022 Benchmark v2.0.0 Tactics: ['TA0006', 'TA0003'] Techniques: ['T1078',… | wazuh-sca |
| e167e43a5a5061de | SCA Check 27006: Ensure 'Account lockout threshold' is set to '5 or fewer invalid logon attempt(s), but not 0'. Policy: CIS Microsoft Windows Server 2022 Benchmark v2.0.0 Tactics: ['TA0006',… | wazuh-sca |
| 5d943795e1d981c1 | SCA Check 27007: Ensure 'Reset account lockout counter after' is set to '15 or more minute(s)'. Policy: CIS Microsoft Windows Server 2022 Benchmark v2.0.0 Tactics: ['TA0006', 'TA0003'] Techniques:… | wazuh-sca |
| 2056033cef75bc6c | SCA Check 27008: Ensure 'Accounts: Block Microsoft accounts' is set to 'Users can't add or log on with Microsoft accounts'. Policy: CIS Microsoft Windows Server 2022 Benchmark v2.0.0 Tactics:… | wazuh-sca |
| d3da40f9572b99de | SCA Check 27009: Ensure 'Accounts: Guest account status' is set to 'Disabled' (MS only). Policy: CIS Microsoft Windows Server 2022 Benchmark v2.0.0 Tactics: ['TA0005'] Techniques: ['T1036', 'T1564']… | wazuh-sca |
| 92f3c0d13a03fb74 | SCA Check 27010: Ensure 'Accounts: Limit local account use of blank passwords to console logon only' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2022 Benchmark v2.0.0 Tactics:… | wazuh-sca |
| 4b883287ea155d19 | SCA Check 27011: Configure 'Accounts: Rename administrator account'. Policy: CIS Microsoft Windows Server 2022 Benchmark v2.0.0 Tactics: ['TA0005'] Techniques: ['T1036', 'T1564'] The built-in local… | wazuh-sca |
| 800090a8e944d88b | SCA Check 27012: Configure 'Accounts: Rename guest account'. Policy: CIS Microsoft Windows Server 2022 Benchmark v2.0.0 Tactics: ['TA0005'] Techniques: ['T1036', 'T1564'] The built-in local guest… | wazuh-sca |
| 43cafd1a676d344e | SCA Check 27013: Ensure 'Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings' is set to 'Enabled'. Policy: CIS Microsoft Windows Server… | wazuh-sca |
| 7ee4914f91d3d67d | SCA Check 27014: Ensure 'Audit: Shut down system immediately if unable to log security audits' is set to 'Disabled'. Policy: CIS Microsoft Windows Server 2022 Benchmark v2.0.0 Tactics: ['TA0005',… | wazuh-sca |
| be46f86be61dc149 | SCA Check 27015: Ensure 'Devices: Allowed to format and eject removable media' is set to 'Administrators'. Policy: CIS Microsoft Windows Server 2022 Benchmark v2.0.0 Tactics: ['TA0009', 'TA0010']… | wazuh-sca |
| 2f0eaea96d4df495 | SCA Check 27016: Ensure 'Devices: Prevent users from installing printer drivers' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2022 Benchmark v2.0.0 Tactics: ['TA0007'] Techniques:… | wazuh-sca |
| d314a99c887b0bae | SCA Check 27017: Ensure 'Domain controller: Allow server operators to schedule tasks' is set to 'Disabled' (DC only). Policy: CIS Microsoft Windows Server 2022 Benchmark v2.0.0 Tactics: ['TA0007']… | wazuh-sca |
| 8b4f1294575b9cab | SCA Check 27018: Ensure 'Domain controller: Allow vulnerable Netlogon secure channel connections' is set to 'Not Configured' (DC Only). Policy: CIS Microsoft Windows Server 2022 Benchmark v2.0.0… | wazuh-sca |
| 1732d3b9ae874959 | SCA Check 27019: Ensure 'Domain controller: LDAP server channel binding token requirements' is set to 'Always' (DC Only). Policy: CIS Microsoft Windows Server 2022 Benchmark v2.0.0 Tactics:… | wazuh-sca |
| 4dd8db189d2be9b7 | SCA Check 27020: Ensure 'Domain controller: LDAP server signing requirements' is set to 'Require signing' (DC only). Policy: CIS Microsoft Windows Server 2022 Benchmark v2.0.0 Tactics: ['TA0009',… | wazuh-sca |
| 860d04c6d95c061a | SCA Check 27021: Ensure 'Domain controller: Refuse machine account password changes' is set to 'Disabled' (DC only). Policy: CIS Microsoft Windows Server 2022 Benchmark v2.0.0 Tactics: ['TA0005']… | wazuh-sca |
| 4338aa40ade87ccc | SCA Check 27022: Ensure 'Domain member: Digitally encrypt or sign secure channel data (always)' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2022 Benchmark v2.0.0 Tactics: ['TA0009',… | wazuh-sca |
| 3209b78eb3dce1fb | SCA Check 27023: Ensure 'Domain member: Digitally encrypt secure channel data (when possible)' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2022 Benchmark v2.0.0 Tactics: ['TA0009',… | wazuh-sca |
| e0ac1dc7ed929590 | SCA Check 27024: Ensure 'Domain member: Digitally sign secure channel data (when possible)' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2022 Benchmark v2.0.0 Tactics: ['TA0007']… | wazuh-sca |
| fe2722cdc9232b7b | SCA Check 27025: Ensure 'Domain member: Disable machine account password changes' is set to 'Disabled'. Policy: CIS Microsoft Windows Server 2022 Benchmark v2.0.0 Tactics: ['TA0007'] Techniques:… | wazuh-sca |
| 9029c3551f53c7cf | SCA Check 27026: Ensure 'Domain member: Maximum machine account password age' is set to '30 or fewer days, but not 0'. Policy: CIS Microsoft Windows Server 2022 Benchmark v2.0.0 Tactics: ['TA0007']… | wazuh-sca |
| 35e1faba1d581ded | SCA Check 27027: Ensure 'Domain member: Require strong (Windows 2000 or later) session key' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2022 Benchmark v2.0.0 Tactics: ['TA0007']… | wazuh-sca |