Item Search

Name	Audit Name	Plugin	Category
2.1.1.3 Ensure iCloud Drive Document and Desktop Sync Is Disabled	CIS Apple macOS 14.0 Sonoma v2.1.0 L2	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
2.2.9 Ensure 'Allow log on locally' is set to 'Administrators' (STIG only)	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.9 Ensure 'Allow log on locally' is set to 'Administrators' (STIG only)	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.26 Ensure 'Deny log on as a batch job' to include 'Guests' (STIG DC only)	CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC	Windows	ACCESS CONTROL
2.2.30 Ensure 'Deny log on as a service' to include 'Enterprise Admins Group and Domain Admins Group' (STIG MS only)	CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS	Windows	ACCESS CONTROL
2.4.1 Ensure 'Allow simple value' is set to 'Disabled'	AirWatch - CIS Apple iOS 14 and iPadOS 14 v1.0.0 End User Owned L1	MDM	CONFIGURATION MANAGEMENT
2.4.1 Ensure 'Allow simple value' is set to 'Disabled'	MobileIron - CIS Apple iOS 14 and iPadOS 14 v1.0.0 End User Owned L1	MDM	CONFIGURATION MANAGEMENT
2.14.1 Audit Game Center Settings	CIS Apple macOS 15.0 Sequoia v1.1.0 L2	Unix	CONFIGURATION MANAGEMENT
2.14.1 Audit Game Center Settings	CIS Apple macOS 13.0 Ventura v3.1.0 L2	Unix	CONFIGURATION MANAGEMENT
2.14.1 Audit Game Center Settings	CIS Apple macOS 14.0 Sonoma v2.1.0 L2	Unix	CONFIGURATION MANAGEMENT
3.2.1.6 Review 'Allow iCloud Keychain' settings	AirWatch - CIS Apple iOS 18 v1.0.0 L1 Institution Owned	MDM	ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
3.2.1.6 Review 'Allow iCloud Keychain' settings	AirWatch - CIS Apple iPadOS 18 v1.0.0 L1 Institutionally Owned	MDM	ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
3.4.1 Ensure 'Allow simple value' is set to 'Disabled'	AirWatch - CIS Apple iOS 14 and iPadOS 14 Institution Owned L1	MDM	CONFIGURATION MANAGEMENT
3.4.1 Ensure 'Allow simple value' is set to 'Disabled'	MobileIron - CIS Apple iOS 14 and iPadOS 14 Institution Owned L1	MDM	CONFIGURATION MANAGEMENT
3.4.3 Ensure 'Maximum Auto-Lock' is set to '2 minutes' or less	AirWatch - CIS Apple iOS 14 and iPadOS 14 Institution Owned L1	MDM	ACCESS CONTROL
3.4.3 Ensure 'Maximum Auto-Lock' is set to '2 minutes' or less	MobileIron - CIS Apple iOS 14 and iPadOS 14 Institution Owned L1	MDM	ACCESS CONTROL
3.6.2 Ensure 'Allow Mail Drop' is set to 'Disabled'	AirWatch - CIS Apple iOS 14 and iPadOS 14 Institution Owned L2	MDM	ACCESS CONTROL
3.6.2 Ensure 'Allow Mail Drop' is set to 'Disabled'	MobileIron - CIS Apple iOS 14 and iPadOS 14 Institution Owned L2	MDM	ACCESS CONTROL
3.7.2 Ensure 'Allow Mail Drop' is set to 'Disabled'	AirWatch - CIS Apple iOS 17 Institution Owned L2	MDM	ACCESS CONTROL, MEDIA PROTECTION
3.7.2 Ensure 'Allow Mail Drop' is set to 'Disabled'	MobileIron - CIS Apple iPadOS 17 Institutionally Owned L2	MDM	ACCESS CONTROL, MEDIA PROTECTION
3.7.2 Ensure 'Allow Mail Drop' is set to 'Disabled'	MobileIron - CIS Apple iOS 18 v1.0.0 L2 Institution Owned	MDM	ACCESS CONTROL, MEDIA PROTECTION
3.7.2 Ensure 'Allow Mail Drop' is set to 'Disabled'	MobileIron - CIS Apple iPadOS 18 v1.0.0 L2 Institutionally Owned	MDM	ACCESS CONTROL, MEDIA PROTECTION
3.7.2 Ensure 'Allow Mail Drop' is set to 'Disabled'	AirWatch - CIS Apple iOS 18 v1.0.0 L2 Institution Owned	MDM	ACCESS CONTROL, MEDIA PROTECTION
3.7.2 Ensure 'Allow Mail Drop' is set to 'Disabled'	AirWatch - CIS Apple iPadOS 18 v1.0.0 L2 Institutionally Owned	MDM	ACCESS CONTROL, MEDIA PROTECTION
3.7.2 Ensure 'Allow Mail Drop' is set to 'Disabled'	MobileIron - CIS Apple iOS 17 Institution Owned L2	MDM	ACCESS CONTROL, MEDIA PROTECTION
3.7.2 Ensure 'Allow Mail Drop' is set to 'Disabled'	AirWatch - CIS Apple iPadOS 17 Institutionally Owned L2	MDM	ACCESS CONTROL, MEDIA PROTECTION
5.4.7 Ensure minimum and maximum requirements are set for password changes - difok	CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG	Unix	IDENTIFICATION AND AUTHENTICATION
5.4.7 Ensure minimum and maximum requirements are set for password changes - maxclassrepeat	CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG	Unix	IDENTIFICATION AND AUTHENTICATION
5.140 - The HBSS McAfee Agent is not installed. - FrameworkService	DISA Windows Vista STIG v6r41	Windows	CONFIGURATION MANAGEMENT
5.140 - The HBSS McAfee Agent is not installed. - masvc	DISA Windows Vista STIG v6r41	Windows	CONFIGURATION MANAGEMENT
DG0096-ORACLE11 - The DBMS IA policies and procedures should be reviewed annually or more frequently.	DISA STIG Oracle 11 Installation v9r1 Windows	Windows
ESXI-06-000010 - The VMM must use DoD-approved encryption to protect the confidentiality of remote access sessions.	DISA STIG VMware vSphere 6.x ESXi OS v1r5	Unix	ACCESS CONTROL
ESXI-06-000014 - The SSH daemon must not permit root logins.	DISA STIG VMware vSphere 6.x ESXi OS v1r5	Unix	CONFIGURATION MANAGEMENT
ESXI-06-000015 - The SSH daemon must not allow authentication using an empty password.	DISA STIG VMware vSphere 6.x ESXi OS v1r5	Unix	CONFIGURATION MANAGEMENT
ESXI-06-000016 - The SSH daemon must not permit user environment settings.	DISA STIG VMware vSphere 6.x ESXi OS v1r5	Unix	CONFIGURATION MANAGEMENT
ESXI-06-000018 - The SSH daemon must not permit GSSAPI authentication.	DISA STIG VMware vSphere 6.x ESXi OS v1r5	Unix	CONFIGURATION MANAGEMENT
ESXI-06-000021 - The SSH daemon must not allow compression or must only allow compression after successful authentication.	DISA STIG VMware vSphere 6.x ESXi OS v1r5	Unix	CONFIGURATION MANAGEMENT
ESXI-06-000022 - The SSH daemon must be configured to not allow gateway ports.	DISA STIG VMware vSphere 6.x ESXi OS v1r5	Unix	CONFIGURATION MANAGEMENT
ESXI-06-000023 - The SSH daemon must be configured to not allow X11 forwarding.	DISA STIG VMware vSphere 6.x ESXi OS v1r5	Unix	CONFIGURATION MANAGEMENT
ESXI-06-000025 - The SSH daemon must not permit tunnels.	DISA STIG VMware vSphere 6.x ESXi OS v1r5	Unix	CONFIGURATION MANAGEMENT
ESXI-06-000026 - The SSH daemon must set a timeout count on idle sessions.	DISA STIG VMware vSphere 6.x ESXi OS v1r5	Unix	CONFIGURATION MANAGEMENT
ESXI-06-000027 - The SSH daemon must set a timeout interval on idle sessions.	DISA STIG VMware vSphere 6.x ESXi OS v1r5	Unix	CONFIGURATION MANAGEMENT
ESXI-06-000028 - The SSH daemon must limit connections to a single session.	DISA STIG VMware vSphere 6.x ESXi OS v1r5	Unix	CONFIGURATION MANAGEMENT
ESXI-06-000029 - The system must remove keys from the SSH authorized_keys file.	DISA STIG VMware vSphere 6.x ESXi OS v1r5	Unix	CONFIGURATION MANAGEMENT
ESXI-06-000047 - The Image Profile and VIB Acceptance Levels must be verified.	DISA STIG VMware vSphere 6.x ESXi OS v1r5	Unix	CONFIGURATION MANAGEMENT
ESXI-06-100010 - The SSH daemon must be configured to only use FIPS 140-2 approved ciphers.	DISA STIG VMware vSphere 6.x ESXi OS v1r5	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
ESXI-06-200047 - The VMM must implement cryptographic mechanisms to prevent unauthorized modification of all information at rest on all VMM components by verifying Image Profile and VIP Acceptance Levels.	DISA STIG VMware vSphere 6.x ESXi OS v1r5	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
GEN000220 - A file integrity tool must be used at least weekly to check for unauthorized file changes.	DISA STIG AIX 5.3 v1r2	Unix	RISK ASSESSMENT
HP ProCurve - 'Enable DHCP snooping'	TNS HP ProCurve	HPProCurve	SYSTEM AND COMMUNICATIONS PROTECTION
SQL6-D0-004300 - SQL Server must be configured to generate audit records for DoD-defined auditable events within all DBMS/database components.	DISA STIG SQL Server 2016 Instance DB Audit v3r4	MS_SQLDB	AUDIT AND ACCOUNTABILITY

Detections

Analytics

Item Search