Item Search

Name	Audit Name	Plugin	Category
2.1.3 Ensure Allowlist violations are enabled	CIS IBM AIX 7 v1.0.0 L2	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY
2.3 Ensure regular scans for unauthorized applications	CIS IBM AIX 7 v1.0.0 L2	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY
2.5 (L1) Host must only run binaries delivered via signed VIB	CIS VMware ESXi 8.0 v1.2.0 L1	VMware	CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY
2.5.4 Audit Location Services Access	CIS Apple macOS 12.0 Monterey v4.0.0 L2	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
2.5.4 Audit Location Services Access	CIS Apple macOS 11.0 Big Sur v4.0.0 L2	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
2.5.4 Audit Location Services Access	CIS Apple macOS 10.15 Catalina v3.0.0 L2	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
2.5.4 Audit Location Services Access	CIS Apple macOS 10.14 v2.0.0 L2	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
2.6.1.1 Audit iCloud Configuration	CIS Apple macOS 10.14 v2.0.0 L2	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
2.6.1.3 Audit Location Services Access	CIS Apple macOS 13.0 Ventura v3.0.0 L2	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
2.6.1.3 Audit Location Services Access	CIS Apple macOS 14.0 Sonoma v2.0.0 L2	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
2.6.1.3 Audit Location Services Access	CIS Apple macOS 15.0 Sequoia v1.0.0 L2	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
3.22 (L1) Host must deny shell access for the dcui account	CIS VMware ESXi 8.0 v1.2.0 L1	VMware	CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY
3.23 (L2) Host must deny shell access for the vpxuser account	CIS VMware ESXi 8.0 v1.2.0 L2	VMware	CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY
5.1.2 Ensure Apple Mobile File Integrity (AMFI) Is Enabled	CIS Apple macOS 12.0 Monterey Cloud-tailored v1.1.0 L1	Unix	CONFIGURATION MANAGEMENT
5.1.2 Ensure Apple Mobile File Integrity (AMFI) Is Enabled	CIS Apple macOS 13.0 Ventura Cloud-tailored v1.1.0 L1	Unix	CONFIGURATION MANAGEMENT
5.1.2 Ensure Apple Mobile File Integrity (AMFI) Is Enabled	CIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L1	Unix	CONFIGURATION MANAGEMENT
5.1.2 Ensure Apple Mobile File Integrity (AMFI) Is Enabled	CIS Apple macOS 15.0 Sequoia Cloud-tailored v1.0.0 L1	Unix	CONFIGURATION MANAGEMENT
5.1.2 Ensure System Integrity Protection Status (SIP) Is Enabled	CIS Apple macOS 10.15 Catalina v3.0.0 L1	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY
5.1.2 Ensure System Integrity Protection Status (SIP) Is Enabled	CIS Apple macOS 11.0 Big Sur v4.0.0 L1	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY
5.1.2 Ensure System Integrity Protection Status (SIP) Is Enabled	CIS Apple macOS 14.0 Sonoma v2.0.0 L1	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY
5.1.2 Ensure System Integrity Protection Status (SIP) Is Enabled	CIS Apple macOS 12.0 Monterey v4.0.0 L1	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY
5.1.2 Ensure System Integrity Protection Status (SIP) Is Enabled	CIS Apple macOS 13.0 Ventura v3.0.0 L1	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY
5.1.2 Ensure System Integrity Protection Status (SIP) Is Enabled	CIS Apple macOS 15.0 Sequoia v1.0.0 L1	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY
5.1.2 Ensure System Integrity Protection Status (SIPS) Is Enabled	CIS Apple macOS 10.14 v2.0.0 L1	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY
5.1.3 Ensure Apple Mobile File Integrity (AMFI) Is Enabled	CIS Apple macOS 10.15 Catalina v3.0.0 L1	Unix	CONFIGURATION MANAGEMENT
