Detections
Analytics

CSCv7|7.6

Title

Log all URL requests

Description

Log all URL requests from each of the organization's systems, whether onsite or a mobile device, in order to identify potentially malicious activity and assist incident handlers with identifying potentially compromised systems.

Reference Item Details

Category: Email and Web Browser Protections

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.3.10 Ensure 'Password Profiles' do not existPalo_AltoCIS Palo Alto Firewall 10 v1.1.0 L1
2.1.10 [LEGACY] Ensure That Microsoft Defender for DNS Is Set To 'On'microsoft_azureCIS Microsoft Azure Foundations v2.1.0 L2
2.1.11 Ensure That Microsoft Defender for DNS Is Set To 'On'microsoft_azureCIS Microsoft Azure Foundations v1.5.0 L2
2.1.11 Ensure That Microsoft Defender for DNS Is Set To 'On'microsoft_azureCIS Microsoft Azure Foundations v2.0.0 L2
3.1.16 [LEGACY] Ensure That Microsoft Defender for DNS Is Set To 'On'microsoft_azureCIS Microsoft Azure Foundations v3.0.0 L2
4.2 Ensure 'Applications and Threats Update Schedule' is set to download and install updates at daily or shorter intervalsPalo_AltoCIS Palo Alto Firewall 9 v1.1.0 L1
4.2 Ensure 'Applications and Threats Update Schedule' is set to download and install updates at daily or shorter intervalsPalo_AltoCIS Palo Alto Firewall 10 v1.1.0 L1
5.1.6 Ensure that logging for Azure AppService 'HTTP logs' is enabledmicrosoft_azureCIS Microsoft Azure Foundations v2.1.0 L2
5.1.7 Ensure that logging for Azure AppService 'AppServiceHTTPLogs' is enabled.microsoft_azureCIS Microsoft Azure Foundations v1.5.0 L2
5.1.7 Ensure that logging for Azure AppService 'HTTP logs' is enabledmicrosoft_azureCIS Microsoft Azure Foundations v2.0.0 L2
5.3 Ensure that Diagnostic Logs are enabled for all services which support it.microsoft_azureCIS Microsoft Azure Foundations v1.3.1 L1
6.1.6 Ensure that logging for Azure AppService 'HTTP logs' is enabledmicrosoft_azureCIS Microsoft Azure Foundations v3.0.0 L2
6.10 Ensure that access to every URL is loggedPalo_AltoCIS Palo Alto Firewall 10 v1.2.0 L1
6.10 Ensure that access to every URL is loggedPalo_AltoCIS Palo Alto Firewall 10 v1.1.0 L1
6.10 Ensure that access to every URL is loggedPalo_AltoCIS Palo Alto Firewall 11 v1.1.0 L1
6.10 Ensure that access to every URL is loggedPalo_AltoCIS Palo Alto Firewall 11 v1.0.0 L1
6.11 Ensure all HTTP Header Logging options are enabledPalo_AltoCIS Palo Alto Firewall 11 v1.0.0 L1
6.11 Ensure all HTTP Header Logging options are enabledPalo_AltoCIS Palo Alto Firewall 10 v1.2.0 L1
6.11 Ensure all HTTP Header Logging options are enabledPalo_AltoCIS Palo Alto Firewall 11 v1.1.0 L1
6.11 Ensure all HTTP Header Logging options are enabled - Log Container PagePalo_AltoCIS Palo Alto Firewall 10 v1.1.0 L1
6.11 Ensure all HTTP Header Logging options are enabled - RefererPalo_AltoCIS Palo Alto Firewall 10 v1.1.0 L1
6.11 Ensure all HTTP Header Logging options are enabled - User-AgentPalo_AltoCIS Palo Alto Firewall 10 v1.1.0 L1
6.11 Ensure all HTTP Header Logging options are enabled - X-Forwarded-ForPalo_AltoCIS Palo Alto Firewall 10 v1.1.0 L1
6.11 Ensure that access to every URL is loggedPalo_AltoCIS Palo Alto Firewall 9 v1.1.0 L1
6.11 Ensure that access to every URL is loggedPalo_AltoCIS Palo Alto Firewall 10 v1.0.0 L1
