Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.8 - AirWatch - Turn off Ask to Join NetworksAirWatch - CIS Apple iOS 9 v1.0.0 L2MDM

ACCESS CONTROL

1.1.9 - AirWatch - Turn off Ask to Join NetworksAirWatch - CIS Apple iOS 8 v1.0.0 L2MDM

ACCESS CONTROL

1.2 Ensure Installation of Binary PackagesCIS PostgreSQL 10 OS v1.0.0Unix

CONFIGURATION MANAGEMENT

1.2 Ensure Installation of Binary PackagesCIS PostgreSQL 9.6 OS v1.0.0Unix

CONFIGURATION MANAGEMENT

1.2 Ensure Installation of Binary PackagesCIS PostgreSQL 9.5 OS v1.1.0Unix

CONFIGURATION MANAGEMENT

1.3 Ensure Installation of Community PackagesCIS PostgreSQL 9.6 OS v1.0.0Unix

SYSTEM AND INFORMATION INTEGRITY

1.3 Ensure Installation of Community PackagesCIS PostgreSQL 10 OS v1.0.0Unix

SYSTEM AND INFORMATION INTEGRITY

1.3 Ensure Installation of Community PackagesCIS PostgreSQL 9.5 OS v1.1.0Unix

SYSTEM AND INFORMATION INTEGRITY

2.6.6.6.2.6 Ensure 'Require that application add-ins are signed by Trusted Publisher' is set to 'Enabled'CIS Microsoft Office Enterprise v1.2.0 L1Windows

CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY

4.3 Ensure 'Install iOS Updates' of 'Automatic Updates' is set to 'Enabled'AirWatch - CIS Apple iOS 18 Benchmark v1.0.0 L1 End User OwnedMDM

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

4.3 Ensure 'Install iOS Updates' of 'Automatic Updates' is set to 'Enabled'MobileIron - CIS Apple iPadOS 18 v1.0.0 L1 End User OwnedMDM

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

4.3 Ensure 'Install iOS Updates' of 'Automatic Updates' is set to 'Enabled'MobileIron - CIS Apple iOS 17 v1.1.0 End User Owned L1MDM

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

4.3 Ensure 'Install iOS Updates' of 'Automatic Updates' is set to 'Enabled'MobileIron - CIS Apple iOS 17 Institution Owned L1MDM

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

4.3 Ensure 'Install iOS Updates' of 'Automatic Updates' is set to 'Enabled'MobileIron - CIS Apple iPadOS 17 Institutionally Owned L1MDM

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

4.3 Ensure 'Install iOS Updates' of 'Automatic Updates' is set to 'Enabled'AirWatch - CIS Apple iOS 18 v1.0.0 L1 Institution OwnedMDM

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

4.3 Ensure 'Install iOS Updates' of 'Automatic Updates' is set to 'Enabled'MobileIron - CIS Apple iPadOS 17 v1.1.0 End User Owned L1MDM

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

5.3.5 (L1) Ensure approval is required for Privileged Role Administrator activationCIS Microsoft 365 Foundations v5.0.0 L1 E5microsoft_azure

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

7.4 Set Extension Block List IntervalCIS Mozilla Firefox 38 ESR Windows L1 v1.0.0Windows

CONFIGURATION MANAGEMENT

18.8.7.1.1 Ensure 'Prevent installation of devices using drivers that match these device setup classes' is set to 'Enabled'CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0Windows

MEDIA PROTECTION

18.8.7.1.1 Ensure 'Prevent installation of devices using drivers that match these device setup classes' is set to 'Enabled'CIS Windows 7 Workstation Bitlocker v3.2.0Windows

MEDIA PROTECTION

18.8.7.1.1 Ensure 'Prevent installation of devices using drivers that match these device setup classes' is set to 'Enabled'CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0Windows

MEDIA PROTECTION

AIOS-14-011600 - The Apple iOS/iPadOS must be supervised by the MDM.MobileIron - DISA Apple iOS/iPadOS 14 v1r3MDM

ACCESS CONTROL, CONFIGURATION MANAGEMENT

AIOS-15-013200 - The Apple iOS/iPadOS 15 must be supervised by the MDM.MobileIron - DISA Apple iOS/iPadOS 14 v1r4MDM

CONFIGURATION MANAGEMENT

AIOS-18-015500 - Apple iOS/iPadOS 18 must disable the download of iOS/iPadOS beta updates.AirWatch - DISA Apple iOS/iPadOS 18 v1r1MDM

CONFIGURATION MANAGEMENT

AIOS-18-015500 - Apple iOS/iPadOS 18 must disable the download of iOS/iPadOS beta updates.MobileIron - DISA Apple iOS/iPadOS 18 v1r1MDM

