Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.2 Ensure Auto Update Is EnabledCIS Apple macOS 13.0 Ventura Cloud-tailored v1.1.0 L1Unix

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

1.2 Ensure Auto Update Is EnabledCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L1Unix

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

1.3 Ensure Download New Updates When Available Is EnabledCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L1Unix

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

1.6 Ensure Install of macOS Updates Is EnabledCIS Apple macOS 12.0 Monterey Cloud-tailored v1.1.0 L1Unix

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

1.6 Ensure Install Security Responses and System Files Is EnabledCIS Apple macOS 13.0 Ventura Cloud-tailored v1.1.0 L1Unix

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

2.1.1 Ensure Firewall Is EnabledCIS Apple macOS 13.0 Ventura Cloud-tailored v1.1.0 L1Unix

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, INCIDENT RESPONSE, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

2.2.1.1 Ensure Set Time and Date Automatically Is EnabledCIS Apple macOS 15.0 Sequoia Cloud-tailored v1.0.0 L1Unix

AUDIT AND ACCOUNTABILITY

2.2.1.2 Ensure the Time Service Is EnabledCIS Apple macOS 13.0 Ventura Cloud-tailored v1.1.0 L1Unix

AUDIT AND ACCOUNTABILITY

2.2.2.2 Ensure Content Caching Is DisabledCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L2Unix

CONFIGURATION MANAGEMENT

2.2.2.2 Ensure Content Caching Is DisabledCIS Apple macOS 13.0 Ventura Cloud-tailored v1.1.0 L2Unix

CONFIGURATION MANAGEMENT

2.3.1 Ensure Sending Diagnostic and Usage Data to Apple Is DisabledCIS Apple macOS 13.0 Ventura Cloud-tailored v1.1.0 L2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.3.2 Ensure Limit Ad Tracking Is EnabledCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L1Unix

CONFIGURATION MANAGEMENT

2.4.1 Ensure an Inactivity Interval of 20 Minutes Or Less for the Screen Saver Is EnabledCIS Apple macOS 13.0 Ventura Cloud-tailored v1.1.0 L1Unix

ACCESS CONTROL

2.4.2 Ensure Require Password After Screen Saver Begins or Display Is Turned Off Is Enabled for 5 Seconds or ImmediatelyCIS Apple macOS 13.0 Ventura Cloud-tailored v1.1.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

2.4.2 Ensure Require Password After Screen Saver Begins or Display Is Turned Off Is Enabled for 5 Seconds or ImmediatelyCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

2.4.4 Ensure Login Window Displays as Name and Password Is EnabledCIS Apple macOS 13.0 Ventura Cloud-tailored v1.1.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.5.1 Ensure Users' Accounts Do Not Have a Password HintCIS Apple macOS 15.0 Sequoia Cloud-tailored v1.0.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

2.6.1 Ensure Guest Account Is DisabledCIS Apple macOS 15.0 Sequoia Cloud-tailored v1.0.0 L1Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, IDENTIFICATION AND AUTHENTICATION

2.6.1.3 Audit iCloud DriveCIS Apple macOS 10.14 v2.0.0 L2Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.6.2 Ensure Guest Access to Shared Folders Is DisabledCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L1Unix

ACCESS CONTROL, MEDIA PROTECTION

2.6.3 Ensure Automatic Login Is DisabledCIS Apple macOS 13.0 Ventura Cloud-tailored v1.1.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

3.1 Ensure Security Auditing Is EnabledCIS Apple macOS 13.0 Ventura Cloud-tailored v1.1.0 L1Unix

AUDIT AND ACCOUNTABILITY

3.2 Ensure Security Auditing Flags For User-Attributable Events Are Configured Per Local Organizational RequirementsCIS Apple macOS 15.0 Sequoia Cloud-tailored v1.0.0 L2Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

3.5 Ensure Access to Audit Records Is ControlledCIS Apple macOS 15.0 Sequoia Cloud-tailored v1.0.0 L1Unix

ACCESS CONTROL, MEDIA PROTECTION

4.2 Ensure HTTP Server Is DisabledCIS Apple macOS 11.0 Big Sur v4.0.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.3 Ensure HTTP Server Is DisabledCIS Apple macOS 10.15 Catalina v3.0.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.3 Ensure NFS Server Is DisabledCIS Apple macOS 15.0 Sequoia Cloud-tailored v1.0.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.4 Ensure http server is not runningCIS Apple macOS 10.12 L1 v1.2.0Unix

CONFIGURATION MANAGEMENT

4.4 Ensure http server is not runningCIS Apple macOS 10.13 L1 v1.1.0Unix

CONFIGURATION MANAGEMENT

5.1.3 Ensure Signed System Volume (SSV) Is EnabledCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L1Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.2.2 Ensure Password Minimum Length Is ConfiguredCIS Apple macOS 15.0 Sequoia Cloud-tailored v1.0.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

5.2.3 Ensure Complex Password Must Contain Alphabetic Characters Is ConfiguredCIS Apple macOS 15.0 Sequoia Cloud-tailored v1.0.0 L2Unix

IDENTIFICATION AND AUTHENTICATION

5.2.4 Ensure Complex Password Must Contain Numeric Character Is ConfiguredCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L2Unix

IDENTIFICATION AND AUTHENTICATION

5.2.4 Ensure Complex Password Must Contain Numeric Character Is ConfiguredCIS Apple macOS 15.0 Sequoia Cloud-tailored v1.0.0 L2Unix

IDENTIFICATION AND AUTHENTICATION

5.2.8 Ensure Password History Is ConfiguredCIS Apple macOS 15.0 Sequoia Cloud-tailored v1.0.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

5.3 Ensure the Sudo Timeout Period Is Set to ZeroCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L1Unix

ACCESS CONTROL

5.4 Ensure a Separate Timestamp Is Enabled for Each User/tty ComboCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L1Unix

ACCESS CONTROL

5.5 Ensure the "root" Account Is DisabledCIS Apple macOS 15.0 Sequoia Cloud-tailored v1.0.0 L1Unix

ACCESS CONTROL

5.7 Ensure a Login Window Banner ExistsCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.9 Ensure XProtect Is Running and UpdatedCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L1Unix

SYSTEM AND INFORMATION INTEGRITY

5.10 Ensure Secure Keyboard Entry Terminal.app Is EnabledCIS Apple macOS 13.0 Ventura Cloud-tailored v1.1.0 L1Unix

CONFIGURATION MANAGEMENT

8.4 (L2) VMware Tools on deployed virtual machines must prevent being recustomizedCIS VMware ESXi 8.0 v1.2.0 L2VMware

CONFIGURATION MANAGEMENT, MAINTENANCE

18.9.47.4.1 (L2) Ensure 'Join Microsoft MAPS' is set to 'Disabled'CIS Microsoft Windows Server 2008 R2 Member Server Level 2 v3.3.1Windows

CONFIGURATION MANAGEMENT

18.10.29.2 (L2) Ensure 'Turn off account-based insights, recent, favorite, and recommended files in File Explorer' is set to 'Enabled'CIS Microsoft Windows 11 Enterprise v4.0.0 L2 BitLockerWindows

CONFIGURATION MANAGEMENT

18.10.29.2 (L2) Ensure 'Turn off account-based insights, recent, favorite, and recommended files in File Explorer' is set to 'Enabled'CIS Microsoft Windows 11 Enterprise v4.0.0 L2Windows

CONFIGURATION MANAGEMENT

18.10.29.2 (L2) Ensure 'Turn off account-based insights, recent, favorite, and recommended files in File Explorer' is set to 'Enabled'CIS Microsoft Windows 11 Stand-alone v4.0.0 L2Windows

CONFIGURATION MANAGEMENT

18.10.29.2 (L2) Ensure 'Turn off account-based insights, recent, favorite, and recommended files in File Explorer' is set to 'Enabled'CIS Microsoft Windows 11 Stand-alone v4.0.0 L2 BLWindows

CONFIGURATION MANAGEMENT

18.10.43.5.2 (L2) Ensure 'Join Microsoft MAPS' is set to 'Disabled'CIS Windows Server 2012 R2 MS L2 v3.0.0Windows

CONFIGURATION MANAGEMENT

18.10.43.5.2 (L2) Ensure 'Join Microsoft MAPS' is set to 'Disabled'CIS Windows Server 2012 DC L2 v3.0.0Windows

CONFIGURATION MANAGEMENT

PANW-IP-000047 - The Palo Alto Networks security platform must generate a log record when unauthorized network services are detected.DISA Palo Alto Networks IDPS STIG v3r2Palo_Alto

SYSTEM AND INFORMATION INTEGRITY