1.2 Ensure that Multi-Factor Authentication is 'Enabled' for All Non-Service Accounts | CIS Google Cloud Platform v3.0.0 L1 | GCP | IDENTIFICATION AND AUTHENTICATION |
1.3 Ensure that Security Key Enforcement is Enabled for All Admin Accounts | CIS Google Cloud Platform v3.0.0 L2 | GCP | IDENTIFICATION AND AUTHENTICATION |
2.2 Ensure that MongoDB does not bypass authentication via the localhost exception | CIS MongoDB 3.6 L1 Unix Audit v1.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
2.2 Ensure that MongoDB does not bypass authentication via the localhost exception | CIS MongoDB 4 L1 OS Linux v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
2.2 Ensure that MongoDB does not bypass authentication via the localhost exception | CIS MongoDB 5 L1 OS Linux v1.2.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
2.2 Ensure that MongoDB does not bypass authentication via the localhost exception | CIS MongoDB 6 v1.2.0 L1 MongoDB | Unix | IDENTIFICATION AND AUTHENTICATION |
2.2 Ensure that MongoDB does not bypass authentication via the localhost exception | CIS MongoDB 5 L1 OS Windows v1.2.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
5.1.2.1 (L1) Ensure 'Per-user MFA' is disabled | CIS Microsoft 365 Foundations v5.0.0 L1 E5 | microsoft_azure | IDENTIFICATION AND AUTHENTICATION |
5.1.2.1 (L1) Ensure 'Per-user MFA' is disabled | CIS Microsoft 365 Foundations v5.0.0 L1 E3 | microsoft_azure | IDENTIFICATION AND AUTHENTICATION |
5.1.9 Ensure SSH HostbasedAuthentication is disabled | CIS Google Container-Optimized OS v1.2.0 L1 Server | Unix | IDENTIFICATION AND AUTHENTICATION |
5.2.2.2 (L1) Ensure multifactor authentication is enabled for all users | CIS Microsoft 365 Foundations v5.0.0 L1 E5 | microsoft_azure | IDENTIFICATION AND AUTHENTICATION |
5.2.2.9 (L1) Ensure a managed device is required for authentication | CIS Microsoft 365 Foundations v5.0.0 L1 E3 | microsoft_azure | IDENTIFICATION AND AUTHENTICATION |
5.2.2.9 (L1) Ensure a managed device is required for authentication | CIS Microsoft 365 Foundations v5.0.0 L1 E5 | microsoft_azure | IDENTIFICATION AND AUTHENTICATION |
5.2.2.10 (L1) Ensure a managed device is required to register security information | CIS Microsoft 365 Foundations v5.0.0 L1 E3 | microsoft_azure | IDENTIFICATION AND AUTHENTICATION |
5.2.2.10 (L1) Ensure a managed device is required to register security information | CIS Microsoft 365 Foundations v5.0.0 L1 E5 | microsoft_azure | IDENTIFICATION AND AUTHENTICATION |
5.2.2.11 (L1) Ensure sign-in frequency for Intune Enrollment is set to 'Every time' | CIS Microsoft 365 Foundations v5.0.0 L1 E3 | microsoft_azure | IDENTIFICATION AND AUTHENTICATION |
5.2.2.11 (L1) Ensure sign-in frequency for Intune Enrollment is set to 'Every time' | CIS Microsoft 365 Foundations v5.0.0 L1 E5 | microsoft_azure | IDENTIFICATION AND AUTHENTICATION |
5.2.3.4 (L1) Ensure all member users are 'MFA capable' | CIS Microsoft 365 Foundations v5.0.0 L1 E3 | microsoft_azure | IDENTIFICATION AND AUTHENTICATION |
5.2.3.4 (L1) Ensure all member users are 'MFA capable' | CIS Microsoft 365 Foundations v5.0.0 L1 E5 | microsoft_azure | IDENTIFICATION AND AUTHENTICATION |
5.2.3.5 (L1) Ensure weak authentication methods are disabled | CIS Microsoft 365 Foundations v5.0.0 L1 E5 | microsoft_azure | IDENTIFICATION AND AUTHENTICATION |
5.2.3.5 (L1) Ensure weak authentication methods are disabled | CIS Microsoft 365 Foundations v5.0.0 L1 E3 | microsoft_azure | IDENTIFICATION AND AUTHENTICATION |
5.2.3.6 (L1) Ensure system-preferred multifactor authentication is enabled | CIS Microsoft 365 Foundations v5.0.0 L1 E5 | microsoft_azure | IDENTIFICATION AND AUTHENTICATION |
5.2.3.6 (L1) Ensure system-preferred multifactor authentication is enabled | CIS Microsoft 365 Foundations v5.0.0 L1 E3 | microsoft_azure | IDENTIFICATION AND AUTHENTICATION |
6.1.2 Ensure that 'multifactor authentication' is 'enabled' for all users | CIS Microsoft Azure Foundations v4.0.0 L1 | microsoft_azure | IDENTIFICATION AND AUTHENTICATION |
6.1.3 Ensure that 'Allow users to remember multifactor authentication on devices they trust' is disabled | CIS Microsoft Azure Foundations v4.0.0 L1 | microsoft_azure | IDENTIFICATION AND AUTHENTICATION |
6.22 Ensure that 'Require Multifactor Authentication to register or join devices with Microsoft Entra' is set to 'Yes' | CIS Microsoft Azure Foundations v4.0.0 L1 | microsoft_azure | IDENTIFICATION AND AUTHENTICATION |
20.11 Ensure 'Active Directory user accounts are configured to require the use of a Common Access Card (CAC), Personal Identity Verification (PIV)-compliant hardware token, or Alternate Logon Token (ALT)' (STIG DC only) | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC | Windows | IDENTIFICATION AND AUTHENTICATION |
Big Sur - Allow Smartcard Authentication | NIST macOS Big Sur v1.4.0 - 800-53r4 Moderate | Unix | IDENTIFICATION AND AUTHENTICATION |
Big Sur - Allow Smartcard Authentication | NIST macOS Big Sur v1.4.0 - All Profiles | Unix | IDENTIFICATION AND AUTHENTICATION |
Big Sur - Allow Smartcard Authentication | NIST macOS Big Sur v1.4.0 - 800-53r4 High | Unix | IDENTIFICATION AND AUTHENTICATION |
Big Sur - Allow Smartcard Authentication | NIST macOS Big Sur v1.4.0 - 800-53r4 Low | Unix | IDENTIFICATION AND AUTHENTICATION |
Catalina - Allow Smartcard Authentication | NIST macOS Catalina v1.5.0 - 800-53r4 High | Unix | IDENTIFICATION AND AUTHENTICATION |
Catalina - Allow Smartcard Authentication | NIST macOS Catalina v1.5.0 - 800-53r4 Moderate | Unix | IDENTIFICATION AND AUTHENTICATION |
Catalina - Allow Smartcard Authentication | NIST macOS Catalina v1.5.0 - 800-53r5 Low | Unix | IDENTIFICATION AND AUTHENTICATION |
Catalina - Allow Smartcard Authentication | NIST macOS Catalina v1.5.0 - 800-53r5 Moderate | Unix | IDENTIFICATION AND AUTHENTICATION |
Catalina - Disable Password Authentication for SSH | NIST macOS Catalina v1.5.0 - All Profiles | Unix | IDENTIFICATION AND AUTHENTICATION, MAINTENANCE |
Monterey - Allow Smartcard Authentication | NIST macOS Monterey v1.0.0 - 800-53r4 Low | Unix | IDENTIFICATION AND AUTHENTICATION |
Monterey - Allow Smartcard Authentication | NIST macOS Monterey v1.0.0 - 800-53r5 Moderate | Unix | IDENTIFICATION AND AUTHENTICATION |
Monterey - Allow Smartcard Authentication | NIST macOS Monterey v1.0.0 - CNSSI 1253 | Unix | IDENTIFICATION AND AUTHENTICATION |
Monterey - Allow Smartcard Authentication | NIST macOS Monterey v1.0.0 - 800-53r5 Low | Unix | IDENTIFICATION AND AUTHENTICATION |
Monterey - Allow Smartcard Authentication | NIST macOS Monterey v1.0.0 - 800-53r4 High | Unix | IDENTIFICATION AND AUTHENTICATION |
Monterey - Disable Password Authentication for SSH | NIST macOS Monterey v1.0.0 - 800-53r4 Moderate | Unix | IDENTIFICATION AND AUTHENTICATION, MAINTENANCE |
Monterey - Disable Password Authentication for SSH | NIST macOS Monterey v1.0.0 - 800-53r5 Moderate | Unix | IDENTIFICATION AND AUTHENTICATION, MAINTENANCE |
Monterey - Disable Password Authentication for SSH | NIST macOS Monterey v1.0.0 - All Profiles | Unix | IDENTIFICATION AND AUTHENTICATION, MAINTENANCE |
Monterey - Enforce Smartcard Authentication | NIST macOS Monterey v1.0.0 - 800-53r4 High | Unix | IDENTIFICATION AND AUTHENTICATION |
Monterey - Enforce Smartcard Authentication | NIST macOS Monterey v1.0.0 - 800-53r5 Moderate | Unix | IDENTIFICATION AND AUTHENTICATION |
Monterey - Enforce Smartcard Authentication | NIST macOS Monterey v1.0.0 - All Profiles | Unix | IDENTIFICATION AND AUTHENTICATION |
Monterey - Enforce Smartcard Authentication | NIST macOS Monterey v1.0.0 - 800-171 | Unix | IDENTIFICATION AND AUTHENTICATION |
Monterey - Enforce Smartcard Authentication | NIST macOS Monterey v1.0.0 - 800-53r5 Low | Unix | IDENTIFICATION AND AUTHENTICATION |
Monterey - Enforce Smartcard Authentication | NIST macOS Monterey v1.0.0 - CNSSI 1253 | Unix | IDENTIFICATION AND AUTHENTICATION |