Detections
Analytics

CSCv7|2.2

Title

Ensure Software is Supported by Vendor

Description

Ensure that only software applications or operating systems currently supported by the software's vendor are added to the organization's authorized software inventory. Unsupported software should be tagged as unsupported in the inventory system.

Reference Item Details

Category: Inventory and Control of Software Assets

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.1 (L1) Host hardware must have auditable, authentic, and up to date system & device firmwareVMwareCIS VMware ESXi 8.0 v1.2.0 L1
1.1 Ensure Latest SQL Server Cumulative and Security Updates are InstalledMS_SQLDBCIS Microsoft SQL Server 2019 v1.5.0 L1 Database Engine
1.1 Ensure Latest SQL Server Cumulative and Security Updates are InstalledMS_SQLDBCIS Microsoft SQL Server 2022 v1.2.1 L1 AWS RDS
1.1 Ensure Latest SQL Server Cumulative and Security Updates are InstalledMS_SQLDBCIS Microsoft SQL Server 2022 v1.2.1 L1 Database Engine
1.1 Ensure Latest SQL Server Cumulative and Security Updates are InstalledMS_SQLDBCIS SQL Server 2017 Database L1 AWS RDS v1.3.0
1.1 Ensure Latest SQL Server Cumulative and Security Updates are InstalledMS_SQLDBCIS SQL Server 2017 Database L1 DB v1.3.0
1.1 Ensure Latest SQL Server Cumulative and Security Updates are InstalledMS_SQLDBCIS Microsoft SQL Server 2019 v1.5.0 L1 AWS RDS
1.1 Ensure Latest SQL Server Service Packs and Hotfixes are InstalledMS_SQLDBCIS SQL Server 2016 Database L1 DB v1.4.0
1.1 Ensure Latest SQL Server Service Packs and Hotfixes are InstalledMS_SQLDBCIS SQL Server 2012 Database L1 AWS RDS v1.6.0
1.1 Ensure Latest SQL Server Service Packs and Hotfixes are InstalledMS_SQLDBCIS SQL Server 2014 Database L1 AWS RDS v1.5.0
1.1 Ensure Latest SQL Server Service Packs and Hotfixes are InstalledMS_SQLDBCIS SQL Server 2012 Database L1 DB v1.6.0
1.1 Ensure Latest SQL Server Service Packs and Hotfixes are InstalledMS_SQLDBCIS SQL Server 2014 Database L1 DB v1.5.0
1.1 Ensure Latest SQL Server Service Packs and Hotfixes are InstalledMS_SQLDBCIS SQL Server 2016 Database L1 AWS RDS v1.4.0
1.1 Ensure Latest SQL Server Service Packs and Hotfixes are InstalledMS_SQLDBCIS SQL Server 2008 R2 DB Engine L1 v1.7.0
1.1 Ensure That Appropriate Version/Patches For Oracle Software Are InstalledOracleDBCIS Oracle Database 23ai v1.1.0 L1 RDBMS
1.1 Ensure the appropriate MongoDB software version/patches are installedMongoDBCIS MongoDB 5 L1 DB v1.2.0
1.1 Ensure the appropriate MongoDB software version/patches are installedWindowsCIS MongoDB 6 v1.2.0 L1 MongoDB
1.1 Ensure the appropriate MongoDB software version/patches are installedMongoDBCIS MongoDB 3.6 Database Audit L1 v1.1.0
1.1 Ensure the appropriate MongoDB software version/patches are installedUnixCIS MongoDB 6 v1.2.0 L1 MongoDB
1.1 Ensure the appropriate MongoDB software version/patches are installedMongoDBCIS MongoDB 4 L1 DB v1.0.0
1.1 Ensure the appropriate MongoDB software version/patches are installedUnixCIS MongoDB 7 v1.2.0 L1 Unix
1.1 Ensure the appropriate MongoDB software version/patches are installedWindowsCIS MongoDB 8 v1.0.0 L1 Windows
