Detections
Analytics

CSCv7|2.8

Title

Implement Application Whitelisting of Libraries

Description

The organization's application whitelisting software must ensure that only authorized software libraries (such as *.dll, *.ocx, *.so, etc) are allowed to load into a system process.

Reference Item Details

Category: Inventory and Control of Software Assets

Audit Items

View all Reference Audit Items

NamePluginAudit Name
2.1.1 Ensure only required modules are installedUnixCIS NGINX Benchmark v2.0.1 L2 Loadbalancer
2.1.1 Ensure only required modules are installedUnixCIS NGINX Benchmark v2.0.1 L2 Webserver
2.1.1 Ensure only required modules are installedUnixCIS NGINX Benchmark v2.0.1 L2 Proxy
2.1.2 Ensure HTTP WebDAV module is not installedUnixCIS NGINX Benchmark v2.0.1 L2 Proxy
2.1.2 Ensure HTTP WebDAV module is not installedUnixCIS NGINX Benchmark v2.0.1 L2 Webserver
2.1.2 Ensure HTTP WebDAV module is not installedUnixCIS NGINX Benchmark v2.0.1 L2 Loadbalancer
2.1.3 Ensure modules with gzip functionality are disabledUnixCIS NGINX Benchmark v2.0.1 L2 Loadbalancer
2.1.3 Ensure modules with gzip functionality are disabledUnixCIS NGINX Benchmark v2.0.1 L2 Webserver
2.1.3 Ensure modules with gzip functionality are disabledUnixCIS NGINX Benchmark v2.0.1 L2 Proxy
2.1.4 Ensure the autoindex module is disabledUnixCIS NGINX Benchmark v2.0.1 L1 Webserver
2.2.4.7.2.5 Ensure 'Block Excel XLL Add-ins that come from an untrusted source' is set to 'Enabled: Blocked'WindowsCIS Microsoft Office Enterprise v1.1.0 L1
2.4 Allowlist Authorized Libraries and Report ViolationsUnixCIS IBM AIX 7.2 L1 v1.1.0
2.6 Enforce Allowlist aka Trusted Execution ChecksUnixCIS IBM AIX 7.2 L2 v1.1.0
3.22 (L1) Host must deny shell access for the dcui accountVMwareCIS VMware ESXi 8.0 v1.1.0 L1
3.23 (L2) Host must deny shell access for the vpxuser accountVMwareCIS VMware ESXi 8.0 v1.1.0 L2