Elgato_dark/fleet
1
0
Fork 0
mirror of https://github.com/fleetdm/fleet synced 2026-05-24 09:28:54 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 30

Update standard-query-library.yml (#7486)

Browse source
This commit is contained in:
Guillaume Ross 2022-08-31 13:45:45 -04:00 committed by GitHub
parent 8c017c3ef0
commit 6833114328
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 12 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
docs/01-Using-Fleet/standard-query-library/standard-query-library.yml
View file

@ -918,4 +918,16 @@ spec:
platforms: macOS
tags: compliance, CIS, CIS6.1.4
platform: darwin
contributors: GuillaumeRoss
---
apiVersion: v1
kind: policy
spec:
name: No 1Password emergency kit stored on desktop or in downloads (macOS)
query: SELECT 1 WHERE NOT EXISTS (SELECT 1 FROM file WHERE filename like '%%Emergency Kit%%.pdf' AND (path LIKE '/Users/%%/Downloads/%%' OR path LIKE '/Users/%%/Desktop/%%'));
description: "Looks for PDF files with file names typically used by 1Password for emergency recovery kits."
resolution: "Delete 1Password emergency kits from your computer, and empty the trash. 1Password emergency kits should only be printed and stored in a physically secure location."
platforms: macOS
tags: compliance, built-in
platform: darwin
contributors: GuillaumeRoss