Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1 Ensure All Apple-provided Software Is CurrentCIS Apple macOS 15.0 Sequoia Cloud-tailored v1.0.0 L1Unix

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

1.2 Ensure Auto Update Is EnabledCIS Apple macOS 15.0 Sequoia Cloud-tailored v1.0.0 L1Unix

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

1.2.2.4 Ensure record active speaker, gallery view and shared screen separately is set to enabledCIS Zoom L2 v1.0.0Zoom

CONFIGURATION MANAGEMENT

1.3 Ensure Download New Updates When Available Is EnabledCIS Apple macOS 12.0 Monterey Cloud-tailored v1.1.0 L1Unix

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

1.4 Ensure Installation of App Update Is EnabledCIS Apple macOS 12.0 Monterey Cloud-tailored v1.1.0 L1Unix

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

2.1.1 Ensure Firewall Is EnabledCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L1Unix

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, INCIDENT RESPONSE, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

2.1.2 Ensure Firewall Stealth Mode Is EnabledCIS Apple macOS 15.0 Sequoia Cloud-tailored v1.0.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.1 Ensure Remote Apple Events Is DisabledCIS Apple macOS 12.0 Monterey Cloud-tailored v1.1.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.3.3 Ensure Gatekeeper Is EnabledCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L1Unix

SYSTEM AND INFORMATION INTEGRITY

2.4.1 Ensure an Inactivity Interval of 20 Minutes Or Less for the Screen Saver Is EnabledCIS Apple macOS 15.0 Sequoia Cloud-tailored v1.0.0 L1Unix

ACCESS CONTROL

2.4.2 Ensure Sending Diagnostic and Usage Data to Apple Is DisabledCIS Apple macOS 12.0 Monterey Cloud-tailored v1.1.0 L2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.4.6 Ensure a Password is Required to Wake the Computer From Sleep or Screen Saver Is EnabledCIS Apple macOS 12.0 Monterey Cloud-tailored v1.1.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

2.5.1 Ensure Users' Accounts Do Not Have a Password HintCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

2.5.1.1 Ensure External Intelligence Extensions Is DisabledCIS Apple macOS 15.0 Sequoia v2.0.0 L1Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.5.1.1 Ensure External Intelligence Extensions Is DisabledCIS Apple macOS 26 Tahoe v1.0.0 L1Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.6.3 Ensure Automatic Login Is DisabledCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

3.2 Ensure Security Auditing Flags For User-Attributable Events Are Configured Per Local Organizational RequirementsCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L2Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

3.2 Ensure Security Auditing Flags For User-Attributable Events Are Configured Per Local Organizational RequirementsCIS Apple macOS 13.0 Ventura Cloud-tailored v1.1.0 L2Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

3.3 Ensure install.log Is Retained for 365 or More Days and No Maximum SizeCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L1Unix

AUDIT AND ACCOUNTABILITY

3.4 Ensure Security Auditing Retention Is EnabledCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L1Unix

AUDIT AND ACCOUNTABILITY

3.6 Ensure Firewall Logging Is Enabled and ConfiguredCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L1Unix

AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION

5.1.1 Ensure Home Folders Are SecureCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L1Unix

ACCESS CONTROL, MEDIA PROTECTION

5.1.3 Ensure Signed System Volume (SSV) Is EnabledCIS Apple macOS 15.0 Sequoia Cloud-tailored v1.0.0 L1Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.1.4 Ensure Appropriate Permissions Are Enabled for System Wide ApplicationsCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L1Unix

ACCESS CONTROL, MEDIA PROTECTION

5.1.5 Ensure No World Writable Folders Exist in the System FolderCIS Apple macOS 13.0 Ventura Cloud-tailored v1.1.0 L1Unix

ACCESS CONTROL, MEDIA PROTECTION

5.2.1 Ensure Password Account Lockout Threshold Is ConfiguredCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L1Unix

ACCESS CONTROL

5.2.3 Ensure Complex Password Must Contain Alphabetic Characters Is ConfiguredCIS Apple macOS 12.0 Monterey Cloud-tailored v1.1.0 L2Unix

IDENTIFICATION AND AUTHENTICATION

5.2.4 Ensure Complex Password Must Contain Numeric Character Is ConfiguredCIS Apple macOS 13.0 Ventura Cloud-tailored v1.1.0 L2Unix

