Item Search

NameAudit NamePluginCategory
2.1.1 Backup Policy in PlaceCIS MariaDB 10.6 Database L1 v1.1.0MySQLDB

CONTINGENCY PLANNING

2.2.1 Enable 'Set time and date automatically'CIS Apple OSX 10.10 Yosemite L2 v1.2.0Unix

AUDIT AND ACCOUNTABILITY

2.3.2 Secure screen saver corners - bottom right cornerCIS Apple OSX 10.10 Yosemite L2 v1.2.0Unix

ACCESS CONTROL

2.3.2 Secure screen saver corners - top right cornerCIS Apple OSX 10.10 Yosemite L2 v1.2.0Unix

ACCESS CONTROL

2.3.3.7 Ensure Remote Apple Events Is DisabledCIS Apple macOS 14.0 Sonoma v2.0.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.3.3.7 Ensure Remote Apple Events Is DisabledCIS Apple macOS 15.0 Sequoia v1.0.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.4 Configure TCP Wrappers - Allow localhost.CIS Solaris 10 L1 v5.2Unix

SYSTEM AND COMMUNICATIONS PROTECTION

2.4 Configure TCP Wrappers - Deny access to this server from all networksCIS Solaris 10 L1 v5.2Unix

SYSTEM AND COMMUNICATIONS PROTECTION

2.4 Configure TCP Wrappers - Make sure that /etc/hosts.allow does exist.CIS Solaris 10 L1 v5.2Unix

CONFIGURATION MANAGEMENT

2.4.1 Disable Remote Apple EventsCIS Apple macOS 10.13 L1 v1.1.0Unix

CONFIGURATION MANAGEMENT

2.4.1 Ensure Remote Apple Events Is DisabledCIS Apple macOS 12.0 Monterey v3.1.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.4.1 Ensure Remote Apple Events Is DisabledCIS Apple macOS 10.15 Catalina v3.0.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.4.1 Ensure Remote Apple Events Is DisabledCIS Apple macOS 11.0 Big Sur v4.0.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.5.1 Disable 'Wake for network access'CIS Apple OSX 10.10 Yosemite L2 v1.2.0Unix

ACCESS CONTROL

2.5.2 Disable sleeping the computer when connected to powerCIS Apple OSX 10.10 Yosemite L2 v1.2.0Unix

ACCESS CONTROL

2.6.7 Monitor Location Services AccessCIS Apple OSX 10.10 Yosemite L2 v1.2.0Unix
2.7.2 iCloud keychainCIS Apple OSX 10.10 Yosemite L2 v1.2.0Unix
2.7.3 iCloud DriveCIS Apple OSX 10.10 Yosemite L2 v1.2.0Unix
2.8.1 Time Machine Auto-BackupCIS Apple OSX 10.10 Yosemite L2 v1.2.0Unix

CONTINGENCY PLANNING

3.3 Enable Stack Protection - Makes sure 'noexec_user_stack' is set to 1 in /etc/system. Note: Only applicable if NX bit is set.CIS Solaris 10 L1 v5.2Unix

SYSTEM AND INFORMATION INTEGRITY

4.3 Create network specific locationsCIS Apple OSX 10.10 Yosemite L2 v1.2.0Unix
4.3 Enable Auditing of File Metadata Modification EventsCIS Oracle Solaris 11.4 L1 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

4.9 Enable Kernel Level Auditing - Check audit policies is set to arge,argv,cntCIS Solaris 10 L1 v5.2Unix

AUDIT AND ACCOUNTABILITY

4.9 Enable Kernel Level Auditing, Check if 'flags:lo,ad,cc' is set in /etc/security/audit_control.CIS Solaris 10 L1 v5.2Unix

AUDIT AND ACCOUNTABILITY

4.9 Enable Kernel Level Auditing, Check if 'minfree:20' is set in /etc/security/audit_control.CIS Solaris 10 L1 v5.2Unix

AUDIT AND ACCOUNTABILITY

4.9 Enable Kernel Level Auditing, Check if 'naflags:lo,ad,ex' is set in /etc/security/audit_control.CIS Solaris 10 L1 v5.2Unix

AUDIT AND ACCOUNTABILITY

4.9 Enable Kernel Level Auditing, Check if 'root:lo,ad:no' is set in /etc/security/audit_user.CIS Solaris 10 L1 v5.2Unix

AUDIT AND ACCOUNTABILITY

4.9 Ensure the latest iOS device architecture is used by high-value targetsMobileIron - CIS Apple iPadOS 17 Institutionally Owned L2MDM

