Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1 Verify all Apple provided software is currentCIS Apple OSX 10.9 L1 v1.3.0Unix

SYSTEM AND INFORMATION INTEGRITY

1.4 Enable system data files and security update installs - ConfigDataInstallCIS Apple OSX 10.9 L1 v1.3.0Unix

SYSTEM AND INFORMATION INTEGRITY

1.4 Enable system data files and security update installs - CriticalUpdateInstallCIS Apple OSX 10.9 L1 v1.3.0Unix

SYSTEM AND INFORMATION INTEGRITY

2.1.1 Disable Bluetooth, if no paired devices existCIS Apple OSX 10.9 L1 v1.3.0Unix
2.2.2 Ensure time set is within appropriate limitsCIS Apple OSX 10.9 L1 v1.3.0Unix

CONFIGURATION MANAGEMENT

2.2.3 Restrict NTP server to loopback interfaceCIS Apple OSX 10.9 L1 v1.3.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

2.3.2 Secure screen saver corners - top right cornerCIS Apple OSX 10.9 L2 v1.3.0Unix

ACCESS CONTROL

2.4.9 Disable Remote Management - 'ARDAgent is not running'CIS Apple OSX 10.9 L1 v1.3.0Unix

CONFIGURATION MANAGEMENT

2.5.1 Disable "Wake for network access"CIS Apple OSX 10.9 L2 v1.3.0Unix

ACCESS CONTROL

2.5.2 Disable sleeping the computer when connected to powerCIS Apple OSX 10.9 L2 v1.3.0Unix

ACCESS CONTROL

2.5.5 Ensure Sending Diagnostic and Usage Data to Apple Is DisabledCIS Apple macOS 10.14 v2.0.0 L2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.5.8 Disable sending diagnostic and usage data to AppleCIS Apple macOS 10.13 L2 v1.1.0Unix

CONFIGURATION MANAGEMENT

2.6.2 Enable GatekeeperCIS Apple OSX 10.9 L1 v1.3.0Unix

CONFIGURATION MANAGEMENT

2.6.6 Enable Location ServicesCIS Apple OSX 10.9 L2 v1.3.0Unix

CONFIGURATION MANAGEMENT

2.7.2 iCloud keychainCIS Apple OSX 10.9 L2 v1.3.0Unix
2.9 Pair the remote control infrared receiver if enabled - 'DeviceEnabled = 1'CIS Apple OSX 10.9 L1 v1.3.0Unix

CONFIGURATION MANAGEMENT

3.1.1 Retain system.log for 90 or more daysCIS Apple OSX 10.9 L1 v1.3.0Unix

AUDIT AND ACCOUNTABILITY

3.1.3 Retain authd.log for 90 or more daysCIS Apple OSX 10.9 L1 v1.3.0Unix

AUDIT AND ACCOUNTABILITY

3.3 Configure Security Auditing Flags - 'audit successful/failed administrative events'CIS Apple OSX 10.9 L1 v1.3.0Unix

AUDIT AND ACCOUNTABILITY

3.3 Configure Security Auditing Flags - 'audit successful/failed file attribute modification events'CIS Apple OSX 10.9 L1 v1.3.0Unix

AUDIT AND ACCOUNTABILITY

5.1.5 Check Library folder for world writable filesCIS Apple OSX 10.9 L2 v1.3.0Unix

ACCESS CONTROL

5.2.2 Set a minimum password lengthCIS Apple OSX 10.9 L1 v1.3.0Unix

IDENTIFICATION AND AUTHENTICATION

5.2.3 Complex passwords must contain an Alphabetic CharacterCIS Apple OSX 10.9 L1 v1.3.0Unix

IDENTIFICATION AND AUTHENTICATION

5.13 Create a Login window bannerCIS Apple OSX 10.9 L2 v1.3.0Unix

ACCESS CONTROL

5.14 Do not enter a password-related hintCIS Apple OSX 10.9 L1 v1.3.0Unix

IDENTIFICATION AND AUTHENTICATION

5.15 Disable Fast User SwitchingCIS Apple OSX 10.9 L2 v1.3.0Unix

ACCESS CONTROL

6.1.1 Display login window as name and passwordCIS Apple OSX 10.9 L1 v1.3.0Unix

ACCESS CONTROL

6.1.3 Disable guest account loginCIS Apple OSX 10.9 L1 v1.3.0Unix

ACCESS CONTROL

6.1.4 Disable "Allow guests to connect to shared folders"CIS Apple OSX 10.9 L1 v1.3.0Unix

ACCESS CONTROL

6.2 Turn on filename extensionsCIS Apple OSX 10.9 L1 v1.3.0Unix

SYSTEM AND INFORMATION INTEGRITY

7.2 iSight Camera Privacy and Confidentiality ConcernsCIS Apple OSX 10.9 L2 v1.3.0Unix
7.4 Software Inventory ConsiderationsCIS Apple OSX 10.9 L2 v1.3.0Unix
7.5 Firewall ConsiderationCIS Apple OSX 10.9 L2 v1.3.0Unix
7.6 Automatic Actions for Optical MediaCIS Apple OSX 10.9 L1 v1.3.0Unix
7.8 Extensible Firmware Interface (EFI) passwordCIS Apple OSX 10.9 L2 v1.3.0Unix
AOSX-13-000005 - The macOS system must conceal, via the session lock, information previously visible on the display with a publicly viewable image.DISA STIG Apple Mac OSX 10.13 v2r5Unix

ACCESS CONTROL

AOSX-13-000020 - The macOS system must retain the session lock until the user reestablishes access using established identification and authentication procedures.DISA STIG Apple Mac OSX 10.13 v2r5Unix

ACCESS CONTROL

AOSX-13-000054 - The macOS system must implement approved Ciphers to protect the confidentiality of SSH connections.DISA STIG Apple Mac OSX 10.13 v2r5Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE

AOSX-13-000057 - The macOS system must enforce requirements for remote connections to the informationDISA STIG Apple Mac OSX 10.13 v2r5Unix

CONFIGURATION MANAGEMENT

AOSX-13-000070 - The macOS system must be configured with Wi-Fi support software disabled.DISA STIG Apple Mac OSX 10.13 v2r5Unix

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

AOSX-13-000115 - The macOS system must automatically remove or disable emergency accounts after the crisis is resolved or within 72 hours.DISA STIG Apple Mac OSX 10.13 v2r5Unix

ACCESS CONTROL

AOSX-13-000240 - The macOS system must enable System Integrity Protection.DISA STIG Apple Mac OSX 10.13 v2r5Unix

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

AOSX-13-000305 - The macOS system must provide an immediate warning to the System Administrator (SA) and Information System Security Officer (ISSO) (at a minimum) when allocated audit record storage volume reaches 75 percent of repository maximum audit record storage capacity.DISA STIG Apple Mac OSX 10.13 v2r5Unix

AUDIT AND ACCOUNTABILITY

AOSX-13-000330 - The macOS system must, for networked systems, compare internal information system clocks at least every 24 hours with a server that is synchronized to one of the redundant United States Naval Observatory (USNO) time servers or a time server designated for the appropriate DoD network (NIPRNet/SIPRNet) and/or the Global Positioning System (GPS).DISA STIG Apple Mac OSX 10.13 v2r5Unix

AUDIT AND ACCOUNTABILITY

AOSX-13-000331 - The macOS system must be configured with audit log files owned by root.DISA STIG Apple Mac OSX 10.13 v2r5Unix

AUDIT AND ACCOUNTABILITY

AOSX-13-000334 - The macOS system must be configured with audit log folders group-owned by wheel.DISA STIG Apple Mac OSX 10.13 v2r5Unix

AUDIT AND ACCOUNTABILITY

AOSX-13-000505 - The macOS system must be configured to disable the iCloud Calendar services.DISA STIG Apple Mac OSX 10.13 v2r5Unix

CONFIGURATION MANAGEMENT

AOSX-15-100001 - The macOS system must be a supported release.DISA STIG Apple Mac OSX 10.15 v1r10Unix

CONFIGURATION MANAGEMENT

DISA_STIG_Apple_macOS_14_Sonoma_v2r4.audit from DISA Apple macOS 14 Sonoma STIG v2r4DISA Apple macOS 14 Sonoma STIG v2r4Unix
DISA_STIG_Apple_OS_X_10.13_v2r5.audit from DISA Apple OS X 10.13 v2r5 STIGDISA STIG Apple Mac OSX 10.13 v2r5Unix