Item Search

NameAudit NamePluginCategory
1.1.2 Ensure /tmp is configuredCIS CentOS 6 Workstation L2 v3.0.0Unix

CONFIGURATION MANAGEMENT

1.1.2 Ensure /tmp is configuredCIS Red Hat 6 Server L2 v3.0.0Unix

CONFIGURATION MANAGEMENT

1.1.2 Ensure /tmp is configuredCIS Red Hat 6 Workstation L2 v3.0.0Unix

CONFIGURATION MANAGEMENT

1.1.2 Ensure /tmp is configuredCIS Oracle Linux 6 Server L2 v2.0.0Unix

CONFIGURATION MANAGEMENT

1.1.2 Ensure /tmp is configuredCIS Oracle Linux 6 Workstation L2 v2.0.0Unix

CONFIGURATION MANAGEMENT

1.1.2 Ensure /tmp is configuredCIS CentOS 6 Server L2 v3.0.0Unix

CONFIGURATION MANAGEMENT

1.1.7 Ensure separate partition exists for /var/tmpCIS SUSE Linux Enterprise Workstation 11 L2 v2.1.1Unix

ACCESS CONTROL, MEDIA PROTECTION

1.1.7 Ensure separate partition exists for /var/tmpCIS Red Hat 6 Workstation L2 v3.0.0Unix

CONFIGURATION MANAGEMENT

1.1.7 Ensure separate partition exists for /var/tmpCIS Red Hat 6 Server L2 v3.0.0Unix

CONFIGURATION MANAGEMENT

1.1.11 Ensure separate partition exists for /var/tmpCIS Ubuntu Linux 16.04 LTS Server L2 v2.0.0Unix

CONFIGURATION MANAGEMENT

2.2.4 Ensure that A Multi-factor Authentication Policy Exists for Administrative GroupsCIS Microsoft Azure Foundations v3.0.0 L2microsoft_azure

IDENTIFICATION AND AUTHENTICATION

2.4.11 Ensure AirDrop Is DisabledCIS Apple macOS 10.14 v2.0.0 L1Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.4.12 Ensure Media Sharing Is DisabledCIS Apple macOS 11.0 Big Sur v4.0.0 L2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.13 Ensure Storage logging is Enabled for Blob Service for 'Read', 'Write', and 'Delete' requestsCIS Microsoft Azure Foundations v3.0.0 L2microsoft_azure

AUDIT AND ACCOUNTABILITY

5.1.1 Ensure Home Folders Are SecureCIS Apple macOS 12.0 Monterey v4.0.0 L1Unix

ACCESS CONTROL, MEDIA PROTECTION

5.1.1 Ensure Home Folders Are SecureCIS Apple macOS 14.0 Sonoma v2.0.0 L1Unix

ACCESS CONTROL, MEDIA PROTECTION

5.1.1 Ensure Home Folders Are SecureCIS Apple macOS 10.15 Catalina v3.0.0 L1Unix

ACCESS CONTROL, MEDIA PROTECTION

5.1.2 Minimize access to secretsCIS RedHat OpenShift Container Platform v1.6.0 L1OpenShift

SYSTEM AND COMMUNICATIONS PROTECTION

5.2.2.8 Ensure admin center access is limited to administrative rolesCIS Microsoft 365 Foundations E3 L1 v3.1.0microsoft_azure

ACCESS CONTROL

5.4.1 Ensure the GKE Metadata Server is EnabledCIS Google Kubernetes Engine (GKE) v1.7.0 L2GCP

CONFIGURATION MANAGEMENT

5.5.4 When creating New Clusters - Automate GKE version management using Release ChannelsCIS Google Kubernetes Engine (GKE) v1.7.0 L1GCP

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

6.19 Create the Web tier Security Group and ensure it allows inbound connections from Web tier ELB Security Group for explicit portsCIS Amazon Web Services Three-tier Web Architecture L1 1.0.0amazon_aws

SYSTEM AND COMMUNICATIONS PROTECTION

6.22 Create the App tier Security Group and ensure it allows inbound connections from App tier ELB Security Group for explicit portsCIS Amazon Web Services Three-tier Web Architecture L1 1.0.0amazon_aws

SYSTEM AND COMMUNICATIONS PROTECTION

7.3.2 Ensure OneDrive sync is restricted for unmanaged devicesCIS Microsoft 365 Foundations E3 L2 v3.1.0microsoft_azure

CONFIGURATION MANAGEMENT

18.10.16.1 (L1) Ensure 'Download Mode' is NOT set to 'Enabled: Internet'CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL NGWindows

