Item Search

Name	Audit Name	Plugin	Category
1.1.2 Ensure 'Login Banner' is set	CIS Palo Alto Firewall 10 v1.2.0 L1	Palo_Alto	AWARENESS AND TRAINING, PROGRAM MANAGEMENT
1.2.2 Ensure 'Permitted IP Addresses' is set for all management profiles where SSH, HTTPS, or SNMP is enabled	CIS Palo Alto Firewall 10 v1.2.0 L1	Palo_Alto	ACCESS CONTROL
1.3.2 Ensure 'Minimum Length' is greater than or equal to 12	CIS Palo Alto Firewall 10 v1.2.0 L1	Palo_Alto	IDENTIFICATION AND AUTHENTICATION
1.6.2 Ensure redundant NTP servers are configured appropriately	CIS Palo Alto Firewall 10 v1.2.0 L1	Palo_Alto	AUDIT AND ACCOUNTABILITY
2.3 Ensure that User-ID is only enabled for internal trusted interfaces	CIS Palo Alto Firewall 10 v1.2.0 L1	Palo_Alto	AUDIT AND ACCOUNTABILITY
2.5 Ensure that the User-ID Agent has minimal permissions if User-ID is enabled	CIS Palo Alto Firewall 10 v1.2.0 L1	Palo_Alto	ACCESS CONTROL
3.2 Ensure 'High Availability' requires Link Monitoring and/or Path Monitoring	CIS Palo Alto Firewall 10 v1.2.0 L1	Palo_Alto	SYSTEM AND INFORMATION INTEGRITY
4.2 Ensure 'Applications and Threats Update Schedule' is set to download and install updates at daily or shorter intervals	CIS Palo Alto Firewall 10 v1.2.0 L1	Palo_Alto	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
5.2 Ensure a WildFire Analysis profile is enabled for all security policies	CIS Palo Alto Firewall 10 v1.2.0 L1	Palo_Alto	SYSTEM AND INFORMATION INTEGRITY
5.2.3 Complex passwords must contain an Alphabetic Character - '1 letter'	CIS Apple OSX 10.10 Yosemite L1 v1.2.0	Unix	IDENTIFICATION AND AUTHENTICATION
5.2.4 Complex passwords must contain a Numeric Character - 'Numeric'	CIS Apple OSX 10.10 Yosemite L1 v1.2.0	Unix
5.3 Reduce the sudo timeout period	CIS Apple OSX 10.10 Yosemite L1 v1.2.0	Unix	ACCESS CONTROL
5.4 Ensure all WildFire session information settings are enabled	CIS Palo Alto Firewall 10 v1.2.0 L1	Palo_Alto	SYSTEM AND INFORMATION INTEGRITY
5.6 Ensure 'WildFire Update Schedule' is set to download and install updates in real-time	CIS Palo Alto Firewall 10 v1.2.0 L1	Palo_Alto	SYSTEM AND INFORMATION INTEGRITY
5.9 Require a password to wake the computer from sleep or screen saver	CIS Apple OSX 10.10 Yosemite L1 v1.2.0	Unix	ACCESS CONTROL
5.14 Do not enter a password-related hint	CIS Apple OSX 10.10 Yosemite L1 v1.2.0	Unix	IDENTIFICATION AND AUTHENTICATION
6.1 Ensure that antivirus profiles are set to reset-both on all decoders except 'imap' and 'pop3'	CIS Palo Alto Firewall 10 v1.2.0 L1	Palo_Alto	SYSTEM AND INFORMATION INTEGRITY
6.1.1 Display login window as name and password	CIS Apple OSX 10.10 Yosemite L1 v1.2.0	Unix	ACCESS CONTROL
6.1.4 Disable 'Allow guests to connect to shared folders' - AFP Sharing	CIS Apple OSX 10.10 Yosemite L1 v1.2.0	Unix	ACCESS CONTROL
6.3 Disable the automatic run of safe files in Safari	CIS Apple OSX 10.10 Yosemite L1 v1.2.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
6.11 Ensure all HTTP Header Logging options are enabled	CIS Palo Alto Firewall 10 v1.2.0 L1	Palo_Alto	AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION
18.10.9.3.15 (L1) Ensure 'Deny write access to removable drives not protected by BitLocker: Do not allow write access to devices configured in another organization' is set to 'Enabled: False'	CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1	Windows	MEDIA PROTECTION
18.10.10.3.4 (BL) Ensure 'Choose how BitLocker-protected removable drives can be recovered: Recovery Password' is set to 'Enabled: Do not allow 48-digit recovery password'	CIS Microsoft Windows 10 Enterprise v4.0.0 BL	Windows	MEDIA PROTECTION
18.10.10.3.4 (BL) Ensure 'Choose how BitLocker-protected removable drives can be recovered: Recovery Password' is set to 'Enabled: Do not allow 48-digit recovery password'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG	Windows	MEDIA PROTECTION
18.10.10.3.5 (BL) Ensure 'Choose how BitLocker-protected removable drives can be recovered: Recovery Key' is set to 'Enabled: Do not allow 256-bit recovery key'	CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker	Windows	MEDIA PROTECTION
