1.5 Ensure System Data Files and Security Updates Are Downloaded Automatically Is Enabled | CIS Apple macOS 12.0 Monterey Cloud-tailored v1.0.0 L1 | Unix | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
1.5 Ensure System Data Files and Security Updates Are Downloaded Automatically Is Enabled | CIS Apple macOS 12.0 Monterey v3.1.0 L1 | Unix | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
1.5 Ensure System Data Files and Security Updates Are Downloaded Automatically Is Enabled | CIS Apple macOS 11.0 Big Sur v4.0.0 L1 | Unix | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
1.5 Ensure System Data Files and Security Updates Are Downloaded Automatically Is Enabled - 'ConfigDataInstall' | CIS Apple macOS 10.14 v2.0.0 L1 | Unix | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
1.5 Ensure System Data Files and Security Updates Are Downloaded Automatically Is Enabled - 'CriticalUpdateInstall' | CIS Apple macOS 10.14 v2.0.0 L1 | Unix | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
1.5 Ensure System Data Files and Security Updates Are Downloaded Automatically Is Enabled - ConfigDataInstall | CIS Apple macOS 10.15 Catalina v3.0.0 L1 | Unix | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
1.5 Ensure System Data Files and Security Updates Are Downloaded Automatically Is Enabled - CriticalUpdateInstall | CIS Apple macOS 10.15 Catalina v3.0.0 L1 | Unix | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
1.6 Ensure Install Security Responses and System Files Is Enabled | CIS Apple macOS 14.0 Sonoma Cloud-tailored v1.0.0 L1 | Unix | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
1.6 Ensure Install Security Responses and System Files Is Enabled | CIS Apple macOS 14.0 Sonoma v1.1.0 L1 | Unix | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
1.6 Ensure Install Security Responses and System Files Is Enabled | CIS Apple macOS 13.0 Ventura v2.1.0 L1 | Unix | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
1.6 Ensure Install Security Responses and System Files Is Enabled | CIS Apple macOS 13.0 Ventura Cloud-tailored v1.0.0 L1 | Unix | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
1.14 Ensure 'DNS interception checks enabled' is set to 'Enabled' | CIS Google Chrome L1 v3.0.0 | Windows | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
2.1.7 Ensure That Microsoft Defender for Storage Is Set To 'On' | CIS Microsoft Azure Foundations v2.1.0 L2 | microsoft_azure | RISK ASSESSMENT |
2.1.8 Ensure That Microsoft Defender for Containers Is Set To 'On' | CIS Microsoft Azure Foundations v2.1.0 L2 | microsoft_azure | RISK ASSESSMENT |
2.1.9 Ensure That Microsoft Defender for Key Vault Is Set To 'On' | CIS Microsoft Azure Foundations v2.1.0 L2 | microsoft_azure | RISK ASSESSMENT |
2.1.14 Ensure that Auto provisioning of 'Log Analytics agent for Azure VMs' is Set to 'On' | CIS Microsoft Azure Foundations v2.1.0 L1 | microsoft_azure | RISK ASSESSMENT |
2.1.15 Ensure that Auto provisioning of 'Vulnerability assessment for machines' is Set to 'On' | CIS Microsoft Azure Foundations v2.1.0 L2 | microsoft_azure | RISK ASSESSMENT |
2.1.16 Ensure that Auto provisioning of 'Microsoft Defender for Containers components' is Set to 'On' | CIS Microsoft Azure Foundations v2.1.0 L2 | microsoft_azure | RISK ASSESSMENT |
2.1.22 Ensure that Microsoft Defender External Attack Surface Monitoring (EASM) is enabled | CIS Microsoft Azure Foundations v2.1.0 L2 | microsoft_azure | RISK ASSESSMENT |
2.3 Set Update Interval Time Checks | CIS Mozilla Firefox 102 ESR Linux L1 v1.0.0 | Unix | RISK ASSESSMENT |
2.3 Set Update Interval Time Checks | CIS Mozilla Firefox 102 ESR Windows L1 v1.0.0 | Windows | RISK ASSESSMENT |
2.3.6 Ensure 'Control Manifest v2 extension availability' Is Set to Forced Only | CIS Google Chrome L2 v3.0.0 | Windows | RISK ASSESSMENT |
2.3.7 Ensure 'Control availability of extensions unpublished on the Chrome Web Store' Is Disabled | CIS Google Chrome L1 v3.0.0 | Windows | RISK ASSESSMENT |
2.4 Set Update Wait Time Prompt | CIS Mozilla Firefox 102 ESR Linux L1 v1.0.0 | Unix | RISK ASSESSMENT |
2.4 Set Update Wait Time Prompt | CIS Mozilla Firefox 102 ESR Windows L1 v1.0.0 | Windows | RISK ASSESSMENT |
2.25 Ensure 'Allow file or directory picker APIs to be called without prior user gesture' Is Disabled | CIS Google Chrome L1 v3.0.0 | Windows | RISK ASSESSMENT |
4.1.2 Apply IPS Security Profile to Policies | CIS Fortigate 7.0.x v1.3.0 L1 | FortiGate | RISK ASSESSMENT |
4.4 Ensure images are scanned and rebuilt to include security patches | CIS Docker v1.6.0 L1 Docker Linux | Unix | RISK ASSESSMENT |
5.1.1 Ensure Image Vulnerability Scanning is enabled | CIS Google Kubernetes Engine (GKE) v1.5.0 L1 | GCP | RISK ASSESSMENT |
5.5.2 Ensure Node Auto-Repair is enabled for GKE nodes | CIS Google Kubernetes Engine (GKE) v1.5.0 L1 | GCP | RISK ASSESSMENT |
5.5.6 Ensure Integrity Monitoring for Shielded GKE Nodes is Enabled | CIS Google Kubernetes Engine (GKE) v1.5.0 L1 | GCP | RISK ASSESSMENT |
5.5.7 Ensure Secure Boot for Shielded GKE Nodes is Enabled | CIS Google Kubernetes Engine (GKE) v1.5.0 L2 | GCP | RISK ASSESSMENT |
6.6 Ensure a Vulnerability Protection Profile is set to block attacks against critical and high vulnerabilities, and set to default on medium, low, and informational vulnerabilities | CIS Palo Alto Firewall 10 v1.1.0 L1 | Palo_Alto | RISK ASSESSMENT |
6.6 Ensure a Vulnerability Protection Profile is set to block attacks against critical and high vulnerabilities, and set to default on medium, low, and informational vulnerabilities | CIS Palo Alto Firewall 11 v1.1.0 L1 | Palo_Alto | RISK ASSESSMENT |
6.7 Ensure a secure Vulnerability Protection Profile is applied to all security rules allowing traffic | CIS Palo Alto Firewall 11 v1.1.0 L1 | Palo_Alto | RISK ASSESSMENT |
6.7 Ensure a secure Vulnerability Protection Profile is applied to all security rules allowing traffic | CIS Palo Alto Firewall 10 v1.1.0 L1 | Palo_Alto | RISK ASSESSMENT |
6.7 Ensure a Vulnerability Protection Profile is set to block attacks against critical and high vulnerabilities, and set to default on medium, low, and informational vulnerabilities | CIS Palo Alto Firewall 9 v1.1.0 L1 | Palo_Alto | RISK ASSESSMENT |
6.8 Ensure a secure Vulnerability Protection Profile is applied to all security rules allowing traffic | CIS Palo Alto Firewall 9 v1.1.0 L1 | Palo_Alto | RISK ASSESSMENT |
6.22 Ensure that 'Inline Cloud Analysis' on Vulnerability Protection profiles are enabled if 'Advanced Threat Prevention' is available | CIS Palo Alto Firewall 11 v1.1.0 L1 | Palo_Alto | RISK ASSESSMENT |
7.2 Use FLRTVC regularly | CIS IBM AIX 7.2 L1 v1.1.0 | Unix | RISK ASSESSMENT |
9.1 Apply Applicable Updates | CIS BIND DNS v1.0.0 L1 Authoritative Name Server | Unix | RISK ASSESSMENT |
9.1 Apply Applicable Updates | CIS BIND DNS v1.0.0 L1 Caching Only Name Server | Unix | RISK ASSESSMENT |
18.5.14.1 (L1) Ensure 'Hardened UNC Paths' is set to 'Enabled, with 'Require Mutual Authentication' and 'Require Integrity' set for all NETLOGON and SYSVOL shares' - NETLOGON | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | RISK ASSESSMENT |
18.5.14.1 (L1) Ensure 'Hardened UNC Paths' is set to 'Enabled, with 'Require Mutual Authentication' and 'Require Integrity' set for all NETLOGON and SYSVOL shares' - SYSVOL | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | RISK ASSESSMENT |
18.5.14.1 Ensure 'Hardened UNC Paths' is set to 'Enabled, with 'Require Mutual Authentication' and 'Require Integrity' set for all NETLOGON and SYSVOL shares' - NETLOGON | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | RISK ASSESSMENT |
18.5.14.1 Ensure 'Hardened UNC Paths' is set to 'Enabled, with 'Require Mutual Authentication' and 'Require Integrity' set for all NETLOGON and SYSVOL shares' - SYSVOL | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | RISK ASSESSMENT |
20.14 Ensure 'Automated mechanisms must be employed to determine the state of system components...' | CIS Microsoft Windows Server 2016 STIG v2.0.0 STIG MS | Windows | RISK ASSESSMENT |
20.14 Ensure 'Automated mechanisms must be employed to determine the state of system components...' | CIS Microsoft Windows Server 2019 STIG v2.0.0 STIG DC | Windows | RISK ASSESSMENT |
20.14 Ensure 'Automated mechanisms must be employed to determine the state of system components...' | CIS Microsoft Windows Server 2016 STIG v2.0.0 STIG DC | Windows | RISK ASSESSMENT |
20.14 Ensure 'Automated mechanisms must be employed to determine the state of system components...' | CIS Microsoft Windows Server 2019 STIG v2.0.0 STIG MS | Windows | RISK ASSESSMENT |