Item Search

NameAudit NamePluginCategory
1.4 Ensure Install Application Updates from the App Store Is EnabledCIS Apple macOS 15.0 Sequoia v1.1.0 L1Unix

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

1.4 Ensure Installation of App Update Is EnabledCIS Apple macOS 12.0 Monterey Cloud-tailored v1.1.0 L1Unix

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

1.7 Audit Computer NameCIS Apple macOS 10.14 v2.0.0 L2Unix

CONFIGURATION MANAGEMENT, PROGRAM MANAGEMENT

2.1.1 Ensure a 'Consent Message' has been 'Configured'AirWatch - CIS Apple iPadOS 18 v1.0.0 L1 End User OwnedMDM

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.1.1 Ensure a 'Consent Message' has been 'Configured'AirWatch - CIS Apple iOS 17 Benchmark v1.1.0 End User Owned L1MDM

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.2.2.1 Ensure 'Force fraud warning' is set to 'Enabled'AirWatch - CIS Apple iOS 17 Benchmark v1.1.0 End User Owned L1MDM

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

2.2.2.1 Ensure 'Force fraud warning' is set to 'Enabled'MobileIron - CIS Apple iOS 17 v1.1.0 End User Owned L1MDM

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

2.2.2.1 Ensure 'Force fraud warning' is set to 'Enabled'AirWatch - CIS Apple iOS 18 Benchmark v1.0.0 L1 End User OwnedMDM

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.2 Ensure Screen Saver Corners Are Secure - top right cornerCIS Apple macOS 10.14 v2.0.0 L2Unix

ACCESS CONTROL

2.3.2 Secure screen saver corners - bottom left cornerCIS Apple macOS 10.12 L2 v1.2.0Unix

ACCESS CONTROL

2.4.5 Ensure 'Maximum grace period for device lock' is set to 'Immediately'MobileIron - CIS Apple iOS 17 v1.1.0 End User Owned L1MDM

ACCESS CONTROL

2.4.5 Ensure 'Maximum grace period for device lock' is set to 'Immediately'MobileIron - CIS Apple iPadOS 18 v1.0.0 L1 End User OwnedMDM

ACCESS CONTROL

2.5.1 Ensure Siri Is DisabledCIS Apple macOS 14.0 Sonoma v2.1.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.5.6 Enable Location ServicesCIS Apple macOS 10.13 L2 v1.1.0Unix

CONFIGURATION MANAGEMENT

2.5.7 Audit Camera Privacy and ConfidentialityCIS Apple macOS 10.14 v2.0.0 L2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.6.1 iCloud configurationCIS Apple macOS 10.13 L2 v1.1.0Unix

ACCESS CONTROL

2.6.1.3 Audit iCloud DriveCIS Apple macOS 10.14 v2.0.0 L2Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.6.2 iCloud keychainCIS Apple macOS 10.13 L2 v1.1.0Unix

ACCESS CONTROL

2.12 Securely delete files as neededCIS Apple macOS 10.13 L2 v1.1.0Unix

CONFIGURATION MANAGEMENT

3.2 Configure Security Auditing Flags - 'audit successful/failed file attribute modification events'CIS Apple macOS 10.12 L2 v1.2.0Unix

AUDIT AND ACCOUNTABILITY

3.2 Configure Security Auditing Flags per local organizational requirements - 'audit all failed events across all audit classes'CIS Apple macOS 10.13 L2 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

3.2.1 Restrict Recursive QueriesCIS ISC BIND 9.0/9.5 v2.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.2.1.1 Ensure 'Allow screenshots and screen recording' is set to 'Disabled'AirWatch - CIS Apple iOS 14 and iPadOS 14 Institution Owned L2MDM

ACCESS CONTROL

3.2.1.14 Ensure 'Allow installing configuration profiles' is set to 'Disabled'MobileIron - CIS Apple iOS 14 and iPadOS 14 Institution Owned L1MDM

CONFIGURATION MANAGEMENT

3.2.1.21 Ensure 'Treat AirDrop as unmanaged destination' is set to 'Enabled'MobileIron - CIS Apple iOS 14 and iPadOS 14 Institution Owned L1MDM

ACCESS CONTROL

3.2.1.24 Ensure 'Allow Handoff' is set to 'Disabled'AirWatch - CIS Apple iOS 18 v1.0.0 L1 Institution OwnedMDM

ACCESS CONTROL, MEDIA PROTECTION

3.2.1.27 Ensure 'Allow password sharing (supervised only)' is set to 'Disabled'MobileIron - CIS Apple iOS 14 and iPadOS 14 Institution Owned L1MDM

CONFIGURATION MANAGEMENT

3.2.2.1 Ensure 'Force fraud warning' is set to 'Enabled'AirWatch - CIS Apple iOS 17 Institution Owned L1MDM

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.2.2.1 Ensure 'Force fraud warning' is set to 'Enabled'AirWatch - CIS Apple iPadOS 17 Institutionally Owned L1MDM

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.4.1 Ensure 'Allow simple value' is set to 'Disabled'MobileIron - CIS Apple iOS 12 v1.0.0 Institution Owned L1MDM

IDENTIFICATION AND AUTHENTICATION

3.4.5 Ensure 'Maximum grace period for device lock' is set to 'Immediately'AirWatch - CIS Apple iOS 18 v1.0.0 L1 Institution OwnedMDM

ACCESS CONTROL

3.4.5 Ensure 'Maximum grace period for device lock' is set to 'Immediately'MobileIron - CIS Apple iPadOS 17 Institutionally Owned L1MDM

ACCESS CONTROL

3.6.1 Ensure 'Allow user to move messages from this account' is set to 'Disabled'AirWatch - CIS Apple iOS 14 and iPadOS 14 Institution Owned L1MDM

ACCESS CONTROL

4.3 Create network specific locationsCIS Apple macOS 10.12 L2 v1.2.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

5.1.4 Check Library folder for world writable filesCIS Apple macOS 10.13 L2 v1.1.0Unix

ACCESS CONTROL

5.2.4 Complex passwords must contain a Numeric CharacterCIS Apple macOS 10.13 L2 v1.1.0Unix

IDENTIFICATION AND AUTHENTICATION

5.2.6 Complex passwords must uppercase and lowercase lettersCIS Apple macOS 10.13 L2 v1.1.0Unix
5.4 Automatically lock the login keychain for inactivityCIS Apple macOS 10.13 L2 v1.1.0Unix

ACCESS CONTROL

5.18 Secure individual keychains and itemsCIS Apple macOS 10.12 L2 v1.2.0Unix

IDENTIFICATION AND AUTHENTICATION

7.2 iSight Camera Privacy and Confidentiality ConcernsCIS Apple macOS 10.13 L2 v1.1.0Unix

CONFIGURATION MANAGEMENT

7.4 Software Inventory ConsiderationsCIS Apple macOS 10.13 L2 v1.1.0Unix

CONFIGURATION MANAGEMENT

7.8 Extensible Firmware Interface (EFI) passwordCIS Apple macOS 10.12 L2 v1.2.0Unix

CONFIGURATION MANAGEMENT

7.11 App Store Password SettingsCIS Apple macOS 10.13 L2 v1.1.0Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT

17.2.5 Ensure 'Audit Other Account Management Events' is set to include 'Success' (STIG only)CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MSWindows

AUDIT AND ACCOUNTABILITY

Big Sur - Enforce Apple Mobile File IntegrityNIST macOS Big Sur v1.4.0 - 800-53r5 ModerateUnix

SYSTEM AND INFORMATION INTEGRITY

Big Sur - Ensure the System Implements Malicious Code Protection MechanismsNIST macOS Big Sur v1.4.0 - 800-53r5 HighUnix

SYSTEM AND INFORMATION INTEGRITY

Big Sur - Ensure the System Implements Malicious Code Protection MechanismsNIST macOS Big Sur v1.4.0 - 800-53r5 LowUnix

SYSTEM AND INFORMATION INTEGRITY

Catalina - Ensure the System Implements Malicious Code Protection MechanismsNIST macOS Catalina v1.5.0 - 800-53r5 LowUnix

SYSTEM AND INFORMATION INTEGRITY

CNTR-R2-000060 - Rancher RKE2 components must be configured in accordance with the security configuration settings based on DOD security configuration or implementation guidance, including SRGs, STIGs, NSA configuration guides, CTOs, and DTMs.DISA Rancher Government Solutions RKE2 STIG v2r3Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE

Monterey - Ensure the System Implements Malicious Code Protection MechanismsNIST macOS Monterey v1.0.0 - 800-53r5 ModerateUnix

SYSTEM AND INFORMATION INTEGRITY