Detections
Analytics

Item Search

NameAudit NamePluginCategory
2.2.1.3 Ensure 'Allow managed apps to store data in iCloud' is set to 'Disabled'AirWatch - CIS Apple iOS 17 Benchmark v1.1.0 End User Owned L1MDM

CONFIGURATION MANAGEMENT

2.2.1.8 Ensure 'Allow documents from managed sources in unmanaged destinations' is set to 'Disabled'AirWatch - CIS Apple iOS 17 Benchmark v1.1.0 End User Owned L1MDM

ACCESS CONTROL, MEDIA PROTECTION

2.2.1.9 Ensure 'Allow documents from unmanaged sources in managed destinations' is set to 'Disabled'AirWatch - CIS Apple iOS 17 Benchmark v1.1.0 End User Owned L1MDM

ACCESS CONTROL, MEDIA PROTECTION

4.2 Ensure device is not obviously jailbroken or compromisedAirWatch - CIS Apple iOS 17 Benchmark v1.1.0 End User Owned L1MDM

SYSTEM AND SERVICES ACQUISITION

6.5.2 (L1) Host SSH daemon, if enabled, must use FIPS 140-2/140-3 validated cryptographic modulesCIS VMware ESXi 8.0 v1.1.0 L1 Bare MetalUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

12.22 Developer access to production databases - 'Disallow'CIS v1.1.0 Oracle 11g OS L1Unix
AIOS-14-011900 - Apple iOS must implement the management setting: not allow a user to remove Apple iOS configuration profiles that enforce DoD security requirements.MobileIron - DISA Apple iOS/iPadOS 14 v1r3MDM

CONFIGURATION MANAGEMENT

AIOS-15-013500 - Apple iOS must implement the management setting: not allow a user to remove Apple iOS configuration profiles that enforce DoD security requirements.MobileIron - DISA Apple iOS/iPadOS 14 v1r4MDM

CONFIGURATION MANAGEMENT

Audit SGID executablesTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Audit SUID executablesTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Big Sur - Enforce Enrollment in Mobile Device ManagementNIST macOS Big Sur v1.4.0 - All ProfilesUnix

CONFIGURATION MANAGEMENT

chrony is not installed - NTP serverTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Ensure no users have .forward filesTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Ensure no users have .netrc filesTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Ensure noexec option set on /tmp partitionTenable Cisco Firepower Management Center OS Best Practices AuditUnix

ACCESS CONTROL

Ensure ntp is configured - OPTIONS or ExecStart -u ntp:ntpTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Ensure only approved MAC algorithms are usedTenable Cisco Firepower Management Center OS Best Practices AuditUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Ensure packet redirect sending is disabled - /etc/sysctl ipv4 all sendTenable Cisco Firepower Management Center OS Best Practices AuditUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Ensure password creation requirements are configured - /etc/pam.d/* lcreditTenable Cisco Firepower Management Center OS Best Practices AuditUnix

IDENTIFICATION AND AUTHENTICATION

Ensure password creation requirements are configured - /etc/pam.d/* try_first_passTenable Cisco Firepower Management Center OS Best Practices AuditUnix

IDENTIFICATION AND AUTHENTICATION

Ensure permissions on /etc/cron.d are configuredTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Ensure permissions on /etc/cron.monthly are configuredTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Ensure permissions on /etc/gshadow are configured - permissionsTenable Cisco Firepower Management Center OS Best Practices AuditUnix

IDENTIFICATION AND AUTHENTICATION

Ensure permissions on /etc/issue are configuredTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Ensure permissions on /etc/issue.net are configuredTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Ensure permissions on /etc/passwd are configuredTenable Cisco Firepower Management Center OS Best Practices AuditUnix

IDENTIFICATION AND AUTHENTICATION

Ensure permissions on /etc/shadow- are configuredTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Ensure permissions on /etc/ssh/sshd_config are configuredTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Ensure permissions on all logfiles are configuredTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Ensure remote rsyslog messages are only accepted on designated log hosts - InputTCPServerRunTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Ensure remote syslog-ng messages are only accepted on designated log hostsTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Ensure root is the only UID 0 accountTenable Cisco Firepower Management Center OS Best Practices AuditUnix

ACCESS CONTROL

Ensure rsyslog default file permissions configuredTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Ensure rsyslog is configured to send logs to a remote log hostTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Ensure separate partition exists for /homeTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Ensure separate partition exists for /tmpTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Ensure session initiation information is collected - auditctl utmpTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Ensure session initiation information is collected - utmpTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Ensure sticky bit is set on all world-writable directoriesTenable Cisco Firepower Management Center OS Best Practices AuditUnix

ACCESS CONTROL

Ensure system administrator actions (sudolog) are collectedTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Ensure system administrator actions (sudolog) are collected - auditctlTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Ensure unsuccessful unauthorized file access attempts are collected - auditctl b64 EPERMTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Ensure unsuccessful unauthorized file access attempts are collected - b32 EPERMTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Ensure unsuccessful unauthorized file access attempts are collected - b64 EPERMTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Ensure use of privileged commands is collectedTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Ensure xinetd is not enabledTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Lockout for failed password attempts - 'auth required pam_faillock.so preauth audit silent deny=5 unlock_time=900'Tenable Cisco Firepower Management Center OS Best Practices AuditUnix

ACCESS CONTROL

Monterey - Enforce Enrollment in Mobile Device ManagementNIST macOS Monterey v1.0.0 - CNSSI 1253Unix

CONFIGURATION MANAGEMENT

NTP is not installed - restrict -4Tenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

NTP is not installed - restrict -6Tenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY