Item Search

Name	Audit Name	Plugin	Category
2.1.2 Ensure 'Controls when the profile can be removed' is set to 'Always'	MobileIron - CIS Apple iPadOS 17 v1.1.0 End User Owned L1	MDM	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
2.1.2 Ensure 'Controls when the profile can be removed' is set to 'Always'	MobileIron - CIS Apple iPadOS 18 v1.0.0 L1 End User Owned	MDM	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
2.2.1.3 Ensure 'Allow managed apps to store data in iCloud' is set to 'Disabled'	MobileIron - CIS Apple iOS 17 v1.1.0 End User Owned L1	MDM	CONFIGURATION MANAGEMENT
2.2.1.3 Ensure 'Allow managed apps to store data in iCloud' is set to 'Disabled'	AirWatch - CIS Apple iPadOS 18 v1.0.0 L1 End User Owned	MDM	CONFIGURATION MANAGEMENT
2.2.1.8 Ensure 'Allow documents from managed sources in unmanaged destinations' is set to 'Disabled'	AirWatch - CIS Apple iPadOS 18 v1.0.0 L1 End User Owned	MDM	ACCESS CONTROL, MEDIA PROTECTION
2.2.1.8 Ensure 'Treat AirDrop as unmanaged destination' is set to 'Enabled'	AirWatch - CIS Apple iOS 13 and iPadOS 13 v1.0.0 End User Owned L1	MDM	ACCESS CONTROL
2.2.1.8 Ensure 'Treat AirDrop as unmanaged destination' is set to 'Enabled'	MobileIron - CIS Apple iOS 13 and iPadOS 13 v1.0.0 End User Owned L1	MDM	ACCESS CONTROL
2.2.1.11 Ensure 'Show Control Center in Lock screen' is set to 'Disabled'	AirWatch - CIS Apple iOS 12 v1.0.0 End User Owned L1	MDM	CONFIGURATION MANAGEMENT
2.2.1.12 Ensure 'Show Notification Center in Lock screen' is set to 'Disabled'	AirWatch - CIS Apple iOS 13 and iPadOS 13 v1.0.0 End User Owned L1	MDM	ACCESS CONTROL
2.2.1.12 Ensure 'Show Notification Center in Lock screen' is set to 'Disabled'	MobileIron - CIS Apple iOS 13 and iPadOS 13 v1.0.0 End User Owned L1	MDM	ACCESS CONTROL
2.6.1 Ensure 'Allow user to move messages from this account' is set to 'Disabled'	AirWatch - CIS Apple iOS 10 v2.0.0 End User Owned L1	MDM	CONFIGURATION MANAGEMENT
3.1.1 Ensure 'Controls when the profile can be removed' is set to 'Never'	AirWatch - CIS Apple iOS 17 Institution Owned L1	MDM	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
3.1.1 Ensure 'Controls when the profile can be removed' is set to 'Never'	MobileIron - CIS Apple iPadOS 18 v1.0.0 L1 Institutionally Owned	MDM	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
3.2.1.2 Ensure 'Allow voice dialing while device is locked' is set to 'Disabled'	MobileIron - CIS Apple iOS 11 v1.0.0 Institution Owned L1	MDM	CONFIGURATION MANAGEMENT
3.2.1.4 Ensure 'Allow iCloud backup' is set to 'Disabled'	AirWatch - CIS Apple iOS 10 v2.0.0 Institution Owned L1	MDM	CONFIGURATION MANAGEMENT
3.2.1.4 Ensure 'Allow iCloud backup' is set to 'Disabled'	AirWatch - CIS Apple iOS 11 v1.0.0 Institution Owned L1	MDM	CONFIGURATION MANAGEMENT
3.2.1.5 Ensure 'Allow iCloud documents & data' is set to 'Disabled'	MobileIron - CIS Apple iOS 11 v1.0.0 Institution Owned L1	MDM	CONFIGURATION MANAGEMENT
3.2.1.6 Ensure 'Allow iCloud Keychain' is set to 'Disabled'	MobileIron - CIS Apple iOS 10 v2.0.0 Institution Owned L1	MDM	CONFIGURATION MANAGEMENT
3.2.1.6 Ensure 'Allow iCloud Keychain' is set to 'Disabled'	MobileIron - CIS Apple iOS 11 v1.0.0 Institution Owned L1	MDM	CONFIGURATION MANAGEMENT
3.2.1.7 Ensure 'Allow managed apps to store data in iCloud' is set to 'Disabled'	MobileIron - CIS Apple iPadOS 17 Institutionally Owned L1	MDM	CONFIGURATION MANAGEMENT
3.2.1.7 Ensure 'Allow managed apps to store data in iCloud' is set to 'Disabled'	AirWatch - CIS Apple iOS 11 v1.0.0 Institution Owned L1	MDM	CONFIGURATION MANAGEMENT
3.2.1.9 Ensure 'Allow Erase All Content and Settings' is set to 'Disabled'	MobileIron - CIS Apple iOS 11 v1.0.0 Institution Owned L1	MDM	CONFIGURATION MANAGEMENT
3.2.1.12 Ensure 'Allow adding VPN configurations' is set to 'Disabled'	MobileIron - CIS Apple iOS 11 v1.0.0 Institution Owned L1	MDM	CONFIGURATION MANAGEMENT
3.2.1.12 Ensure 'Allow adding VPN configurations' is set to 'Disabled'	AirWatch - CIS Apple iOS 11 v1.0.0 Institution Owned L1	MDM	CONFIGURATION MANAGEMENT