CONFIGURATION MANAGEMENT

DTAM165 - McAfee VirusScan On-Access Default Processes Policies must be configured to detect unwanted programs.DISA McAfee VirusScan 8.8 Managed Client STIG v6r1Windows

SYSTEM AND INFORMATION INTEGRITY

DTAVSEL-101 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must be configured to decompress archives when scanning.McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5Unix

SYSTEM AND INFORMATION INTEGRITY

DTAVSEL-113 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must be configured to include all local drives and their sub-directories.McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5Unix

SYSTEM AND INFORMATION INTEGRITY

FireEye - List patchesTNS FireEyeFireEye

SYSTEM AND INFORMATION INTEGRITY

FireEye - Usernames listTNS FireEyeFireEye

ACCESS CONTROL

Fortigate - Disable auto USB installation - 'config'TNS Fortigate FortiOS Best Practices v2.0.0FortiGate

CONFIGURATION MANAGEMENT

Fortigate - Disable auto USB installation - 'image'TNS Fortigate FortiOS Best Practices v2.0.0FortiGate

CONFIGURATION MANAGEMENT

GOOG-11-001100 - Google Android 11 allow list must be configured to not include applications with the following characteristics:AirWatch - DISA Google Android 11 COBO v2r1MDM

CONFIGURATION MANAGEMENT

GOOG-11-001100 - Google Android 11 allow list must be configured to not include applications with the following characteristics:MobileIron - DISA Google Android 11 COBO v2r1MDM

CONFIGURATION MANAGEMENT

JUNI-RT-000270 - The Juniper perimeter router must be configured to block inbound packets with source Bogon IP address prefixes - filterDISA STIG Juniper Router RTR v3r2Juniper

SYSTEM AND COMMUNICATIONS PROTECTION

JUNI-RT-000270 - The Juniper perimeter router must be configured to block inbound packets with source Bogon IP address prefixes - prefix-listDISA STIG Juniper Router RTR v3r2Juniper

SYSTEM AND COMMUNICATIONS PROTECTION

Limits print driver installation to AdministratorsMSCT Windows 10 v22H2 v1.0.0Windows

SYSTEM AND INFORMATION INTEGRITY

Limits print driver installation to AdministratorsMSCT Windows 11 v23H2 v1.0.0Windows

SYSTEM AND INFORMATION INTEGRITY

Limits print driver installation to AdministratorsMSCT Windows 11 v22H2 v1.0.0Windows

SYSTEM AND INFORMATION INTEGRITY

List crash dumpsTNS Citrix HypervisorUnix

CONFIGURATION MANAGEMENT

List virtual disksTNS Citrix HypervisorUnix

CONFIGURATION MANAGEMENT

PANW-AG-000101 - The Palo Alto Networks security platform being used for TLS/SSL decryption using PKI-based user authentication must only accept end entity certificates issued by DoD PKI or DoD-approved PKI Certificate Authorities (CAs) for the establishment of protected sessions.DISA STIG Palo Alto ALG v3r4Palo_Alto

SYSTEM AND COMMUNICATIONS PROTECTION

Review the list of OpenStack TenantsTenable Best Practices OpenStack v2.0.0OpenStack

ACCESS CONTROL

Review the list of Rackspace TenantsTenable Best Practices RackSpace v2.0.0Rackspace

ACCESS CONTROL

WBSP-AS-000630 - The WebSphere Application Server must provide an immediate real-time alert of all log failure events - notificationDISA IBM WebSphere Traditional 9 STIG v1r1 MiddlewareUnix

AUDIT AND ACCOUNTABILITY

WBSP-AS-000630 - The WebSphere Application Server must provide an immediate real-time alert of all log failure events - enabledDISA IBM WebSphere Traditional 9 STIG v1r1 MiddlewareUnix

AUDIT AND ACCOUNTABILITY

WBSP-AS-000630 - The WebSphere Application Server must provide an immediate real-time alert of all log failure events - enabledDISA IBM WebSphere Traditional 9 STIG v1r1Unix

AUDIT AND ACCOUNTABILITY

WBSP-AS-000630 - The WebSphere Application Server must provide an immediate real-time alert of all log failure events - enabledDISA IBM WebSphere Traditional 9 Windows STIG v1r1Windows

AUDIT AND ACCOUNTABILITY

XenServer - List patchesTNS Citrix XenServerUnix

SYSTEM AND INFORMATION INTEGRITY

XenServer - List usersTNS Citrix XenServerUnix

ACCESS CONTROL