6.11 Ensure that access to every URL is loggedPalo_AltoCIS Palo Alto Firewall 9 Benchmark v1.0.0 L1
6.11 Ensure that access to every URL is loggedPalo_AltoCIS Palo Alto Firewall 9 v1.0.1 L1
6.11 Ensure that access to every URL is loggedPalo_AltoCIS Palo Alto Firewall 8 Benchmark L1 v1.0.0
6.12 Ensure all HTTP Header Logging options are enabled - Log Container PagePalo_AltoCIS Palo Alto Firewall 9 Benchmark v1.0.0 L1
6.12 Ensure all HTTP Header Logging options are enabled - Log Container PagePalo_AltoCIS Palo Alto Firewall 10 v1.0.0 L1
6.12 Ensure all HTTP Header Logging options are enabled - Log Container PagePalo_AltoCIS Palo Alto Firewall 8 Benchmark L1 v1.0.0
6.12 Ensure all HTTP Header Logging options are enabled - Log Container PagePalo_AltoCIS Palo Alto Firewall 9 v1.0.1 L1
6.12 Ensure all HTTP Header Logging options are enabled - Log Container PagePalo_AltoCIS Palo Alto Firewall 9 v1.1.0 L1
6.12 Ensure all HTTP Header Logging options are enabled - RefererPalo_AltoCIS Palo Alto Firewall 9 Benchmark v1.0.0 L1
6.12 Ensure all HTTP Header Logging options are enabled - RefererPalo_AltoCIS Palo Alto Firewall 10 v1.0.0 L1
6.12 Ensure all HTTP Header Logging options are enabled - RefererPalo_AltoCIS Palo Alto Firewall 9 v1.1.0 L1
6.12 Ensure all HTTP Header Logging options are enabled - RefererPalo_AltoCIS Palo Alto Firewall 9 v1.0.1 L1
6.12 Ensure all HTTP Header Logging options are enabled - RefererPalo_AltoCIS Palo Alto Firewall 8 Benchmark L1 v1.0.0
6.12 Ensure all HTTP Header Logging options are enabled - User-AgentPalo_AltoCIS Palo Alto Firewall 9 Benchmark v1.0.0 L1
6.12 Ensure all HTTP Header Logging options are enabled - User-AgentPalo_AltoCIS Palo Alto Firewall 9 v1.0.1 L1
6.12 Ensure all HTTP Header Logging options are enabled - User-AgentPalo_AltoCIS Palo Alto Firewall 8 Benchmark L1 v1.0.0
18.9.45.4.3.1 Ensure 'Prevent users and apps from accessing dangerous websites' is set to 'Enabled: Block'WindowsCIS Microsoft Windows Server 2016 DC L1 v1.3.0
18.9.45.4.3.1 Ensure 'Prevent users and apps from accessing dangerous websites' is set to 'Enabled: Block'WindowsCIS Microsoft Windows Server 2016 MS L1 v1.3.0
18.9.45.4.3.1 Ensure 'Prevent users and apps from accessing dangerous websites' is set to 'Enabled: Block'WindowsCIS Microsoft Windows 10 Enterprise (Release 2004) v1.9.1 L1
18.9.77.13.3.1 Ensure 'Prevent users and apps from accessing dangerous websites' is set to 'Enabled: Block'WindowsCIS Microsoft Windows Server 2016 MS L1 v1.2.0
18.9.77.13.3.1 Ensure 'Prevent users and apps from accessing dangerous websites' is set to 'Enabled: Block'WindowsCIS Microsoft Windows Server 2016 STIG NG MS L3 v1.0.0
18.9.77.13.3.1 Ensure 'Prevent users and apps from accessing dangerous websites' is set to 'Enabled: Block'WindowsCIS Microsoft Windows Server 2016 STIG MS L1 v1.0.0
18.9.77.13.3.1 Ensure 'Prevent users and apps from accessing dangerous websites' is set to 'Enabled: Block'WindowsCIS Microsoft Windows Server 2016 STIG NG DC L3 v1.0.0
18.9.77.13.3.1 Ensure 'Prevent users and apps from accessing dangerous websites' is set to 'Enabled: Block'WindowsCIS Microsoft Windows Server 2016 DC L1 v1.2.0
18.9.77.13.3.1 Ensure 'Prevent users and apps from accessing dangerous websites' is set to 'Enabled: Block'WindowsCIS Microsoft Windows Server 2016 STIG DC L1 v1.0.0