Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1 Ensure All Apple-provided Software Is CurrentCIS Apple macOS 13.0 Ventura Cloud-tailored v1.1.0 L1Unix

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

1.1 Ensure All Apple-provided Software Is CurrentCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L1Unix

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

1.1 Ensure All Apple-provided Software Is CurrentCIS Apple macOS 15.0 Sequoia Cloud-tailored v1.0.0 L1Unix

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

1.3 Ensure Download New Updates When Available Is EnabledCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L1Unix

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

1.3 Ensure Download New Updates When Available Is EnabledCIS Apple macOS 15.0 Sequoia Cloud-tailored v1.0.0 L1Unix

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

1.4 Ensure Install of macOS Updates Is EnabledCIS Apple macOS 13.0 Ventura Cloud-tailored v1.1.0 L1Unix

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

1.4 Ensure Install of macOS Updates Is EnabledCIS Apple macOS 15.0 Sequoia Cloud-tailored v1.0.0 L1Unix

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

1.5 Ensure Install Application Updates from the App Store Is EnabledCIS Apple macOS 15.0 Sequoia Cloud-tailored v1.0.0 L1Unix

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

2.1.2 Ensure the Time Service Is EnabledCIS Apple macOS 12.0 Monterey Cloud-tailored v1.1.0 L1Unix

AUDIT AND ACCOUNTABILITY

2.2.1.2 Ensure the Time Service Is EnabledCIS Apple macOS 15.0 Sequoia Cloud-tailored v1.0.0 L1Unix

AUDIT AND ACCOUNTABILITY

2.2.2.2 Ensure Content Caching Is DisabledCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L2Unix

CONFIGURATION MANAGEMENT

2.3.3 Ensure Gatekeeper Is EnabledCIS Apple macOS 15.0 Sequoia Cloud-tailored v1.0.0 L1Unix

SYSTEM AND INFORMATION INTEGRITY

2.4.1 Ensure an Inactivity Interval of 20 Minutes Or Less for the Screen Saver Is EnabledCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L1Unix

ACCESS CONTROL

2.4.2 Ensure Require Password After Screen Saver Begins or Display Is Turned Off Is Enabled for 5 Seconds or ImmediatelyCIS Apple macOS 15.0 Sequoia Cloud-tailored v1.0.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

2.4.2 Ensure Sending Diagnostic and Usage Data to Apple Is DisabledCIS Apple macOS 12.0 Monterey Cloud-tailored v1.1.0 L2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.4.4 Ensure Login Window Displays as Name and Password Is EnabledCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.5.1 Ensure Users' Accounts Do Not Have a Password HintCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

2.6.1 Ensure Guest Account Is DisabledCIS Apple macOS 15.0 Sequoia Cloud-tailored v1.0.0 L1Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, IDENTIFICATION AND AUTHENTICATION

3.2 Ensure Security Auditing Flags For User-Attributable Events Are Configured Per Local Organizational RequirementsCIS Apple macOS 12.0 Monterey Cloud-tailored v1.1.0 L2Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

3.4 Ensure Security Auditing Retention Is EnabledCIS Apple macOS 12.0 Monterey Cloud-tailored v1.1.0 L1Unix

AUDIT AND ACCOUNTABILITY

3.5 Ensure Access to Audit Records Is ControlledCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L1Unix

ACCESS CONTROL, MEDIA PROTECTION

4.3 Ensure NFS Server Is DisabledCIS Apple macOS 13.0 Ventura Cloud-tailored v1.1.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.3 Ensure NFS Server Is DisabledCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.3 Ensure NFS Server Is DisabledCIS Apple macOS 15.0 Sequoia Cloud-tailored v1.0.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.1.2 Ensure Apple Mobile File Integrity (AMFI) Is EnabledCIS Apple macOS 15.0 Sequoia Cloud-tailored v1.0.0 L1Unix

CONFIGURATION MANAGEMENT

5.1.3 Ensure Signed System Volume (SSV) Is EnabledCIS Apple macOS 15.0 Sequoia Cloud-tailored v1.0.0 L1Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.1.3 Ensure Signed System Volume (SSV) Is EnabledCIS Apple macOS 13.0 Ventura Cloud-tailored v1.1.0 L1Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.1.4 Ensure Appropriate Permissions Are Enabled for System Wide ApplicationsCIS Apple macOS 15.0 Sequoia Cloud-tailored v1.0.0 L1Unix

ACCESS CONTROL, MEDIA PROTECTION

5.1.4 Ensure Appropriate Permissions Are Enabled for System Wide ApplicationsCIS Apple macOS 12.0 Monterey Cloud-tailored v1.1.0 L1Unix

ACCESS CONTROL, MEDIA PROTECTION

5.1.5 Ensure No World Writable Folders Exist in the System FolderCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L1Unix

ACCESS CONTROL, MEDIA PROTECTION

5.1.6 Ensure No World Writable Folders Exist in the Library FolderCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L2Unix

ACCESS CONTROL, MEDIA PROTECTION

5.2.1 Ensure Password Account Lockout Threshold Is ConfiguredCIS Apple macOS 15.0 Sequoia Cloud-tailored v1.0.0 L1Unix

ACCESS CONTROL

5.2.3 Ensure Complex Password Must Contain Alphabetic Characters Is ConfiguredCIS Apple macOS 13.0 Ventura Cloud-tailored v1.1.0 L2Unix

IDENTIFICATION AND AUTHENTICATION

5.2.4 Ensure Complex Password Must Contain Numeric Character Is ConfiguredCIS Apple macOS 15.0 Sequoia Cloud-tailored v1.0.0 L2Unix

IDENTIFICATION AND AUTHENTICATION

5.2.5 Ensure Complex Password Must Contain Special Character Is ConfiguredCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L2Unix

IDENTIFICATION AND AUTHENTICATION

5.2.7 Ensure Password Age Is ConfiguredCIS Apple macOS 13.0 Ventura Cloud-tailored v1.1.0 L1Unix

ACCESS CONTROL

5.2.7 Ensure Password Age Is ConfiguredCIS Apple macOS 15.0 Sequoia Cloud-tailored v1.0.0 L1Unix

ACCESS CONTROL

5.2.8 Ensure Password History Is ConfiguredCIS Apple macOS 15.0 Sequoia Cloud-tailored v1.0.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

5.3 Ensure the Sudo Timeout Period Is Set to ZeroCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L1Unix

ACCESS CONTROL

5.3 Ensure the Sudo Timeout Period Is Set to ZeroCIS Apple macOS 15.0 Sequoia Cloud-tailored v1.0.0 L1Unix

ACCESS CONTROL

5.5 Ensure the "root" Account Is DisabledCIS Apple macOS 15.0 Sequoia Cloud-tailored v1.0.0 L1Unix

ACCESS CONTROL

5.6 Ensure an Administrator Account Cannot Login to Another User's Active and Locked SessionCIS Apple macOS 15.0 Sequoia Cloud-tailored v1.0.0 L1Unix

ACCESS CONTROL

5.6 Ensure an Administrator Account Cannot Login to Another User's Active and Locked SessionCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L1Unix

ACCESS CONTROL

5.7 Ensure an Administrator Account Cannot Log In to Another User's Active and Locked SessionCIS Apple macOS 12.0 Monterey Cloud-tailored v1.1.0 L1Unix

ACCESS CONTROL

5.8 Ensure the Guest Home Folder Does Not ExistCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.8 Ensure the Guest Home Folder Does Not ExistCIS Apple macOS 15.0 Sequoia Cloud-tailored v1.0.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.9 Ensure XProtect Is Running and UpdatedCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L1Unix

SYSTEM AND INFORMATION INTEGRITY

5.12 Ensure Logging Is Enabled for SudoCIS Apple macOS 15.0 Sequoia Cloud-tailored v1.0.0 L1Unix

ACCESS CONTROL

8.1.2.1 Ensure Microsoft Defender for APIs is set to 'On'CIS Microsoft Azure Foundations v5.0.0 L2microsoft_azure

SECURITY ASSESSMENT AND AUTHORIZATION, RISK ASSESSMENT

18.10.43.5.2 (L2) Ensure 'Join Microsoft MAPS' is set to 'Disabled'CIS Windows Server 2012 R2 MS L2 v3.0.0Windows

CONFIGURATION MANAGEMENT