CONFIGURATION MANAGEMENT, PROGRAM MANAGEMENT

5.17 Create specialized keychains for different purposesCIS Apple OSX 10.10 Yosemite L2 v1.2.0Unix
5.18 Install an approved tokend for smartcard authenticationCIS Apple OSX 10.10 Yosemite L2 v1.2.0Unix
6.1.1 Configure SSH - Check if Host * is set in /etc/ssh/ssh_config.CIS Solaris 10 L1 v5.2Unix

CONFIGURATION MANAGEMENT

6.9 Harden host operating systemCIS Sybase 15.0 L1 DB v1.1.0SybaseDB
7.3 Set Strong Password Creation Policies - Check DICTIONLIST is set to /usr/share/lib/dict/wordsCIS Solaris 10 L1 v5.2Unix

IDENTIFICATION AND AUTHENTICATION

7.3 Set Strong Password Creation Policies - Check MAXREPEATS is set to 0CIS Solaris 10 L1 v5.2Unix

IDENTIFICATION AND AUTHENTICATION

7.3 Set Strong Password Creation Policies - Check MINDIFF is set to 3CIS Solaris 10 L1 v5.2Unix

IDENTIFICATION AND AUTHENTICATION

7.3 Set Strong Password Creation Policies - Check MINUPPER is set to 1CIS Solaris 10 L1 v5.2Unix

IDENTIFICATION AND AUTHENTICATION

7.3 Set Strong Password Creation Policies - MINALPHA is set to 2CIS Solaris 10 L1 v5.2Unix

IDENTIFICATION AND AUTHENTICATION

7.3 Set Strong Password Creation Policies - MINNONALPHA is set to 1CIS Solaris 10 L1 v5.2Unix

IDENTIFICATION AND AUTHENTICATION

7.6 Set Default umask for Users - Check if 'umask' is set to 077 - Check /etc/profile.CIS Solaris 10 L1 v5.2Unix

ACCESS CONTROL

7.6 Set Default umask for Users, Check if 'UMASK' is set to 077.CIS Solaris 10 L1 v5.2Unix

ACCESS CONTROL

7.9 Lock Inactive User Accounts - Check if definact is set to 35.CIS Solaris 10 L1 v5.2Unix

ACCESS CONTROL

8.2 Create Warning Banner for CDE Users - Check if 'Dtlogin*greeting.labelString' is not set to default string.CIS Solaris 10 L1 v5.2Unix

ACCESS CONTROL

8.2 Create Warning Banner for CDE Users - Check if 'Dtlogin*greeting.labelString' is set appropriately.CIS Solaris 10 L1 v5.2Unix

ACCESS CONTROL

18.10.43.6 (L1) Ensure 'Turn on Microsoft Defender Application Guard in Managed Mode' is set to 'Enabled: 1'CIS Microsoft Windows 11 Stand-alone v3.0.0 L1Windows

SYSTEM AND INFORMATION INTEGRITY

18.10.43.6 (L1) Ensure 'Turn on Microsoft Defender Application Guard in Managed Mode' is set to 'Enabled: 1'CIS Microsoft Windows 11 Enterprise v3.0.0 L1 + BLWindows

SYSTEM AND INFORMATION INTEGRITY

23.1 (L1) Ensure 'Enable Virtualization Based Security' is set to 'Enable virtualization based security'CIS Microsoft Intune for Windows 11 v3.0.1 L1Windows

SYSTEM AND INFORMATION INTEGRITY

NIST_macOS_Monterey_800-53r4_high_v1.0.0.audit from NIST macOS Monterey v1.0.0NIST macOS Monterey v1.0.0 - 800-53r4 HighUnix
NIST_macOS_Monterey_800-53r4_low_v1.0.0.audit from NIST macOS Monterey v1.0.0NIST macOS Monterey v1.0.0 - 800-53r4 LowUnix
NIST_macOS_Monterey_800-53r4_moderate_v1.0.0.audit from NIST macOS Monterey v1.0.0NIST macOS Monterey v1.0.0 - 800-53r4 ModerateUnix
NIST_macOS_Monterey_800-171_v1.0.0.audit from NIST macOS Monterey v1.0.0NIST macOS Monterey v1.0.0 - 800-171Unix