Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.15 Ensure separate partition exists for /var/logCIS Amazon Linux 2 STIG v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.1.16 Ensure separate partition exists for /var/log/auditCIS SUSE Linux Enterprise 12 v3.2.1 L2 ServerUnix

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.1.16 Ensure separate partition exists for /var/log/auditCIS SUSE Linux Enterprise 12 v3.2.1 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.2.5 Ensure valid certificate is set for browser-based administrator interface - CertificatesCIS Palo Alto Firewall 9 v1.1.0 L2Palo_Alto

ACCESS CONTROL, CONFIGURATION MANAGEMENT

1.3 Ensure systemd Service Files Are EnabledCIS PostgreSQL 13 OS v1.2.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.4.4 Ensure user namespaces are disabledCIS Bottlerocket L2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.1.1 Ensure a 'Consent Message' has been 'Configured'AirWatch - CIS Apple iPadOS 17 v1.1.0 End User Owned L1MDM

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.1.2 Ensure 'Controls when the profile can be removed' is set to 'Always'MobileIron - CIS Apple iPadOS 17 v1.1.0 End User Owned L1MDM

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.5.1 Ensure 'Disable Association MAC Randomization' is 'Configured'AirWatch - CIS Apple iOS 17 Benchmark v1.1.0 End User Owned L1MDM

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.5.1 Ensure 'Disable Association MAC Randomization' is 'Configured'MobileIron - CIS Apple iOS 17 v1.1.0 End User Owned L1MDM

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.5.8 Ensure a Custom Message for the Login Screen Is EnabledCIS Apple macOS 11.0 Big Sur v4.0.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.8.1 Ensure 'Notification Settings' are configured for all 'Managed Apps'AirWatch - CIS Apple iOS 17 Benchmark v1.1.0 End User Owned L1MDM

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.8.1 Ensure 'Notification Settings' are configured for all 'Managed Apps'AirWatch - CIS Apple iPadOS 17 v1.1.0 End User Owned L1MDM

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.8.1.2 Ensure the OS Is Not Active When Resuming from Sleep and Display Sleep (Apple Silicon)CIS Apple macOS 11.0 Big Sur v4.0.0 L2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.8.1.3 Ensure FileVault is Locked on SleepCIS Apple macOS 11.0 Big Sur v4.0.0 L2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.8.3 Ensure the OS is not Activate When Resuming from Sleep - Intel DestroyFVKeyOnStandbyCIS Apple macOS 10.15 Catalina v3.0.0 L2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.8.3 Ensure the OS is not Activate When Resuming from Sleep - Intel hibernatemodeCIS Apple macOS 10.15 Catalina v3.0.0 L2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.1.1 Ensure 'Controls when the profile can be removed' is set to 'Never'AirWatch - CIS Apple iOS 17 Institution Owned L1MDM

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.1.1 Ensure packet redirect sending is disabledCIS Bottlerocket L2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.1.16 Ensure 'debug_print_parse' is disabled - debug_print_parse is disabledCIS PostgreSQL 12 DB v1.1.0PostgreSQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.1.17 Ensure 'debug_print_rewritten' is disabledCIS PostgreSQL 13 DB v1.2.0PostgreSQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.1.17 Ensure 'debug_print_rewritten' is disabledCIS PostgreSQL 14 DB v 1.2.0PostgreSQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.1.23 Ensure 'log_hostname' is set correctlyCIS PostgreSQL 13 DB v1.2.0PostgreSQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.1.23 Ensure 'log_hostname' is set correctlyCIS PostgreSQL 14 DB v 1.2.0PostgreSQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.2.1.12 Ensure 'Allow Erase All Content and Settings' is set to 'Disabled'AirWatch - CIS Apple iOS 17 Institution Owned L1MDM

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.2.2.2 Ensure 'Accept cookies' is set to 'From websites I visit' or 'From current website only'MobileIron - CIS Apple iOS 17 Institution Owned L1MDM

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.5.1 Ensure 'Disable Association MAC Randomization' is 'Configured'AirWatch - CIS Apple iPadOS 17 Institutionally Owned L1MDM

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.5.1 Ensure 'Disable Association MAC Randomization' is 'Configured'MobileIron - CIS Apple iPadOS 17 Institutionally Owned L1MDM

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.8.1 Ensure 'Notification Settings' are configured for all 'Managed Apps'MobileIron - CIS Apple iOS 17 Institution Owned L1MDM

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.8.1 Ensure 'Notification Settings' are configured for all 'Managed Apps'MobileIron - CIS Apple iPadOS 17 Institutionally Owned L1MDM

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.1 Ensure legacy TLS protocols are disabledCIS MongoDB 5 L2 OS Linux v1.2.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.1.2 Ensure permissions on journal files are configuredCIS Bottlerocket L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.2 Ensure excessive administrative privileges are revokedCIS PostgreSQL 12 DB v1.1.0PostgreSQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.3 Ensure excessive administrative privileges are revokedCIS PostgreSQL 13 DB v1.2.0PostgreSQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.3 Ensure excessive administrative privileges are revokedCIS PostgreSQL 14 DB v 1.2.0PostgreSQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.4 Ensure excessive DML privileges are revokedCIS PostgreSQL 15 DB v1.1.0PostgreSQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.7 Make use of predefined rolesCIS PostgreSQL 12 DB v1.1.0PostgreSQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.9 Make use of predefined rolesCIS PostgreSQL 14 DB v 1.2.0PostgreSQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.5 Ensure root login is restricted to system consoleCIS SUSE Linux Enterprise 12 v3.2.1 L1 ServerUnix

CONFIGURATION MANAGEMENT, MAINTENANCE, SYSTEM AND SERVICES ACQUISITION

5.8 Ensure a Login Window Banner Exists - permissionsCIS Apple macOS 10.15 Catalina v3.0.0 L2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.8 Ensure a Login Window Banner Exists - textCIS Apple macOS 10.15 Catalina v3.0.0 L2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.15 Ensure Fast User Switching Is DisabledCIS Apple macOS 10.14 v2.0.0 L2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

6.1.1 Ensure Login Window Displays as Name and Password Is EnabledCIS Apple macOS 10.14 v2.0.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

6.1.2 Ensure Show Password Hints Is DisabledCIS Apple macOS 11.0 Big Sur v4.0.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

8.3 Ensure that the Certificate used for Decryption is TrustedCIS Palo Alto Firewall 9 v1.1.0 L1Palo_Alto

ACCESS CONTROL, CONFIGURATION MANAGEMENT

AIOS-12-004400 - Apple iOS must not allow backup to remote systems (My Photo Stream).MobileIron - DISA Apple iOS 12 v2r1MDM

CONFIGURATION MANAGEMENT

AIOS-13-004400 - Apple iOS/iPadOS must not allow backup to remote systems (My Photo Stream).AirWatch - DISA Apple iOS/iPadOS 13 v2r1MDM

CONFIGURATION MANAGEMENT

Catalina - Disable iCloud Keychain SyncNIST macOS Catalina v1.5.0 - All ProfilesUnix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

GOOG-10-001400 - Google Android 10 must be configured to disable Bluetooth or configured via User Based Enforcement (UBE) to allow Bluetooth for only Headset Profile (HSP), HandsFree Profile (HFP), and Serial Port Profile (SPP) - Serial Port Profile capable devices.MobileIron - DISA Google Android 10.x v2r1MDM

CONFIGURATION MANAGEMENT

PGS9-00-000100 - PostgreSQL must be configured to prohibit or restrict the use of organization-defined functions, ports, protocols, and/or services, as defined in the PPSM CAL and vulnerability assessments.DISA STIG PostgreSQL 9.x on RHEL DB v2r5PostgreSQLDB

CONFIGURATION MANAGEMENT