Detections
Analytics

CSCv7|3.1

Title

Run Automated Vulnerability Scanning Tools

Description

Utilize an up-to-date SCAP-compliant vulnerability scanning tool to automatically scan all systems on the network on a weekly or more frequent basis to identify all potential vulnerabilities on the organization's systems.

Reference Item Details

Category: Continuous Vulnerability Management

Audit Items

View all Reference Audit Items

NamePluginAudit Name
3.1.1.1 Ensure that Auto provisioning of 'Log Analytics agent for Azure VMs' is Set to 'On'microsoft_azureCIS Microsoft Azure Foundations v3.0.0 L1
3.1.1.2 Ensure that Microsoft Defender for Cloud Apps integration with Microsoft Defender for Cloud is Selectedmicrosoft_azureCIS Microsoft Azure Foundations v3.0.0 L2
3.1.3.1 Ensure That Microsoft Defender for Servers Is Set to 'On'microsoft_azureCIS Microsoft Azure Foundations v3.0.0 L2
3.1.3.2 Ensure that 'Vulnerability assessment for machines' component status is set to 'On'microsoft_azureCIS Microsoft Azure Foundations v3.0.0 L2
3.1.3.3 Ensure that 'Endpoint protection' component status is set to 'On'microsoft_azureCIS Microsoft Azure Foundations v3.0.0 L2
3.1.3.4 Ensure that 'Agentless scanning for machines' component status is set to 'On'microsoft_azureCIS Microsoft Azure Foundations v3.0.0 L2
3.1.3.5 Ensure that 'File Integrity Monitoring' component status is set to 'On'microsoft_azureCIS Microsoft Azure Foundations v3.0.0 L2
3.1.4.1 Ensure That Microsoft Defender for Containers Is Set To 'On'microsoft_azureCIS Microsoft Azure Foundations v3.0.0 L2
3.1.4.2 Ensure that 'Agentless discovery for Kubernetes' component status 'On'microsoft_azureCIS Microsoft Azure Foundations v3.0.0 L2
3.1.4.3 Ensure that 'Agentless container vulnerability assessment' component status is 'On'microsoft_azureCIS Microsoft Azure Foundations v3.0.0 L2
3.1.5.1 Ensure That Microsoft Defender for Storage Is Set To 'On'microsoft_azureCIS Microsoft Azure Foundations v3.0.0 L2
3.1.6.1 Ensure That Microsoft Defender for App Services Is Set To 'On'microsoft_azureCIS Microsoft Azure Foundations v3.0.0 L2
3.1.7.1 Ensure That Microsoft Defender for Azure Cosmos DB Is Set To 'On'microsoft_azureCIS Microsoft Azure Foundations v3.0.0 L2
3.1.7.2 Ensure That Microsoft Defender for Open-Source Relational Databases Is Set To 'On'microsoft_azureCIS Microsoft Azure Foundations v3.0.0 L2
3.1.7.3 Ensure That Microsoft Defender for (Managed Instance) Azure SQL Databases Is Set To 'On'microsoft_azureCIS Microsoft Azure Foundations v3.0.0 L2
3.1.7.4 Ensure That Microsoft Defender for SQL Servers on Machines Is Set To 'On'microsoft_azureCIS Microsoft Azure Foundations v3.0.0 L2
3.1.8.1 Ensure That Microsoft Defender for Key Vault Is Set To 'On'microsoft_azureCIS Microsoft Azure Foundations v3.0.0 L2
3.1.9.1 Ensure That Microsoft Defender for Resource Manager Is Set To 'On'microsoft_azureCIS Microsoft Azure Foundations v3.0.0 L2
3.1.15 Ensure that Microsoft Defender External Attack Surface Monitoring (EASM) is enabledmicrosoft_azureCIS Microsoft Azure Foundations v3.0.0 L2
3.1.16 [LEGACY] Ensure That Microsoft Defender for DNS Is Set To 'On'microsoft_azureCIS Microsoft Azure Foundations v3.0.0 L2
3.2.1 Ensure That Microsoft Defender for IoT Hub Is Set To 'On'microsoft_azureCIS Microsoft Azure Foundations v3.0.0 L2
5.1.1 Ensure Image Vulnerability Scanning is enabledGCPCIS Google Kubernetes Engine (GKE) Autopilot v1.1.0 L2
5.1.1 Ensure Image Vulnerability Scanning is enabledGCPCIS Google Kubernetes Engine (GKE) v1.7.0 L2
5.5.2 Ensure Node Auto-Repair is enabled for GKE nodesGCPCIS Google Kubernetes Engine (GKE) v1.7.0 L2
5.27 Ensure that container health is checked at runtimeUnixCIS Docker v1.7.0 L1 Docker - Linux
6.7 Ensure a secure Vulnerability Protection Profile is applied to all security rules allowing trafficPalo_AltoCIS Palo Alto Firewall 10 v1.2.0 L1
6.7 Ensure a secure Vulnerability Protection Profile is applied to all security rules allowing trafficPalo_AltoCIS Palo Alto Firewall 11 v1.1.0 L1
6.22 Ensure that 'Inline Cloud Analysis' on Vulnerability Protection profiles are enabled if 'Advanced Threat Prevention' is availablePalo_AltoCIS Palo Alto Firewall 10 v1.2.0 L1
6.22 Ensure that 'Inline Cloud Analysis' on Vulnerability Protection profiles are enabled if 'Advanced Threat Prevention' is availablePalo_AltoCIS Palo Alto Firewall 11 v1.1.0 L1
18.5.14.1 (L1) Ensure 'Hardened UNC Paths' is set to 'Enabled, with 'Require Mutual Authentication' and 'Require Integrity' set for all NETLOGON and SYSVOL shares' - NETLOGONWindowsCIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
18.5.14.1 (L1) Ensure 'Hardened UNC Paths' is set to 'Enabled, with 'Require Mutual Authentication' and 'Require Integrity' set for all NETLOGON and SYSVOL shares' - SYSVOLWindowsCIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
18.5.14.1 Ensure 'Hardened UNC Paths' is set to 'Enabled, with 'Require Mutual Authentication' and 'Require Integrity' set for all NETLOGON and SYSVOL shares' - NETLOGONWindowsCIS Microsoft Windows 8.1 v2.4.1 L1
18.5.14.1 Ensure 'Hardened UNC Paths' is set to 'Enabled, with 'Require Mutual Authentication' and 'Require Integrity' set for all NETLOGON and SYSVOL shares' - SYSVOLWindowsCIS Microsoft Windows 8.1 v2.4.1 L1
20.14 Ensure 'Automated mechanisms must be employed to determine the state of system components...'WindowsCIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC
20.14 Ensure 'Automated mechanisms must be employed to determine the state of system components...'WindowsCIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS
20.14 Ensure 'Automated mechanisms must be employed to determine the state of system components'WindowsCIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC
20.14 Ensure 'Automated mechanisms must be employed to determine the state of system components'WindowsCIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS