Item Search

NameAudit NamePluginCategory
1.4.4 Set IP address for 'logging host'CIS Cisco IOS XR 7.x v1.0.0 L1Cisco

AUDIT AND ACCOUNTABILITY, INCIDENT RESPONSE, SYSTEM AND INFORMATION INTEGRITY

1.6.3 Configure Netflow on Strategic PortsCIS Cisco NX-OS L2 v1.1.0Cisco

AUDIT AND ACCOUNTABILITY, INCIDENT RESPONSE, SYSTEM AND INFORMATION INTEGRITY

2.1 Ensure monitoring and alerting exist for ACCOUNTADMIN and SECURITYADMIN role grantsCIS Snowflake Foundations v1.0.0 L1Snowflake

AUDIT AND ACCOUNTABILITY

2.1 Ensure That Cloud Audit Logging Is Configured ProperlyCIS Google Cloud Platform v3.0.0 L1GCP

AUDIT AND ACCOUNTABILITY

2.1.1 Ensure Firewall Is EnabledCIS Apple macOS 13.0 Ventura Cloud-tailored v1.0.0 L1Unix

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, INCIDENT RESPONSE, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

2.1.11 Ensure the spoofed domains report is reviewed weeklyCIS Microsoft 365 Foundations E5 L1 v3.1.0microsoft_azure

AUDIT AND ACCOUNTABILITY

2.1.12 Ensure the 'Restricted entities' report is reviewed weeklyCIS Microsoft 365 Foundations E3 L1 v3.1.0microsoft_azure

AUDIT AND ACCOUNTABILITY

2.1.13 Ensure malware trends are reviewed at least weeklyCIS Microsoft 365 Foundations E3 L1 v3.1.0microsoft_azure

AUDIT AND ACCOUNTABILITY

2.2 Ensure monitoring and alerting exist for MANAGE GRANTS privilege grantsCIS Snowflake Foundations v1.0.0 L1Snowflake

AUDIT AND ACCOUNTABILITY

2.2.4 Set IP address for 'logging host'CIS Cisco IOS XE 17.x v2.1.0 L1Cisco

AUDIT AND ACCOUNTABILITY, INCIDENT RESPONSE, SYSTEM AND INFORMATION INTEGRITY

2.2.4 Set IP address for 'logging host'CIS Cisco IOS XE 16.x v2.1.0 L1Cisco

AUDIT AND ACCOUNTABILITY, INCIDENT RESPONSE, SYSTEM AND INFORMATION INTEGRITY

2.3 Ensure monitoring and alerting exist for password sign-ins of SSO usersCIS Snowflake Foundations v1.0.0 L1Snowflake

AUDIT AND ACCOUNTABILITY

2.3.1 Ensure the Account Provisioning Activity report is reviewed at least weeklyCIS Microsoft 365 Foundations E3 L1 v3.1.0microsoft_azure

AUDIT AND ACCOUNTABILITY

2.3.2 Ensure non-global administrator role group assignments are reviewed at least weeklyCIS Microsoft 365 Foundations E3 L1 v3.1.0microsoft_azure

AUDIT AND ACCOUNTABILITY

2.4 Ensure monitoring and alerting exist for password sign-in without MFACIS Snowflake Foundations v1.0.0 L1Snowflake

AUDIT AND ACCOUNTABILITY

2.5 Ensure monitoring and alerting exist for creation, update and deletion of security integrationsCIS Snowflake Foundations v1.0.0 L1Snowflake

AUDIT AND ACCOUNTABILITY

2.6 Ensure monitoring and alerting exist for changes to network policies and associated objectsCIS Snowflake Foundations v1.0.0 L1Snowflake

AUDIT AND ACCOUNTABILITY

2.7 Ensure monitoring and alerting exist for SCIM token creationCIS Snowflake Foundations v1.0.0 L1Snowflake

AUDIT AND ACCOUNTABILITY

2.8 Ensure monitoring and alerting exists for new share exposuresCIS Snowflake Foundations v1.0.0 L1Snowflake

AUDIT AND ACCOUNTABILITY

2.9 Ensure monitoring and alerting exists for sessions from unsupported Snowflake Connector for Python and JDBC and ODBC driversCIS Snowflake Foundations v1.0.0 L2Snowflake

AUDIT AND ACCOUNTABILITY

2.12 Ensure That Cloud DNS Logging Is Enabled for All VPC NetworksCIS Google Cloud Platform v3.0.0 L1GCP

AUDIT AND ACCOUNTABILITY

2.12.8 - Miscellaneous Config - enable sar accounting - 'activity reports are generated every 20 minutes or less on weekday 8a-5p'CIS AIX 5.3/6.1 L2 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

2.12.8 - Miscellaneous Config - enable sar accounting - 'activity reports are generated hourly on weekday 6p-7a'CIS AIX 5.3/6.1 L2 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

2.12.8 - Miscellaneous Config - enable sar accounting - 'activity reports are generated hourly on weekends'CIS AIX 5.3/6.1 L2 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