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

18.10.16.1 (L1) Ensure 'Download Mode' is NOT set to 'Enabled: Internet'CIS Microsoft Windows 10 Enterprise v3.0.0 L1 + BLWindows

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

18.10.16.1 (L1) Ensure 'Download Mode' is NOT set to 'Enabled: Internet'CIS Microsoft Windows 11 Stand-alone v3.0.0 L1 + BLWindows

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

18.10.16.1 (L1) Ensure 'Download Mode' is NOT set to 'Enabled: Internet'CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BLWindows

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

18.10.16.1 (L1) Ensure 'Download Mode' is NOT set to 'Enabled: Internet'CIS Microsoft Windows 10 Enterprise v3.0.0 L1Windows

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

18.10.16.1 (L1) Ensure 'Download Mode' is NOT set to 'Enabled: Internet'CIS Microsoft Windows 10 Enterprise v3.0.0 L1 + BL + NGWindows

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

18.10.16.1 (L1) Ensure 'Download Mode' is NOT set to 'Enabled: Internet'CIS Microsoft Windows 11 Enterprise v3.0.0 L1 + BLWindows

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

18.10.16.1 (L1) Ensure 'Download Mode' is NOT set to 'Enabled: Internet'CIS Microsoft Windows 10 Stand-alone v3.0.0 L1Windows

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

18.10.16.1 (L1) Ensure 'Download Mode' is NOT set to 'Enabled: Internet'CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 NGWindows

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

18.10.16.1 (L1) Ensure 'Download Mode' is NOT set to 'Enabled: Internet'CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1Windows

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

18.10.16.1 (L1) Ensure 'Download Mode' is NOT set to 'Enabled: Internet'CIS Microsoft Windows 10 Enterprise v3.0.0 L1 + NGWindows

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

18.10.16.1 (L1) Ensure 'Download Mode' is NOT set to 'Enabled: Internet'CIS Microsoft Windows 11 Enterprise v3.0.0 L1Windows

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

18.10.16.1 (L1) Ensure 'Download Mode' is NOT set to 'Enabled: Internet'CIS Microsoft Windows 11 Stand-alone v3.0.0 L1Windows

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

18.10.16.1 Ensure 'Download Mode' is set to 'Enabled' (STIG only)CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DCWindows

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

18.10.16.1 Ensure 'Download Mode' is set to 'Enabled' (STIG only)CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DCWindows

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

18.10.16.1 Ensure 'Download Mode' is set to 'Enabled' (STIG only)CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MSWindows

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

18.10.16.1 Ensure 'Download Mode' is set to 'Enabled' (STIG only)CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MSWindows

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

18.10.92.4.3 (L1) Ensure 'Select when Quality Updates are received' is set to 'Enabled: 0 days'CIS Microsoft Windows 10 Enterprise v3.0.0 L1 + BL + NGWindows

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

18.10.92.4.3 (L1) Ensure 'Select when Quality Updates are received' is set to 'Enabled: 0 days'CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BLWindows

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

18.10.92.4.3 (L1) Ensure 'Select when Quality Updates are received' is set to 'Enabled: 0 days'CIS Microsoft Windows 11 Stand-alone v3.0.0 L1Windows

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

18.10.92.4.3 (L1) Ensure 'Select when Quality Updates are received' is set to 'Enabled: 0 days'CIS Microsoft Windows Server 2022 v3.0.0 L1 Domain ControllerWindows

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

18.10.92.4.3 Ensure 'Select when Quality Updates are received' is set to 'Enabled: 0 days'CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Domain ControllerWindows

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

18.10.92.4.3 Ensure 'Select when Quality Updates are received' is set to 'Enabled: 0 days'CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 MSWindows

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

22.1 (L1) Ensure 'DO Download Mode' is NOT set to 'HTTP blended with Internet Peering'CIS Microsoft Intune for Windows 10 v3.0.1 L1Windows

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

22.1 (L1) Ensure 'DO Download Mode' is NOT set to 'HTTP blended with Internet Peering'CIS Microsoft Intune for Windows 11 v3.0.1 L1Windows

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

WPAW-00-002200 - The Windows PAW must be configured so that all outbound connections to the Internet from a PAW are blocked.DISA MS Windows Privileged Access Workstation v3r1Windows

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION