Item Search

Name	Audit Name	Plugin	Category
1.1.2.5.3 Ensure nosuid option set on /var/tmp partition	CIS Debian Linux 12 v1.0.1 L1 Server	Unix	ACCESS CONTROL, MEDIA PROTECTION
1.1.2.5.4 Ensure noexec option set on /var/tmp partition	CIS Debian Linux 12 v1.0.1 L1 Server	Unix	ACCESS CONTROL, MEDIA PROTECTION
1.1.3.1 Ensure separate partition exists for /var	CIS Amazon Linux 2023 Server L2 v1.0.0	Unix	ACCESS CONTROL, MEDIA PROTECTION
1.3.1.2 Ensure AppArmor is enabled in the bootloader configuration	CIS Debian Linux 12 v1.0.1 L1 Server	Unix	ACCESS CONTROL, MEDIA PROTECTION
1.3.1.4 Ensure all AppArmor Profiles are enforcing	CIS Debian Linux 11 v2.0.0 L2 Workstation	Unix	ACCESS CONTROL, MEDIA PROTECTION
1.6.5 Ensure access to /etc/issue is configured	CIS Debian Linux 12 v1.0.1 L1 Server	Unix	ACCESS CONTROL, MEDIA PROTECTION
1.6.6 Ensure access to /etc/issue.net is configured	CIS Debian Linux 12 v1.0.1 L1 Server	Unix	ACCESS CONTROL, MEDIA PROTECTION
2.2.1.9 Ensure 'Allow documents from unmanaged sources in managed destinations' is set to 'Disabled'	MobileIron - CIS Apple iPadOS 17 v1.1.0 End User Owned L1	MDM	ACCESS CONTROL, MEDIA PROTECTION
2.2.1.10 Ensure 'Treat AirDrop as unmanaged destination' is set to 'Enabled'	MobileIron - CIS Apple iOS 17 v1.1.0 End User Owned L1	MDM	ACCESS CONTROL, MEDIA PROTECTION
2.2.1.10 Ensure 'Treat AirDrop as unmanaged destination' is set to 'Enabled'	AirWatch - CIS Apple iPadOS 17 v1.1.0 End User Owned L1	MDM	ACCESS CONTROL, MEDIA PROTECTION
2.2.1.11 Ensure 'Allow Handoff' is set to 'Disabled'	MobileIron - CIS Apple iPadOS 17 v1.1.0 End User Owned L2	MDM	ACCESS CONTROL, MEDIA PROTECTION
2.2.1.13 Ensure 'Force Apple Watch wrist detection' is set to 'Enabled'	AirWatch - CIS Apple iOS 17 Benchmark v1.1.0 End User Owned L1	MDM	ACCESS CONTROL, MEDIA PROTECTION
2.4.1.5 Ensure permissions on /etc/cron.weekly are configured	CIS Debian Linux 12 v1.0.1 L1 Server	Unix	ACCESS CONTROL, MEDIA PROTECTION
2.7.1 Ensure 'Allow user to move messages from this account' is set to 'Disabled'	AirWatch - CIS Apple iOS 17 Benchmark v1.1.0 End User Owned L1	MDM	ACCESS CONTROL, MEDIA PROTECTION
2.12.2 Ensure Guest Access to Shared Folders Is Disabled	CIS Apple macOS 13.0 Ventura v2.1.0 L1	Unix	ACCESS CONTROL, MEDIA PROTECTION
3.2.1.1 Ensure 'Allow screenshots and screen recording' is set to 'Disabled'	MobileIron - CIS Apple iOS 17 Institution Owned L2	MDM	ACCESS CONTROL, MEDIA PROTECTION
3.2.1.22 Ensure 'Allow documents from unmanaged sources in managed destinations' is set to 'Disabled'	AirWatch - CIS Apple iOS 17 Institution Owned L1	MDM	ACCESS CONTROL, MEDIA PROTECTION
3.2.1.22 Ensure 'Allow documents from unmanaged sources in managed destinations' is set to 'Disabled'	AirWatch - CIS Apple iPadOS 17 Institutionally Owned L1	MDM	ACCESS CONTROL, MEDIA PROTECTION
3.2.1.22 Ensure 'Allow documents from unmanaged sources in managed destinations' is set to 'Disabled'	MobileIron - CIS Apple iPadOS 17 Institutionally Owned L1	MDM	ACCESS CONTROL, MEDIA PROTECTION
3.5 Ensure Access to Audit Records Is Controlled	CIS Apple macOS 14.0 Sonoma Cloud-tailored v1.0.0 L1	Unix	ACCESS CONTROL, MEDIA PROTECTION
3.5 Ensure Access to Audit Records Is Controlled	CIS Apple macOS 14.0 Sonoma v1.1.0 L1	Unix	ACCESS CONTROL, MEDIA PROTECTION
3.7.1 Ensure 'Allow user to move messages from this account' is set to 'Disabled'	AirWatch - CIS Apple iPadOS 17 Institutionally Owned L1	MDM	ACCESS CONTROL, MEDIA PROTECTION
3.7.2 Ensure 'Allow Mail Drop' is set to 'Disabled'	AirWatch - CIS Apple iOS 17 Institution Owned L2	MDM	ACCESS CONTROL, MEDIA PROTECTION
3.7.2 Ensure 'Allow Mail Drop' is set to 'Disabled'	MobileIron - CIS Apple iPadOS 17 Institutionally Owned L2	MDM	ACCESS CONTROL, MEDIA PROTECTION
4.7 Restrict access to Tomcat web application directory	CIS Apache Tomcat 9 L1 v1.2.0	Unix	ACCESS CONTROL, MEDIA PROTECTION
4.7 Restrict access to Tomcat web application directory	CIS Apache Tomcat 9 L1 v1.2.0 Middleware	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.1.1 Ensure Home Folders Are Secure	CIS Apple macOS 14.0 Sonoma v1.1.0 L1	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.1.1 Ensure Home Folders Are Secure	CIS Apple macOS 11.0 Big Sur v4.0.0 L1	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.1.1 Ensure permissions on /etc/ssh/sshd_config are configured	CIS Debian Linux 12 v1.0.1 L1 Server	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.1.2 Ensure permissions on SSH private host key files are configured	CIS Debian Linux 12 v1.0.1 L1 Server	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.1.6 Ensure No World Writable Files Exist in the Library Folder	CIS Apple macOS 10.15 Catalina v3.0.0 L2	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.1.6 Ensure No World Writable Folders Exist in the System Folder	CIS Apple macOS 13.0 Ventura v2.1.0 L1	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.1.7 Ensure No World Writable Folders Exist in the Library Folder	CIS Apple macOS 14.0 Sonoma Cloud-tailored v1.0.0 L2	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.1.7 Ensure No World Writable Folders Exist in the Library Folder	CIS Apple macOS 13.0 Ventura Cloud-tailored v1.0.0 L2	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.2.4.10 Ensure audit tools belong to group root	CIS Amazon Linux 2 v3.0.0 L2	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.2.7 Ensure access to the su command is restricted	CIS Debian Linux 12 v1.0.1 L1 Server	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.3.2.1 Ensure pam_unix module is enabled	CIS Debian Linux 12 v1.0.1 L1 Server	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.4.2.2 Ensure root is the only GID 0 account	CIS Debian Linux 12 v1.0.1 L1 Server	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.4.2.7 Ensure system accounts do not have a valid login shell	CIS Debian Linux 12 v1.0.1 L1 Server	Unix	ACCESS CONTROL, MEDIA PROTECTION
6.2.2.1 Ensure access to all logfiles has been configured	CIS Debian Linux 12 v1.0.1 L1 Server	Unix	ACCESS CONTROL, MEDIA PROTECTION
6.4.4.3 Ensure audit log files group owner is configured	CIS Debian Linux 11 v2.0.0 L2 Workstation	Unix	ACCESS CONTROL, MEDIA PROTECTION
6.4.4.8 Ensure audit tools mode is configured	CIS Debian Linux 11 v2.0.0 L2 Workstation	Unix	ACCESS CONTROL, MEDIA PROTECTION
7.1.2 Ensure permissions on /etc/passwd- are configured	CIS Debian Linux 12 v1.0.1 L1 Server	Unix	ACCESS CONTROL, MEDIA PROTECTION
7.1.7 Ensure permissions on /etc/gshadow are configured	CIS Debian Linux 12 v1.0.1 L1 Server	Unix	ACCESS CONTROL, MEDIA PROTECTION
7.1.10 Ensure permissions on /etc/security/opasswd are configured	CIS Debian Linux 12 v1.0.1 L1 Server	Unix	ACCESS CONTROL, MEDIA PROTECTION
7.1.12 Ensure no files or directories without an owner and a group exist	CIS Debian Linux 12 v1.0.1 L1 Server	Unix	ACCESS CONTROL, MEDIA PROTECTION
7.1.13 Ensure SUID and SGID files are reviewed	CIS Debian Linux 12 v1.0.1 L1 Server	Unix	ACCESS CONTROL, MEDIA PROTECTION
7.2.10 Ensure local interactive user dot files access is configured	CIS Debian Linux 12 v1.0.1 L1 Server	Unix	ACCESS CONTROL, MEDIA PROTECTION
7.4 Ensure directory in context.xml is a secure location - configuration	CIS Apache Tomcat 9 L1 v1.2.0 Middleware	Unix	ACCESS CONTROL, MEDIA PROTECTION
7.4 Ensure directory in context.xml is a secure location - permissions	CIS Apache Tomcat 9 L1 v1.2.0	Unix	ACCESS CONTROL, MEDIA PROTECTION

Detections

Analytics

Item Search