Item Search

NameAudit NamePluginCategory
1.5 Ensure That Service Account Has No Admin PrivilegesCIS Google Cloud Platform v3.0.0 L1GCP

ACCESS CONTROL

1.10 Ensure KMS Encryption Keys Are Rotated Within a Period of 90 DaysCIS Google Cloud Platform v3.0.0 L1GCP

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.12 Ensure API Keys Only Exist for Active ServicesCIS Google Cloud Platform v3.0.0 L2GCP

PLANNING, SYSTEM AND SERVICES ACQUISITION

1.15 Ensure API Keys Are Rotated Every 90 DaysCIS Google Cloud Platform v3.0.0 L2GCP

PLANNING, SYSTEM AND SERVICES ACQUISITION

2.8 Ensure That the Log Metric Filter and Alerts Exist for VPC Network Route ChangesCIS Google Cloud Platform v3.0.0 L2GCP

AUDIT AND ACCOUNTABILITY

4.2.8 Ensure that the --hostname-override argument is not setCIS Kubernetes v1.23 Benchmark v1.0.1 L1 WorkerUnix

CONFIGURATION MANAGEMENT

4.2.8 Ensure that the --hostname-override argument is not setCIS Kubernetes v1.24 Benchmark v1.0.0 L1 WorkerUnix

CONFIGURATION MANAGEMENT

4.4.1 Consider external secret storageCIS Google Kubernetes Engine (GKE) Autopilot v1.1.0 L2GCP

SYSTEM AND COMMUNICATIONS PROTECTION

4.4.2 Consider external secret storageCIS Google Kubernetes Engine (GKE) v1.7.0 L2GCP

SYSTEM AND COMMUNICATIONS PROTECTION

4.12 Ensure the Latest Operating System Updates Are Installed On Your Virtual Machines in All ProjectsCIS Google Cloud Platform v3.0.0 L2GCP

SYSTEM AND SERVICES ACQUISITION

5.4.2 Consider external secret storageCIS Kubernetes v1.10.0 L2 MasterUnix

CONFIGURATION MANAGEMENT

6.2.8 Ensure That 'cloudsql.enable_pgaudit' Database Flag for each Cloud Sql Postgresql Instance Is Set to 'on' For Centralized LoggingCIS Google Cloud Platform v3.0.0 L1GCP

AUDIT AND ACCOUNTABILITY

6.3.2 Ensure that the 'cross db ownership chaining' database flag for Cloud SQL SQL Server instance is set to 'off'CIS Google Cloud Platform v3.0.0 L1GCP

ACCESS CONTROL, MEDIA PROTECTION

7.2 Ensure That All BigQuery Tables Are Encrypted With Customer-Managed Encryption Key (CMEK)CIS Google Cloud Platform v3.0.0 L2GCP

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.4 Ensure all data in BigQuery has been classifiedCIS Google Cloud Platform v3.0.0 L2GCP

AUDIT AND ACCOUNTABILITY, RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

18.10.40.1 Ensure 'Allow Message Service Cloud Sync' is set to 'Disabled'CIS Microsoft Windows Server 2016 STIG v3.0.0 L2 MSWindows

CONFIGURATION MANAGEMENT

18.10.40.1 Ensure 'Allow Message Service Cloud Sync' is set to 'Disabled'CIS Microsoft Windows Server 2019 STIG v3.0.0 L2 MSWindows

CONFIGURATION MANAGEMENT

18.10.40.1 Ensure 'Allow Message Service Cloud Sync' is set to 'Disabled'CIS Microsoft Windows Server 2022 STIG v2.0.0 L2 Member ServerWindows

CONFIGURATION MANAGEMENT

AIOS-13-011300 - Apple iOS/iPadOS must implement the management setting: Disable Allow Shared Albums.AirWatch - DISA Apple iOS/iPadOS 13 v2r1MDM

CONFIGURATION MANAGEMENT

AIOS-15-011100 - Apple iOS/iPadOS 15 must implement the management setting: Disable Allow Shared Albums.AirWatch - DISA Apple iOS/iPadOS 14 v1r4MDM

CONFIGURATION MANAGEMENT

AIOS-16-011100 - Apple iOS/iPadOS 16 must implement the management setting: Disable Allow Shared Albums.AirWatch - DISA Apple iOS/iPadOS 16 v2r1MDM

CONFIGURATION MANAGEMENT

AIOS-17-003450 - Apple iOS/iPadOS 17 must not allow backup to remote systems (Cloud Photo Library).AirWatch - DISA Apple iOS/iPadOS 17 v2r1MDM

ACCESS CONTROL, CONFIGURATION MANAGEMENT

APPL-13-002037 - The macOS system must be configured to disable the Cloud Storage Setup services.DISA STIG Apple macOS 13 v1r5Unix

CONFIGURATION MANAGEMENT

Do not suggest third-party content in Windows spotlightMSCT Windows 10 v21H1 v1.0.0Windows

CONFIGURATION MANAGEMENT

Do not suggest third-party content in Windows spotlightMSCT Windows 10 1803 v1.0.0Windows

CONFIGURATION MANAGEMENT

Do not suggest third-party content in Windows spotlightMSCT Windows 10 v20H2 v1.0.0Windows

CONFIGURATION MANAGEMENT

GOOG-11-003900 - Google Android 11 must be configured to not allow backup of all applications and configuration data to remote systems.MobileIron - DISA Google Android 11 COBO v2r1MDM

ACCESS CONTROL

GOOG-12-008600 - Google Android 12 must be configured to not allow backup of [all applications, configuration data] to remote systems.AirWatch - DISA Google Android 12 COPE v1r2MDM

SYSTEM AND COMMUNICATIONS PROTECTION

GOOG-12-008600 - Google Android 12 must be configured to not allow backup of [all applications, configuration data] to remote systems.MobileIron - DISA Google Android 12 COPE v1r2MDM

SYSTEM AND COMMUNICATIONS PROTECTION

GOOG-12-008600 - Google Android 12 must be configured to not allow backup of [all applications, configuration data] to remote systems.AirWatch - DISA Google Android 12 COBO v1r2MDM

SYSTEM AND COMMUNICATIONS PROTECTION

GOOG-12-008600 - Google Android 12 must be configured to not allow backup of [all applications, configuration data] to remote systems.MobileIron - DISA Google Android 12 COBO v1r2MDM

SYSTEM AND COMMUNICATIONS PROTECTION

GOOG-13-008600 - Google Android 13 must be configured to not allow backup of [all applications, configuration data] to remote systems.AirWatch - DISA Google Android 13 COPE v2r1MDM

SYSTEM AND COMMUNICATIONS PROTECTION

GOOG-13-008600 - Google Android 13 must be configured to not allow backup of [all applications, configuration data] to remote systems.MobileIron - DISA Google Android 13 COPE v2r1MDM

SYSTEM AND COMMUNICATIONS PROTECTION

GOOG-13-008600 - Google Android 13 must be configured to not allow backup of [all applications, configuration data] to remote systems.AirWatch - DISA Google Android 13 COBO v2r1MDM

SYSTEM AND COMMUNICATIONS PROTECTION

GOOG-13-008600 - Google Android 13 must be configured to not allow backup of [all applications, configuration data] to remote systems.MobileIron - DISA Google Android 13 COBO v2r1MDM

SYSTEM AND COMMUNICATIONS PROTECTION

GOOG-13-708600 - Google Android 13 must be configured to not allow backup of all work profile applications to remote systems.AirWatch - DISA Google Android 13 BYOD v1r2MDM

SYSTEM AND COMMUNICATIONS PROTECTION

GOOG-14-008600 - Google Android 14 must be configured to not allow backup of [all applications, configuration data] to remote systems.AirWatch - DISA Google Android 14 COBO v2r1MDM

SYSTEM AND COMMUNICATIONS PROTECTION

GOOG-14-008600 - Google Android 14 must be configured to not allow backup of [all applications, configuration data] to remote systems.AirWatch - DISA Google Android 14 COPE v2r1MDM

SYSTEM AND COMMUNICATIONS PROTECTION

GOOG-14-008600 - Google Android 14 must be configured to not allow backup of [all applications, configuration data] to remote systems.MobileIron - DISA Google Android 14 COBO v2r1MDM

SYSTEM AND COMMUNICATIONS PROTECTION

GOOG-14-008600 - Google Android 14 must be configured to not allow backup of [all applications, configuration data] to remote systems.MobileIron - DISA Google Android 14 COPE v2r1MDM

SYSTEM AND COMMUNICATIONS PROTECTION

GOOG-14-708600 - Google Android 14 must be configured to not allow backup of all work profile applications to remote systems.AirWatch - DISA Google Android 14 BYOAD v1r1MDM

SYSTEM AND COMMUNICATIONS PROTECTION

GOOG-14-708600 - Google Android 14 must be configured to not allow backup of all work profile applications to remote systems.MobileIron - DISA Google Android 14 BYOAD v1r1MDM

SYSTEM AND COMMUNICATIONS PROTECTION

HONW-09-003900 - The Honeywell Mobility Edge Android Pie device must be configured to not allow backup of all applications and configuration data to remote systems.MobileIron - DISA Honeywell Android 9.x COBO v1r2MDM

ACCESS CONTROL

MSFT-11-003900 - Microsoft Android 11 must be configured to not allow backup of all applications and configuration data to remote systems.AirWatch - DISA Microsoft Android 11 COBO v1r2MDM

SYSTEM AND COMMUNICATIONS PROTECTION

MSFT-11-003900 - Microsoft Android 11 must be configured to not allow backup of all applications and configuration data to remote systems.MobileIron - DISA Microsoft Android 11 COBO v1r2MDM

SYSTEM AND COMMUNICATIONS PROTECTION

MSFT-11-003900 - Microsoft Android 11 must be configured to not allow backup of all applications and configuration data to remote systems.MobileIron - DISA Microsoft Android 11 COPE v1r2MDM

SYSTEM AND COMMUNICATIONS PROTECTION

WN10-CC-000197 - Microsoft consumer experiences must be turned off.DISA Windows 10 STIG v3r2Windows

CONFIGURATION MANAGEMENT

ZEBR-10-003900 - Zebra Android 10 must be configured to not allow backup of all applications and configuration data to remote systems.AirWatch - DISA Zebra Android 10 COPE v1r2MDM

ACCESS CONTROL

ZEBR-10-003900 - Zebra Android 10 must be configured to not allow backup of all applications and configuration data to remote systems.MobileIron - DISA Zebra Android 10 COPE v1r2MDM

ACCESS CONTROL

ZEBR-10-003900 - Zebra Android 10 must be configured to not allow backup of all applications and configuration data to remote systems.MobileIron - DISA Zebra Android 10 COBO v1r2MDM

ACCESS CONTROL