Item Search

NameAudit NamePluginCategory
1.5 Ensure System Data Files and Security Updates Are Downloaded Automatically Is EnabledCIS Apple macOS 12.0 Monterey Cloud-tailored v1.0.0 L1Unix

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

1.5 Ensure System Data Files and Security Updates Are Downloaded Automatically Is EnabledCIS Apple macOS 12.0 Monterey v3.1.0 L1Unix

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

1.5 Ensure System Data Files and Security Updates Are Downloaded Automatically Is EnabledCIS Apple macOS 11.0 Big Sur v4.0.0 L1Unix

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

1.5 Ensure System Data Files and Security Updates Are Downloaded Automatically Is Enabled - ConfigDataInstallCIS Apple macOS 10.15 Catalina v3.0.0 L1Unix

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

1.6 Ensure Install Security Responses and System Files Is EnabledCIS Apple macOS 14.0 Sonoma v1.1.0 L1Unix

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

1.6 Ensure Install Security Responses and System Files Is EnabledCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.0.0 L1Unix

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

1.6 Ensure Install Security Responses and System Files Is EnabledCIS Apple macOS 13.0 Ventura v2.1.0 L1Unix

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

1.14 Ensure 'DNS interception checks enabled' is set to 'Enabled'CIS Google Chrome L1 v3.0.0Windows

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

2.3 Set Update Interval Time ChecksCIS Mozilla Firefox 102 ESR Windows L1 v1.0.0Windows

RISK ASSESSMENT

2.3 Set Update Interval Time ChecksCIS Mozilla Firefox 102 ESR Linux L1 v1.0.0Unix

RISK ASSESSMENT

2.3.6 Ensure 'Control Manifest v2 extension availability' Is Set to Forced OnlyCIS Google Chrome L2 v3.0.0Windows

RISK ASSESSMENT

2.3.7 Ensure 'Control availability of extensions unpublished on the Chrome Web Store' Is DisabledCIS Google Chrome L1 v3.0.0Windows

RISK ASSESSMENT

2.4 Set Update Wait Time PromptCIS Mozilla Firefox 102 ESR Linux L1 v1.0.0Unix

RISK ASSESSMENT

2.4 Set Update Wait Time PromptCIS Mozilla Firefox 102 ESR Windows L1 v1.0.0Windows

RISK ASSESSMENT

2.25 Ensure 'Allow file or directory picker APIs to be called without prior user gesture' Is DisabledCIS Google Chrome L1 v3.0.0Windows

RISK ASSESSMENT

3.1.1.1 Ensure that Auto provisioning of 'Log Analytics agent for Azure VMs' is Set to 'On'CIS Microsoft Azure Foundations v3.0.0 L1microsoft_azure

RISK ASSESSMENT

3.1.3.2 Ensure that 'Vulnerability assessment for machines' component status is set to 'On'CIS Microsoft Azure Foundations v3.0.0 L2microsoft_azure

RISK ASSESSMENT

3.1.3.4 Ensure that 'Agentless scanning for machines' component status is set to 'On'CIS Microsoft Azure Foundations v3.0.0 L2microsoft_azure

RISK ASSESSMENT

3.1.3.5 Ensure that 'File Integrity Monitoring' component status is set to 'On'CIS Microsoft Azure Foundations v3.0.0 L2microsoft_azure

RISK ASSESSMENT

3.1.4.1 Ensure That Microsoft Defender for Containers Is Set To 'On'CIS Microsoft Azure Foundations v3.0.0 L2microsoft_azure

RISK ASSESSMENT

3.1.4.2 Ensure that 'Agentless discovery for Kubernetes' component status 'On'CIS Microsoft Azure Foundations v3.0.0 L2microsoft_azure

RISK ASSESSMENT

3.1.4.3 Ensure that 'Agentless container vulnerability assessment' component status is 'On'CIS Microsoft Azure Foundations v3.0.0 L2microsoft_azure

RISK ASSESSMENT

3.1.5.1 Ensure That Microsoft Defender for Storage Is Set To 'On'CIS Microsoft Azure Foundations v3.0.0 L2microsoft_azure

RISK ASSESSMENT

3.1.8.1 Ensure That Microsoft Defender for Key Vault Is Set To 'On'CIS Microsoft Azure Foundations v3.0.0 L2microsoft_azure

RISK ASSESSMENT

3.1.15 Ensure that Microsoft Defender External Attack Surface Monitoring (EASM) is enabledCIS Microsoft Azure Foundations v3.0.0 L2microsoft_azure

RISK ASSESSMENT

4.1.2 Apply IPS Security Profile to PoliciesCIS Fortigate 7.0.x v1.3.0 L1FortiGate

RISK ASSESSMENT

4.4 Ensure images are scanned and rebuilt to include security patchesCIS Docker v1.6.0 L1 Docker LinuxUnix

RISK ASSESSMENT

5.1.1 Ensure Image Vulnerability Scanning is enabledCIS Google Kubernetes Engine (GKE) v1.6.1 L2GCP

RISK ASSESSMENT

5.5.2 Ensure Node Auto-Repair is enabled for GKE nodesCIS Google Kubernetes Engine (GKE) v1.6.1 L2GCP

RISK ASSESSMENT

5.5.6 Ensure Integrity Monitoring for Shielded GKE Nodes is EnabledCIS Google Kubernetes Engine (GKE) v1.6.1 L1GCP

RISK ASSESSMENT

5.5.7 Ensure Secure Boot for Shielded GKE Nodes is EnabledCIS Google Kubernetes Engine (GKE) v1.6.1 L2GCP

RISK ASSESSMENT

6.6 Ensure a Vulnerability Protection Profile is set to block attacks against critical and high vulnerabilities, and set to default on medium, low, and informational vulnerabilitiesCIS Palo Alto Firewall 10 v1.2.0 L1Palo_Alto

RISK ASSESSMENT

6.6 Ensure a Vulnerability Protection Profile is set to block attacks against critical and high vulnerabilities, and set to default on medium, low, and informational vulnerabilitiesCIS Palo Alto Firewall 11 v1.1.0 L1Palo_Alto

RISK ASSESSMENT

6.7 Ensure a secure Vulnerability Protection Profile is applied to all security rules allowing trafficCIS Palo Alto Firewall 10 v1.2.0 L1Palo_Alto

RISK ASSESSMENT

6.7 Ensure a secure Vulnerability Protection Profile is applied to all security rules allowing trafficCIS Palo Alto Firewall 11 v1.1.0 L1Palo_Alto

RISK ASSESSMENT

6.7 Ensure a Vulnerability Protection Profile is set to block attacks against critical and high vulnerabilities, and set to default on medium, low, and informational vulnerabilitiesCIS Palo Alto Firewall 9 v1.1.0 L1Palo_Alto

RISK ASSESSMENT

6.8 Ensure a secure Vulnerability Protection Profile is applied to all security rules allowing trafficCIS Palo Alto Firewall 9 v1.1.0 L1Palo_Alto

RISK ASSESSMENT

6.22 Ensure that 'Inline Cloud Analysis' on Vulnerability Protection profiles are enabled if 'Advanced Threat Prevention' is availableCIS Palo Alto Firewall 10 v1.2.0 L1Palo_Alto

RISK ASSESSMENT

6.22 Ensure that 'Inline Cloud Analysis' on Vulnerability Protection profiles are enabled if 'Advanced Threat Prevention' is availableCIS Palo Alto Firewall 11 v1.1.0 L1Palo_Alto

RISK ASSESSMENT

7.2 Use FLRTVC regularlyCIS IBM AIX 7.2 L1 v1.1.0Unix

RISK ASSESSMENT

9.1 Apply Applicable UpdatesCIS BIND DNS v1.0.0 L1 Authoritative Name ServerUnix

RISK ASSESSMENT

9.1 Apply Applicable UpdatesCIS BIND DNS v1.0.0 L1 Caching Only Name ServerUnix

RISK ASSESSMENT

18.5.14.1 (L1) Ensure 'Hardened UNC Paths' is set to 'Enabled, with 'Require Mutual Authentication' and 'Require Integrity' set for all NETLOGON and SYSVOL shares' - NETLOGONCIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

RISK ASSESSMENT

18.5.14.1 (L1) Ensure 'Hardened UNC Paths' is set to 'Enabled, with 'Require Mutual Authentication' and 'Require Integrity' set for all NETLOGON and SYSVOL shares' - SYSVOLCIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

RISK ASSESSMENT

18.5.14.1 Ensure 'Hardened UNC Paths' is set to 'Enabled, with 'Require Mutual Authentication' and 'Require Integrity' set for all NETLOGON and SYSVOL shares' - NETLOGONCIS Microsoft Windows 8.1 v2.4.1 L1Windows

RISK ASSESSMENT

18.5.14.1 Ensure 'Hardened UNC Paths' is set to 'Enabled, with 'Require Mutual Authentication' and 'Require Integrity' set for all NETLOGON and SYSVOL shares' - SYSVOLCIS Microsoft Windows 8.1 v2.4.1 L1Windows

RISK ASSESSMENT

20.14 Ensure 'Automated mechanisms must be employed to determine the state of system components...'CIS Microsoft Windows Server 2019 STIG v2.0.0 STIG DCWindows

RISK ASSESSMENT

20.14 Ensure 'Automated mechanisms must be employed to determine the state of system components...'CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

RISK ASSESSMENT

20.14 Ensure 'Automated mechanisms must be employed to determine the state of system components...'CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MSWindows

RISK ASSESSMENT

20.14 Ensure 'Automated mechanisms must be employed to determine the state of system components...'CIS Microsoft Windows Server 2019 STIG v2.0.0 STIG MSWindows

RISK ASSESSMENT