Item Search

Name	Audit Name	Plugin	Category
1.1 Ensure that Corporate Login Credentials are Used	CIS Google Cloud Platform v3.0.0 L1	GCP	ACCESS CONTROL
2.1 Ensure That Cloud Audit Logging Is Configured Properly	CIS Google Cloud Platform v3.0.0 L1	GCP	AUDIT AND ACCOUNTABILITY
2.4.3 Ensure Microsoft Defender for Cloud Apps is enabled and configured	CIS Microsoft 365 Foundations E5 L2 v3.1.0	microsoft_azure	SYSTEM AND INFORMATION INTEGRITY
2.7.1 (L1) Ensure 'Enable Google Cloud Print Proxy' is set to 'Disabled'	CIS Google Chrome L1 v3.0.0	Windows	CONFIGURATION MANAGEMENT
2.7.3 iCloud Drive	CIS Apple OSX 10.11 El Capitan L2 v1.1.0	Unix
2.7.3 iCloud Drive	CIS Apple macOS 10.12 L2 v1.2.0	Unix	ACCESS CONTROL
2.7.3 iCloud Drive	CIS Apple OSX 10.10 Yosemite L2 v1.2.0	Unix
2.12 Ensure That Cloud DNS Logging Is Enabled for All VPC Networks	CIS Google Cloud Platform v3.0.0 L1	GCP	AUDIT AND ACCOUNTABILITY
2.21.3 Ensure 'Block Signing into Office' is set to Enabled (None allowed)	CIS Microsoft Office 2016 v1.1.0	Windows	ACCESS CONTROL
3.1.1.1 Ensure that Auto provisioning of 'Log Analytics agent for Azure VMs' is Set to 'On'	CIS Microsoft Azure Foundations v3.0.0 L1	microsoft_azure	RISK ASSESSMENT
5.2.2 Prefer using dedicated GCP Service Accounts and Workload Identity	CIS Google Kubernetes Engine (GKE) v1.7.0 L2	GCP	IDENTIFICATION AND AUTHENTICATION
5.6 Ensure alerts are enabled for malicious files detected by WildFire - log-type 'wildfire'	CIS Palo Alto Firewall 8 Benchmark L1 v1.0.0	Palo_Alto	AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY
5.10.1 Ensure Kubernetes Web UI is Disabled	CIS Google Kubernetes Engine (GKE) v1.7.0 L1	GCP	CONFIGURATION MANAGEMENT
6.2.2 Ensure That the 'Log_connections' Database Flag for Cloud SQL PostgreSQL Instance Is Set to 'On'	CIS Google Cloud Platform v3.0.0 L1	GCP	AUDIT AND ACCOUNTABILITY
6.2.3 Ensure That the 'Log_disconnections' Database Flag for Cloud SQL PostgreSQL Instance Is Set to 'On'	CIS Google Cloud Platform v3.0.0 L1	GCP	AUDIT AND ACCOUNTABILITY
6.2.4 Ensure 'Log_statement' Database Flag for Cloud SQL PostgreSQL Instance Is Set Appropriately	CIS Google Cloud Platform v3.0.0 L2	GCP	AUDIT AND ACCOUNTABILITY
6.3.7 Ensure that the 'contained database authentication' database flag for Cloud SQL on the SQL Server instance is not set to 'on'	CIS Google Cloud Platform v3.0.0 L1	GCP	ACCESS CONTROL, MEDIA PROTECTION
18.9.52.1 Ensure 'Prevent the usage of OneDrive for file storage' is set to 'Enabled'	CIS Windows 7 Workstation Level 1 v3.2.0	Windows	ACCESS CONTROL
18.9.58.1 (L1) Ensure 'Prevent the usage of OneDrive for file storage' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
18.10.50.1 (L1) Ensure 'Prevent the usage of OneDrive for file storage' is set to 'Enabled'	CIS Microsoft Windows 11 Stand-alone v3.0.0 L1	Windows	CONFIGURATION MANAGEMENT
18.10.50.1 (L1) Ensure 'Prevent the usage of OneDrive for file storage' is set to 'Enabled'	CIS Microsoft Windows Server 2016 v3.0.0 L1 DC	Windows	CONFIGURATION MANAGEMENT
18.10.50.1 Ensure 'Prevent the usage of OneDrive for file storage' is set to 'Enabled'	CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 Domain Controller	Windows	CONFIGURATION MANAGEMENT
18.10.50.1 Ensure 'Prevent the usage of OneDrive for file storage' is set to 'Enabled'	CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 MS	Windows	CONFIGURATION MANAGEMENT
18.10.51.1 (L1) Ensure 'Prevent the usage of OneDrive for file storage' is set to 'Enabled'	CIS Windows Server 2012 MS L1 v3.0.0	Windows	ACCESS CONTROL
18.10.51.1 (L1) Ensure 'Prevent the usage of OneDrive for file storage' is set to 'Enabled'	CIS Windows Server 2012 DC L1 v3.0.0	Windows	ACCESS CONTROL
18.10.51.1 (L1) Ensure 'Prevent the usage of OneDrive for file storage' is set to 'Enabled'	CIS Windows Server 2012 R2 DC L1 v3.0.0	Windows	ACCESS CONTROL
