CSCv7|3.5

Title

Deploy Automated Software Patch Management Tools

Description

Deploy automated software update tools in order to ensure that third-party software on all systems is running the most recent security updates provided by the software vendor.

Reference Item Details

Category: Continuous Vulnerability Management

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.1 Ensure All Apple-provided Software Is CurrentUnixCIS Apple macOS 10.15 v2.1.0 L1
1.1 Ensure All Apple-provided Software Is CurrentUnixCIS Apple macOS 11 v2.1.0 L1
1.1 Ensure All Apple-provided Software Is CurrentUnixCIS Apple macOS 12.0 Monterey v1.1.0 L1
1.1 Verify all Apple-provided software is currentUnixCIS Apple macOS 10.14 v2.0.0 L1
1.1.66 Ensure 'Notify a user that a browser restart is recommended or required for pending updates' is set to 'Enabled: Required - Show a recurring prompt to the user indicating that a restart is required'WindowsCIS Microsoft Edge L1 v1.0.1
1.1.70 Ensure 'Set the time period for update notifications' is set to 'Enabled: 86400000'WindowsCIS Microsoft Edge L1 v1.0.1
1.2 Ensure Auto Update Is EnabledUnixCIS Apple macOS 10.15 v2.1.0 L1
1.2 Ensure Auto Update Is EnabledUnixCIS Apple macOS 11 v2.1.0 L1
1.2 Ensure Auto Update Is EnabledUnixCIS Apple macOS 10.14 v2.0.0 L1
1.2 Ensure Auto Update Is EnabledUnixCIS Apple macOS 12.0 Monterey v1.1.0 L1
1.2.1 Ensure GPG keys are configuredUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Server
1.2.1 Ensure GPG keys are configuredUnixCIS SUSE Linux Enterprise Workstation 12 L1 v3.1.0
1.2.1 Ensure GPG keys are configuredUnixCIS Oracle Linux 7 Server L1 v3.1.1
1.2.1 Ensure GPG keys are configuredUnixCIS Fedora 19 Family Linux Workstation L1 v1.0.0
1.2.1 Ensure GPG keys are configuredUnixCIS CentOS 7 v3.1.2 Server L1
1.2.1 Ensure GPG keys are configuredUnixCIS CentOS 7 v3.1.2 Workstation L1
1.2.1 Ensure GPG keys are configuredUnixCIS Amazon Linux 2 v2.0.0 L1
1.2.1 Ensure GPG keys are configuredUnixCIS Rocky Linux 8 Workstation L1 v1.0.0
1.2.1 Ensure GPG keys are configuredUnixCIS Red Hat EL7 Server L1 v3.1.1
1.2.1 Ensure GPG keys are configuredUnixCIS Red Hat EL7 Workstation L1 v3.1.1
1.2.1 Ensure GPG keys are configuredUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Workstation
1.2.1 Ensure GPG keys are configuredUnixCIS Oracle Linux 7 Workstation L1 v3.1.1
1.2.1 Ensure GPG keys are configuredUnixCIS Fedora 19 Family Linux Server L1 v1.0.0
1.2.1 Ensure GPG keys are configuredUnixCIS SUSE Linux Enterprise 15 Workstation L1 v1.1.1
1.2.1 Ensure GPG keys are configuredUnixCIS SUSE Linux Enterprise 15 Server L1 v1.1.1
1.2.1 Ensure GPG keys are configuredUnixCIS SUSE Linux Enterprise Server 12 L1 v3.1.0
1.2.1 Ensure GPG keys are configuredUnixCIS AlmaLinux OS 8 Workstation L1 v2.0.0
1.2.1 Ensure GPG keys are configuredUnixCIS Oracle Linux 8 Server L1 v2.0.0
1.2.1 Ensure GPG keys are configuredUnixCIS Oracle Linux 8 Workstation L1 v2.0.0
1.2.1 Ensure GPG keys are configuredUnixCIS Rocky Linux 8 Server L1 v1.0.0
1.2.1 Ensure GPG keys are configuredUnixCIS AlmaLinux OS 8 Server L1 v2.0.0
1.2.1 Ensure GPG keys are configured - gpgkeyUnixCIS CentOS Linux 8 Server L1 v2.0.0
1.2.1 Ensure GPG keys are configured - gpgkeyUnixCIS CentOS Linux 8 Workstation L1 v2.0.0
1.2.1 Ensure GPG keys are configured - show rpm keysUnixCIS CentOS Linux 8 Workstation L1 v2.0.0
1.2.1 Ensure GPG keys are configured - show rpm keysUnixCIS CentOS Linux 8 Server L1 v2.0.0
1.2.1 Ensure package manager repositories are configuredUnixCIS Debian 10 Server L1 v1.0.0
1.2.1 Ensure package manager repositories are configuredUnixCIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0
1.2.1 Ensure package manager repositories are configuredUnixCIS Debian Family Workstation L1 v1.0.0
1.2.1 Ensure package manager repositories are configuredUnixCIS Red Hat 6 Server L1 v3.0.0
1.2.1 Ensure package manager repositories are configuredUnixCIS Distribution Independent Linux Workstation L1 v2.0.0
1.2.1 Ensure package manager repositories are configuredUnixCIS Oracle Linux 6 Server L1 v2.0.0
1.2.1 Ensure package manager repositories are configuredUnixCIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0
1.2.1 Ensure package manager repositories are configuredUnixCIS Distribution Independent Linux Server L1 v2.0.0
1.2.1 Ensure package manager repositories are configuredUnixCIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0
1.2.1 Ensure package manager repositories are configuredUnixCIS Debian 8 Workstation L1 v2.0.2
1.2.1 Ensure package manager repositories are configuredUnixCIS Ubuntu Linux 20.04 LTS Workstation L1 v1.1.0
1.2.1 Ensure package manager repositories are configuredUnixCIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0
1.10 Ensure updates, patches, and additional security software are installedUnixCIS Debian Family Workstation L1 v1.0.0
1.10 Ensure updates, patches, and additional security software are installedUnixCIS Debian Family Server L1 v1.0.0
1.15 Ensure 'Enable component updates in Google Chrome' is set to 'Enabled'WindowsCIS Google Chrome L1 v2.1.0