Detections
Analytics

CSCv7|2.9

Title

Implement Application Whitelisting of Scripts

Description

The organization's application whitelisting software must ensure that only authorized, digitally signed scripts (such as *.ps1, *.py, macros, etc) are allowed to run on a system.

Reference Item Details

Category: Inventory and Control of Software Assets

Audit Items

View all Reference Audit Items

NamePluginAudit Name
2.5 Allowlist Authorized Scripts and Report ViolationsUnixCIS IBM AIX 7.2 L1 v1.1.0
2.5 Allowlist Authorized Scripts and Report ViolationsUnixCIS IBM AIX 7.2 L1 v1.0.0
2.6 Enforce Allowlist aka Trusted Execution ChecksUnixCIS IBM AIX 7.2 L2 v1.1.0
2.6 Enforce Allowlist aka Trusted Execution ChecksUnixCIS IBM AIX 7.2 L2 v1.0.0
2.8.4.1.1 Ensure 'Block macros from running in Office files from the internet' is set to 'Enabled'WindowsCIS Microsoft Office Enterprise v1.1.0 L1
3.22 (L1) Host must deny shell access for the dcui accountVMwareCIS VMware ESXi 8.0 v1.1.0 L1
3.23 (L2) Host must deny shell access for the vpxuser accountVMwareCIS VMware ESXi 8.0 v1.1.0 L2
5.2 (L1) Host must block network traffic by defaultVMwareCIS VMware ESXi 8.0 v1.1.0 L1
5.3.3 Ensure that Content Security Policy (CSP) is enabled and configured properlyUnixCIS NGINX Benchmark v2.0.0 L2 Webserver
5.3.3 Ensure that Content Security Policy (CSP) is enabled and configured properlyUnixCIS NGINX Benchmark v2.0.1 L2 Webserver
6.3.1 Ensure 'external scripts enabled' database flag for Cloud SQL SQL Server instance is set to 'off'GCPCIS Google Cloud Platform v1.3.0 L1
6.3.1 Ensure 'external scripts enabled' database flag for Cloud SQL SQL Server instance is set to 'off'GCPCIS Google Cloud Platform v1.1.0 L1
6.3.1 Ensure 'external scripts enabled' database flag for Cloud SQL SQL Server instance is set to 'off'GCPCIS Google Cloud Platform v2.0.0 L1
6.3.1 Ensure 'external scripts enabled' database flag for Cloud SQL SQL Server instance is set to 'off'GCPCIS Google Cloud Platform v3.0.0 L1