1.1 Ensure the appropriate MongoDB software version/patches are installedWindowsCIS MongoDB 7 v1.2.0 L1 Windows
1.1 Ensure the appropriate MongoDB software version/patches are installedUnixCIS MongoDB 8 v1.0.0 L1 Unix
1.1 Ensure the Appropriate Version/Patches for Oracle Software Is InstalledOracleDBCIS Oracle Server 12c DB Traditional Auditing v3.0.0
1.1 Ensure the Appropriate Version/Patches for Oracle Software Is InstalledOracleDBCIS Oracle Server 12c DB Unified Auditing v3.0.0
1.1 Ensure the Appropriate Version/Patches for Oracle Software Is InstalledOracleDBCIS Oracle Server 18c DB Traditional Auditing v1.1.0
1.1 Ensure the Appropriate Version/Patches for Oracle Software Is InstalledOracleDBCIS Oracle Server 18c DB Unified Auditing v1.1.0
1.1 Ensure the Appropriate Version/Patches for Oracle Software Is InstalledOracleDBCIS Oracle Server 19c DB Traditional Auditing v1.2.0
1.1 Ensure the Appropriate Version/Patches for Oracle Software Is InstalledOracleDBCIS Oracle Server 19c DB Unified Auditing v1.2.0
1.1.1 Ensure NGINX is installedUnixCIS NGINX Benchmark v2.1.0 L1 Webserver
1.1.1 Ensure NGINX is installedUnixCIS NGINX Benchmark v2.1.0 L1 Loadbalancer
1.1.1 Ensure NGINX is installedUnixCIS NGINX Benchmark v2.1.0 L1 Proxy
1.1.2 Ensure NGINX is installed from sourceUnixCIS NGINX Benchmark v2.1.0 L2 Proxy
1.1.2 Ensure NGINX is installed from sourceUnixCIS NGINX Benchmark v2.1.0 L2 Loadbalancer
1.1.2 Ensure NGINX is installed from sourceUnixCIS NGINX Benchmark v2.1.0 L2 Webserver
1.2 (L1) Ensure the Image Profile VIB acceptance level is configured properlyUnixCIS VMware ESXi 7.0 v1.5.0 L1 Bare Metal
1.2 Ensure End of Life JUNOS Devices are not usedJuniperCIS Juniper OS Benchmark v2.1.0 L1
1.2 Ensure the Image Profile VIB acceptance level is configured properlyUnixCIS VMware ESXi 6.5 v1.0.0 Level 1 Bare Metal
1.2 Ensure the Image Profile VIB acceptance level is configured properlyUnixCIS VMware ESXi 6.7 v1.3.0 Level 1 Bare Metal
1.2.6 Ensure the version of the operating system is an active vendor supported releaseUnixCIS Amazon Linux 2 STIG v2.0.0 STIG
1.2.8 Ensure the version of the operating system is an active vendor supported releaseUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.2.31 Ensure unsupported configuration overrides are not usedOpenShiftCIS Red Hat OpenShift Container Platform v1.8.0 L1 OpenShift
1.3 (L1) Ensure no unauthorized kernel modules are loaded on the hostUnixCIS VMware ESXi 7.0 v1.5.0 L1 Bare Metal
1.3 Ensure Apache Is Installed From the Appropriate BinariesUnixCIS Apache HTTP Server 2.2 L1 v3.6.0 Middleware
1.3 Ensure Apache Is Installed From the Appropriate BinariesUnixCIS Apache HTTP Server 2.2 L2 v3.6.0
1.3 Ensure Apache Is Installed From the Appropriate BinariesUnixCIS Apache HTTP Server 2.2 L1 v3.6.0
1.3 Ensure Apache Is Installed From the Appropriate BinariesUnixCIS Apache HTTP Server 2.4 v2.2.0 L1
1.28 (L1) Ensure 'Suppress the unsupported OS warning' is set to 'Disabled'WindowsCIS Google Chrome L1 v3.0.0
1.133 (L1) Ensure 'Suppress the unsupported OS warning' is set to 'Disabled'WindowsCIS Microsoft Edge v4.0.0 L1