5.1.3 Ensure Apple Mobile File Integrity (AMFI) Is Enabled	CIS Apple macOS 11.0 Big Sur v4.0.0 L1	Unix	CONFIGURATION MANAGEMENT
5.1.3 Ensure Apple Mobile File Integrity (AMFI) Is Enabled	CIS Apple macOS 14.0 Sonoma v2.0.0 L1	Unix	CONFIGURATION MANAGEMENT
5.1.3 Ensure Apple Mobile File Integrity (AMFI) Is Enabled	CIS Apple macOS 15.0 Sequoia v1.0.0 L1	Unix	CONFIGURATION MANAGEMENT
5.1.3 Ensure Apple Mobile File Integrity (AMFI) Is Enabled	CIS Apple macOS 13.0 Ventura v3.0.0 L1	Unix	CONFIGURATION MANAGEMENT
5.1.3 Ensure Apple Mobile File Integrity (AMFI) Is Enabled	CIS Apple macOS 12.0 Monterey v4.0.0 L1	Unix	CONFIGURATION MANAGEMENT
5.1.3 Ensure Apple Mobile File Integrity Is Enabled	CIS Apple macOS 10.14 v2.0.0 L1	Unix	CONFIGURATION MANAGEMENT
5.1.4 Ensure Library Validation Is Enabled	CIS Apple macOS 10.14 v2.0.0 L1	Unix	CONFIGURATION MANAGEMENT
5.2 (L1) Host must block network traffic by default	CIS VMware ESXi 8.0 v1.2.0 L1	VMware	CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY
6.3.1 Ensure Automatic Opening of Safe Files in Safari Is Disabled	CIS Apple macOS 14.0 Sonoma v2.0.0 L1	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY
6.3.1 Ensure Automatic Opening of Safe Files in Safari Is Disabled	CIS Apple macOS 15.0 Sequoia v1.0.0 L1	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY
6.12 Ensure that 'User consent for applications' is set to 'Do not allow user consent'	CIS Microsoft Azure Foundations v4.0.0 L1	microsoft_azure	ACCESS CONTROL, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION
6.13 Ensure that 'User consent for applications' is set to 'Allow user consent for apps from verified publishers, for selected permissions'	CIS Microsoft Azure Foundations v4.0.0 L2	microsoft_azure	CONFIGURATION MANAGEMENT
6.14 Ensure that 'Users can register applications' is set to 'No'	CIS Microsoft Azure Foundations v4.0.0 L1	microsoft_azure	ACCESS CONTROL, CONFIGURATION MANAGEMENT
11.3 Ensure the httpd_t Type is Not in Permissive Mode	CIS Apache HTTP Server 2.4 v2.2.0 L2	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT, MEDIA PROTECTION
11.4 Ensure Only the Necessary SELinux Booleans are Enabled	CIS Apache HTTP Server 2.4 v2.2.0 L2	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY
12.1 Ensure the AppArmor Framework Is Enabled	CIS Apache HTTP Server 2.4 v2.2.0 L2	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY
20.3 (L1) Ensure 'Microsoft Internet Explorer is not installed on the system'	CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1	Windows	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
MS.DEFENDER.5.1v1 - At a minimum, the alerts required by the CISA M365 Security Configuration Baseline for Exchange Online SHALL be enabled.	CISA SCuBA Microsoft 365 Defender v1.5.0	microsoft_azure	ACCESS CONTROL, SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY
MS.DEFENDER.5.2v1 - The alerts SHOULD be sent to a monitored address or incorporated into a Security Information and Event Management (SIEM).	CISA SCuBA Microsoft 365 Defender v1.5.0	microsoft_azure	ACCESS CONTROL, SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY
MS.EXO.16.1v1 - At a minimum, the following alerts SHALL be enabled:	CISA SCuBA Microsoft 365 Exchange Online v1.5.0	microsoft_azure	ACCESS CONTROL, SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, RISK ASSESSMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY
MS.EXO.16.2v1 - The alerts SHOULD be sent to a monitored address or incorporated into a security information and event management (SIEM) system.	CISA SCuBA Microsoft 365 Exchange Online v1.5.0	microsoft_azure	ACCESS CONTROL, SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

Detections

Analytics

Item Search