18.10.10.3.7 (BL) Ensure 'Choose how BitLocker-protected removable drives can be recovered: Save BitLocker recovery information to AD DS for removable data drives' is set to 'Enabled: False'	CIS Microsoft Windows 10 Enterprise v4.0.0 BL	Windows	MEDIA PROTECTION
18.10.10.3.7 (BL) Ensure 'Choose how BitLocker-protected removable drives can be recovered: Save BitLocker recovery information to AD DS for removable data drives' is set to 'Enabled: False'	CIS Microsoft Windows 11 Enterprise v4.0.0 BitLocker	Windows	MEDIA PROTECTION
18.10.10.3.15 (BL) Ensure 'Deny write access to removable drives not protected by BitLocker: Do not allow write access to devices configured in another organization' is set to 'Enabled: False'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL	Windows	MEDIA PROTECTION
18.10.37.1 (L2) Ensure 'Turn off location' is set to 'Enabled'	CIS Microsoft Windows Server 2025 v1.0.0 L2 DC	Windows	CONFIGURATION MANAGEMENT
18.10.37.2 (L2) Ensure 'Turn off location' is set to 'Enabled'	CIS Windows Server 2012 R2 DC L2 v3.0.0	Windows	CONFIGURATION MANAGEMENT
CIS_Apache_Tomcat_10.1_v1.1.0_L1.audit from CIS Apache Tomcat 10.1 Benchmark v1.1.0	CIS Apache Tomcat 10.1 v1.1.0 L1	Unix
CIS_Apache_Tomcat_10.1_v1.1.0_L2.audit from CIS Apache Tomcat 10.1 Benchmark v1.1.0	CIS Apache Tomcat 10.1 v1.1.0 L2	Unix
CIS_Apple_macOS_10.14_v2.0.0_L1.audit from CIS Apple macOS 10.14 Benchmark v2.0.0	CIS Apple macOS 10.14 v2.0.0 L1	Unix
CIS_CentOS_6_v3.0.0_Workstation_L1.audit from CIS CentOS Linux 6 Benchmark v3.0.0	CIS CentOS 6 Workstation L1 v3.0.0	Unix
CIS_IBM_WebSphere_Liberty_v1.0.0_L2.audit from CIS IBM WebSphere Liberty Benchmark v1.0.0	CIS IBM WebSphere Liberty v1.0.0 L2	Unix
CIS_Microsoft_Exchange_Server_2019_v1.0.0_Level_1_Edge.audit from CIS Microsoft Exchange Server 2019 Benchmark v1.0.0	CIS Microsoft Exchange Server 2019 L1 Edge v1.0.0	Windows	SYSTEM AND INFORMATION INTEGRITY
CIS_MS_IIS_10_v1.2.1_Level_2.audit from CIS Microsoft IIS 10 Benchmark v1.2.1	CIS IIS 10 v1.2.1 Level 2	Windows
CIS_MySQL_5.6_Community_Benchmark_v2.0.0_LEVEL_1_DB.audit from CIS Oracle MySQL 5.6 Community Edition Benchmark	CIS MySQL 5.6 Community Database L1 v2.0.0	MySQLDB
CIS_MySQL_5.6_Enterprise_Benchmark_v2.0.0_LEVEL_2_DB.audit from CIS Oracle MySQL 5.6 Enterprise Edition Benchmark	CIS MySQL 5.6 Enterprise Database L2 v2.0.0	MySQLDB
CIS_MySQL_5.7_Community_Benchmark_v2.0.0_Level_2_DB.audit from CIS Oracle MySQL 5.7 Community Edition Benchmark	CIS MySQL 5.7 Community Database L2 v2.0.0	MySQLDB
CIS_MySQL_5.7_Enterprise_Benchmark_v2.0.0_Level_1_DB.audit from CIS Oracle MySQL 5.7 Enterprise Edition Benchmark	CIS MySQL 5.7 Enterprise Database L1 v2.0.0	MySQLDB
CIS_MySQL_8.0_Enterprise_Benchmark_v1.4.0_Level_2_OS_Linux.audit from CIS Oracle MySQL 8.0 Enterprise Edition Benchmark	CIS MySQL 8.0 Enterprise Linux OS L2 v1.4.0	Unix
CIS_PostgreSQL_14_v 1.2.0_L1_DB.audit from CIS PostgreSQL 14 Benchmark v 1.2.0	CIS PostgreSQL 14 DB v 1.2.0	PostgreSQLDB
CIS_PostgreSQL_14_v 1.2.0_L1_OS_Linux.audit from CIS PostgreSQL 14 Benchmark v 1.2.0	CIS PostgreSQL 14 OS v 1.2.0	Unix
CIS_SUSE_Linux_Enterprise_Server_11_v2.1.1_L1.audit from CIS SUSE Linux Enterprise 11 Benchmark	CIS SUSE Linux Enterprise Server 11 L1 v2.1.1	Unix
CIS_SUSE_Linux_Enterprise_Server_11_v2.1.1_L2.audit from CIS SUSE Linux Enterprise 11 Benchmark	CIS SUSE Linux Enterprise Server 11 L2 v2.1.1	Unix
CIS_SUSE_Linux_Enterprise_Workstation_11_v2.1.1_L1.audit from CIS SUSE Linux Enterprise 11 Benchmark	CIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1	Unix
CIS_Ubuntu_Linux_18.04_LTS_v2.2.0_L1_Workstation.audit from CIS Ubuntu Linux 18.04 LTS Benchmark v2.2.0	CIS Ubuntu Linux 18.04 LTS v2.2.0 L1 Workstation	Unix
CIS_Ubuntu_Linux_20.04_LTS_v3.0.0_L1_Workstation.audit from CIS Ubuntu Linux 20.04 LTS Benchmark v3.0.0	CIS Ubuntu Linux 20.04 LTS v3.0.0 L1 Workstation	Unix
CIS_Ubuntu_Linux_20.04_LTS_v3.0.0_L2_Workstation.audit from CIS Ubuntu Linux 20.04 LTS Benchmark v3.0.0	CIS Ubuntu Linux 20.04 LTS v3.0.0 L2 Workstation	Unix

Detections

Analytics

Item Search