mirror of
https://github.com/fleetdm/fleet
synced 2026-05-19 23:18:51 +00:00
4f2daf2368
All edited YAML files were ran through a YAML syntax check before before committed. **macOS-13** - UPDATED: "3.5 - Ensure Access to Audit Records Is Controlled" Description and Resolution. Query did not change. - ADDED: "5.10 - Ensure XProtect Is Running and Updated" Checking for updated is actually handled via a different query. **macOS-14** - UPDATED: "3.5 - Ensure Access to Audit Records Is Controlled" Description and Resolution. Query did not change. - ADDED: "5.10 - Ensure XProtect Is Running and Updated" Checking for updated is actually handled via a different query. **macOS-15** Initial version duplicated from macOS-14 queries, then the following changes were applied: - REMOVED: "3.6 - Ensure Firewall Logging Is Enabled and Configured" The following controls were not added, further research on how to check them with osquery is required: - 2.6.3.1 - 2.6.3.5 and 2.7.2: I am not sure how we can accomplish this. - "5.11 - Ensure Logging Is Enabled For Sudo" I believe this one can be accomplished through the file_lines table --------- Co-authored-by: Sharon Katz <121527325+sharon-fdm@users.noreply.github.com> Co-authored-by: Sharon Katz <sharon@fleetdm.com>
1 line
74 B
Text
1 line
74 B
Text
* Updated macos 13, 14 per latest CIS documents. Added macos 15 support.
|