2.12.8 - Miscellaneous Config - enable sar accounting - 'daily summaries are being prepared'CIS AIX 5.3/6.1 L2 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

3.1.2 Ensure user role group changes are reviewed at least weeklyCIS Microsoft 365 Foundations E3 L1 v3.1.0microsoft_azure

AUDIT AND ACCOUNTABILITY

3.2 Ensure CloudTrail log file validation is enabledCIS Amazon Web Services Foundations L2 3.0.0amazon_aws

AUDIT AND ACCOUNTABILITY

3.3.2 Configure Storm ControlCIS Cisco NX-OS L2 v1.1.0Cisco

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, INCIDENT RESPONSE, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

3.7 Ensure proxies pass source IP information - X-Real-IPCIS NGINX Benchmark v2.1.0 L1 ProxyUnix

AUDIT AND ACCOUNTABILITY

3.7 Ensure proxies pass source IP information - X-Real-IPCIS NGINX Benchmark v2.1.0 L1 LoadbalancerUnix

AUDIT AND ACCOUNTABILITY

4.1 Ensure unauthorized API calls are monitoredCIS Amazon Web Services Foundations L2 3.0.0amazon_aws

AUDIT AND ACCOUNTABILITY

4.2 Ensure management console sign-in without MFA is monitoredCIS Amazon Web Services Foundations L1 3.0.0amazon_aws

AUDIT AND ACCOUNTABILITY

4.3 Ensure usage of 'root' account is monitoredCIS Amazon Web Services Foundations L1 3.0.0amazon_aws

AUDIT AND ACCOUNTABILITY

4.4 Ensure IAM policy changes are monitoredCIS Amazon Web Services Foundations L1 3.0.0amazon_aws

AUDIT AND ACCOUNTABILITY

4.5 Ensure CloudTrail configuration changes are monitoredCIS Amazon Web Services Foundations L1 3.0.0amazon_aws

AUDIT AND ACCOUNTABILITY

4.6 Ensure AWS Management Console authentication failures are monitoredCIS Amazon Web Services Foundations L2 3.0.0amazon_aws

AUDIT AND ACCOUNTABILITY

4.7 Ensure disabling or scheduled deletion of customer created CMKs is monitoredCIS Amazon Web Services Foundations L2 3.0.0amazon_aws

AUDIT AND ACCOUNTABILITY

4.8 Ensure S3 bucket policy changes are monitoredCIS Amazon Web Services Foundations L1 3.0.0amazon_aws

AUDIT AND ACCOUNTABILITY

4.9 Ensure AWS Config configuration changes are monitoredCIS Amazon Web Services Foundations L2 3.0.0amazon_aws

AUDIT AND ACCOUNTABILITY

4.10 Ensure security group changes are monitoredCIS Amazon Web Services Foundations L2 3.0.0amazon_aws

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MEDIA PROTECTION

4.11 Ensure Network Access Control Lists (NACL) changes are monitoredCIS Amazon Web Services Foundations L2 3.0.0amazon_aws

AUDIT AND ACCOUNTABILITY

4.12 Ensure changes to network gateways are monitoredCIS Amazon Web Services Foundations L1 3.0.0amazon_aws

AUDIT AND ACCOUNTABILITY

4.13 Ensure route table changes are monitoredCIS Amazon Web Services Foundations L1 3.0.0amazon_aws

AUDIT AND ACCOUNTABILITY

4.14 Ensure VPC changes are monitoredCIS Amazon Web Services Foundations L1 3.0.0amazon_aws

AUDIT AND ACCOUNTABILITY

4.15 Ensure AWS Organizations changes are monitoredCIS Amazon Web Services Foundations L1 3.0.0amazon_aws

AUDIT AND ACCOUNTABILITY

5.1.5.1 Ensure the Application Usage report is reviewed at least weeklyCIS Microsoft 365 Foundations E3 L1 v3.1.0microsoft_azure

AUDIT AND ACCOUNTABILITY

5.2.4.2 Ensure the self-service password reset activity report is reviewed at least weeklyCIS Microsoft 365 Foundations E3 L1 v3.1.0microsoft_azure

AUDIT AND ACCOUNTABILITY

5.2.6.1 Ensure the Azure AD 'Risky sign-ins' report is reviewed at least weeklyCIS Microsoft 365 Foundations E5 L1 v3.1.0microsoft_azure

AUDIT AND ACCOUNTABILITY

6.4.1 Ensure mail forwarding rules are reviewed at least weeklyCIS Microsoft 365 Foundations E3 L1 v3.1.0microsoft_azure

AUDIT AND ACCOUNTABILITY

SHPT-00-000405 - To support audit review, analysis, and reporting, SharePoint must integrate audit review, analysis, and reporting processes to support organizational processes for investigation and response to suspicious activities.DISA STIG SharePoint 2010 v1r9Windows

AUDIT AND ACCOUNTABILITY