Item Search

NameAudit NamePluginCategory
1.4.1 Ensure 'Idle timeout' is less than or equal to 10 minutes for device managementCIS Palo Alto Firewall 10 v1.2.0 L1Palo_Alto

ACCESS CONTROL

1.4.2 Ensure 'Failed Attempts' and 'Lockout Time' for Authentication Profile are properly configuredCIS Palo Alto Firewall 10 v1.2.0 L1Palo_Alto

ACCESS CONTROL

2.3.4 Set a screen corner to Start Screen SaverCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

ACCESS CONTROL

2.4.2 Disable Internet SharingCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

CONFIGURATION MANAGEMENT

2.4.8 Disable File Sharing - AppleFileServerCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

CONFIGURATION MANAGEMENT

2.6 Ensure that the User-ID service account does not have interactive logon rightsCIS Palo Alto Firewall 10 v1.2.0 L1Palo_Alto

ACCESS CONTROL

2.9 Pair the remote control infrared receiver if enabled - 'UIDFilter != none'CIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

ACCESS CONTROL

3.1 Ensure detailed logging is enabledCIS NGINX Benchmark v2.1.0 L1 ProxyUnix

AUDIT AND ACCOUNTABILITY

3.3 Configure Security Auditing Flags - 'audit all failed events across all audit classes'CIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

AUDIT AND ACCOUNTABILITY

3.3 Configure Security Auditing Flags - 'audit successful/failed file attribute modification events'CIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

AUDIT AND ACCOUNTABILITY

3.3 Configure Security Auditing Flags - 'audit successful/failed login/logout events'CIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

AUDIT AND ACCOUNTABILITY

3.3 Ensure 'Passive Link State' and 'Preemptive' are configured appropriatelyCIS Palo Alto Firewall 10 v1.2.0 L1Palo_Alto

SYSTEM AND INFORMATION INTEGRITY

3.5 Retain install.log for 365 or more daysCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

AUDIT AND ACCOUNTABILITY

4.2 Enable 'Show Wi-Fi status in menu bar'CIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

CONFIGURATION MANAGEMENT

4.5 Ensure ftp server is not runningCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

CONFIGURATION MANAGEMENT

5.2.1 Configure account lockout thresholdCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

ACCESS CONTROL

5.2.5 Complex passwords must contain a Special CharacterCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

IDENTIFICATION AND AUTHENTICATION

5.2.6 Complex passwords must contain uppercase and lowercase lettersCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix
5.2.8 Password HistoryCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

IDENTIFICATION AND AUTHENTICATION

5.3 Ensure forwarding of decrypted content to WildFire is enabledCIS Palo Alto Firewall 10 v1.2.0 L1Palo_Alto

SYSTEM AND INFORMATION INTEGRITY

5.7 Do not enable the 'root' accountCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

ACCESS CONTROL

6.1.2 Disable 'Show password hints'CIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

IDENTIFICATION AND AUTHENTICATION

6.1.4 Disable 'Allow guests to connect to shared folders' - SMB SharingCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

ACCESS CONTROL

6.5 Ensure a secure anti-spyware profile is applied to all security policies permitting traffic to the InternetCIS Palo Alto Firewall 10 v1.2.0 L1Palo_Alto

SYSTEM AND INFORMATION INTEGRITY

6.6 Ensure a Vulnerability Protection Profile is set to block attacks against critical and high vulnerabilities, and set to default on medium, low, and informational vulnerabilitiesCIS Palo Alto Firewall 10 v1.2.0 L1Palo_Alto

RISK ASSESSMENT

6.7 Ensure a secure Vulnerability Protection Profile is applied to all security rules allowing trafficCIS Palo Alto Firewall 10 v1.2.0 L1Palo_Alto

RISK ASSESSMENT

6.18 Ensure all zones have Zone Protection Profiles that drop specially crafted packetsCIS Palo Alto Firewall 10 v1.2.0 L1Palo_Alto

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

6.22 Ensure that 'Inline Cloud Analysis' on Vulnerability Protection profiles are enabled if 'Advanced Threat Prevention' is availableCIS Palo Alto Firewall 10 v1.2.0 L1Palo_Alto

RISK ASSESSMENT

6.23 Ensure that 'Cloud Inline Categorization' on URL Filtering profiles are enabled if 'Advanced Threat Prevention' is availableCIS Palo Alto Firewall 10 v1.2.0 L1Palo_Alto

SYSTEM AND COMMUNICATIONS PROTECTION

7.1 Ensure application security policies exist when allowing traffic from an untrusted zone to a more trusted zoneCIS Palo Alto Firewall 10 v1.2.0 L1Palo_Alto

ACCESS CONTROL, MEDIA PROTECTION

7.3 Ensure 'Security Policy' denying any/all traffic to/from IP addresses on Trusted Threat Intelligence Sources ExistsCIS Palo Alto Firewall 10 v1.2.0 L1Palo_Alto

ACCESS CONTROL, MEDIA PROTECTION

7.4 Ensure that logging is enabled on built-in default security policiesCIS Palo Alto Firewall 10 v1.2.0 L1Palo_Alto

SYSTEM AND INFORMATION INTEGRITY

8.2 Ensure 'SSL Inbound Inspection' is required for all untrusted traffic destined for servers using SSL or TLSCIS Palo Alto Firewall 10 v1.2.0 L1Palo_Alto

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

CIS_Apache_Tomcat_10.1_v1.1.0_L1.audit from CIS Apache Tomcat 10.1 Benchmark v1.1.0CIS Apache Tomcat 10.1 v1.1.0 L1Unix
CIS_Apache_Tomcat_10.1_v1.1.0_L2.audit from CIS Apache Tomcat 10.1 Benchmark v1.1.0CIS Apache Tomcat 10.1 v1.1.0 L2Unix
CIS_Apple_macOS_10.14_v2.0.0_L1.audit from CIS Apple macOS 10.14 Benchmark v2.0.0CIS Apple macOS 10.14 v2.0.0 L1Unix
CIS_CentOS_6_v3.0.0_Workstation_L1.audit from CIS CentOS Linux 6 Benchmark v3.0.0CIS CentOS 6 Workstation L1 v3.0.0Unix
CIS_IBM_WebSphere_Liberty_v1.0.0_L2.audit from CIS IBM WebSphere Liberty Benchmark v1.0.0CIS IBM WebSphere Liberty v1.0.0 L2Unix
CIS_Microsoft_Exchange_Server_2019_v1.0.0_Level_1_Edge.audit from CIS Microsoft Exchange Server 2019 Benchmark v1.0.0CIS Microsoft Exchange Server 2019 L1 Edge v1.0.0Windows

SYSTEM AND INFORMATION INTEGRITY

CIS_MS_IIS_10_v1.2.1_Level_2.audit from CIS Microsoft IIS 10 Benchmark v1.2.1CIS IIS 10 v1.2.1 Level 2Windows
CIS_MySQL_5.6_Community_Benchmark_v2.0.0_LEVEL_1_DB.audit from CIS Oracle MySQL 5.6 Community Edition BenchmarkCIS MySQL 5.6 Community Database L1 v2.0.0MySQLDB
CIS_MySQL_5.6_Enterprise_Benchmark_v2.0.0_LEVEL_2_DB.audit from CIS Oracle MySQL 5.6 Enterprise Edition BenchmarkCIS MySQL 5.6 Enterprise Database L2 v2.0.0MySQLDB
CIS_MySQL_5.7_Community_Benchmark_v2.0.0_Level_2_DB.audit from CIS Oracle MySQL 5.7 Community Edition BenchmarkCIS MySQL 5.7 Community Database L2 v2.0.0MySQLDB
CIS_MySQL_5.7_Enterprise_Benchmark_v2.0.0_Level_1_DB.audit from CIS Oracle MySQL 5.7 Enterprise Edition BenchmarkCIS MySQL 5.7 Enterprise Database L1 v2.0.0MySQLDB
CIS_MySQL_8.0_Enterprise_Benchmark_v1.4.0_Level_2_OS_Linux.audit from CIS Oracle MySQL 8.0 Enterprise Edition BenchmarkCIS MySQL 8.0 Enterprise Linux OS L2 v1.4.0Unix
CIS_PostgreSQL_14_v 1.2.0_L1_DB.audit from CIS PostgreSQL 14 Benchmark v 1.2.0CIS PostgreSQL 14 DB v 1.2.0PostgreSQLDB
CIS_PostgreSQL_14_v 1.2.0_L1_OS_Linux.audit from CIS PostgreSQL 14 Benchmark v 1.2.0CIS PostgreSQL 14 OS v 1.2.0Unix
CIS_SUSE_Linux_Enterprise_Server_11_v2.1.1_L1.audit from CIS SUSE Linux Enterprise 11 BenchmarkCIS SUSE Linux Enterprise Server 11 L1 v2.1.1Unix
CIS_SUSE_Linux_Enterprise_Server_11_v2.1.1_L2.audit from CIS SUSE Linux Enterprise 11 BenchmarkCIS SUSE Linux Enterprise Server 11 L2 v2.1.1Unix
CIS_SUSE_Linux_Enterprise_Workstation_11_v2.1.1_L1.audit from CIS SUSE Linux Enterprise 11 BenchmarkCIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1Unix