Item Search

NameAudit NamePluginCategory
1.3 Ensure Download New Updates When Available Is EnabledCIS Apple macOS 12.0 Monterey Cloud-tailored v1.0.0 L1Unix

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

1.3 Ensure Download New Updates When Available Is EnabledCIS Apple macOS 13.0 Ventura Cloud-tailored v1.1.0 L1Unix

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

1.4 Ensure Install of macOS Updates Is EnabledCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L1Unix

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

1.5 Ensure Install Application Updates from the App Store Is EnabledCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L1Unix

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

1.5 Ensure Install Application Updates from the App Store Is EnabledCIS Apple macOS 13.0 Ventura Cloud-tailored v1.1.0 L1Unix

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

1.6 Ensure Install Security Responses and System Files Is EnabledCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L1Unix

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

2.1.1 Ensure Firewall Is EnabledCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L1Unix

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, INCIDENT RESPONSE, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

2.2.1.2 Ensure the Time Service Is EnabledCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L1Unix

AUDIT AND ACCOUNTABILITY

2.2.2.1 Ensure Remote Apple Events Is DisabledCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.2.2.1 Ensure Remote Apple Events Is DisabledCIS Apple macOS 13.0 Ventura Cloud-tailored v1.1.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.3.1 Ensure Remote Apple Events Is DisabledCIS Apple macOS 12.0 Monterey Cloud-tailored v1.0.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.3.1 Ensure Sending Diagnostic and Usage Data to Apple Is DisabledCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.3.2 Ensure Limit Ad Tracking Is EnabledCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L1Unix

CONFIGURATION MANAGEMENT

2.4.1 Ensure an Inactivity Interval of 20 Minutes Or Less for the Screen Saver Is EnabledCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L1Unix

ACCESS CONTROL

2.4.1.1 Ensure Firewall Is EnabledCIS Apple macOS 12.0 Monterey Cloud-tailored v1.0.0 L1Unix

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, INCIDENT RESPONSE, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

2.4.3 Ensure a Custom Message for the Login Screen Is EnabledCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.4.4 Ensure Login Window Displays as Name and Password Is EnabledCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.4.5 Ensure Show Password Hints Is DisabledCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.6.1 Ensure Guest Account Is DisabledCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L1Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, IDENTIFICATION AND AUTHENTICATION

3.2 Ensure Security Auditing Flags For User-Attributable Events Are Configured Per Local Organizational RequirementsCIS Apple macOS 13.0 Ventura Cloud-tailored v1.1.0 L2Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

3.2 Ensure Security Auditing Flags For User-Attributable Events Are Configured Per Local Organizational RequirementsCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L2Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

3.3 Ensure install.log Is Retained for 365 or More Days and No Maximum SizeCIS Apple macOS 13.0 Ventura Cloud-tailored v1.1.0 L1Unix

AUDIT AND ACCOUNTABILITY

3.5 Ensure Access to Audit Records Is ControlledCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L1Unix

ACCESS CONTROL, MEDIA PROTECTION

4.1 Ensure Bonjour Advertising Services Is DisabledCIS Apple macOS 13.0 Ventura Cloud-tailored v1.1.0 L2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.3 Ensure NFS Server Is DisabledCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.3 Ensure NFS Server Is DisabledCIS Apple macOS 13.0 Ventura Cloud-tailored v1.1.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.1.1 Ensure Home Folders Are SecureCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L1Unix

ACCESS CONTROL, MEDIA PROTECTION

5.1.1 Ensure Home Folders Are SecureCIS Apple macOS 12.0 Monterey Cloud-tailored v1.0.0 L1Unix

ACCESS CONTROL, MEDIA PROTECTION

5.1.2 Ensure Apple Mobile File Integrity (AMFI) Is EnabledCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L1Unix

CONFIGURATION MANAGEMENT

5.1.3 Ensure Signed System Volume (SSV) Is EnabledCIS Apple macOS 13.0 Ventura Cloud-tailored v1.1.0 L1Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.1.4 Ensure Appropriate Permissions Are Enabled for System Wide ApplicationsCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L1Unix

ACCESS CONTROL, MEDIA PROTECTION

5.1.5 Ensure Appropriate Permissions Are Enabled for System Wide ApplicationsCIS Apple macOS 12.0 Monterey Cloud-tailored v1.0.0 L1Unix

ACCESS CONTROL, MEDIA PROTECTION

5.1.5 Ensure No World Writable Folders Exist in the System FolderCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L1Unix

ACCESS CONTROL, MEDIA PROTECTION

5.1.6 Ensure No World Writable Folders Exist in the Library FolderCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L2Unix

ACCESS CONTROL, MEDIA PROTECTION

5.1.7 Ensure No World Writable Files Exist in the Library FolderCIS Apple macOS 12.0 Monterey Cloud-tailored v1.0.0 L2Unix

ACCESS CONTROL, MEDIA PROTECTION

5.2.1 Ensure Password Account Lockout Threshold Is ConfiguredCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L1Unix

ACCESS CONTROL

5.2.2 Ensure Password Minimum Length Is ConfiguredCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

5.2.3 Ensure Complex Password Must Contain Alphabetic Characters Is ConfiguredCIS Apple macOS 13.0 Ventura Cloud-tailored v1.1.0 L2Unix

IDENTIFICATION AND AUTHENTICATION

5.2.3 Ensure Complex Password Must Contain Alphabetic Characters Is ConfiguredCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L2Unix

IDENTIFICATION AND AUTHENTICATION

5.2.5 Ensure Complex Password Must Contain Special Character Is ConfiguredCIS Apple macOS 13.0 Ventura Cloud-tailored v1.1.0 L2Unix

IDENTIFICATION AND AUTHENTICATION

5.2.8 Ensure Password History Is ConfiguredCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

5.3 Ensure the Sudo Timeout Period Is Set to ZeroCIS Apple macOS 12.0 Monterey Cloud-tailored v1.0.0 L1Unix

ACCESS CONTROL

5.6 Ensure an Administrator Account Cannot Login to Another User's Active and Locked SessionCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L1Unix

ACCESS CONTROL

5.7 Ensure a Login Window Banner ExistsCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.7 Ensure a Login Window Banner ExistsCIS Apple macOS 13.0 Ventura Cloud-tailored v1.1.0 L2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.7 Ensure an Administrator Account Cannot Log In to Another User's Active and Locked SessionCIS Apple macOS 12.0 Monterey Cloud-tailored v1.0.0 L1Unix

ACCESS CONTROL

5.10 Ensure Secure Keyboard Entry Terminal.app Is EnabledCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L1Unix

CONFIGURATION MANAGEMENT

5.11 Ensure Show All Filename Extensions Setting is EnabledCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L1Unix

CONFIGURATION MANAGEMENT

5.11 Ensure Show All Filename Extensions Setting is EnabledCIS Apple macOS 13.0 Ventura Cloud-tailored v1.1.0 L1Unix

CONFIGURATION MANAGEMENT

5.11 Ensure XProtect Is Running and UpdatedCIS Apple macOS 12.0 Monterey Cloud-tailored v1.0.0 L1Unix

SYSTEM AND INFORMATION INTEGRITY