18.10.51.1 (L1) Ensure 'Prevent the usage of OneDrive for file storage' is set to 'Enabled'	CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker	Windows	CONFIGURATION MANAGEMENT
67.3 (L2) Ensure 'Disable One Drive File Sync' is set to 'Sync Disabled'	CIS Microsoft Intune for Windows 11 v3.0.1 L2	Windows	CONFIGURATION MANAGEMENT
AIOS-02-080004 - Apple iOS must not allow backup to remote systems (iCloud Keychain).	MobileIron - DISA Apple iOS 10 v1r3	MDM	ACCESS CONTROL, CONFIGURATION MANAGEMENT
AIOS-13-004200 - Apple iOS/iPadOS must not allow backup to remote systems (iCloud document and data synchronization).	AirWatch - DISA Apple iOS/iPadOS 13 v2r1	MDM	CONFIGURATION MANAGEMENT
APPL-13-002035 - The macOS system must be configured to disable the Cloud Setup services.	DISA STIG Apple macOS 13 v1r5	Unix	CONFIGURATION MANAGEMENT
ARDC-CL-000065 - Adobe Reader DC must disable Cloud Synchronization.	DISA STIG Adobe Acrobat Reader DC Classic Track v2r1	Windows	CONFIGURATION MANAGEMENT
ARDC-CN-000065 - Adobe Reader DC must disable Cloud Synchronization.	DISA STIG Adobe Acrobat Reader DC Continuous Track v2r1	Windows	CONFIGURATION MANAGEMENT
Do not suggest third-party content in Windows spotlight	MSCT Windows 10 1909 v1.0.0	Windows	CONFIGURATION MANAGEMENT
Do not suggest third-party content in Windows spotlight	MSCT Windows 10 1809 v1.0.0	Windows	CONFIGURATION MANAGEMENT
Do not suggest third-party content in Windows spotlight	MSCT Windows 10 1903 v1.19.9	Windows	CONFIGURATION MANAGEMENT
Do not suggest third-party content in Windows spotlight	MSCT Windows 11 v23H2 v1.0.0	Windows	CONFIGURATION MANAGEMENT
DTOO414 - Roaming settings must be stored locally and not synchronized to the Microsoft Office roaming settings web service.	DISA STIG Microsoft Office System 2013 v2r2	Windows	CONFIGURATION MANAGEMENT
GOOG-10-003900 - Google Android 10 must be configured to not allow backup of all applications and configuration data to remote systems.	AirWatch - DISA Google Android 10.x v2r1	MDM	ACCESS CONTROL
HONW-09-003900 - The Honeywell Mobility Edge Android Pie device must be configured to not allow backup of all applications and configuration data to remote systems.	AirWatch - DISA Honeywell Android 9.x COPE v1r2	MDM	ACCESS CONTROL
HONW-09-003900 - The Honeywell Mobility Edge Android Pie device must be configured to not allow backup of all applications and configuration data to remote systems.	MobileIron - DISA Honeywell Android 9.x COPE v1r2	MDM	ACCESS CONTROL
MOTS-11-003900 - Motorola Solutions Android 11 must be configured to not allow backup of all applications and configuration data to remote systems.	MobileIron - DISA Motorola Solutions Android 11 COBO v1r3	MDM	ACCESS CONTROL
MS.AAD.2.1v1 - Users detected as high risk SHALL be blocked.	CISA SCuBA Microsoft 365 Entra ID v1.5.0	microsoft_azure	ACCESS CONTROL, SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY
MS.AAD.2.3v1 - Sign-ins detected as high risk SHALL be blocked.	CISA SCuBA Microsoft 365 Entra ID v1.5.0	microsoft_azure	ACCESS CONTROL, SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY
MSFT-11-003900 - Microsoft Android 11 must be configured to not allow backup of all applications and configuration data to remote systems.	AirWatch - DISA Microsoft Android 11 COPE v1r2	MDM	SYSTEM AND COMMUNICATIONS PROTECTION
Turn off Microsoft consumer experiences	MSCT Windows 10 v21H2 v1.0.0	Windows	CONFIGURATION MANAGEMENT
Turn off Microsoft consumer experiences	MSCT Windows 11 v22H2 v1.0.0	Windows	CONFIGURATION MANAGEMENT
Turn off Microsoft consumer experiences	MSCT Windows 10 1809 v1.0.0	Windows	CONFIGURATION MANAGEMENT
Turn off Microsoft consumer experiences	MSCT Windows 10 v2004 v1.0.0	Windows	CONFIGURATION MANAGEMENT
ZEBR-11-003900 - Zebra Android 11 must be configured to not allow backup of all applications and configuration data to remote systems.	AirWatch - DISA Zebra Android 11 COBO v1r3	MDM	ACCESS CONTROL

Detections

Analytics

Item Search