Item Search

Name	Audit Name	Plugin	Category
2.3.2 Secure screen saver corners - bottom left corner	CIS Apple OSX 10.10 Yosemite L2 v1.2.0	Unix	ACCESS CONTROL
2.3.2 Secure screen saver corners - top left corner	CIS Apple OSX 10.10 Yosemite L2 v1.2.0	Unix	ACCESS CONTROL
2.7.1 iCloud configuration	CIS Apple OSX 10.10 Yosemite L2 v1.2.0	Unix
2.12 Configure Secure Empty Trash	CIS Apple OSX 10.10 Yosemite L2 v1.2.0	Unix	CONFIGURATION MANAGEMENT
4.1 Disable Bonjour advertising service	CIS Apple OSX 10.10 Yosemite L2 v1.2.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
5.1.5 Check Library folder for world writable files	CIS Apple OSX 10.10 Yosemite L2 v1.2.0	Unix	ACCESS CONTROL
5.2.3 Complex passwords must contain an Alphabetic Character - 'RequiresAlpha'	CIS Apple OSX 10.10 Yosemite L1 v1.2.0	Unix
5.2.7 Password Age	CIS Apple OSX 10.10 Yosemite L1 v1.2.0	Unix	IDENTIFICATION AND AUTHENTICATION
5.4 Automatically lock the login keychain for inactivity	CIS Apple OSX 10.10 Yosemite L2 v1.2.0	Unix	IDENTIFICATION AND AUTHENTICATION
5.6 Enable OCSP and CRL certificate checking - CRLStyle	CIS Apple OSX 10.10 Yosemite L2 v1.2.0	Unix	IDENTIFICATION AND AUTHENTICATION
5.8 Disable automatic login	CIS Apple OSX 10.10 Yosemite L1 v1.2.0	Unix	ACCESS CONTROL
5.11 Disable ability to login to another user's active and locked session	CIS Apple OSX 10.10 Yosemite L1 v1.2.0	Unix	ACCESS CONTROL
5.12 Create a custom message for the Login Screen	CIS Apple OSX 10.10 Yosemite L1 v1.2.0	Unix	ACCESS CONTROL
5.13 Create a Login window banner	CIS Apple OSX 10.10 Yosemite L2 v1.2.0	Unix	ACCESS CONTROL
5.16 Secure individual keychain and items	CIS Apple OSX 10.10 Yosemite L2 v1.2.0	Unix
6.1.3 Disable guest account login	CIS Apple OSX 10.10 Yosemite L1 v1.2.0	Unix	ACCESS CONTROL
6.4 Safari disable Internet Plugins for global use	CIS Apple OSX 10.10 Yosemite L2 v1.2.0	Unix	CONFIGURATION MANAGEMENT
6.5 Use parental controls for systems that are not centrally managed	CIS Apple OSX 10.10 Yosemite L2 v1.2.0	Unix
AOSX-13-000006 - The macOS system must be configured to disable hot corners - wvous-bl-corner	DISA STIG Apple Mac OSX 10.13 v2r5	Unix	ACCESS CONTROL
AOSX-13-000006 - The macOS system must be configured to disable hot corners - wvous-tr-corner	DISA STIG Apple Mac OSX 10.13 v2r5	Unix	ACCESS CONTROL
AOSX-13-000010 - The macOS system must initiate a session lock after a 15-minute period of inactivity.	DISA STIG Apple Mac OSX 10.13 v2r5	Unix	ACCESS CONTROL
AOSX-13-000030 - The macOS system must monitor remote access methods and generate audit records when successful/unsuccessful attempts to access/modify privileges occur.	DISA STIG Apple Mac OSX 10.13 v2r5	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
AOSX-13-000050 - The macOS system must be configured to disable rshd service.	DISA STIG Apple Mac OSX 10.13 v2r5	Unix	CONFIGURATION MANAGEMENT
AOSX-13-000155 - The macOS system firewall must be configured with a default-deny policy.	DISA STIG Apple Mac OSX 10.13 v2r5	Unix	SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT
AOSX-13-000195 - The macOS system must be configured so that any connection to the system must display the Standard Mandatory DoD Notice and Consent Banner before granting access to the system - 'Banner text'	DISA STIG Apple Mac OSX 10.13 v2r5	Unix	ACCESS CONTROL
AOSX-13-000337 - The macOS system must be configured so that log files must not contain access control lists (ACLs).	DISA STIG Apple Mac OSX 10.13 v2r5	Unix	AUDIT AND ACCOUNTABILITY
AOSX-13-000338 - The macOS system must be configured so that log folders must not contain access control lists (ACLs).	DISA STIG Apple Mac OSX 10.13 v2r5	Unix	AUDIT AND ACCOUNTABILITY
AOSX-13-000520 - The macOS system must be configured to disable the system preference pane for iCloud.	DISA STIG Apple Mac OSX 10.13 v2r5	Unix	CONFIGURATION MANAGEMENT
AOSX-13-000535 - The macOS system must be configured to disable Location Services.	DISA STIG Apple Mac OSX 10.13 v2r5	Unix	CONFIGURATION MANAGEMENT
AOSX-13-000554 - The macOS system must not have a guest account - Guest fdesetup	DISA STIG Apple Mac OSX 10.13 v2r5	Unix	CONFIGURATION MANAGEMENT
AOSX-13-000565 - The macOS system must require individuals to be authenticated with an individual authenticator prior to using a group authenticator.	DISA STIG Apple Mac OSX 10.13 v2r5	Unix	IDENTIFICATION AND AUTHENTICATION
AOSX-13-000606 - The macOS system must not use unencrypted FTP.	DISA STIG Apple Mac OSX 10.13 v2r5	Unix	IDENTIFICATION AND AUTHENTICATION
AOSX-13-000780 - The macOS system must implement cryptographic mechanisms to protect the confidentiality and integrity of all information at rest.	DISA STIG Apple Mac OSX 10.13 v2r5	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
AOSX-13-000850 - The macOS system must restrict the ability of individuals to use USB storage devices - alert	DISA STIG Apple Mac OSX 10.13 v2r5	Unix	CONFIGURATION MANAGEMENT
AOSX-13-000862 - The macOS system must be configured to not allow iTunes file sharing.	DISA STIG Apple Mac OSX 10.13 v2r5	Unix	CONFIGURATION MANAGEMENT
AOSX-13-000925 - The macOS system must not allow an unattended or automatic logon to the system.	DISA STIG Apple Mac OSX 10.13 v2r5	Unix	CONFIGURATION MANAGEMENT
AOSX-13-000950 - The macOS firewall must have logging enabled.	DISA STIG Apple Mac OSX 10.13 v2r5	Unix	CONFIGURATION MANAGEMENT
AOSX-13-000975 - The macOS system must be configured to disable Remote Apple Events.	DISA STIG Apple Mac OSX 10.13 v2r5	Unix	CONFIGURATION MANAGEMENT
AOSX-13-001120 - The macOS system must be configured with the sticky bit set on all public directories.	DISA STIG Apple Mac OSX 10.13 v2r5	Unix	CONFIGURATION MANAGEMENT
AOSX-13-001130 - The macOS system must be configured so that users do not have Apple IDs signed into iCloud.	DISA STIG Apple Mac OSX 10.13 v2r5	Unix	CONFIGURATION MANAGEMENT
AOSX-13-001195 - The macOS system must not accept source-routed IPv4 packets.	DISA STIG Apple Mac OSX 10.13 v2r5	Unix	CONFIGURATION MANAGEMENT
AOSX-13-001270 - The macOS system must be configured to disable Internet Sharing.	DISA STIG Apple Mac OSX 10.13 v2r5	Unix	CONFIGURATION MANAGEMENT
AOSX-13-002106 - The macOS system must be configured with system log files set to mode 640 or less permissive - asl	DISA STIG Apple Mac OSX 10.13 v2r5	Unix	SYSTEM AND INFORMATION INTEGRITY
AOSX-13-002106 - The macOS system must be configured with system log files set to mode 640 or less permissive - newsyslog	DISA STIG Apple Mac OSX 10.13 v2r5	Unix	SYSTEM AND INFORMATION INTEGRITY
AOSX-13-030014 - The macOS system must be configured to lock the user session when a smart token is removed.	DISA STIG Apple Mac OSX 10.13 v2r5	Unix	ACCESS CONTROL
AOSX-14-000004 - The macOS system must initiate a session lock after a 15-minute period of inactivity.	DISA STIG Apple Mac OSX 10.14 v2r6	Unix	ACCESS CONTROL
AOSX-14-000007 - The macOS system must be configured to disable hot corners - bottom left	DISA STIG Apple Mac OSX 10.14 v2r6	Unix	ACCESS CONTROL
AOSX-14-000008 - The macOS system must be configured with Wi-Fi support software disabled.	DISA STIG Apple Mac OSX 10.14 v2r6	Unix	ACCESS CONTROL
AOSX-14-000011 - The macOS system must implement DoD-approved encryption to protect the confidentiality and integrity of remote access sessions including transmitted data and data during preparation for transmission - SSHD currently running	DISA STIG Apple Mac OSX 10.14 v2r6	Unix	ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION
AOSX-14-000014 - The macOS system must, for networked systems, compare internal information system clocks at least every 24 hours with a server that is synchronized to one of the redundant United States Naval Observatory (USNO) time servers or a time server designated for the appropriate DoD network (NIPRNet/SIPRNet) and/or the Global Positioning System (GPS) - Network Time On	DISA STIG Apple Mac OSX 10.14 v2r6	Unix	AUDIT AND ACCOUNTABILITY

Detections

Analytics

Item Search