Detections
Analytics

CSCv6|4.5

Title

Deploy automated patch management tools and software update tools.

Description

Deploy automated patch management tools and software update tools for operating system and software/applications on all systems for which such tools are available and safe. Patches should be applied to all systems, even systems that are properly air gapped.

Reference Item Details

Category: Continuous Vulnerability Assessment and Remediation

Family: System

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.1.3.6.3 Set 'startup (minutes)' to '10 or more minute(s)'WindowsCIS Windows 8 L1 v1.0.0
1.2.1 Ensure package manager repositories are configuredUnixCIS Amazon Linux v2.1.0 L1
1.2.1 Ensure package manager repositories are configuredUnixCIS Oracle Linux 6 Server L1 v2.0.0
1.2.1 Ensure package manager repositories are configuredUnixCIS Red Hat 6 Server L1 v3.0.0
1.2.1 Ensure package manager repositories are configuredUnixCIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0
1.2.1 Ensure package manager repositories are configuredUnixCIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0
1.2.1 Ensure package manager repositories are configuredUnixCIS Distribution Independent Linux Workstation L1 v2.0.0
1.2.1 Ensure package manager repositories are configuredUnixCIS Distribution Independent Linux Server L1 v2.0.0
1.2.1 Ensure package manager repositories are configuredUnixCIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0
1.2.1 Ensure package manager repositories are configuredUnixCIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0
1.2.1 Ensure package manager repositories are configuredUnixCIS Debian 8 Workstation L1 v2.0.2
1.2.1 Ensure package manager repositories are configuredUnixCIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0
1.2.1 Ensure package manager repositories are configuredUnixCIS Ubuntu Linux 18.04 LTS Server L1 v2.1.0
1.2.1 Ensure package manager repositories are configuredUnixCIS Ubuntu Linux 18.04 LTS Workstation L1 v2.1.0
1.2.1 Ensure package manager repositories are configuredUnixCIS CentOS 6 Workstation L1 v3.0.0
1.2.1 Ensure package manager repositories are configuredUnixCIS Oracle Linux 6 Workstation L1 v2.0.0
1.2.1 Ensure package manager repositories are configuredUnixCIS Red Hat 6 Workstation L1 v3.0.0
1.2.1 Ensure package manager repositories are configuredUnixCIS CentOS 6 Server L1 v3.0.0
1.2.1 Ensure package manager repositories are configuredUnixCIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0
1.2.1 Ensure package manager repositories are configuredUnixCIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0
1.2.1 Ensure package manager repositories are configuredUnixCIS Debian 8 Server L1 v2.0.2
1.2.2 Ensure GPG keys are configuredUnixCIS Amazon Linux v2.1.0 L1
1.2.2 Ensure GPG keys are configuredUnixCIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0
1.2.2 Ensure GPG keys are configuredUnixCIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0
1.2.2 Ensure GPG keys are configuredUnixCIS Distribution Independent Linux Workstation L1 v2.0.0
1.2.2 Ensure GPG keys are configuredUnixCIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0
1.2.2 Ensure GPG keys are configuredUnixCIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0
1.2.2 Ensure GPG keys are configuredUnixCIS Debian 8 Workstation L1 v2.0.2
1.2.2 Ensure GPG keys are configuredUnixCIS Debian 8 Server L1 v2.0.2
1.2.2 Ensure GPG keys are configuredUnixCIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0
1.2.2 Ensure GPG keys are configuredUnixCIS Ubuntu Linux 18.04 LTS Server L1 v2.1.0
1.2.2 Ensure GPG keys are configuredUnixCIS Ubuntu Linux 18.04 LTS Workstation L1 v2.1.0
1.2.2 Ensure GPG keys are configuredUnixCIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0
1.2.2 Ensure GPG keys are configuredUnixCIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0
1.2.2 Ensure GPG keys are configuredUnixCIS Distribution Independent Linux Server L1 v2.0.0
1.2.2 Ensure gpgcheck is globally activatedUnixCIS CentOS 6 Workstation L1 v3.0.0
1.2.2 Ensure gpgcheck is globally activatedUnixCIS CentOS 6 Server L1 v3.0.0
1.2.2 Ensure gpgcheck is globally activatedUnixCIS Oracle Linux 6 Workstation L1 v2.0.0
1.2.2 Ensure gpgcheck is globally activatedUnixCIS Red Hat 6 Workstation L1 v3.0.0
1.2.2 Ensure gpgcheck is globally activatedUnixCIS Oracle Linux 6 Server L1 v2.0.0
1.2.2 Ensure gpgcheck is globally activatedUnixCIS Red Hat 6 Server L1 v3.0.0
1.2.3 Ensure GPG keys are configuredUnixCIS Oracle Linux 6 Server L1 v2.0.0
1.2.3 Ensure GPG keys are configuredUnixCIS Oracle Linux 6 Workstation L1 v2.0.0
1.2.3 Ensure GPG keys are configuredUnixCIS Red Hat 6 Server L1 v3.0.0
1.2.3 Ensure GPG keys are configuredUnixCIS Red Hat 6 Workstation L1 v3.0.0
1.2.3 Ensure GPG keys are configuredUnixCIS CentOS 6 Workstation L1 v3.0.0
1.2.3 Ensure GPG keys are configuredUnixCIS CentOS 6 Server L1 v3.0.0
1.2.3 Ensure gpgcheck is globally activatedUnixCIS Amazon Linux v2.1.0 L1
1.2.4.7.2 Set 'Reschedule Automatic Updates scheduled installations' to 'Enabled'WindowsCIS Windows 8 L1 v1.0.0
1.2.4.15 Configure 'Turn off Automatic Download of updates'WindowsCIS Windows 8 L1 v1.0.0