Item Search

NameAudit NamePluginCategory
2.7.1 iCloud configurationCIS Apple OSX 10.9 L2 v1.3.0Unix
3.1.3.4 Ensure that 'Agentless scanning for machines' component status is set to 'On'CIS Microsoft Azure Foundations v3.0.0 L2microsoft_azure

RISK ASSESSMENT

3.1.6.1 Ensure That Microsoft Defender for App Services Is Set To 'On'CIS Microsoft Azure Foundations v3.0.0 L2microsoft_azure

RISK ASSESSMENT, SYSTEM AND SERVICES ACQUISITION

4.5 Ensure FTP server is not runningCIS Apple macOS 10.12 L1 v1.2.0Unix

CONFIGURATION MANAGEMENT

18.9.52.1 Ensure 'Prevent the usage of OneDrive for file storage' is set to 'Enabled'CIS Microsoft Windows 8.1 v2.4.1 L1Windows

ACCESS CONTROL

APPL-11-002037 - The macOS system must be configured to disable the Cloud Storage Setup services.DISA STIG Apple macOS 11 v1r5Unix

CONFIGURATION MANAGEMENT

DTOO407 - The prompt to save to OneDrive (formerly SkyDrive) must be disabled.DISA STIG Microsoft Office System 2013 v2r2Windows

CONFIGURATION MANAGEMENT

GOOG-09-001100 - The Google Android Pie whitelist must be configured to not include applications with the following characteristics: - back up MD data to non-DoD cloud servers (including user and application access to cloud backup services); - transmit MD diagnostic data to non-DoD servers; - voice assistant application if available when MD is locked; - voice dialing application if available when MD is locked; - allows synchronization of data or applications between devices associated with user; and - allows unencrypted (or encrypted but not FIPS 140-2 validated) data sharing with other MDs or printers.AirWatch - DISA Google Android 9.x v2r1MDM

CONFIGURATION MANAGEMENT

GOOG-09-001100 - The Google Android Pie whitelist must be configured to not include applications with the following characteristics: - back up MD data to non-DoD cloud servers (including user and application access to cloud backup services); - transmit MD diagnostic data to non-DoD servers; - voice assistant application if available when MD is locked; - voice dialing application if available when MD is locked; - allows synchronization of data or applications between devices associated with user; and - allows unencrypted (or encrypted but not FIPS 140-2 validated) data sharing with other MDs or printers.MobileIron - DISA Google Android 9.x v2r1MDM

CONFIGURATION MANAGEMENT

GOOG-10-003700 - Google Android 10 must be configured to not allow backup of [all applications, configuration data] to locally connected systems.MobileIron - DISA Google Android 10.x v2r1MDM

ACCESS CONTROL

GOOG-11-001100 - Google Android 11 allow list must be configured to not include applications with the following characteristics:MobileIron - DISA Google Android 11 COBO v2r1MDM

CONFIGURATION MANAGEMENT

GOOG-11-001100 - Google Android 11 allow list must be configured to not include applications with the following characteristics:MobileIron - DISA Google Android 11 COPE v2r1MDM

CONFIGURATION MANAGEMENT

GOOG-11-001100 - Google Android 11 allow list must be configured to not include applications with the following characteristics:AirWatch - DISA Google Android 11 COPE v2r1MDM

CONFIGURATION MANAGEMENT

GOOG-11-003700 - Google Android 11 must be configured to not allow backup of [all applications, configuration data] to locally connected systems.AirWatch - DISA Google Android 11 COPE v2r1MDM

ACCESS CONTROL

GOOG-12-006700 - Google Android 12 allowlist must be configured to not include applications with the following characteristics: 1. Back up mobile device (MD) data to non-DoD cloud servers (including user and application access to cloud backup services);2. Transmit MD diagnostic data to non-DoD servers;3. Voice assistant application if available when MD is locked;4. Voice dialing application if available when MD is locked;5. Allows synchronization of data or applications between devices associated with user; and6. Allows unencrypted (or encrypted but not FIPS 140-2 validated) data sharing with other MDs or printers.AirWatch - DISA Google Android 12 COBO v1r2MDM

CONFIGURATION MANAGEMENT

GOOG-12-006700 - Google Android 12 allowlist must be configured to not include applications with the following characteristics: 1. Back up mobile device (MD) data to non-DoD cloud servers (including user and application access to cloud backup services);2. Transmit MD diagnostic data to non-DoD servers;3. Voice assistant application if available when MD is locked;4. Voice dialing application if available when MD is locked;5. Allows synchronization of data or applications between devices associated with user; and6. Allows unencrypted (or encrypted but not FIPS 140-2 validated) data sharing with other MDs or printers.AirWatch - DISA Google Android 12 COPE v1r2MDM

CONFIGURATION MANAGEMENT

GOOG-12-006700 - Google Android 12 allowlist must be configured to not include applications with the following characteristics: 1. Back up mobile device (MD) data to non-DoD cloud servers (including user and application access to cloud backup services);2. Transmit MD diagnostic data to non-DoD servers;3. Voice assistant application if available when MD is locked;4. Voice dialing application if available when MD is locked;5. Allows synchronization of data or applications between devices associated with user; and6. Allows unencrypted (or encrypted but not FIPS 140-2 validated) data sharing with other MDs or printers.MobileIron - DISA Google Android 12 COPE v1r2MDM

CONFIGURATION MANAGEMENT

GOOG-12-008500 - Google Android 12 must be configured to not allow backup of [all applications, configuration data] to locally connected systems.MobileIron - DISA Google Android 12 COBO v1r2MDM

SYSTEM AND COMMUNICATIONS PROTECTION

GOOG-12-008500 - Google Android 12 must be configured to not allow backup of [all applications, configuration data] to locally connected systems.MobileIron - DISA Google Android 12 COPE v1r2MDM

SYSTEM AND COMMUNICATIONS PROTECTION

GOOG-13-006700 - Google Android 13 allowlist must be configured to not include applications with the following characteristics:AirWatch - DISA Google Android 13 COBO v2r1MDM

CONFIGURATION MANAGEMENT

GOOG-13-006700 - Google Android 13 allowlist must be configured to not include applications with the following characteristics:AirWatch - DISA Google Android 13 COPE v2r1MDM

CONFIGURATION MANAGEMENT

GOOG-13-006700 - Google Android 13 allowlist must be configured to not include applications with the following characteristics:MobileIron - DISA Google Android 13 COBO v2r1MDM

CONFIGURATION MANAGEMENT

GOOG-13-706700 - Google Android 13 allowlist must be configured to not include applications with the following characteristics (work profile only):MobileIron - DISA Google Android 13 BYOD v1r2MDM

CONFIGURATION MANAGEMENT

GOOG-13-706700 - Google Android 13 allowlist must be configured to not include applications with the following characteristics (work profile only):AirWatch - DISA Google Android 13 BYOD v1r2MDM

CONFIGURATION MANAGEMENT

GOOG-14-006700 - Google Android 14 allowlist must be configured to not include applications with the following characteristics:MobileIron - DISA Google Android 14 COBO v2r1MDM

CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION

GOOG-14-006700 - Google Android 14 allowlist must be configured to not include applications with the following characteristics:AirWatch - DISA Google Android 14 COPE v2r1MDM

CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION

GOOG-14-006700 - Google Android 14 allowlist must be configured to not include applications with the following characteristics:MobileIron - DISA Google Android 14 COPE v2r1MDM

CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION

HONW-09-001100 - The Honeywell Mobility Edge Android Pie device whitelist must be configured to not include applications with the following characteristics:AirWatch - DISA Honeywell Android 9.x COBO v1r2MDM

CONFIGURATION MANAGEMENT

HONW-09-001100 - The Honeywell Mobility Edge Android Pie device whitelist must be configured to not include applications with the following characteristics:MobileIron - DISA Honeywell Android 9.x COBO v1r2MDM

CONFIGURATION MANAGEMENT

HONW-09-001100 - The Honeywell Mobility Edge Android Pie device whitelist must be configured to not include applications with the following characteristics:AirWatch - DISA Honeywell Android 9.x COPE v1r2MDM

CONFIGURATION MANAGEMENT

HONW-09-001100 - The Honeywell Mobility Edge Android Pie device whitelist must be configured to not include applications with the following characteristics:MobileIron - DISA Honeywell Android 9.x COPE v1r2MDM

CONFIGURATION MANAGEMENT

HONW-09-003700 - The Honeywell Mobility Edge Android Pie device must be configured to not allow backup of [all applications, configuration data] to locally connected systems.MobileIron - DISA Honeywell Android 9.x COPE v1r2MDM

ACCESS CONTROL

KNOX-07-004700 - The Samsung must be configured to not allow backup of [all applications, configuration data] to locally connected systems.MobileIron - DISA Samsung Android 7 with Knox 2.x v1r1MDM

ACCESS CONTROL

MOTO-09-001100 - The Motorola Android Pie whitelist must be configured to not include applications with the following characteristics:AirWatch - DISA Motorola Android Pie.x COBO v1r2MDM

