Detections
Analytics

CSCv7|2.9

Title

Implement Application Whitelisting of Scripts

Description

The organization's application whitelisting software must ensure that only authorized, digitally signed scripts (such as *.ps1, *.py, macros, etc) are allowed to run on a system.

Reference Item Details

Category: Inventory and Control of Software Assets

Audit Items

View all Reference Audit Items

NamePluginAudit Name
2.1.3 Ensure Allowlist violations are enabledUnixCIS IBM AIX 7 v1.0.0 L2
2.8.4.1.1 (L1) Ensure 'Block macros from running in Office files from the internet' is set to 'Enabled'WindowsCIS Microsoft Intune for Office v1.1.0 L1
2.8.4.1.1 Ensure 'Block macros from running in Office files from the internet' is set to 'Enabled'WindowsCIS Microsoft Office Enterprise v1.2.0 L1
3.22 (L1) Host must deny shell access for the dcui accountVMwareCIS VMware ESXi 8.0 v1.1.0 L1
3.23 (L2) Host must deny shell access for the vpxuser accountVMwareCIS VMware ESXi 8.0 v1.1.0 L2
5.2 (L1) Host must block network traffic by defaultVMwareCIS VMware ESXi 8.0 v1.1.0 L1
5.3.3 Ensure that Content Security Policy (CSP) is enabled and configured properlyUnixCIS NGINX Benchmark v2.1.0 L2 Webserver
6.3 Ensure that server-side scripting is disabled if not neededUnixCIS MongoDB 7 v1.1.0 L2 MongoDB
6.3 Ensure that server-side scripting is disabled if not neededWindowsCIS MongoDB 7 v1.1.0 L2 MongoDB
6.3.1 Ensure 'external scripts enabled' database flag for Cloud SQL SQL Server instance is set to 'off'GCPCIS Google Cloud Platform v3.0.0 L1