Item Search

NameAudit NamePluginCategory
1.1.6 Ensure separate partition exists for /varCIS Debian Family Server L2 v1.0.0Unix

CONFIGURATION MANAGEMENT

1.1.6 Ensure separate partition exists for /varCIS Debian Family Workstation L2 v1.0.0Unix

CONFIGURATION MANAGEMENT

1.1.10 Ensure separate partition exists for /varCIS Fedora 19 Family Linux Server L2 v1.0.0Unix

CONFIGURATION MANAGEMENT

1.1.10 Ensure separate partition exists for /varCIS Fedora 19 Family Linux Workstation L2 v1.0.0Unix

CONFIGURATION MANAGEMENT

1.1.11 Ensure separate partition exists for /var/logCIS Debian Family Server L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

1.1.12 Ensure separate partition exists for /var/log/auditCIS CentOS 6 Workstation L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

1.1.12 Ensure separate partition exists for /var/log/auditCIS Red Hat 6 Workstation L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

1.1.15 Ensure separate partition exists for /var/logCIS Fedora 19 Family Linux Server L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

1.1.15 Ensure separate partition exists for /var/logCIS Fedora 19 Family Linux Workstation L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

1.1.16 Ensure separate partition exists for /var/log/auditCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

1.1.16 Ensure separate partition exists for /var/log/auditCIS Ubuntu Linux 16.04 LTS Server L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

1.22 Ensure access to AWSCloudShellFullAccess is restrictedCIS Amazon Web Services Foundations v4.0.1 L1amazon_aws

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

2.3.3.10 Ensure Media Sharing Is DisabledCIS Apple macOS 14.0 Sonoma v2.0.0 L2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.6.1.1 Audit iCloud KeychainCIS Apple macOS 11.0 Big Sur v4.0.0 L2Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.6.1.1 Audit iCloud KeychainCIS Apple macOS 10.15 Catalina v3.0.0 L2Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.6.1.2 Audit iCloud KeychainCIS Apple macOS 10.14 v2.0.0 L2Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.6.2 iCloud keychainCIS Apple macOS 10.13 L2 v1.1.0Unix

ACCESS CONTROL

2.7 Ensure monitoring and alerting exist for SCIM token creationCIS Snowflake Foundations v1.0.0 L1Snowflake

AUDIT AND ACCOUNTABILITY

2.7.2 iCloud keychainCIS Apple macOS 10.12 L2 v1.2.0Unix

ACCESS CONTROL

3.1.7.1 Ensure That Microsoft Defender for Azure Cosmos DB Is Set To 'On'CIS Microsoft Azure Foundations v3.0.0 L2microsoft_azure

RISK ASSESSMENT, SYSTEM AND SERVICES ACQUISITION

5.4.3 Ensure clusters are created with Private Endpoint Enabled and Public Access DisabledCIS Google Kubernetes Engine (GKE) Autopilot v1.1.0 L2GCP

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.6.4 Ensure clusters are created with Private Endpoint Enabled and Public Access DisabledCIS Google Kubernetes Engine (GKE) v1.7.0 L2GCP

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

6.9 Ensure Elastic IPs for the NAT Gateways are allocatedCIS Amazon Web Services Three-tier Web Architecture L1 1.0.0amazon_aws

SYSTEM AND COMMUNICATIONS PROTECTION

7.2.4 Ensure OneDrive content sharing is restrictedCIS Microsoft 365 Foundations E3 L2 v3.1.0microsoft_azure

ACCESS CONTROL, MEDIA PROTECTION

19.7.8.2 (L1) Ensure 'Do not suggest third-party content in Windows spotlight' is set to 'Enabled'CIS Microsoft Windows 11 Stand-alone v3.0.0 L1 + BLWindows

CONFIGURATION MANAGEMENT

19.7.8.2 (L1) Ensure 'Do not suggest third-party content in Windows spotlight' is set to 'Enabled'CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL NGWindows

CONFIGURATION MANAGEMENT

19.7.8.2 (L1) Ensure 'Do not suggest third-party content in Windows spotlight' is set to 'Enabled'CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BLWindows

CONFIGURATION MANAGEMENT

AIOS-12-012600 - Apple iOS must not allow managed apps to write contacts to unmanaged contacts accounts.AirWatch - DISA Apple iOS 12 v2r1MDM

CONFIGURATION MANAGEMENT

AIOS-12-012600 - Apple iOS must not allow managed apps to write contacts to unmanaged contacts accounts.MobileIron - DISA Apple iOS 12 v2r1MDM

CONFIGURATION MANAGEMENT

AIOS-12-012700 - Apple iOS must not allow unmanaged apps to read contacts from managed contacts accounts.MobileIron - DISA Apple iOS 12 v2r1MDM

CONFIGURATION MANAGEMENT

AIOS-13-012600 - Apple iOS/iPadOS must not allow managed apps to write contacts to unmanaged contacts accounts.AirWatch - DISA Apple iOS/iPadOS 13 v2r1MDM

