Nov 25, 2025 Informational Update- 1.1.11 Ensure separate partition exists for /var/tmp
- 1.1.15 Ensure separate partition exists for /var/log
- 1.1.16 Ensure separate partition exists for /var/log/audit
- 1.1.17 Ensure separate partition exists for /home
- 1.1.28 Disable USB Storage
- 4.1.1.3 Ensure auditing for processes that start prior to auditd is enabled
- 4.1.2.1 Ensure audit log storage size is configured
- 4.1.3.1 Ensure events that modify date and time information are collected
- 4.1.3.10 Ensure use of privileged commands is collected
- 4.1.3.11 Ensure unsuccessful unauthorized file access attempts are collected
- 4.1.3.12 Ensure discretionary access control permission modification events are collected
- 4.1.3.13 Ensure login and logout events are collected
- 4.1.3.14 Ensure events that modify user/group information are collected
- 4.1.3.2 Ensure system administrator command executions (sudo) are collected
- 4.1.3.3 Ensure session initiation information is collected
- 4.1.3.4 Ensure events that modify the system's Mandatory Access Controls are collected
- 4.1.3.41 Ensure the audit configuration is immutable
- 4.1.3.5 Ensure events that modify the system's network environment are collected
- 4.1.3.6 Ensure successful file system mounts are collected
- 4.1.3.7 Ensure kernel module loading and unloading is collected
- 4.1.3.8 Ensure changes to system administration scope (sudoers) is collected
- 4.1.3.9 Ensure file deletion events by users are collected
- 6.1.1 Audit system file permissions
Miscellaneous- Metadata updated.
- Platform check updated.
- References updated.
Added- CIS_Amazon_Linux_2_STIG_v2.0.0_L2_Workstation.audit from CIS Amazon Linux 2 STIG v2.0.0
Removed- CIS_Amazon_Linux_2_STIG_v2.0.0_L2_Workstation.audit from CIS Amazon Linux 2 STIG Benchmark v2.0.0
|
Sep 19, 2025 Functional Update- 4.1.3.7 Ensure kernel module loading and unloading is collected
|
Sep 3, 2025 Functional Update- 3.4.2 Ensure SCTP is disabled
|
