Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.5 Ensure noexec option set on /tmp partitionCIS Debian 9 Server L1 v1.0.1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY

1.1.5 Ensure noexec option set on /tmp partitionCIS Debian 9 Workstation L1 v1.0.1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY

1.1.17 Ensure noexec option set on /dev/shm partitionCIS Debian 9 Workstation L1 v1.0.1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY

1.1.17 Ensure noexec option set on /dev/shm partitionCIS Debian 9 Server L1 v1.0.1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY

1.1.20 Ensure noexec option set on removable media partitionsCIS Debian 9 Server L1 v1.0.1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY

1.1.20 Ensure noexec option set on removable media partitionsCIS Debian 9 Workstation L1 v1.0.1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY

4.2 Ensure 'Applications and Threats Update Schedule' is set to download and install updates at daily or shorter intervalsCIS Palo Alto Firewall 9 v1.1.0 L1Palo_Alto

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, MEDIA PROTECTION, RISK ASSESSMENT, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

5.1 Ensure that WildFire file size upload limits are maximizedCIS Palo Alto Firewall 9 v1.1.0 L1Palo_Alto

SYSTEM AND INFORMATION INTEGRITY

5.1 Ensure that WildFire file size upload limits are maximizedCIS Palo Alto Firewall 8 Benchmark L1 v1.0.0Palo_Alto

SYSTEM AND INFORMATION INTEGRITY

5.2 Ensure forwarding is enabled for all applications and file types in WildFire file blocking profilesCIS Palo Alto Firewall 9 v1.1.0 L1Palo_Alto

SYSTEM AND INFORMATION INTEGRITY

5.2 Ensure forwarding is enabled for all applications and file types in WildFire file blocking profilesCIS Palo Alto Firewall 8 Benchmark L1 v1.0.0Palo_Alto

SYSTEM AND INFORMATION INTEGRITY

5.3 Ensure a WildFire Analysis profile is enabled for all security policiesCIS Palo Alto Firewall 9 v1.1.0 L1Palo_Alto

SYSTEM AND INFORMATION INTEGRITY

5.3 Ensure a WildFire Analysis profile is enabled for all security policiesCIS Palo Alto Firewall 8 Benchmark L1 v1.0.0Palo_Alto

SYSTEM AND INFORMATION INTEGRITY

5.4 Ensure forwarding of decrypted content to WildFire is enabledCIS Palo Alto Firewall 9 v1.1.0 L1Palo_Alto

SYSTEM AND INFORMATION INTEGRITY

5.5 Ensure all WildFire session information settings are enabledCIS Palo Alto Firewall 8 Benchmark L1 v1.0.0Palo_Alto

AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY

5.6 Ensure alerts are enabled for malicious files detected by WildFire - log-type 'wildfire'CIS Palo Alto Firewall 9 v1.1.0 L1Palo_Alto

SYSTEM AND INFORMATION INTEGRITY

5.6 Ensure alerts are enabled for malicious files detected by WildFire - log-type 'wildfire'CIS Palo Alto Firewall 8 Benchmark L1 v1.0.0Palo_Alto

AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY

6.1 Ensure that antivirus profiles are set to block on all decoders except 'imap' and 'pop3'CIS Palo Alto Firewall 9 v1.1.0 L1Palo_Alto

SYSTEM AND INFORMATION INTEGRITY

6.1 Ensure that antivirus profiles are set to block on all decoders except 'imap' and 'pop3'CIS Palo Alto Firewall 8 Benchmark L1 v1.0.0Palo_Alto

SYSTEM AND INFORMATION INTEGRITY

6.2 Ensure a secure antivirus profile is applied to all relevant security policiesCIS Palo Alto Firewall 9 v1.1.0 L1Palo_Alto

SYSTEM AND INFORMATION INTEGRITY

6.2 Ensure a secure antivirus profile is applied to all relevant security policiesCIS Palo Alto Firewall 8 Benchmark L1 v1.0.0Palo_Alto

SYSTEM AND INFORMATION INTEGRITY

6.3 Ensure an anti-spyware profile is configured to block on all spyware severity levels, categories, and threatsCIS Palo Alto Firewall 9 v1.1.0 L1Palo_Alto

SYSTEM AND INFORMATION INTEGRITY

6.3 Ensure an anti-spyware profile is configured to block on all spyware severity levels, categories, and threatsCIS Palo Alto Firewall 8 Benchmark L1 v1.0.0Palo_Alto

SYSTEM AND INFORMATION INTEGRITY

6.4 Ensure DNS sinkholing is configured on all anti-spyware profiles in useCIS Palo Alto Firewall 9 v1.1.0 L1Palo_Alto

SYSTEM AND INFORMATION INTEGRITY

6.4 Ensure DNS sinkholing is configured on all anti-spyware profiles in useCIS Palo Alto Firewall 8 Benchmark L1 v1.0.0Palo_Alto

AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY

6.5 Ensure passive DNS monitoring is set to enabled on all anti-spyware profiles in useCIS Palo Alto Firewall 9 v1.1.0 L1Palo_Alto

SYSTEM AND INFORMATION INTEGRITY

6.5 Ensure passive DNS monitoring is set to enabled on all anti-spyware profiles in useCIS Palo Alto Firewall 8 Benchmark L1 v1.0.0Palo_Alto

AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY

6.6 Ensure a secure anti-spyware profile is applied to all security policies permitting traffic to the InternetCIS Palo Alto Firewall 9 v1.1.0 L1Palo_Alto

SYSTEM AND INFORMATION INTEGRITY

6.6 Ensure a secure anti-spyware profile is applied to all security policies permitting traffic to the InternetCIS Palo Alto Firewall 8 Benchmark L1 v1.0.0Palo_Alto

SYSTEM AND INFORMATION INTEGRITY

6.8 Ensure a secure Vulnerability Protection Profile is applied to all security rules allowing trafficCIS Palo Alto Firewall 9 v1.1.0 L1Palo_Alto

RISK ASSESSMENT

6.8 Ensure a secure Vulnerability Protection Profile is applied to all security rules allowing trafficCIS Palo Alto Firewall 8 Benchmark L1 v1.0.0Palo_Alto

SYSTEM AND INFORMATION INTEGRITY

7.3 Ensure 'Security Policy' denying any/all traffic to/from IP addresses on Trusted Threat Intelligence Sources ExistsCIS Palo Alto Firewall 8 Benchmark L1 v1.0.0Palo_Alto

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

7.6 Automatic Actions for Optical MediaCIS Apple macOS 10.12 L1 v1.2.0Unix

SYSTEM AND INFORMATION INTEGRITY

8.8 Ensure Zones are Signed with NSEC or NSEC3CIS BIND DNS v1.0.0 L2 Authoritative Name ServerUnix

SYSTEM AND INFORMATION INTEGRITY

9.5 Response Rate Limiting and DDOS MitigationCIS BIND DNS v1.0.0 L1 Authoritative Name ServerUnix

SYSTEM AND INFORMATION INTEGRITY