CONFIGURATION MANAGEMENT

AIOS-14-010800 - Apple iOS/iPadOS must not allow unmanaged apps to read contacts from managed contacts accounts.AirWatch - DISA Apple iOS/iPadOS 14 v1r3MDM

ACCESS CONTROL, CONFIGURATION MANAGEMENT

AIOS-15-012300 - Apple iOS/iPadOS 15 must not allow managed apps to write contacts to unmanaged contacts accounts.AirWatch - DISA Apple iOS/iPadOS 14 v1r4MDM

CONFIGURATION MANAGEMENT

AIOS-15-012300 - Apple iOS/iPadOS 15 must not allow managed apps to write contacts to unmanaged contacts accounts.MobileIron - DISA Apple iOS/iPadOS 14 v1r4MDM

CONFIGURATION MANAGEMENT

AIOS-16-012300 - Apple iOS/iPadOS 16 must not allow managed apps to write contacts to unmanaged contacts accounts.AirWatch - DISA Apple iOS/iPadOS 16 v2r1MDM

ACCESS CONTROL, CONFIGURATION MANAGEMENT

AIOS-16-012400 - Apple iOS/iPadOS 16 must not allow unmanaged apps to read contacts from managed contacts accounts.AirWatch - DISA Apple iOS/iPadOS 16 v2r1MDM

ACCESS CONTROL, CONFIGURATION MANAGEMENT

AIOS-16-712400 - Apple iOS/iPadOS 16 must not allow unmanaged apps to read contacts from managed contacts accounts.AirWatch - DISA Apple iOS/iPadOS 16 BYOAD v1r1MDM

CONFIGURATION MANAGEMENT

AIOS-17-012300 - Apple iOS/iPadOS 17 must not allow managed apps to write contacts to unmanaged contacts accounts.MobileIron - DISA Apple iOS/iPadOS 17 v2r1MDM

CONFIGURATION MANAGEMENT

AIOS-17-012400 - Apple iOS/iPadOS 17 must not allow unmanaged apps to read contacts from managed contacts accounts.AirWatch - DISA Apple iOS/iPadOS 17 v2r1MDM

CONFIGURATION MANAGEMENT

AIOS-17-012400 - Apple iOS/iPadOS 17 must not allow unmanaged apps to read contacts from managed contacts accounts.MobileIron - DISA Apple iOS/iPadOS 17 v2r1MDM

CONFIGURATION MANAGEMENT

AIOS-17-712400 - Apple iOS/iPadOS 17 must not allow unmanaged apps to read contacts from managed contacts accounts.MobileIron - DISA Apple iOS/iPadOS BYOAD 17 v1r1MDM

CONFIGURATION MANAGEMENT

AIOS-18-012300 - Apple iOS/iPadOS 18 must not allow managed apps to write contacts to unmanaged contacts accounts.AirWatch - DISA Apple iOS/iPadOS 18 v1r1MDM

CONFIGURATION MANAGEMENT

AIOS-18-012300 - Apple iOS/iPadOS 18 must not allow managed apps to write contacts to unmanaged contacts accounts.MobileIron - DISA Apple iOS/iPadOS 18 v1r1MDM

CONFIGURATION MANAGEMENT

AIOS-18-012400 - Apple iOS/iPadOS 18 must not allow unmanaged apps to read contacts from managed contacts accounts.MobileIron - DISA Apple iOS/iPadOS 18 v1r1MDM

CONFIGURATION MANAGEMENT

DTAM137 - McAfee VirusScan On-Access General Policies Artemis sensitivity level must be configured to medium or higher - ArtemisLevelDISA McAfee VirusScan 8.8 Managed Client STIG v6r1Windows

SYSTEM AND INFORMATION INTEGRITY

DTAM137 - McAfee VirusScan On-Access Scanner General Settings Artemis Heuristic network check for suspicious files must be enabled and set to sensitivity level Medium or higher - ArtemisEnabledDISA McAfee VirusScan 8.8 Local Client STIG v6r1Windows

SYSTEM AND INFORMATION INTEGRITY

DTAM137 - McAfee VirusScan On-Access Scanner General Settings Artemis Heuristic network check for suspicious files must be enabled and set to sensitivity level Medium or higher - ArtemisLevelDISA McAfee VirusScan 8.8 Local Client STIG v6r1Windows

SYSTEM AND INFORMATION INTEGRITY

DTAM157 - McAfee VirusScan On-Delivery Email Scan Policies Artemis sensitivity level must be configured to medium or higher.DISA McAfee VirusScan 8.8 Managed Client STIG v6r1Windows

CONFIGURATION MANAGEMENT

SYMP-AG-000610 - Symantec ProxySG providing content filtering must detect use of network services that have not been authorized or approved by the ISSM and ISSO, at a minimum.DISA Symantec ProxySG Benchmark ALG v1r3BlueCoat

SYSTEM AND INFORMATION INTEGRITY

WPAW-00-000200 - Site IT resources designated as high value by the Authorizing Official (AO) must be remotely managed only via a Windows privileged access workstation (PAW) - AO must be remotely managed only via PAWDISA MS Windows Privileged Access Workstation v3r1Windows

CONFIGURATION MANAGEMENT