1.1.5 Ensure Unique Application Pools for Sites | CIS IIS 8.0 v1.4.0 Level 1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
1.1.5 Ensure Unique Application Pools for Sites | CIS IIS 7.5 L1 v1.7.1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
1.5 Ensure 'unique application pools' is set for sites | CIS IIS 8.0 v1.5.1 Level 1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
1.5 Ensure 'unique application pools' is set for sites | CIS IIS 10 v1.1.0 Level 1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
1.12.16 Do not allow cross context requests | CIS Apache Tomcat5.5/6.0 L1 v1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
2.8 Enable user namespace support - SecurityOptions | CIS Docker v1.2.0 L2 Docker Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
2.9 Ensure the default cgroup usage has been confirmed | CIS Docker Community Edition v1.1.0 L2 Docker | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
2.9 Ensure the default cgroup usage has been confirmed - daemon.json | CIS Docker v1.2.0 L2 Docker Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
2.9 Ensure the default cgroup usage has been confirmed - dockerd | CIS Docker v1.2.0 L2 Docker Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
2.15 Ensure that a daemon-wide custom seccomp profile is applied if appropriate | CIS Docker v1.2.0 L2 Docker Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
2.16 Ensure daemon-wide custom seccomp profile is applied, if needed | CIS Docker Community Edition v1.1.0 L2 Docker | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
5.2 Ensure that, if applicable, SELinux security options are set | CIS Docker v1.2.0 L2 Docker Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
5.9 Ensure that the host's network namespace is not shared | CIS Docker v1.2.0 L1 Docker Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
5.9 Ensure the host's network namespace is not shared | CIS Docker Community Edition v1.1.0 L1 Docker | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
5.15 Do not share the host's process namespace | CIS Docker 1.13.0 v1.0.0 L1 Docker | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
5.15 Ensure that the host's process namespace is not shared | CIS Docker v1.2.0 L1 Docker Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
5.15 Ensure the host's process namespace is not shared | CIS Docker Community Edition v1.1.0 L1 Docker | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
5.16 Ensure that the host's IPC namespace is not shared | CIS Docker v1.2.0 L1 Docker Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
5.16 Ensure the host's IPC namespace is not shared | CIS Docker Community Edition v1.1.0 L1 Docker | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
5.20 Ensure that the host's UTS namespace is not shared | CIS Docker v1.2.0 L1 Docker Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
5.20 Ensure the host's UTS namespace is not shared | CIS Docker Community Edition v1.1.0 L1 Docker | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
5.21 Ensure the default seccomp profile is not Disabled | CIS Docker v1.2.0 L1 Docker Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
5.21 Ensure the default seccomp profile is not Disabled | CIS Docker Community Edition v1.1.0 L1 Docker | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
5.24 Confirm cgroup usage | CIS Docker 1.12.0 v1.0.0 L1 Docker | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
5.24 Confirm cgroup usage | CIS Docker 1.13.0 v1.0.0 L1 Docker | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
5.24 Ensure cgroup usage is confirmed | CIS Docker Community Edition v1.1.0 L1 Docker | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
5.24 Ensure that cgroup usage is confirmed | CIS Docker v1.2.0 L1 Docker Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
5.25 Ensure that the container is restricted from acquiring additional privileges | CIS Docker v1.2.0 L1 Docker Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
5.25 Ensure the container is restricted from acquiring additional privileges | CIS Docker Community Edition v1.1.0 L1 Docker | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
18.8.5.3 Ensure 'Turn On Virtualization Based Security: Virtualization Based Protection of Code Integrity' is set to 'Enabled with UEFI lock' | CIS Microsoft Windows Server 2016 DC NG v1.2.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
18.8.5.3 Ensure 'Turn On Virtualization Based Security: Virtualization Based Protection of Code Integrity' is set to 'Enabled with UEFI lock' | CIS Microsoft Windows Server 2016 MS NG v1.2.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
Big Sur - Ensure Seperate Execution Domain for Processes | NIST macOS Big Sur v1.4.0 - 800-53r5 High | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
Big Sur - Ensure Seperate Execution Domain for Processes | NIST macOS Big Sur v1.4.0 - All Profiles | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
Big Sur - Ensure Seperate Execution Domain for Processes | NIST macOS Big Sur v1.4.0 - 800-53r5 Low | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
Big Sur - Ensure Seperate Execution Domain for Processes | NIST macOS Big Sur v1.4.0 - 800-53r5 Moderate | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
Catalina - Ensure Seperate Execution Domain for Processes | NIST macOS Catalina v1.5.0 - 800-53r5 High | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
Catalina - Ensure Seperate Execution Domain for Processes | NIST macOS Catalina v1.5.0 - All Profiles | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
Catalina - Ensure Seperate Execution Domain for Processes | NIST macOS Catalina v1.5.0 - 800-53r5 Low | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
Catalina - Ensure Seperate Execution Domain for Processes | NIST macOS Catalina v1.5.0 - 800-53r5 Moderate | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
Monterey - Ensure Seperate Execution Domain for Processes | NIST macOS Monterey v1.0.0 - All Profiles | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
Monterey - Ensure Seperate Execution Domain for Processes | NIST macOS Monterey v1.0.0 - 800-53r5 High | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
Monterey - Ensure Seperate Execution Domain for Processes | NIST macOS Monterey v1.0.0 - 800-53r5 Moderate | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
Monterey - Ensure Seperate Execution Domain for Processes | NIST macOS Monterey v1.0.0 - 800-53r5 Low | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
Turn On Virtualization Based Security - HypervisorEnforcedCodeIntegrity | MSCT Windows 10 v1511 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
Turn On Virtualization Based Security - HypervisorEnforcedCodeIntegrity | MSCT Windows 10 1803 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
Turn On Virtualization Based Security - HypervisorEnforcedCodeIntegrity | MSCT Windows 10 1903 v1.19.9 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
Turn On Virtualization Based Security - HypervisorEnforcedCodeIntegrity | MSCT Windows 10 1909 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
Turn On Virtualization Based Security - HypervisorEnforcedCodeIntegrity | MSCT Windows Server 2019 DC v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
Turn On Virtualization Based Security - HypervisorEnforcedCodeIntegrity | MSCT Windows 11 v23H2 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
Turn On Virtualization Based Security - HypervisorEnforcedCodeIntegrity | MSCT Windows Server v2004 MS v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |