Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.1.1 Syslog logging should be configuredCIS Palo Alto Firewall 10 v1.2.0 L1Palo_Alto

AUDIT AND ACCOUNTABILITY

1.2.4 Ensure HTTP and Telnet options are disabled for all management profilesCIS Palo Alto Firewall 10 v1.2.0 L1Palo_Alto

CONFIGURATION MANAGEMENT

1.3.3 Ensure 'Minimum Uppercase Letters' is greater than or equal to 1CIS Palo Alto Firewall 10 v1.2.0 L1Palo_Alto

IDENTIFICATION AND AUTHENTICATION

1.3.8 Ensure 'New Password Differs By Characters' is greater than or equal to 3CIS Palo Alto Firewall 10 v1.2.0 L1Palo_Alto

IDENTIFICATION AND AUTHENTICATION

1.3.9 Ensure 'Prevent Password Reuse Limit' is set to 24 or more passwordsCIS Palo Alto Firewall 10 v1.2.0 L1Palo_Alto

IDENTIFICATION AND AUTHENTICATION

1.3.10 Ensure 'Password Profiles' do not existCIS Palo Alto Firewall 10 v1.2.0 L1Palo_Alto

IDENTIFICATION AND AUTHENTICATION

1.5 Enable OS X update installsCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

SYSTEM AND INFORMATION INTEGRITY

1.5.1 Ensure 'V3' is selected for SNMP pollingCIS Palo Alto Firewall 10 v1.2.0 L1Palo_Alto

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.6.1 Ensure 'Verify Update Server Identity' is enabledCIS Palo Alto Firewall 10 v1.2.0 L1Palo_Alto

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

2.1 Ensure Authentication is configuredCIS MongoDB 5 L1 OS Linux v1.2.0Unix

IDENTIFICATION AND AUTHENTICATION

2.1.2 Disable Bluetooth 'Discoverable' mode when not pairing devicesCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

CONFIGURATION MANAGEMENT

2.3 Ensure authentication is enabled in the sharded cluster - clusterAuthModeCIS MongoDB 5 L2 OS Linux v1.2.0Unix

CONFIGURATION MANAGEMENT

2.3.2 Secure screen saver corners - bottom left cornerCIS Apple OSX 10.10 Yosemite L2 v1.2.0Unix

ACCESS CONTROL

2.3.2 Secure screen saver corners - top left cornerCIS Apple OSX 10.10 Yosemite L2 v1.2.0Unix

ACCESS CONTROL

2.4 Ensure that 'Include/Exclude Networks' is used if User-ID is enabledCIS Palo Alto Firewall 10 v1.2.0 L1Palo_Alto

CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION

2.4.1 Disable Remote Apple EventsCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

CONFIGURATION MANAGEMENT

2.4.6 Disable DVD or CD SharingCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

CONFIGURATION MANAGEMENT

2.4.8 Disable File Sharing - SMBCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

CONFIGURATION MANAGEMENT

2.4.9 Disable Remote Management - 'ARDAgent is not running'CIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

CONFIGURATION MANAGEMENT

2.7.1 iCloud configurationCIS Apple OSX 10.10 Yosemite L2 v1.2.0Unix
2.8 Ensure that security policies restrict User-ID Agent traffic from crossing into untrusted zonesCIS Palo Alto Firewall 10 v1.2.0 L1Palo_Alto

ACCESS CONTROL

2.11 Java 6 is not the default Java runtimeCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

CONFIGURATION MANAGEMENT

2.12 Configure Secure Empty TrashCIS Apple OSX 10.10 Yosemite L2 v1.2.0Unix

CONFIGURATION MANAGEMENT

4.1 Disable Bonjour advertising serviceCIS Apple OSX 10.10 Yosemite L2 v1.2.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

4.4 Ensure Federal Information Processing Standard (FIPS) is enabledCIS MongoDB 5 L2 OS Linux v1.2.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

5.1 Ensure that WildFire file size upload limits are maximizedCIS Palo Alto Firewall 10 v1.2.0 L1Palo_Alto

SYSTEM AND INFORMATION INTEGRITY

5.1.5 Check Library folder for world writable filesCIS Apple OSX 10.10 Yosemite L2 v1.2.0Unix

ACCESS CONTROL

5.4 Automatically lock the login keychain for inactivityCIS Apple OSX 10.10 Yosemite L2 v1.2.0Unix

IDENTIFICATION AND AUTHENTICATION

5.6 Enable OCSP and CRL certificate checking - CRLStyleCIS Apple OSX 10.10 Yosemite L2 v1.2.0Unix

IDENTIFICATION AND AUTHENTICATION

5.8 Ensure that 'Inline Cloud Analysis' on Wildfire profiles is enabledCIS Palo Alto Firewall 10 v1.2.0 L1Palo_Alto

SYSTEM AND INFORMATION INTEGRITY

5.13 Create a Login window bannerCIS Apple OSX 10.10 Yosemite L2 v1.2.0Unix

ACCESS CONTROL

5.16 Secure individual keychain and itemsCIS Apple OSX 10.10 Yosemite L2 v1.2.0Unix
6.1 Ensure that MongoDB uses a non-default portCIS MongoDB 5 L1 OS Linux v1.2.0Unix

SYSTEM AND INFORMATION INTEGRITY

6.3 Ensure that server-side scripting is disabled if not neededCIS MongoDB 5 L2 OS Linux v1.2.0Unix

SYSTEM AND INFORMATION INTEGRITY

6.4 Safari disable Internet Plugins for global useCIS Apple OSX 10.10 Yosemite L2 v1.2.0Unix

CONFIGURATION MANAGEMENT

6.5 Use parental controls for systems that are not centrally managedCIS Apple OSX 10.10 Yosemite L2 v1.2.0Unix
6.8 Ensure that PAN-DB URL Filtering is usedCIS Palo Alto Firewall 10 v1.2.0 L1Palo_Alto

SYSTEM AND COMMUNICATIONS PROTECTION

6.9 Ensure that URL Filtering uses the action of 'block' or 'override' on the URL categoriesCIS Palo Alto Firewall 10 v1.2.0 L1Palo_Alto

SYSTEM AND COMMUNICATIONS PROTECTION

6.15 Ensure that a Zone Protection Profile with an enabled SYN Flood Action of SYN Cookies is attached to all untrusted zonesCIS Palo Alto Firewall 10 v1.2.0 L1Palo_Alto

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

6.20 Ensure that 'Wildfire Inline ML Action' on antivirus profiles are set to reset-both on all decoders except 'imap' and 'pop3'CIS Palo Alto Firewall 10 v1.2.0 L1Palo_Alto

SYSTEM AND INFORMATION INTEGRITY

7.1 Ensure appropriate key file permissions are set - PEMKeyFileCIS MongoDB 5 L1 OS Linux v1.2.0Unix

IDENTIFICATION AND AUTHENTICATION

8.3 Ensure that the Certificate used for Decryption is TrustedCIS Palo Alto Firewall 10 v1.2.0 L1Palo_Alto

CONFIGURATION MANAGEMENT

8.4.8 Disable Unity TaskbarCIS VMware ESXi 5.5 v1.2.0 Level 2VMware

CONFIGURATION MANAGEMENT

8.5.1 Prevent virtual machines from taking over resources - CPU Share LevelCIS VMware ESXi 5.5 v1.2.0 Level 2VMware

SYSTEM AND COMMUNICATIONS PROTECTION

Anti-Spyware Profile DNS Security Command and Control DomainsCIS Palo Alto Firewall 10 v1.2.0 L1Palo_Alto
Anti-Spyware Profile DNS SinkholeCIS Palo Alto Firewall 10 v1.2.0 L1Palo_Alto
Check that User ID is enabled on any profileCIS Palo Alto Firewall 10 v1.2.0 L1Palo_Alto
configurationCIS Palo Alto Firewall 10 v1.2.0 L2Palo_Alto
Mac OSX 10.10 Yosemite is installedCIS Apple OSX 10.10 Yosemite L2 v1.2.0Unix
PoliciesCIS Palo Alto Firewall 10 v1.2.0 L1Palo_Alto