1.1.3 Ensure noexec option set on /tmp partition | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
1.1.3 Ensure noexec option set on /tmp partition | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
1.1.7 Ensure noexec option set on /dev/shm partition | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Workstation | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT, MEDIA PROTECTION, SYSTEM AND SERVICES ACQUISITION |
1.1.7 Ensure noexec option set on /dev/shm partition | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Server | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT, MEDIA PROTECTION, SYSTEM AND SERVICES ACQUISITION |
1.1.12 Ensure /var/tmp partition includes the noexec option | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Workstation | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT, MEDIA PROTECTION, SYSTEM AND SERVICES ACQUISITION |
1.1.12 Ensure /var/tmp partition includes the noexec option | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Server | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT, MEDIA PROTECTION, SYSTEM AND SERVICES ACQUISITION |
1.1.12 Ensure noexec option set on /var/tmp partition | CIS SUSE Linux Enterprise 15 Workstation L1 v1.1.1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
1.1.12 Ensure noexec option set on /var/tmp partition | CIS SUSE Linux Enterprise 12 v3.1.0 L1 Server | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
1.1.12 Ensure noexec option set on /var/tmp partition | CIS SUSE Linux Enterprise 15 Server L1 v1.1.1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
1.1.12 Ensure noexec option set on /var/tmp partition | CIS SUSE Linux Enterprise 12 v3.1.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
1.1.19 Ensure noexec option set on removable media partitions | CIS SUSE Linux Enterprise 15 Workstation L1 v1.1.1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
1.1.19 Ensure noexec option set on removable media partitions | CIS SUSE Linux Enterprise 12 v3.1.0 L1 Server | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
1.1.19 Ensure noexec option set on removable media partitions | CIS SUSE Linux Enterprise 15 Server L1 v1.1.1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
1.1.19 Ensure noexec option set on removable media partitions | CIS SUSE Linux Enterprise 12 v3.1.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
1.10 Ensure 'User consent for applications' is set to 'Do not allow user consent' | CIS Microsoft Azure Foundations v2.1.0 L1 | microsoft_azure | ACCESS CONTROL, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
1.10 Ensure GDM is removed or login is configured | CIS SUSE Linux Enterprise 12 v3.1.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
1.10 Ensure GDM is removed or login is configured | CIS SUSE Linux Enterprise 15 Server L1 v1.1.1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
1.10 Ensure GDM is removed or login is configured | CIS SUSE Linux Enterprise 12 v3.1.0 L1 Server | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
1.10 Ensure GDM is removed or login is configured | CIS SUSE Linux Enterprise 15 Workstation L1 v1.1.1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
1.11 Ensure 'User consent for applications' Is Set To 'Allow for Verified Publishers' | CIS Microsoft Azure Foundations v2.1.0 L2 | microsoft_azure | ACCESS CONTROL, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
1.13 Ensure That 'Users Can Register Applications' Is Set to 'No' | CIS Microsoft Azure Foundations v2.1.0 L1 | microsoft_azure | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
2.2 Scan for TROJAN aka Untrusted/Unauthorized Applications (Implement Allowlist) | CIS IBM AIX 7.2 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
2.5.4 Audit Location Services Access | CIS Apple macOS 11.0 Big Sur v4.0.0 L2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
2.5.4 Audit Location Services Access | CIS Apple macOS 10.15 Catalina v3.0.0 L2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
2.5.4 Audit Location Services Access | CIS Apple macOS 10.14 v2.0.0 L2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
2.5.4 Audit Location Services Access | CIS Apple macOS 12.0 Monterey v3.1.0 L2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
2.6.1.3 Audit Location Services Access | CIS Apple macOS 13.0 Ventura v2.1.0 L2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
2.6.1.3 Audit Location Services Access | CIS Apple macOS 14.0 Sonoma v1.1.0 L2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
5.1.2 Ensure System Integrity Protection Status (SIP) Is Enabled | CIS Apple macOS 11.0 Big Sur v4.0.0 L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
5.1.2 Ensure System Integrity Protection Status (SIP) Is Enabled | CIS Apple macOS 14.0 Sonoma Cloud-tailored v1.0.0 L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
5.1.2 Ensure System Integrity Protection Status (SIP) Is Enabled | CIS Apple macOS 10.15 Catalina v3.0.0 L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
5.1.2 Ensure System Integrity Protection Status (SIP) Is Enabled | CIS Apple macOS 13.0 Ventura Cloud-tailored v1.0.0 L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
5.1.2 Ensure System Integrity Protection Status (SIP) Is Enabled | CIS Apple macOS 14.0 Sonoma v1.1.0 L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
5.1.2 Ensure System Integrity Protection Status (SIP) Is Enabled | CIS Apple macOS 12.0 Monterey Cloud-tailored v1.0.0 L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
5.1.2 Ensure System Integrity Protection Status (SIP) Is Enabled | CIS Apple macOS 12.0 Monterey v3.1.0 L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
5.1.2 Ensure System Integrity Protection Status (SIP) Is Enabled | CIS Apple macOS 13.0 Ventura v2.1.0 L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
5.1.2 Ensure System Integrity Protection Status (SIPS) Is Enabled | CIS Apple macOS 10.14 v2.0.0 L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
5.1.3 Ensure Apple Mobile File Integrity (AMFI) Is Enabled | CIS Apple macOS 13.0 Ventura Cloud-tailored v1.0.0 L1 | Unix | CONFIGURATION MANAGEMENT |
5.1.3 Ensure Apple Mobile File Integrity (AMFI) Is Enabled | CIS Apple macOS 14.0 Sonoma v1.1.0 L1 | Unix | CONFIGURATION MANAGEMENT |
5.1.3 Ensure Apple Mobile File Integrity (AMFI) Is Enabled | CIS Apple macOS 10.15 Catalina v3.0.0 L1 | Unix | CONFIGURATION MANAGEMENT |
5.1.3 Ensure Apple Mobile File Integrity (AMFI) Is Enabled | CIS Apple macOS 11.0 Big Sur v4.0.0 L1 | Unix | CONFIGURATION MANAGEMENT |
5.1.3 Ensure Apple Mobile File Integrity (AMFI) Is Enabled | CIS Apple macOS 12.0 Monterey v3.1.0 L1 | Unix | CONFIGURATION MANAGEMENT |
5.1.3 Ensure Apple Mobile File Integrity (AMFI) Is Enabled | CIS Apple macOS 13.0 Ventura v2.1.0 L1 | Unix | CONFIGURATION MANAGEMENT |
5.1.3 Ensure Apple Mobile File Integrity (AMFI) Is Enabled | CIS Apple macOS 12.0 Monterey Cloud-tailored v1.0.0 L1 | Unix | CONFIGURATION MANAGEMENT |
5.1.3 Ensure Apple Mobile File Integrity (AMFI) Is Enabled | CIS Apple macOS 14.0 Sonoma Cloud-tailored v1.0.0 L1 | Unix | CONFIGURATION MANAGEMENT |
5.1.3 Ensure Apple Mobile File Integrity Is Enabled | CIS Apple macOS 10.14 v2.0.0 L1 | Unix | CONFIGURATION MANAGEMENT |
5.1.4 Ensure Library Validation Is Enabled | CIS Apple macOS 10.14 v2.0.0 L1 | Unix | CONFIGURATION MANAGEMENT |
18.9.80.1.1 (L1) Ensure 'Configure Windows Defender SmartScreen' is set to 'Enabled: Warn and prevent bypass' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
18.9.80.1.1 Ensure 'Configure Windows Defender SmartScreen' is set to 'Enabled: Warn and prevent bypass' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |