9.1.5 (L1) Ensure 'Windows Firewall: Domain: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\domainfw.log' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | AUDIT AND ACCOUNTABILITY |
9.1.7 (L1) Ensure 'Windows Firewall: Domain: Logging: Log dropped packets' is set to 'Yes' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | AUDIT AND ACCOUNTABILITY |
9.1.8 (L1) Ensure 'Windows Firewall: Domain: Logging: Log successful connections' is set to 'Yes' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | AUDIT AND ACCOUNTABILITY |
9.2.5 (L1) Ensure 'Windows Firewall: Private: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\privatefw.log' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | AUDIT AND ACCOUNTABILITY |
9.2.7 (L1) Ensure 'Windows Firewall: Private: Logging: Log dropped packets' is set to 'Yes' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | AUDIT AND ACCOUNTABILITY |
9.2.8 (L1) Ensure 'Windows Firewall: Private: Logging: Log successful connections' is set to 'Yes' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | AUDIT AND ACCOUNTABILITY |
9.3.7 (L1) Ensure 'Windows Firewall: Public: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\publicfw.log' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | AUDIT AND ACCOUNTABILITY |
9.3.9 (L1) Ensure 'Windows Firewall: Public: Logging: Log dropped packets' is set to 'Yes' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | AUDIT AND ACCOUNTABILITY |
9.3.10 (L1) Ensure 'Windows Firewall: Public: Logging: Log successful connections' is set to 'Yes' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | AUDIT AND ACCOUNTABILITY |
17.9.1 (L1) Ensure 'Audit IPsec Driver' is set to 'Success and Failure' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | AUDIT AND ACCOUNTABILITY |
17.9.4 (L1) Ensure 'Audit Security System Extension' is set to include 'Success' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | AUDIT AND ACCOUNTABILITY |
17.9.5 (L1) Ensure 'Audit System Integrity' is set to 'Success and Failure' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | AUDIT AND ACCOUNTABILITY |
18.4.13 (L1) Ensure 'MSS: (WarningLevel) Percentage threshold for the security event log at which the system will generate a warning' is set to 'Enabled: 90% or less' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | AUDIT AND ACCOUNTABILITY |
APPL-11-001013 - The macOS system must be configured with audit log folders owned by root. | DISA STIG Apple macOS 11 v1r8 | Unix | AUDIT AND ACCOUNTABILITY |
APPL-11-001014 - The macOS system must be configured with audit log files group-owned by wheel. | DISA STIG Apple macOS 11 v1r5 | Unix | AUDIT AND ACCOUNTABILITY |
APPL-12-001012 - The macOS system must be configured with audit log files owned by root. | DISA STIG Apple macOS 12 v1r9 | Unix | AUDIT AND ACCOUNTABILITY |
APPL-13-000031 - The macOS system must be configured so that log folders do not contain access control lists (ACLs). | DISA STIG Apple macOS 13 v1r5 | Unix | AUDIT AND ACCOUNTABILITY |
APPL-13-001013 - The macOS system must be configured with audit log folders owned by root. | DISA STIG Apple macOS 13 v1r5 | Unix | AUDIT AND ACCOUNTABILITY |
Big Sur - Configure Audit Log Folders to Mode 700 or Less Permissive | NIST macOS Big Sur v1.4.0 - 800-53r4 Low | Unix | AUDIT AND ACCOUNTABILITY |
Catalina - Configure Audit Log Folder to Not Contain Access Control Lists | NIST macOS Catalina v1.5.0 - 800-53r5 High | Unix | AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY |
Catalina - Configure Audit Log Folders to Mode 700 or Less Permissive | NIST macOS Catalina v1.5.0 - 800-171 | Unix | AUDIT AND ACCOUNTABILITY |
Catalina - Configure Audit Log Folders to Mode 700 or Less Permissive | NIST macOS Catalina v1.5.0 - 800-53r4 Moderate | Unix | AUDIT AND ACCOUNTABILITY |
Catalina - Configure Audit Log Folders to Mode 700 or Less Permissive | NIST macOS Catalina v1.5.0 - 800-53r5 Moderate | Unix | AUDIT AND ACCOUNTABILITY |
CD12-00-010700 - PostgreSQL must protect its audit features from unauthorized access. | DISA STIG Crunchy Data PostgreSQL OS v3r1 | Unix | AUDIT AND ACCOUNTABILITY |
CD12-00-012200 - PostgreSQL must protect its audit configuration from unauthorized modification. | DISA STIG Crunchy Data PostgreSQL OS v3r1 | Unix | AUDIT AND ACCOUNTABILITY |
EPAS-00-002800 - The audit information produced by the EDB Postgres Advanced Server must be protected from unauthorized deletion. | EnterpriseDB PostgreSQL Advanced Server OS Linux v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