IDENTIFICATION AND AUTHENTICATION

5.2.5 Ensure Complex Password Must Contain Special Character Is ConfiguredCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L2Unix

IDENTIFICATION AND AUTHENTICATION

5.2.6 Ensure Complex Password Must Contain Uppercase and Lowercase Characters Is ConfiguredCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L2Unix

IDENTIFICATION AND AUTHENTICATION

5.2.6 Ensure Complex Password Must Contain Uppercase and Lowercase Characters Is ConfiguredCIS Apple macOS 13.0 Ventura Cloud-tailored v1.1.0 L2Unix

IDENTIFICATION AND AUTHENTICATION

5.2.7 Ensure Password Age Is ConfiguredCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L1Unix

ACCESS CONTROL

5.2.8 Ensure Password History Is ConfiguredCIS Apple macOS 13.0 Ventura Cloud-tailored v1.1.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

5.3 Ensure the Sudo Timeout Period Is Set to ZeroCIS Apple macOS 13.0 Ventura Cloud-tailored v1.1.0 L1Unix

ACCESS CONTROL

5.3 Ensure the Sudo Timeout Period Is Set to ZeroCIS Apple macOS 15.0 Sequoia Cloud-tailored v1.0.0 L1Unix

ACCESS CONTROL

5.3 Ensure the Sudo Timeout Period Is Set to ZeroCIS Apple macOS 12.0 Monterey Cloud-tailored v1.1.0 L1Unix

ACCESS CONTROL

5.5 Ensure the "root" Account Is DisabledCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L1Unix

ACCESS CONTROL

5.8 Ensure the Guest Home Folder Does Not ExistCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.9 Ensure XProtect Is Running and UpdatedCIS Apple macOS 13.0 Ventura Cloud-tailored v1.1.0 L1Unix

SYSTEM AND INFORMATION INTEGRITY

6.1.1 Ensure Login Window Displays as Name and Password Is EnabledCIS Apple macOS 12.0 Monterey Cloud-tailored v1.1.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

6.2 Ensure Show All Filename Extensions Setting is EnabledCIS Apple macOS 12.0 Monterey Cloud-tailored v1.1.0 L1Unix

CONFIGURATION MANAGEMENT

8.1.7.2 Ensure That Microsoft Defender for Open-Source Relational Databases Is Set To 'On'CIS Microsoft Azure Foundations v5.0.0 L2microsoft_azure

RISK ASSESSMENT, SYSTEM AND SERVICES ACQUISITION

AADC-CL-000295 - The Adobe Acrobat Pro DC Classic Send and Track plugin for Outlook must be disabled.DISA STIG Adobe Acrobat Pro DC Classic Track v2r1Windows

CONFIGURATION MANAGEMENT

AADC-CN-000295 - The Adobe Acrobat Pro DC Continuous Send and Track plugin for Outlook must be disabled.DISA STIG Adobe Acrobat Pro DC Continuous Track v2r1Windows

CONFIGURATION MANAGEMENT

ADBP-XI-000295 - The Adobe Acrobat Pro XI send and Track plugin for Outlook must be disabled.DISA Adobe Acrobat Pro XI STIG v1r2Windows

SYSTEM AND COMMUNICATIONS PROTECTION

AIOS-12-004100 - Apple iOS must not allow backup to remote systems (iCloud).AirWatch - DISA Apple iOS 12 v2r1MDM

CONFIGURATION MANAGEMENT

AIOS-13-004100 - Apple iOS/iPadOS must not allow backup to remote systems (iCloud).AirWatch - DISA Apple iOS/iPadOS 13 v2r1MDM

CONFIGURATION MANAGEMENT

AIOS-13-004100 - Apple iOS/iPadOS must not allow backup to remote systems (iCloud).MobileIron - DISA Apple iOS/iPadOS 13 v2r1MDM

CONFIGURATION MANAGEMENT

AOSX-15-002035 - The macOS system must be configured to disable the Cloud Setup services.DISA STIG Apple Mac OSX 10.15 v1r10Unix

CONFIGURATION MANAGEMENT

APPL-12-002035 - The macOS system must be configured to disable the Cloud Setup services.DISA STIG Apple macOS 12 v1r9Unix

CONFIGURATION MANAGEMENT