Item Search

NameAudit NamePluginCategory
1.1 Verify all Apple provided software is currentCIS Apple OSX 10.9 L1 v1.3.0Unix

SYSTEM AND INFORMATION INTEGRITY

1.3 Disable MariaDB Command History - .mysql_historyCIS MariaDB 10.6 on Linux L2 v1.1.0Unix

MEDIA PROTECTION

1.3 Enable app update installsCIS Apple OSX 10.9 L1 v1.3.0Unix

SYSTEM AND INFORMATION INTEGRITY

1.4 Enable system data files and security update installs - ConfigDataInstallCIS Apple OSX 10.9 L1 v1.3.0Unix

SYSTEM AND INFORMATION INTEGRITY

2.1.1 Disable Bluetooth, if no paired devices existCIS Apple OSX 10.9 L1 v1.3.0Unix
2.1.1 Turn off Bluetooth, if no paired devices existCIS Apple OSX 10.9 L1 v1.3.0Unix
2.2.2 Ensure time set is within appropriate limitsCIS Apple OSX 10.9 L1 v1.3.0Unix

CONFIGURATION MANAGEMENT

2.2.3 Restrict NTP server to loopback interfaceCIS Apple OSX 10.9 L1 v1.3.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

2.3.1 Set an inactivity interval of 20 minutes or less for the screen saverCIS Apple OSX 10.9 L1 v1.3.0Unix

ACCESS CONTROL

2.6.1 Enable FileVault - Encryption TypeCIS Apple OSX 10.9 L1 v1.3.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

2.6.3 Enable FirewallCIS Apple OSX 10.9 L1 v1.3.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

2.8 Ensure Socket Peer-Credential Authentication is Used AppropriatelyCIS MariaDB 10.6 on Linux L2 v1.1.0Unix

CONFIGURATION MANAGEMENT

2.8.2 Time Machine Volumes Are EncryptedCIS Apple OSX 10.9 L1 v1.3.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

2.9 Ensure MariaDB is Bound to an IP AddressCIS MariaDB 10.6 on Linux L2 v1.1.0Unix

PLANNING, SYSTEM AND SERVICES ACQUISITION

2.11 Require Client-Side Certificates (X.509)CIS MariaDB 10.6 on Linux L2 v1.1.0Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.1.1 Retain system.log for 90 or more daysCIS Apple OSX 10.9 L1 v1.3.0Unix

AUDIT AND ACCOUNTABILITY

3.1.3 Retain authd.log for 90 or more daysCIS Apple OSX 10.9 L1 v1.3.0Unix

AUDIT AND ACCOUNTABILITY

3.2 Enable security auditingCIS Apple OSX 10.9 L1 v1.3.0Unix

AUDIT AND ACCOUNTABILITY

3.3 Configure Security Auditing Flags - 'audit successful/failed administrative events'CIS Apple OSX 10.9 L1 v1.3.0Unix

AUDIT AND ACCOUNTABILITY

3.3 Configure Security Auditing Flags - 'audit successful/failed file deletion events'CIS Apple OSX 10.9 L1 v1.3.0Unix

AUDIT AND ACCOUNTABILITY

4.3 Ensure 'allow-suspicious-udfs' is Set to 'OFF'CIS MariaDB 10.6 on Linux L2 v1.1.0Unix

PLANNING, SYSTEM AND SERVICES ACQUISITION

4.4 Ensure http server is not runningCIS Apple OSX 10.9 L1 v1.3.0Unix

CONFIGURATION MANAGEMENT

4.8 Ensure 'sql_mode' Contains 'STRICT_ALL_TABLES'CIS MariaDB 10.6 on Linux L2 v1.1.0Unix

PLANNING, SYSTEM AND SERVICES ACQUISITION

5.1.1 Secure Home FoldersCIS Apple OSX 10.9 L1 v1.3.0Unix

CONFIGURATION MANAGEMENT

5.1.2 Repair permissions regularly to ensure binaries and other System files have appropriate permissionsCIS Apple OSX 10.9 L1 v1.3.0Unix

CONFIGURATION MANAGEMENT

5.1.3 Check System Wide Applications for appropriate permissionsCIS Apple OSX 10.9 L1 v1.3.0Unix

ACCESS CONTROL

5.1.4 Check System folder for world writable filesCIS Apple OSX 10.9 L1 v1.3.0Unix

ACCESS CONTROL

5.2.1 Configure account lockout thresholdCIS Apple OSX 10.9 L1 v1.3.0Unix

ACCESS CONTROL

5.2.2 Set a minimum password lengthCIS Apple OSX 10.9 L1 v1.3.0Unix

IDENTIFICATION AND AUTHENTICATION

5.3 Reduce the sudo timeout periodCIS Apple OSX 10.9 L1 v1.3.0Unix

ACCESS CONTROL

5.7 Do not enable the "root" accountCIS Apple OSX 10.9 L1 v1.3.0Unix

ACCESS CONTROL

5.8 Disable automatic loginCIS Apple OSX 10.9 L1 v1.3.0Unix

ACCESS CONTROL

5.10 Require an administrator password to access system-wide preferencesCIS Apple OSX 10.9 L1 v1.3.0Unix

CONFIGURATION MANAGEMENT

5.12 Create a custom message for the Login ScreenCIS Apple OSX 10.9 L1 v1.3.0Unix

ACCESS CONTROL

6.1.1 Display login window as name and passwordCIS Apple OSX 10.9 L1 v1.3.0Unix

ACCESS CONTROL

6.1.2 Disable "Show password hints"CIS Apple OSX 10.9 L1 v1.3.0Unix

IDENTIFICATION AND AUTHENTICATION

6.1.3 Disable guest account loginCIS Apple OSX 10.9 L1 v1.3.0Unix

ACCESS CONTROL

6.3 Ensure 'log_warnings' is Set to '2'CIS MariaDB 10.6 on Linux L2 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

6.4 Ensure Audit Logging Is EnabledCIS MariaDB 10.6 on Linux L2 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

6.12 Set EEPROM Security Mode and Log Failed Access - SPARC only. Should *not* be 'security-mode=none'.CIS Solaris 10 L1 v5.2Unix

ACCESS CONTROL

7.3 Set Strong Password Creation Policies - Check HISTORY is set to 10CIS Solaris 10 L1 v5.2Unix

IDENTIFICATION AND AUTHENTICATION

7.6 Set Default umask for Users - Check if 'umask' is set to 077 - Check /etc/.login.CIS Solaris 10 L1 v5.2Unix

ACCESS CONTROL

8.2 Create Warning Banner for CDE Users - Check if 'Dtlogin*greeting.persLabelString' is not set to default string.CIS Solaris 10 L1 v5.2Unix

ACCESS CONTROL

8.2 Create Warning Banner for CDE Users - Check if 'Dtlogin*greeting.persLabelString' is set appropriately.CIS Solaris 10 L1 v5.2Unix

ACCESS CONTROL

AIOS-17-012650 - Apple iOS/iPadOS 17 must implement the management setting: approved Apple Watches must be managed by an MDM.MobileIron - DISA Apple iOS/iPadOS 17 v2r1MDM

ACCESS CONTROL, CONFIGURATION MANAGEMENT

allow-suspicious-udfs option fileCIS MariaDB 10.6 on Linux L2 v1.1.0Unix
CIS VMware ESXi 5.5 v1.2.0 Level 2CIS VMware ESXi 5.5 v1.2.0 Level 2VMware
NIST_macOS_Monterey_800-53r5_low_v1.0.0.audit from NIST macOS Monterey v1.0.0NIST macOS Monterey v1.0.0 - 800-53r5 LowUnix
NIST_macOS_Monterey_800-53r5_moderate_v1.0.0.audit from NIST macOS Monterey v1.0.0NIST macOS Monterey v1.0.0 - 800-53r5 ModerateUnix
NIST_macOS_Monterey_All_Profiles_v1.0.0.audit from NIST macOS Monterey v1.0.0NIST macOS Monterey v1.0.0 - All ProfilesUnix