FGFW-ND-000135 - The FortiGate device must protect audit tools from unauthorized access. | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | AUDIT AND ACCOUNTABILITY |
FNFG-FW-000050 - The FortiGate firewall must protect traffic log records from unauthorized access while in transit to the central audit server - enc-algorithm | DISA Fortigate Firewall STIG v1r3 | FortiGate | AUDIT AND ACCOUNTABILITY |
FNFG-FW-000050 - The FortiGate firewall must protect traffic log records from unauthorized access while in transit to the central audit server. - set server | DISA Fortigate Firewall STIG v1r3 | FortiGate | AUDIT AND ACCOUNTABILITY |
GEN002710 - All system audit files must not have extended ACLs. | DISA STIG AIX 5.3 v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
GEN002715 - System audit tool executables must be owned by root - '/usr/sbin/audit' | DISA STIG AIX 5.3 v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
GEN002717 - System audit tool executables must have mode 0750 or less permissive - '/usr/sbin/auditpr' | DISA STIG AIX 5.3 v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
GEN002717 - System audit tool executables must have mode 0750 or less permissive - '/usr/sbin/auditpr' - suid | DISA STIG AIX 5.3 v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
GEN002717 - System audit tool executables must have mode 0750 or less permissive - '/usr/sbin/auditstream' | DISA STIG AIX 5.3 v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
GEN002717 - System audit tool executables must have mode 0750 or less permissive - '/usr/sbin/auditstream' - suid | DISA STIG AIX 5.3 v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
GEN002718 - System audit tool executables must not have extended ACLs - '/usr/sbin/audit' | DISA STIG AIX 5.3 v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
Monterey - Configure Audit Log Files to Not Contain Access Control Lists | NIST macOS Monterey v1.0.0 - 800-53r5 Moderate | Unix | AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY |
PHTN-67-000017 - The Photon operating system audit log must be group-owned by root. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | AUDIT AND ACCOUNTABILITY |
PHTN-67-000049 - The Photon operating system audit files and directories must have correct permissions. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | AUDIT AND ACCOUNTABILITY |
SHPT-00-000431 - SharePoint must protect audit information from unauthorized access to the trace data log files. | DISA STIG SharePoint 2010 v1r9 | Windows | AUDIT AND ACCOUNTABILITY |
SHPT-00-000435 - SharePoint must protect audit information from unauthorized modification of usage and health data collection logs. | DISA STIG SharePoint 2010 v1r9 | Windows | AUDIT AND ACCOUNTABILITY |
SHPT-00-000440 - SharePoint must protect audit information from unauthorized deletion of usage and health logs. | DISA STIG SharePoint 2010 v1r9 | Windows | AUDIT AND ACCOUNTABILITY |
SHPT-00-000441 - SharePoint must protect audit information from unauthorized deletion of trace log files. | DISA STIG SharePoint 2010 v1r9 | Windows | AUDIT AND ACCOUNTABILITY |
SHPT-00-000445 - SharePoint must protect audit tools from unauthorized access - 'Verify Site Collection Administrators' | DISA STIG SharePoint 2010 v1r9 | Windows | AUDIT AND ACCOUNTABILITY |
SHPT-00-000445 - SharePoint must protect audit tools from unauthorized access - 'Verify Users and Groups with Full Control' | DISA STIG SharePoint 2010 v1r9 | Windows | AUDIT AND ACCOUNTABILITY |
SYMP-NM-000120 - Symantec ProxySG must protect the Web Management Console, SSH, and command line interface (CLI) from unauthorized modification. | DISA Symantec ProxySG Benchmark NDM v1r2 | BlueCoat | AUDIT AND ACCOUNTABILITY |
SYMP-NM-000130 - Symantec ProxySG must protect the Web Management Console, SSH, and command line interface (CLI) from unauthorized access. | DISA Symantec ProxySG Benchmark NDM v1r2 | BlueCoat | AUDIT AND ACCOUNTABILITY |
VCPG-67-000005 - VMware Postgres database must protect log files from unauthorized access and modification. | DISA STIG VMware vSphere 6.7 PostgreSQL v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
WBSP-AS-000740 - The WebSphere Application Server must be configured to protect log information from any type of unauthorized read access. | DISA IBM WebSphere Traditional 9 STIG v1r1 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
WBSP-AS-000780 - The WebSphere Application Server wsadmin file must be protected from unauthorized modification. | DISA IBM WebSphere Traditional 9 STIG v1r1 Middleware | Unix | AUDIT AND ACCOUNTABILITY |