CONFIGURATION MANAGEMENT

MOTO-09-001100 - The Motorola Android Pie whitelist must be configured to not include applications with the following characteristics:MobileIron - DISA Motorola Android Pie.x COPE v1r2MDM

CONFIGURATION MANAGEMENT

MOTO-09-001100 - The Motorola Android Pie whitelist must be configured to not include applications with the following characteristics:AirWatch - DISA Motorola Android Pie.x COPE v1r2MDM

CONFIGURATION MANAGEMENT

MOTO-09-003700 - The Motorola Android Pie must be configured to not allow backup of [all applications, configuration data] to locally connected systems.MobileIron - DISA Motorola Android Pie.x COPE v1r2MDM

ACCESS CONTROL

MOTS-11-001100 - Motorola Solutions Android 11 allow list must be configured to not include applications with the following characteristics:MobileIron - DISA Motorola Solutions Android 11 COBO v1r3MDM

CONFIGURATION MANAGEMENT

MSFT-11-001100 - Microsoft Android 11 allow list must be configured to not include applications with the following characteristics:MobileIron - DISA Microsoft Android 11 COBO v1r2MDM

CONFIGURATION MANAGEMENT

MSFT-11-001100 - Microsoft Android 11 allow list must be configured to not include applications with the following characteristics: - Back up MD data to non-DOD cloud servers (including user and application access to cloud backup services);- Transmit MD diagnostic data to non-DOD servers;- Voice assistant application if available when MD is locked;- Voice dialing application if available when MD is locked;- Allows synchronization of data or applications between devices associated with user; and- Allows unencrypted (or encrypted but not FIPS 140-2/FIPS 140-3 validated) data sharing with other MDs or printers.AirWatch - DISA Microsoft Android 11 COPE v1r2MDM

CONFIGURATION MANAGEMENT

MSFT-11-001100 - Microsoft Android 11 allow list must be configured to not include applications with the following characteristics: - Back up MD data to non-DOD cloud servers (including user and application access to cloud backup services);- Transmit MD diagnostic data to non-DOD servers;- Voice assistant application if available when MD is locked;- Voice dialing application if available when MD is locked;- Allows synchronization of data or applications between devices associated with user; and- Allows unencrypted (or encrypted but not FIPS 140-2/FIPS 140-3 validated) data sharing with other MDs or printers.MobileIron - DISA Microsoft Android 11 COPE v1r2MDM

CONFIGURATION MANAGEMENT

MSFT-11-003700 - Microsoft Android 11 must be configured to not allow backup of [all applications, configuration data] to locally connected systems.MobileIron - DISA Microsoft Android 11 COBO v1r2MDM

SYSTEM AND COMMUNICATIONS PROTECTION

WDNS-CM-000024 - The Windows 2012 DNS Servers zone files must not include resource records that resolve to a fully qualified domain name residing in another zone.DISA Microsoft Windows 2012 Server DNS STIG v2r7Windows

CONFIGURATION MANAGEMENT

ZEBR-10-001100 - Zebra Android 10 whitelist must be configured to not include applications with the following characteristics:MobileIron - DISA Zebra Android 10 COBO v1r2MDM

CONFIGURATION MANAGEMENT

ZEBR-10-001100 - Zebra Android 10 whitelist must be configured to not include applications with the following characteristics:AirWatch - DISA Zebra Android 10 COPE v1r2MDM

CONFIGURATION MANAGEMENT

ZEBR-10-001100 - Zebra Android 10 whitelist must be configured to not include applications with the following characteristics:MobileIron - DISA Zebra Android 10 COPE v1r2MDM

CONFIGURATION MANAGEMENT

ZEBR-10-003700 - Zebra Android 10 must be configured to not allow backup of [all applications, configuration data] to locally connected systems.AirWatch - DISA Zebra Android 10 COPE v1r2MDM

ACCESS CONTROL

ZEBR-10-003700 - Zebra Android 10 must be configured to not allow backup of [all applications, configuration data] to locally connected systems.AirWatch - DISA Zebra Android 10 COBO v1r2MDM

ACCESS CONTROL

ZEBR-10-003700 - Zebra Android 10 must be configured to not allow backup of [all applications, configuration data] to locally connected systems.MobileIron - DISA Zebra Android 10 COPE v1r2MDM

ACCESS CONTROL

ZEBR-11-003700 - Zebra Android 11 must be configured to not allow backup of [all applications, configuration data] to locally connected systems.AirWatch - DISA Zebra Android 11 COBO v1r3MDM

ACCESS CONTROL