Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.1.1 Syslog logging should be configuredCIS Palo Alto Firewall 10 v1.2.0 L1Palo_Alto

AUDIT AND ACCOUNTABILITY

1.2.4 Ensure HTTP and Telnet options are disabled for all management profilesCIS Palo Alto Firewall 10 v1.2.0 L1Palo_Alto

CONFIGURATION MANAGEMENT

1.3.1 Ensure 'Minimum Password Complexity' is enabledCIS Palo Alto Firewall 10 v1.2.0 L1Palo_Alto

IDENTIFICATION AND AUTHENTICATION

1.3.3 Ensure 'Minimum Uppercase Letters' is greater than or equal to 1CIS Palo Alto Firewall 10 v1.2.0 L1Palo_Alto

IDENTIFICATION AND AUTHENTICATION

1.3.8 Ensure 'New Password Differs By Characters' is greater than or equal to 3CIS Palo Alto Firewall 10 v1.2.0 L1Palo_Alto

IDENTIFICATION AND AUTHENTICATION

1.3.9 Ensure 'Prevent Password Reuse Limit' is set to 24 or more passwordsCIS Palo Alto Firewall 10 v1.2.0 L1Palo_Alto

IDENTIFICATION AND AUTHENTICATION

1.3.10 Ensure 'Password Profiles' do not existCIS Palo Alto Firewall 10 v1.2.0 L1Palo_Alto

IDENTIFICATION AND AUTHENTICATION

1.5 Enable OS X update installsCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

SYSTEM AND INFORMATION INTEGRITY

1.5.1 Ensure 'V3' is selected for SNMP pollingCIS Palo Alto Firewall 10 v1.2.0 L1Palo_Alto

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.6.1 Ensure 'Verify Update Server Identity' is enabledCIS Palo Alto Firewall 10 v1.2.0 L1Palo_Alto

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

2.1.2 Disable Bluetooth 'Discoverable' mode when not pairing devicesCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

CONFIGURATION MANAGEMENT

2.2.33 Ensure 'Deny log on locally' to include 'Guests, Enterprise Admins group, and Domain Admins group' (STIG MS only)CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MSWindows

ACCESS CONTROL

2.3.10.3 Ensure 'Network access: Do not allow anonymous enumeration of SAM accounts' is set to 'Enabled' (STIG DC & MS only)CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DCWindows

ACCESS CONTROL

2.3.10.5 Ensure 'Network access: Do not allow anonymous enumeration of SAM accounts and shares' is set to 'Enabled' (STIG DC & MS only)CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MSWindows

ACCESS CONTROL

2.3.10.5 Ensure 'Network access: Do not allow anonymous enumeration of SAM accounts and shares' is set to 'Enabled' (STIG DC & MS only)CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DCWindows

ACCESS CONTROL

2.4 Ensure that 'Include/Exclude Networks' is used if User-ID is enabledCIS Palo Alto Firewall 10 v1.2.0 L1Palo_Alto

CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION

2.4.1 Disable Remote Apple EventsCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

CONFIGURATION MANAGEMENT

2.4.6 Disable DVD or CD SharingCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

CONFIGURATION MANAGEMENT

2.4.8 Disable File Sharing - SMBCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

CONFIGURATION MANAGEMENT

2.4.9 Disable Remote Management - 'ARDAgent is not running'CIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

CONFIGURATION MANAGEMENT

2.6.3 Enable FirewallCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

2.8 Ensure that security policies restrict User-ID Agent traffic from crossing into untrusted zonesCIS Palo Alto Firewall 10 v1.2.0 L1Palo_Alto

ACCESS CONTROL

2.8.2 Time Machine Volumes Are EncryptedCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

2.11 Java 6 is not the default Java runtimeCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

CONFIGURATION MANAGEMENT

3.1.3 Retain authd.log for 90 or more daysCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

AUDIT AND ACCOUNTABILITY

5.1 Ensure that WildFire file size upload limits are maximizedCIS Palo Alto Firewall 10 v1.2.0 L1Palo_Alto

SYSTEM AND INFORMATION INTEGRITY

5.1.1 Secure Home FoldersCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

CONFIGURATION MANAGEMENT

5.1.2 Repair permissions regularly to ensure binaries and other System files have appropriate permissionsCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

CONFIGURATION MANAGEMENT

5.1.2.1 (L1) Ensure 'Per-user MFA' is disabledCIS Microsoft 365 Foundations v5.0.0 L1 E3microsoft_azure

IDENTIFICATION AND AUTHENTICATION

5.1.4 Check System folder for world writable filesCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

ACCESS CONTROL

5.2.2 Set a minimum password lengthCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

IDENTIFICATION AND AUTHENTICATION

5.4 Automatically lock the login keychain for inactivityCIS Apple OSX 10.10 Yosemite L2 v1.2.0Unix

IDENTIFICATION AND AUTHENTICATION

5.6 Enable OCSP and CRL certificate checking - CRLStyleCIS Apple OSX 10.10 Yosemite L2 v1.2.0Unix

IDENTIFICATION AND AUTHENTICATION

5.8 Ensure that 'Inline Cloud Analysis' on Wildfire profiles is enabledCIS Palo Alto Firewall 10 v1.2.0 L1Palo_Alto

SYSTEM AND INFORMATION INTEGRITY

5.13 Create a Login window bannerCIS Apple OSX 10.10 Yosemite L2 v1.2.0Unix

ACCESS CONTROL

5.16 Secure individual keychain and itemsCIS Apple OSX 10.10 Yosemite L2 v1.2.0Unix
5.36 (L2) Ensure 'WinHTTP Web Proxy Auto-Discovery Service (WinHttpAutoProxySvc)' is set to 'Disabled'CIS Microsoft Windows 11 Stand-alone v4.0.0 L2 BLWindows

CONFIGURATION MANAGEMENT

5.42 (L2) Ensure 'WinHTTP Web Proxy Auto-Discovery Service (WinHttpAutoProxySvc)' is set to 'Disabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L2 NGWindows

CONFIGURATION MANAGEMENT

5.42 (L2) Ensure 'WinHTTP Web Proxy Auto-Discovery Service (WinHttpAutoProxySvc)' is set to 'Disabled'CIS Microsoft Windows 10 Stand-alone v4.0.0 L2 NGWindows

CONFIGURATION MANAGEMENT

6.1.5 Remove Guest home folderCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

ACCESS CONTROL

6.2 Turn on filename extensionsCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

CONFIGURATION MANAGEMENT

6.4 Safari disable Internet Plugins for global useCIS Apple OSX 10.10 Yosemite L2 v1.2.0Unix

CONFIGURATION MANAGEMENT

6.5 Use parental controls for systems that are not centrally managedCIS Apple OSX 10.10 Yosemite L2 v1.2.0Unix
6.8 Ensure that PAN-DB URL Filtering is usedCIS Palo Alto Firewall 10 v1.2.0 L1Palo_Alto

SYSTEM AND COMMUNICATIONS PROTECTION

6.9 Ensure that URL Filtering uses the action of 'block' or 'override' on the URL categoriesCIS Palo Alto Firewall 10 v1.2.0 L1Palo_Alto

SYSTEM AND COMMUNICATIONS PROTECTION

6.15 Ensure that a Zone Protection Profile with an enabled SYN Flood Action of SYN Cookies is attached to all untrusted zonesCIS Palo Alto Firewall 10 v1.2.0 L1Palo_Alto

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

6.20 Ensure that 'Wildfire Inline ML Action' on antivirus profiles are set to reset-both on all decoders except 'imap' and 'pop3'CIS Palo Alto Firewall 10 v1.2.0 L1Palo_Alto

SYSTEM AND INFORMATION INTEGRITY

8.3 Ensure that the Certificate used for Decryption is TrustedCIS Palo Alto Firewall 10 v1.2.0 L1Palo_Alto

CONFIGURATION MANAGEMENT

17.7.2 Ensure 'Audit Audit Policy Change' is set to include 'Success and Failure' (STIG only)CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DCWindows

AUDIT AND ACCOUNTABILITY

18.6.19.2.1 (L2) Disable IPv6 (Ensure TCPIP6 Parameter 'DisabledComponents' is set to '0xff (255)')CIS Microsoft Windows Server 2025 v1.0.0 L2 DCWindows

CONFIGURATION MANAGEMENT