3.2.1.13 Ensure 'Allow modifying cellular data app settings' is set to 'Disabled'	AirWatch - CIS Apple iOS 12 v1.0.0 Institution Owned L2	MDM	CONFIGURATION MANAGEMENT
3.2.1.13 Ensure 'Allow modifying cellular data app settings' is set to 'Disabled'	MobileIron - CIS Apple iOS 12 v1.0.0 Institution Owned L2	MDM	CONFIGURATION MANAGEMENT
3.2.1.15 Ensure 'Allow documents from managed sources in unmanaged destinations' is set to 'Disabled'	MobileIron - CIS Apple iOS 11 v1.0.0 Institution Owned L1	MDM	CONFIGURATION MANAGEMENT
3.2.1.18 Ensure 'Treat AirDrop as unmanaged destination' is set to 'Enabled'	MobileIron - CIS Apple iOS 12 v1.0.0 Institution Owned L1	MDM
3.2.1.19 Ensure 'Allow USB accessories while the device is locked' is set to 'Disabled'	AirWatch - CIS Apple iPadOS 18 v1.0.0 L1 Institutionally Owned	MDM	CONFIGURATION MANAGEMENT
3.2.1.21 Ensure 'Allow documents from managed sources in unmanaged destinations' is set to 'Disabled'	AirWatch - CIS Apple iOS 18 v1.0.0 L1 Institution Owned	MDM	ACCESS CONTROL, MEDIA PROTECTION
3.2.1.21 Ensure 'Allow documents from managed sources in unmanaged destinations' is set to 'Disabled'	AirWatch - CIS Apple iPadOS 18 v1.0.0 L1 Institutionally Owned	MDM	ACCESS CONTROL, MEDIA PROTECTION
3.2.1.24 Ensure 'Allow setting up new nearby devices' is set to 'Disabled'	MobileIron - CIS Apple iOS 13 and iPadOS 13 Institution Owned L1	MDM	SECURITY ASSESSMENT AND AUTHORIZATION
3.2.1.26 Ensure 'Show Control Center in Lock screen' is set to 'Disabled'	MobileIron - CIS Apple iOS 13 and iPadOS 13 Institution Owned L1	MDM	ACCESS CONTROL
3.2.2.1 Ensure 'Force fraud warning' is set to 'Enabled'	AirWatch - CIS Apple iOS 11 v1.0.0 Institution Owned L1	MDM
3.2.2.2 Ensure 'Accept cookies' is set to 'From websites I visit' or 'From current website only'	AirWatch - CIS Apple iOS 11 v1.0.0 Institution Owned L1	MDM
3.3.1 Ensure 'Managed Safari Web Domains' is 'Configured'	AirWatch - CIS Apple iOS 11 v1.0.0 Institution Owned L1	MDM
3.4.3 Ensure 'Maximum Auto-Lock' is set to '2 minutes' or less	MobileIron - CIS Apple iOS 11 v1.0.0 Institution Owned L1	MDM	ACCESS CONTROL
3.5.1 Ensure 'VPN' is 'Configured'	AirWatch - CIS Apple iOS 11 v1.0.0 Institution Owned L1	MDM
3.6.1 Ensure 'Allow user to move messages from this account' is set to 'Disabled'	AirWatch - CIS Apple iOS 10 v2.0.0 Institution Owned L1	MDM	CONFIGURATION MANAGEMENT
3.7.1 Ensure 'Notification Settings' are configured for all 'Managed Apps'	AirWatch - CIS Apple iOS 11 v1.0.0 Institution Owned L1	MDM	ACCESS CONTROL
3.8.1 Ensure 'If Lost, Return to... Message' is 'Configured'	AirWatch - CIS Apple iOS 12 v1.0.0 Institution Owned L1	MDM
3.8.1 Ensure 'If Lost, Return to... Message' is 'Configured'	MobileIron - CIS Apple iOS 12 v1.0.0 Institution Owned L1	MDM
4.1 Ensure device is not obviously jailbroken	AirWatch - CIS Apple iOS 11 v1.0.0 Institution Owned L1	MDM	ACCESS CONTROL
4.2 Ensure 'Software Update' returns 'Your software is up to date.'	MobileIron - CIS Apple iOS 11 v1.0.0 Institution Owned L1	MDM	SYSTEM AND INFORMATION INTEGRITY
4.3 Ensure 'Automatic Downloads' of 'App Updates' is set to 'Enabled'	AirWatch - CIS Apple iOS 11 v1.0.0 Institution Owned L1	MDM
17.2.5 Ensure 'Audit Other Account Management Events' is set to include 'Success' (STIG only)	CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC	Windows	AUDIT AND ACCOUNTABILITY
APPL-15-004001 - The macOS system must configure Apple System Log (ASL) files owned by root and group to wheel.	DISA Apple macOS 15 (Sequoia) STIG v1r3	Unix	SYSTEM AND INFORMATION INTEGRITY
Big Sur - Ensure Seperate Execution Domain for Processes	NIST macOS Big Sur v1.4.0 - 800-53r5 Moderate	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
Catalina - Ensure Seperate Execution Domain for Processes	NIST macOS Catalina v1.5.0 - 800-53r5 Moderate	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
Monterey - Ensure Seperate Execution Domain for Processes	NIST macOS Monterey v1.0.0 - 800-53r5 Low	Unix	SYSTEM AND COMMUNICATIONS PROTECTION

Detections

Analytics

Item Search