800-53|SI-2c.

Title

FLAW REMEDIATION

Description

Installs security-relevant software and firmware updates within [Assignment: organization-defined time period] of the release of the updates; and

Reference Item Details

Category: SYSTEM AND INFORMATION INTEGRITY

Family: SYSTEM AND INFORMATION INTEGRITY

Baseline Impact: LOW,MODERATE,HIGH

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.0.1 Install the latest FixpakUnixCIS IBM DB2 OS L2 v1.2.0
1.1 Ensure Device is running Current Junos SoftwareJuniperCIS Juniper OS Benchmark v2.1.0 L1
1.1 Ensure ESXi is properly patchedVMwareCIS VMware ESXi 6.5 v1.0.0 Level 1
1.1 Install the latest fix packsUnixCIS IBM DB2 9 Benchmark v3.0.1 Level 1 OS Linux
1.1 Install the latest fix packsWindowsCIS IBM DB2 9 Benchmark v3.0.1 Level 1 OS Windows
1.1 Install the latest fix packsWindowsCIS IBM DB2 9 Benchmark v3.0.1 Level 2 OS Windows
1.1 Install the latest fix packsUnixCIS IBM DB2 9 Benchmark v3.0.1 Level 2 OS Linux
1.1 Install Updates, Patches and Additional Security SoftwareUnixCIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0
1.1 Use the Latest Package UpdatesUnixCIS Solaris 11.1 L1 v1.0.0
1.1 Use the Latest Package UpdatesUnixCIS Solaris 11 L1 v1.1.0
1.1 Use the Latest Package UpdatesUnixCIS Solaris 11.2 L1 v1.1.0
1.1 Verify all Apple provided software is currentUnixCIS Apple OSX 10.11 El Capitan L1 v1.1.0
1.1 Verify all Apple provided software is currentUnixCIS Apple OSX 10.9 L1 v1.3.0
1.1 Verify all Apple provided software is currentUnixCIS Apple macOS 10.12 L1 v1.2.0
1.1 Verify all Apple-provided software is currentUnixCIS Apple macOS 10.13 L1 v1.1.0
1.1 Verify all application software is currentUnixCIS Apple OSX 10.10 Yosemite L1 v1.2.0
1.2 Use the updated Linux KernelUnixCIS Docker 1.12.0 v1.0.0 L1 Linux
1.2 Use the updated Linux KernelUnixCIS Docker 1.11.0 v1.0.0 L1 Linux
1.2 Use the updated Linux KernelUnixCIS Docker 1.6 v1.0.0 L1 Linux
1.2.1 Configure Connection to the RHN RPM RepositoriesUnixCIS Red Hat Enterprise Linux 5 L1 v2.2.1
1.2.1 Ensure GPG keys are configuredUnixCIS Fedora 19 Family Linux Workstation L1 v1.0.0
1.2.1 Ensure GPG keys are configuredUnixCIS Fedora 19 Family Linux Server L1 v1.0.0
1.2.1 Ensure package manager repositories are configuredUnixCIS Debian Family Server L1 v1.0.0
1.2.1 Ensure package manager repositories are configuredUnixCIS Oracle Linux 6 Workstation L1 v2.0.0
1.2.1 Ensure package manager repositories are configuredUnixCIS Red Hat 6 Server L1 v3.0.0
1.2.1 Ensure package manager repositories are configuredUnixCIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0
1.2.1 Ensure package manager repositories are configuredUnixCIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0
1.2.1 Ensure package manager repositories are configuredUnixCIS Oracle Linux 6 Server L1 v2.0.0
1.2.1 Ensure package manager repositories are configuredUnixCIS Debian 9 Workstation L1 v1.0.1
1.2.1 Ensure package manager repositories are configuredUnixCIS Amazon Linux 2 STIG v1.0.0 L1
1.2.1 Ensure package manager repositories are configuredUnixCIS CentOS 6 Workstation L1 v3.0.0
1.2.1 Ensure package manager repositories are configuredUnixCIS SUSE Linux Enterprise Server 12 L1 v2.1.0
1.2.1 Ensure package manager repositories are configuredUnixCIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0
1.2.1 Ensure package manager repositories are configuredUnixCIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0
1.2.1 Ensure package manager repositories are configuredUnixCIS Red Hat 6 Workstation L1 v3.0.0
1.2.1 Ensure package manager repositories are configuredUnixCIS Debian Family Workstation L1 v1.0.0
1.2.1 Ensure package manager repositories are configuredUnixCIS Distribution Independent Linux Workstation L1 v2.0.0
1.2.1 Ensure package manager repositories are configuredUnixCIS Debian 9 Server L1 v1.0.1
1.2.1 Ensure package manager repositories are configuredUnixCIS CentOS 6 Server L1 v3.0.0
1.2.1 Ensure package manager repositories are configuredUnixCIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0
1.2.1 Ensure package manager repositories are configuredUnixCIS Distribution Independent Linux Server L1 v2.0.0
1.2.1 Ensure package manager repositories are configuredUnixCIS Aliyun Linux 2 L1 v1.0.0
1.2.1 Ensure Red Hat Subscription Manager connection is configuredUnixCIS Red Hat EL8 Server L1 v1.0.0
1.2.1 Ensure Red Hat Subscription Manager connection is configuredUnixCIS Red Hat EL8 Workstation L1 v1.0.0
1.2.2 Ensure GPG keys are configuredUnixCIS Debian 9 Server L1 v1.0.1
1.2.2 Ensure GPG keys are configuredUnixCIS Debian 9 Workstation L1 v1.0.1
1.2.2 Ensure GPG keys are configuredUnixCIS Amazon Linux 2 STIG v1.0.0 L1
1.10 Ensure updates, patches, and additional security software are installedUnixCIS Debian Family Workstation L1 v1.0.0
1.10 Ensure updates, patches, and additional security software are installedUnixCIS Debian Family Server L1 v1.0.0
1.13 Ensure 'Disable saving browser history' is set to 'Disabled'WindowsCIS Google Chrome L1 v3.0.0