1.1.5 Ensure noexec option set on /tmp partition | Unix | CIS Debian 9 Server L1 v1.0.1 |
1.1.5 Ensure noexec option set on /tmp partition | Unix | CIS Debian 9 Workstation L1 v1.0.1 |
1.1.17 Ensure noexec option set on /dev/shm partition | Unix | CIS Debian 9 Workstation L1 v1.0.1 |
1.1.17 Ensure noexec option set on /dev/shm partition | Unix | CIS Debian 9 Server L1 v1.0.1 |
1.1.20 Ensure noexec option set on removable media partitions | Unix | CIS Debian 9 Server L1 v1.0.1 |
1.1.20 Ensure noexec option set on removable media partitions | Unix | CIS Debian 9 Workstation L1 v1.0.1 |
1.3 Ensure 'Ask where to save each file before downloading' is set to 'Enabled' | Windows | CIS Google Chrome L1 v2.0.0 |
1.3.10 Ensure 'Password Profiles' do not exist | Palo_Alto | CIS Palo Alto Firewall 10 v1.1.0 L1 |
1.4 Ensure 'Disable saving browser history' is set to 'Disabled' | Windows | CIS Google Chrome L1 v2.0.0 |
1.13 Ensure 'Disable saving browser history' is set to 'Disabled' | Windows | CIS Google Chrome L1 v2.1.0 |
2.1 Ensure that Azure Defender is set to On for Servers | microsoft_azure | CIS Microsoft Azure Foundations v1.3.1 L2 |
2.2 Ensure that Azure Defender is set to On for App Service | microsoft_azure | CIS Microsoft Azure Foundations v1.3.1 L2 |
2.3 Ensure that Azure Defender is set to On for Azure SQL database servers | microsoft_azure | CIS Microsoft Azure Foundations v1.3.1 L2 |
2.4 Ensure that Azure Defender is set to On for SQL servers on machines | microsoft_azure | CIS Microsoft Azure Foundations v1.3.1 L2 |
2.5 Ensure that Azure Defender is set to On for Storage | microsoft_azure | CIS Microsoft Azure Foundations v1.3.1 L2 |
2.6 Ensure that Azure Defender is set to On for Kubernetes | microsoft_azure | CIS Microsoft Azure Foundations v1.3.1 L2 |
2.7 Ensure that Azure Defender is set to On for Container Registries | microsoft_azure | CIS Microsoft Azure Foundations v1.3.1 L2 |
2.8 Ensure that Azure Defender is set to On for Key Vault | microsoft_azure | CIS Microsoft Azure Foundations v1.3.1 L2 |
2.9 Ensure 'Allow download restrictions' is set to 'Enabled: Block dangerous downloads' | Windows | CIS Google Chrome L1 v2.1.0 |
2.9 Ensure that Windows Defender ATP (WDATP) integration with Security Center is selected | microsoft_azure | CIS Microsoft Azure Foundations v1.3.1 L2 |
2.10 Ensure that Microsoft Cloud App Security (MCAS) integration with Security Center is selected | microsoft_azure | CIS Microsoft Azure Foundations v1.3.1 L2 |
2.12 Automatic Actions for Optical Media | Unix | CIS Apple macOS 10.15 v1.3.0 L1 |
2.12 Automatic Actions for Optical Media | Unix | CIS Apple macOS 10.15 v1.4.0 L1 |
2.12 Automatic Actions for Optical Media | Unix | CIS Apple macOS 11 v1.1.0 L1 |
2.12 Automatic Actions for Optical Media | Unix | CIS Apple macOS 11 v1.2.0 L1 |
2.12 Automatic Actions for Optical Media | Unix | CIS Apple macOS 10.14 v1.4.0 L1 |
2.12 Automatic Actions for Optical Media | Unix | CIS Apple macOS 10.14 v1.3.0 L1 |
2.14 Ensure 'Allow download restrictions' is set to 'Enabled' with 'Block dangerous downloads' specified. | Windows | CIS Google Chrome L1 v2.0.0 |
2.15 Ensure 'Disable proceeding from the Safe Browsing warning page' is set to 'Enabled' | Windows | CIS Google Chrome L1 v2.0.0 |
4.2 Ensure 'Applications and Threats Update Schedule' is set to download and install updates at daily or shorter intervals | Palo_Alto | CIS Palo Alto Firewall 9 v1.1.0 L1 |
4.2 Ensure 'Applications and Threats Update Schedule' is set to download and install updates at daily or shorter intervals | Palo_Alto | CIS Palo Alto Firewall 10 v1.1.0 L1 |
5.1 Ensure that WildFire file size upload limits are maximized | Palo_Alto | CIS Palo Alto Firewall 10 v1.0.0 L1 |
5.1 Ensure that WildFire file size upload limits are maximized | Palo_Alto | CIS Palo Alto Firewall 11 v1.0.0 L1 |
5.1 Ensure that WildFire file size upload limits are maximized | Palo_Alto | CIS Palo Alto Firewall 8 Benchmark L1 v1.0.0 |
5.1 Ensure that WildFire file size upload limits are maximized | Palo_Alto | CIS Palo Alto Firewall 10 v1.1.0 L1 |
18.9.45.14 Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block' | Windows | CIS Microsoft Windows 10 Enterprise (Release 2004) v1.9.1 L1 + BL |
18.9.45.14 Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block' | Windows | CIS Microsoft Windows 10 Enterprise (Release 2004) v1.9.1 L1 + BL + NG |
18.9.45.14 Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block' | Windows | CIS Microsoft Windows 10 Enterprise (Release 2004) v1.9.1 L1 + NG |
18.9.77.14 Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block' | Windows | CIS Microsoft Windows 10 Enterprise (Release 1809) v1.6.1 L1 + BL + NG |
18.9.77.14 Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block' | Windows | CIS Microsoft Windows 10 Enterprise (Release 1809) v1.6.1 L1 + NG |
18.9.77.14 Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block' | Windows | CIS Microsoft Windows 10 Enterprise (Release 1903) v1.7.1 L1 |
18.9.77.14 Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block' | Windows | CIS Microsoft Windows 10 Enterprise (Release 1909) v1.8.1 L1 |
18.9.77.14 Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block' | Windows | CIS Microsoft Windows 10 Enterprise (Release 1903) v1.7.1 L1 + BL + NG |
18.9.77.14 Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block' | Windows | CIS Microsoft Windows 10 Enterprise (Release 1909) v1.8.1 L1 + BL + NG |
18.9.77.14 Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block' | Windows | CIS Microsoft Windows 10 Enterprise (Release 1809) v1.6.1 L1 |
18.9.77.14 Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block' | Windows | CIS Microsoft Windows 10 Enterprise (Release 1903) v1.7.1 L1 + BL |
18.9.77.14 Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block' | Windows | CIS Microsoft Windows 10 Enterprise (Release 1903) v1.7.1 L1 + NG |
18.9.77.14 Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block' | Windows | CIS Microsoft Windows 10 Enterprise (Release 1909) v1.8.1 L1 + BL |
18.9.77.14 Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block' | Windows | CIS Microsoft Windows 10 Enterprise (Release 1909) v1.8.1 L1 + NG |
18.9.77.14 Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block' | Windows | CIS Microsoft Windows 10 Enterprise (Release 1809) v1.6.1 L1 + BL |