Item Search

NameAudit NamePluginCategory
1.1 Verify all Apple provided software is currentCIS Apple macOS 10.12 L1 v1.2.0Unix

SYSTEM AND INFORMATION INTEGRITY

1.2 Use Dedicated Least Privileged Account for MariaDB Daemon/ServiceCIS MariaDB 10.6 on Linux L1 v1.1.0Unix

ACCESS CONTROL, MEDIA PROTECTION

1.6 Ensure Install Security Responses and System Files Is EnabledCIS Apple macOS 13.0 Ventura Cloud-tailored v1.1.0 L1Unix

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

1.6 Ensure Install Security Responses and System Files Is EnabledCIS Apple macOS 14.0 Sonoma v2.0.0 L1Unix

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

1.6 Ensure Install Security Responses and System Files Is EnabledCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L1Unix

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

1.6 Ensure Install Security Responses and System Files Is EnabledCIS Apple macOS 15.0 Sequoia v1.0.0 L1Unix

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

2.1.1 Backup Policy in PlaceCIS MariaDB 10.6 on Linux L1 v1.1.0Unix

CONTINGENCY PLANNING

2.4.2 Ensure 'Require alphanumeric value' is set to 'Enabled'AirWatch - CIS Apple iOS 18 v1.0.0 L2 Institution OwnedMDM

IDENTIFICATION AND AUTHENTICATION

2.6.7 Audit Lockdown ModeCIS Apple macOS 13.0 Ventura v3.0.0 L2Unix

CONFIGURATION MANAGEMENT, MAINTENANCE

3.2 Ensure 'log_bin_basename' Files Have Appropriate PermissionsCIS MariaDB 10.6 on Linux L1 v1.1.0Unix

ACCESS CONTROL, MEDIA PROTECTION

3.2.1.8 Ensure 'Allow USB drive access in Files app' is set to 'Disabled'MobileIron - CIS Apple iOS 18 v1.0.0 L2 Institution OwnedMDM

CONFIGURATION MANAGEMENT

3.2.1.8 Ensure 'Allow USB drive access in Files app' is set to 'Disabled'AirWatch - CIS Apple iPadOS 18 v1.0.0 L2 Institutionally OwnedMDM

CONFIGURATION MANAGEMENT

3.2.1.8 Ensure 'Allow USB drive access in Files app' is set to 'Disabled'MobileIron - CIS Apple iPadOS 18 v1.0.0 L2 Institutionally OwnedMDM

CONFIGURATION MANAGEMENT

3.2.1.9 Ensure 'Allow network drive access in Files app' is set to 'Disabled'MobileIron - CIS Apple iOS 18 v1.0.0 L2 Institution OwnedMDM

CONFIGURATION MANAGEMENT

3.2.1.9 Ensure 'Allow network drive access in Files app' is set to 'Disabled'AirWatch - CIS Apple iPadOS 18 v1.0.0 L2 Institutionally OwnedMDM

CONFIGURATION MANAGEMENT

3.2.1.9 Ensure 'Allow network drive access in Files app' is set to 'Disabled'MobileIron - CIS Apple iPadOS 18 v1.0.0 L2 Institutionally OwnedMDM

CONFIGURATION MANAGEMENT

3.2.1.10 Ensure 'Allow users to accept untrusted TLS certificates' is set to 'Disabled'AirWatch - CIS Apple iOS 12 v1.0.0 Institution Owned L2MDM

SYSTEM AND COMMUNICATIONS PROTECTION

3.2.1.18 Ensure 'Allow modifying cellular data app settings' is set to 'Disabled'MobileIron - CIS Apple iPadOS 18 v1.0.0 L2 Institutionally OwnedMDM

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.3 Ensure 'log_error' Has Appropriate PermissionsCIS MariaDB 10.6 on Linux L1 v1.1.0Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.3.2 Include TSIG key in named.conf 'TSIG key 1 permissions'CIS ISC BIND 9.0/9.5 v2.0.0Unix
3.3.2 Include TSIG key in named.conf 'TSIG key 2 permissions'CIS ISC BIND 9.0/9.5 v2.0.0Unix
3.4 Ensure 'slow_query_log' Has Appropriate PermissionsCIS MariaDB 10.6 on Linux L1 v1.1.0Unix

ACCESS CONTROL, MEDIA PROTECTION

3.4.2 Ensure 'Require alphanumeric value' is set to 'Enabled'MobileIron - CIS Apple iOS 18 v1.0.0 L2 Institution OwnedMDM

IDENTIFICATION AND AUTHENTICATION

3.5 Ensure 'relay_log_basename' Files Have Appropriate PermissionsCIS MariaDB 10.6 on Linux L1 v1.1.0Unix

ACCESS CONTROL, MEDIA PROTECTION

3.6.2 Ensure 'Allow Mail Drop' is set to 'Disabled'MobileIron - CIS Apple iOS 12 v1.0.0 Institution Owned L2MDM

CONFIGURATION MANAGEMENT

3.7.2 Ensure 'Allow Mail Drop' is set to 'Disabled'AirWatch - CIS Apple iOS 18 v1.0.0 L2 Institution OwnedMDM

ACCESS CONTROL, MEDIA PROTECTION

3.7.2 Ensure 'Allow Mail Drop' is set to 'Disabled'AirWatch - CIS Apple iPadOS 18 v1.0.0 L2 Institutionally OwnedMDM

ACCESS CONTROL, MEDIA PROTECTION

4.1.2 Review Emergency ResetAirWatch - CIS Apple iPadOS 18 v1.0.0 L2 Institutionally OwnedMDM

CONFIGURATION MANAGEMENT

4.1.3 Review Lockdown ModeMobileIron - CIS Apple iPadOS 18 v1.0.0 L2 Institutionally OwnedMDM

CONFIGURATION MANAGEMENT

4.1.5 Review AirprintAirWatch - CIS Apple iOS 18 v1.0.0 L2 Institution OwnedMDM

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.4 Harden Usage for 'local_infile' on MariaDB ClientsCIS MariaDB 10.6 on Linux L1 v1.1.0Unix

CONFIGURATION MANAGEMENT

4.5 Configure Solaris Auditing - not_terminatedCIS Solaris 11.2 L1 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

5.9 Ensure XProtect Is Running and UpdatedCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L1Unix

SYSTEM AND INFORMATION INTEGRITY

5.10 Ensure XProtect Is Running and UpdatedCIS Apple macOS 14.0 Sonoma v2.0.0 L1Unix

SYSTEM AND INFORMATION INTEGRITY

5.11 Ensure XProtect Is Running and UpdatedCIS Apple macOS 12.0 Monterey v4.0.0 L1Unix

SYSTEM AND INFORMATION INTEGRITY

5.11 Ensure XProtect Is Running and UpdatedCIS Apple macOS 12.0 Monterey Cloud-tailored v1.0.0 L1Unix

SYSTEM AND INFORMATION INTEGRITY

7.2 Ensure Passwords are Not Stored in the Global ConfigurationCIS MariaDB 10.6 on Linux L1 v1.1.0Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

APPL-12-002060 - The macOS system must allow only applications that have a valid digital signature to run.DISA STIG Apple macOS 12 v1r9Unix

CONFIGURATION MANAGEMENT

APPL-14-002230 The macOS system must disable dictation.DISA Apple macOS 14 (Sonoma) STIG v2r3Unix

CONFIGURATION MANAGEMENT

APPL-15-002230 - The macOS system must disable Dictation.DISA Apple macOS 15 (Sequoia) STIG v1r2Unix

CONFIGURATION MANAGEMENT

Big Sur - Disable AirDropNIST macOS Big Sur v1.4.0 - 800-171Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT

Big Sur - Disable AirDropNIST macOS Big Sur v1.4.0 - All ProfilesUnix

ACCESS CONTROL, CONFIGURATION MANAGEMENT

Catalina - Disable AirDropNIST macOS Catalina v1.5.0 - 800-53r4 LowUnix

ACCESS CONTROL, CONFIGURATION MANAGEMENT

Catalina - Disable AirDropNIST macOS Catalina v1.5.0 - 800-53r5 LowUnix

ACCESS CONTROL, CONFIGURATION MANAGEMENT

Catalina - Disable Guest Access to Shared Apple File Protocol FoldersNIST macOS Catalina v1.5.0 - 800-53r5 HighUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

CIS_Palo_Alto_Firewall_9_Benchmark_v1.1.0_L2.audit from CIS Palo Alto Firewall 9 Benchmark v1.1.0CIS Palo Alto Firewall 9 v1.1.0 L2Palo_Alto
CIS_Palo_Alto_Firewall_10_Benchmark_v1.2.0_L2.audit from CIS Palo Alto Firewall 10 Benchmark v1.2.0CIS Palo Alto Firewall 10 v1.2.0 L2Palo_Alto
CIS_Palo_Alto_Firewall_11_Benchmark_v1.1.0_L1.audit from CIS Palo Alto Firewall 11 Benchmark v1.1.0CIS Palo Alto Firewall 11 v1.1.0 L1Palo_Alto
CIS_Palo_Alto_Firewall_11_Benchmark_v1.1.0_L2.audit from CIS Palo Alto Firewall 11 Benchmark v1.1.0CIS Palo Alto Firewall 11 v1.1.0 L2Palo_Alto
Monterey - Disable AirDropNIST macOS Monterey v1.0.0 - CNSSI 1253Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT