Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.1.1 Ensure mounting of UDF filesystems is disabledCIS Bottlerocket L2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.2 Ensure systemd Service Files Are EnabledCIS PostgreSQL 15 OS v1.1.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.3.1 Ensure dm-verity is configuredCIS Bottlerocket L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.4.1 Ensure setuid programs do not create core dumpsCIS Bottlerocket L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.4.2 Ensure address space layout randomization (ASLR) is enabledCIS Bottlerocket L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.4.3 Ensure unprivileged eBPF is disabledCIS Bottlerocket L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.5.2 Ensure Lockdown is configuredCIS Bottlerocket L2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.1.1 Ensure a 'Consent Message' has been 'Configured'AirWatch - CIS Apple iOS 17 Benchmark v1.1.0 End User Owned L1MDM

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.2.1.6 Ensure 'Allow users to accept untrusted TLS certificates' is set to 'Disabled'MobileIron - CIS Apple iOS 17 v1.1.0 End User Owned L2MDM

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.2.1.6 Ensure 'Allow users to accept untrusted TLS certificates' is set to 'Disabled'AirWatch - CIS Apple iOS 17 v1.1.0 End User Owned L2MDM

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.4 Ensure External Users' role is set to 'No Access'CIS F5 Networks v1.0.0 L2F5

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.5 Ensure 'Ole Automation Procedures' Server Configuration Option is set to '0'CIS SQL Server 2022 Database L1 DB v1.1.0MS_SQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.5.1 Ensure 'Disable Association MAC Randomization' is 'Configured'MobileIron - CIS Apple iPadOS 17 v1.1.0 End User Owned L1MDM

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.5.8 Ensure a Custom Message for the Login Screen Is EnabledCIS Apple macOS 10.15 Catalina v3.0.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.6.2 Audit App Store Password SettingsCIS Apple macOS 10.14 v2.0.0 L2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.6.2 Audit App Store Password SettingsCIS Apple macOS 11.0 Big Sur v4.0.0 L2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.8 Ensure 'Scan For Startup Procs' Server Configuration Option is set to '0'CIS SQL Server 2022 Database L1 DB v1.1.0MS_SQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.8.1.1 Ensure the OS Is Not Active When Resuming from Standby (Intel)CIS Apple macOS 11.0 Big Sur v4.0.0 L2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.8.3 Ensure the OS is not Activate When Resuming from Sleep - Intel standbydelayhighCIS Apple macOS 10.15 Catalina v3.0.0 L2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.14 Audit DictationCIS Apple macOS 11.0 Big Sur v4.0.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.14 Ensure the 'sa' Login Account has been renamedCIS SQL Server 2017 Database L1 DB v1.3.0MS_SQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.17 Ensure no login exists with the name 'sa'CIS SQL Server 2017 Database L1 AWS RDS v1.3.0MS_SQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.1.1 Ensure 'Controls when the profile can be removed' is set to 'Never'MobileIron - CIS Apple iOS 17 Institution Owned L1MDM

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.1.16 Ensure 'debug_print_parse' is disabledCIS PostgreSQL 16 DB v1.0.0PostgreSQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.2.1 Ensure source routed packets are not acceptedCIS Bottlerocket L2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.2.1.13 Ensure 'Allow users to accept untrusted TLS certificates' is set to 'Disabled'MobileIron - CIS Apple iPadOS 17 Institutionally Owned L2MDM

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.2.1.15 Ensure 'Allow installing configuration profiles' is set to 'Disabled'AirWatch - CIS Apple iOS 17 Institution Owned L1MDM

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.2.1.15 Ensure 'Allow installing configuration profiles' is set to 'Disabled'MobileIron - CIS Apple iOS 17 Institution Owned L1MDM

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.2.1.18 Ensure 'Allow modifying cellular data app settings' is set to 'Disabled'MobileIron - CIS Apple iOS 17 Institution Owned L2MDM

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.2.1.18 Ensure 'Allow modifying cellular data app settings' is set to 'Disabled'AirWatch - CIS Apple iPadOS 17 Institutionally Owned L2MDM

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.2.2 Ensure ICMP redirects are not acceptedCIS Bottlerocket L2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.2.2.2 Ensure 'Accept cookies' is set to 'From websites I visit' or 'From current website only'MobileIron - CIS Apple iPadOS 17 Institutionally Owned L1MDM

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.2.2.2 Ensure 'Accept cookies' is set to 'From websites I visit' or 'From current website only'AirWatch - CIS Apple iOS 17 Institution Owned L1MDM

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.2.5 Ensure broadcast ICMP requests are ignoredCIS Bottlerocket L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.2.6 Ensure bogus ICMP responses are ignoredCIS Bottlerocket L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.2.7 Ensure TCP SYN Cookies is enabledCIS Bottlerocket L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.2 Ensure 'Idle timeout' is less than or equal to 10 minutes for SSH connectionsCIS F5 Networks v1.0.0 L1F5

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.3 Ensure excessive function privileges are revokedCIS PostgreSQL 12 DB v1.1.0PostgreSQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.4 Ensure 'Idle timeout' is less than or equal to 10 minutes for serial console sessionsCIS F5 Networks v1.0.0 L1F5

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.4 Ensure excessive DML privileges are revokedCIS PostgreSQL 16 DB v1.0.0PostgreSQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.7 Make use of predefined rolesCIS PostgreSQL 16 DB v1.0.0PostgreSQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.9 Make use of predefined rolesCIS PostgreSQL 13 DB v1.2.0PostgreSQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.9 Ensure system is set to hibernate - standbydelayhighCIS Apple macOS 10.14 v2.0.0 L2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.12 Ensure a Custom Message for the Login Screen Is EnabledCIS Apple macOS 10.14 v2.0.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

6.1.5 Ensure the Guest Home Folder Does Not ExistCIS Apple macOS 10.15 Catalina v3.0.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

6.1.5 Ensure the Guest Home Folder Does Not ExistCIS Apple macOS 11.0 Big Sur v4.0.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

6.3.4 Ensure 'user options' database flag for Cloud SQL SQL Server instance is not configuredCIS Google Cloud Platform v3.0.0 L1GCP

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

8.4.2 Ensure Autologon is disabledCIS VMware ESXi 6.7 v1.3.0 Level 2VMware

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

8.5.1 Ensure VM limits are configured correctly - Num Mem SharesCIS VMware ESXi 6.7 v1.3.0 Level 2VMware

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

8.6.2 Ensure virtual disk shrinking is disabledCIS VMware ESXi 6.7 v1.3.0 Level 1VMware

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION