2.1.11 Ensure the spoofed domains report is reviewed weekly | CIS Microsoft 365 Foundations E5 L1 v3.0.0 | microsoft_azure | AUDIT AND ACCOUNTABILITY |
2.1.12 Ensure the 'Restricted entities' report is reviewed weekly | CIS Microsoft 365 Foundations E3 L1 v3.0.0 | microsoft_azure | AUDIT AND ACCOUNTABILITY |
2.1.13 Ensure all security threats in the Threat protection status report are reviewed at least weekly | CIS Microsoft 365 Foundations E3 L1 v3.0.0 | microsoft_azure | AUDIT AND ACCOUNTABILITY |
2.3.1 Ensure the Account Provisioning Activity report is reviewed at least weekly | CIS Microsoft 365 Foundations E3 L1 v3.0.0 | microsoft_azure | AUDIT AND ACCOUNTABILITY |
2.3.2 Ensure non-global administrator role group assignments are reviewed at least weekly | CIS Microsoft 365 Foundations E3 L1 v3.0.0 | microsoft_azure | AUDIT AND ACCOUNTABILITY |
3.1.2 Ensure user role group changes are reviewed at least weekly | CIS Microsoft 365 Foundations E3 L1 v3.0.0 | microsoft_azure | AUDIT AND ACCOUNTABILITY |
3.2 Ensure CloudTrail log file validation is enabled | CIS Amazon Web Services Foundations L2 3.0.0 | amazon_aws | AUDIT AND ACCOUNTABILITY |
3.7 Ensure proxies pass source IP information | CIS NGINX Benchmark v2.0.1 L1 Proxy | Unix | AUDIT AND ACCOUNTABILITY |
3.7 Ensure proxies pass source IP information | CIS NGINX Benchmark v2.0.1 L1 Loadbalancer | Unix | AUDIT AND ACCOUNTABILITY |
3.7 Ensure proxies pass source IP information - X-Real-IP | CIS NGINX Benchmark v2.0.1 L1 Loadbalancer | Unix | AUDIT AND ACCOUNTABILITY |
3.7 Ensure proxies pass source IP information - X-Real-IP | CIS NGINX Benchmark v2.0.1 L1 Proxy | Unix | AUDIT AND ACCOUNTABILITY |
4.2 Ensure management console sign-in without MFA is monitored | CIS Amazon Web Services Foundations L1 3.0.0 | amazon_aws | AUDIT AND ACCOUNTABILITY |
4.3 Ensure usage of 'root' account is monitored | CIS Amazon Web Services Foundations L1 3.0.0 | amazon_aws | AUDIT AND ACCOUNTABILITY |
4.4 Ensure IAM policy changes are monitored | CIS Amazon Web Services Foundations L1 3.0.0 | amazon_aws | AUDIT AND ACCOUNTABILITY |
4.5 Ensure CloudTrail configuration changes are monitored | CIS Amazon Web Services Foundations L1 3.0.0 | amazon_aws | AUDIT AND ACCOUNTABILITY |
4.6 Ensure AWS Management Console authentication failures are monitored | CIS Amazon Web Services Foundations L2 3.0.0 | amazon_aws | AUDIT AND ACCOUNTABILITY |
4.7 Ensure disabling or scheduled deletion of customer created CMKs is monitored | CIS Amazon Web Services Foundations L2 3.0.0 | amazon_aws | AUDIT AND ACCOUNTABILITY |
4.11 Ensure Network Access Control Lists (NACL) changes are monitored | CIS Amazon Web Services Foundations L2 3.0.0 | amazon_aws | AUDIT AND ACCOUNTABILITY |
4.14 Ensure VPC changes are monitored | CIS Amazon Web Services Foundations L1 3.0.0 | amazon_aws | AUDIT AND ACCOUNTABILITY |
4.15 Ensure AWS Organizations changes are monitored | CIS Amazon Web Services Foundations L1 3.0.0 | amazon_aws | AUDIT AND ACCOUNTABILITY |
5.1.5.1 Ensure the Application Usage report is reviewed at least weekly | CIS Microsoft 365 Foundations E3 L1 v3.0.0 | microsoft_azure | AUDIT AND ACCOUNTABILITY |
5.2.4.2 Ensure the self-service password reset activity report is reviewed at least weekly | CIS Microsoft 365 Foundations E3 L1 v3.0.0 | microsoft_azure | AUDIT AND ACCOUNTABILITY |
5.2.6.1 Ensure the Azure AD 'Risky sign-ins' report is reviewed at least weekly | CIS Microsoft 365 Foundations E5 L1 v3.0.0 | microsoft_azure | AUDIT AND ACCOUNTABILITY |
6.4.1 Ensure mail forwarding rules are reviewed at least weekly | CIS Microsoft 365 Foundations E3 L1 v3.0.0 | microsoft_azure | AUDIT AND ACCOUNTABILITY |
Big Sur - Audit Record Reduction and Report Generation - processing | NIST macOS Big Sur v1.4.0 - 800-53r5 High | Unix | AUDIT AND ACCOUNTABILITY |
Big Sur - Audit Record Reduction and Report Generation - processing | NIST macOS Big Sur v1.4.0 - 800-53r4 High | Unix | AUDIT AND ACCOUNTABILITY |
Big Sur - Audit Record Reduction and Report Generation - processing | NIST macOS Big Sur v1.4.0 - 800-53r5 Moderate | Unix | AUDIT AND ACCOUNTABILITY |
Big Sur - Audit Record Reduction and Report Generation - processing | NIST macOS Big Sur v1.4.0 - All Profiles | Unix | AUDIT AND ACCOUNTABILITY |
Catalina - Audit Record Reduction and Report Generation - processing | NIST macOS Catalina v1.5.0 - 800-53r5 Moderate | Unix | AUDIT AND ACCOUNTABILITY |
Catalina - Audit Record Reduction and Report Generation - processing | NIST macOS Catalina v1.5.0 - All Profiles | Unix | AUDIT AND ACCOUNTABILITY |
Catalina - Audit Record Reduction and Report Generation - processing | NIST macOS Catalina v1.5.0 - 800-53r4 High | Unix | AUDIT AND ACCOUNTABILITY |
Catalina - Audit Record Reduction and Report Generation - processing | NIST macOS Catalina v1.5.0 - 800-53r5 High | Unix | AUDIT AND ACCOUNTABILITY |
Monterey - Audit Record Reduction and Report Generation - processing | NIST macOS Monterey v1.0.0 - 800-53r5 Moderate | Unix | AUDIT AND ACCOUNTABILITY |
Monterey - Audit Record Reduction and Report Generation - processing | NIST macOS Monterey v1.0.0 - 800-53r4 High | Unix | AUDIT AND ACCOUNTABILITY |
Monterey - Audit Record Reduction and Report Generation - processing | NIST macOS Monterey v1.0.0 - 800-53r5 High | Unix | AUDIT AND ACCOUNTABILITY |
Monterey - Audit Record Reduction and Report Generation - processing | NIST macOS Monterey v1.0.0 - All Profiles | Unix | AUDIT AND ACCOUNTABILITY |
SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 14' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 15' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 104' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 105' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 106' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 107' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 108' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 111' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 113' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 116' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 118' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 128' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 129' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 130' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |