Detections
Analytics

Revision 1.3Apr 9, 2025

Miscellaneous
  • Metadata updated.
Added
  • 1.8 (L2) Ensure 'Control SafeSites adult content filtering' is set to 'Enabled: Filter top level sites (but not embedded iframes) for adult content'
  • 2.12 (L2) Ensure 'Allow proceeding from the SSL warning page' is set to 'Disabled'
  • 2.15 (L2) Ensure 'Force Google SafeSearch' is set to 'Enabled'
  • 2.18 (L2) Ensure 'Require online OCSP/CRL checks for local trust anchors' is set to 'Enabled'
  • 2.2.2 (L2) Ensure 'Control use of the Web Bluetooth API' is set to 'Enabled: Do not allow any site to request access to Bluetooth devices via the Web Bluetooth API'
  • 2.2.3 (L2) Ensure 'Control use of the WebUSB API' is set to 'Enabled: Do not allow any site to request access to USB devices via the WebUSB API'
  • 2.2.4 (L2) Ensure 'Default notification setting' is set to 'Enabled: Do not allow any site to show desktop notifications'
  • 2.23 (L2) Ensure 'Determines whether the built-in certificate verifier will enforce constraints encoded into trust anchors loaded from the platform trust store' Is Enabled
  • 2.3.4 (L2) Ensure 'Default third-party storage partitioning setting' Is Enabled and Blocked
  • 2.3.6 (L2) Ensure 'Control Manifest v2 extension availability' Is Set to Forced Only
  • 2.4.1 (L2) Ensure 'Supported authentication schemes' is set to 'Enabled: ntlm, negotiate'
  • 2.5.1 (L2) Ensure 'Configure native messaging blocklist' is set to 'Enabled: *'
  • 3.1.1 (L2) Ensure 'Default cookies setting' is set to 'Enabled: Keep cookies for the duration of the session'
  • 3.14 (L2) Ensure 'Enable search suggestions' is set to 'Disabled'
  • 3.15 (L2) Ensure 'Enable Translate' is set to 'Disabled'
  • 3.5 (L2) Ensure 'Browser sign in settings' is set to 'Enabled: Disabled browser sign-in'
  • 4.1.1 (L2) Ensure 'Allow or deny screen capture' is set to 'Disabled'
  • 4.12 (L2) Ensure 'Allow or deny screen capture' is set to 'Disabled'
  • 4.2.1 (L2) Ensure 'Control use of the Serial API' is set to 'Enabled: Do not allow any site to request access to serial ports via the Serial API'
  • 4.2.2 (L2) Ensure 'Default Sensors Setting' is set to 'Enabled: Do not allow any site to access sensors'
  • 4.2.6 (L2) Ensure 'Default Window Management permissions setting' Is 'Enabled' to 'Deny Permission'
  • 4.2.7 (L2) Ensure 'Allow Window Management permission on these sites' Is Configured
  • 4.2.8 (L2) Ensure 'Block Window Management permission on these sites' Is Configured
  • 4.3 (L2) Ensure 'Allow invocation of file selection dialogs' is set to 'Disabled'
  • 4.4 (L2) Ensure 'Allow or deny audio capture' is set to 'Disabled'
  • 4.5 (L2) Ensure 'Allow or deny video capture' is set to 'Disabled'
  • 4.7 (L2) Ensure 'Controls the mode of DNS-over-HTTPS' is set to 'Enabled: DNS-over-HTTPS without insecure fallback'
  • 4.8 (L2) Ensure 'Enable AutoFill for addresses' is set to 'Disabled'
  • 5.1 (L2) Ensure 'Enable guest mode in browser' is set to 'Disabled'
  • 5.2 (L2) Ensure 'Incognito mode availability' is set to 'Enabled: Incognito mode disabled'
Removed
  • 1.8 Ensure 'Control SafeSites adult content filtering' is set to 'Enabled: Filter top level sites (but not embedded iframes) for adult content'
  • 2.12 Ensure 'Allow proceeding from the SSL warning page' is set to 'Disabled'
  • 2.15 Ensure 'Force Google SafeSearch' is set to 'Enabled'
  • 2.18 Ensure 'Require online OCSP/CRL checks for local trust anchors' is set to 'Enabled'
  • 2.2.2 Ensure 'Control use of the Web Bluetooth API' is set to 'Enabled: Do not allow any site to request access to Bluetooth devices via the Web Bluetooth API'
  • 2.2.3 Ensure 'Control use of the WebUSB API' is set to 'Enabled: Do not allow any site to request access to USB devices via the WebUSB API'
  • 2.2.4 Ensure 'Default notification setting' is set to 'Enabled: Do not allow any site to show desktop notifications'
  • 2.23 Ensure 'Determines whether the built-in certificate verifier will enforce constraints encoded into trust anchors loaded from the platform trust store' Is Enabled
  • 2.3.4 Ensure 'Default third-party storage partitioning setting' Is Enabled and Blocked
  • 2.3.6 Ensure 'Control Manifest v2 extension availability' Is Set to Forced Only
  • 2.4.1 Ensure 'Supported authentication schemes' is set to 'Enabled: ntlm, negotiate'
  • 2.5.1 Ensure 'Configure native messaging blocklist' is set to 'Enabled: *'
  • 3.1.1 Ensure 'Default cookies setting' is set to 'Enabled: Keep cookies for the duration of the session'
  • 3.14 Ensure 'Enable search suggestions' is set to 'Disabled'
  • 3.15 Ensure 'Enable Translate' is set to 'Disabled'
  • 3.5 Ensure 'Browser sign in settings' is set to 'Enabled: Disabled browser sign-in'
  • 4.1.1 Ensure 'Allow or deny screen capture' is set to 'Disabled'
  • 4.12 Ensure 'Allow or deny screen capture' is set to 'Disabled'
  • 4.2.1 Ensure 'Control use of the Serial API' is set to 'Enabled: Do not allow any site to request access to serial ports via the Serial API'
  • 4.2.2 Ensure 'Default Sensors Setting' is set to 'Enabled: Do not allow any site to access sensors'
  • 4.2.6 Ensure 'Default Window Management permissions setting' Is 'Enabled' to 'Deny Permission'
  • 4.2.7 Ensure 'Allow Window Management permission on these sites' Is Configured
  • 4.2.8 Ensure 'Block Window Management permission on these sites' Is Configured
  • 4.3 Ensure 'Allow invocation of file selection dialogs' is set to 'Disabled'
  • 4.4 Ensure 'Allow or deny audio capture' is set to 'Disabled'
  • 4.5 Ensure 'Allow or deny video capture' is set to 'Disabled'
  • 4.7 Ensure 'Controls the mode of DNS-over-HTTPS' is set to 'Enabled: DNS-over-HTTPS without insecure fallback'
  • 4.8 Ensure 'Enable AutoFill for addresses' is set to 'Disabled'
  • 5.1 Ensure 'Enable guest mode in browser' is set to 'Disabled'
  • 5.2 Ensure 'Incognito mode availability' is set to 'Enabled: Incognito mode disabled'