usnistgov/macos_security
1
0
Fork 0
mirror of https://github.com/usnistgov/macos_security.git synced 2026-03-18 06:32:12 +00:00
Code Issues 21 Actions Packages Projects Releases Wiki Activity
1,220 Commits 29 Branches 61 Tags
1fe9ea2eac366f8374249fecee6c557ca29cadbb
Commit Graph

666 Commits

Author SHA1 Message Date
Bob Gendler
9599b42974 added CCEs 2023-09-21 15:22:31 -04:00
Bob Gendler
da12659012 last minute CIS additions 2023-09-21 15:08:31 -04:00
Bob Gendler
1600b973bb changed in macOS 11 to in macOS 2023-09-21 14:50:45 -04:00
Bob Gendler
937fd9aae8 Updated title 2023-09-21 11:13:23 -04:00
Bob Gendler
6f27ac219c removed touch to blank audit_control 2023-09-20 20:35:28 -04:00
Bob Gendler
c4d28b1350 refactor[rules] auditd check/fix update 2023-09-20 16:09:20 -04:00
Bob Gendler
894f99dc83 refactor[rules] audit_auditd_enabled fix 
Updated auditd fix to no longer require a restart to start the
auditd service.
 2023-09-20 16:02:28 -04:00
Bob Gendler
06e9c53a07 cnssi-1253 tags added 2023-09-20 14:37:32 -04:00
Bob Gendler
7bec67dd1f resync with dev_sonoma 2023-09-20 13:52:06 -04:00
Bob Gendler
8ba1987b9f refactor[rules] CIS re-numbering 
Updated CIS benchmark numbers
 2023-09-20 13:45:39 -04:00
mahlmanj
cbf3cfe65c Updateing baselines with new rule 2023-09-19 15:51:11 -04:00
mahlmanj
3d6b52d193 Adding os_account_modification_disable 2023-09-19 15:51:00 -04:00
mahlmanj
19b76b02e1 Syncing level 1 baseline (and updates) 2023-09-19 15:27:24 -04:00
Bob Gendler
adb21421fc CCEs added 2023-09-19 14:30:13 -04:00
Bob Gendler
ee21b093cb refactor[rules] Modified and removed 
Removed rules that are STIG only since no DISA STIG exists
for macOS Sonoma yet.

Updated system_settings_location_services_menu_enforce

Updated changelog
 2023-09-18 21:24:40 -04:00
Bob Gendler
08e11c9575 removed test tag and removed cce 2023-09-15 15:08:18 -04:00
Bob Gendler
3c6dc2955c refactor[rules] pwpolicy update 
Removed baseline tags from pwpolicy_lower_case_character_enforce and pwpolicy_upper_case_character_enforce

Updated note to point to pwplicy_custom_regex_enfroce
 2023-09-15 14:35:35 -04:00
Bob Gendler
20451f6fab refactor[rules] new sonoma rules added 
Added custom regex password policy rule
added rule for account modification
 2023-09-15 14:18:47 -04:00
Bob Gendler
44fc5a78cd cis additions 2023-09-14 16:08:09 -04:00
Dan Brodjieski
5acbdbd21e chore: clean up extraneous trailing whitespace 2023-09-14 14:21:06 -04:00
Allen Golbig
24de5b35b5 removed os_efi_integrity_validated 2023-09-13 11:44:59 -04:00
mahlmanj
889de402ab CMMC Sonoma dev branch. Unaltered baselines. 2023-09-12 15:27:56 -04:00
Bob Gendler
e5fb336bdb refactor[rules] CCEs added 
Added NIST issued CCEs to all rule files
 2023-09-09 14:43:51 -04:00
Bob Gendler
3e7f2fa1b3 refactor[rules] Fixed misspelling 
Issue #297
 2023-09-07 12:53:27 -04:00
Bob Gendler
40e4f147ca Added ODV in more places 2023-08-30 12:22:24 -04:00
Bob Gendler
e3d0cb1fd6 refactor[rules] added ODV variable 2023-08-30 12:21:05 -04:00
Bob Gendler
c390ebe75f refactor[rules] Added rule using new regex 
Regex mobileconfig profile added for lower and
upper case character enforce.
 2023-08-30 12:17:58 -04:00
Allen Golbig
ef77483090 fixed missing deprecation msg 2023-08-16 15:30:00 -04:00
Bob Gendler
351c94cf83 refactor[rules/templates] Matched with Ventura 
Merged new commits that have been merged into Ventura since
dev_sonoma was created.
 2023-08-14 14:45:35 -04:00
mahlmanj
ea7f196369 Addressing issue #282 2023-08-08 15:14:30 -04:00
Bob Gendler
72cca760d4 refactor[rules] Added 2 rules 
Added rule to configure unusedconnectiontimeout and channeltimeout
in sshd. These are new options in openssh 9.3

Issue #278
 2023-08-07 14:21:39 -04:00
Bob Gendler
2e76ebfbe4 refactor[rules] Added none tag to old stig rules 
Added none tag to STIG rules that had no other tag
 2023-08-04 09:48:26 -04:00
Bob Gendler
901d01dd33 refactor[rules] Updated sshd rules 
Updated sshd -T rules to use sshd -G available in
OpenSSH 9.3p1

Issue #278
 2023-08-02 10:10:14 -04:00
Bob Gendler
206884b723 removed stig tag 2023-08-01 14:21:15 -04:00
Bob Gendler
6d76bc5de6 refactor[rules] new and revised 14.0 rules 
Changed siri_disable to new key
Added freefrom rule, on device dictation rule, and filevault setup assistant
 2023-08-01 14:19:00 -04:00
Bob Gendler
a3ce45a986 refactor[rules] removed CCE and disa stig controls 2023-08-01 13:50:01 -04:00
Allen Golbig
1e58ca2ebc refactor[rule] removed stiff supplemental 
removed stig supplemental
 2023-07-13 22:27:41 -04:00
Allen Golbig
c396f18b24 feat[baseline] dev_sonoma 
dev_sonoma
 2023-07-13 22:17:34 -04:00
Bob Gendler
df39606a2b recfactor[rule] Mispelling 
Issue #270
 2023-06-26 10:42:58 -04:00
Bob Gendler
d00bb1a4c3 refactor[rules/scripts] Added CCEs, removed tags 
Added try except blocks in generate_scap to prevent crashes

Added CCEs
Removed double tags
 2023-06-22 14:52:57 -04:00
Bob Gendler
7f549f7280 removed spaces 2023-06-22 13:10:14 -04:00
Bob Gendler
6105b6e144 tag issue resolved 2023-06-22 13:07:43 -04:00
Bob Gendler
85e2d68fe4 [refactor] rules, baselines, includes 
Added cnssi and disa stig to mscp-data.yaml
Generated updated baseline files
Fixed merge issue with audit_files_owner_configure
 2023-06-22 13:01:59 -04:00
Bob Gendler
e02209c0e6 Removed old cnssi tag 2023-06-22 12:51:58 -04:00
Bob Gendler
9fccb44c5d Merge branch 'dev_ventura_stig' into ventura 2023-06-22 12:47:18 -04:00
Bob Gendler
fc9d45b03c Merge branch 'dev_ventura_cmmc' into ventura 2023-06-22 12:23:41 -04:00
Bob Gendler
e5cc08a9cd Merge branch 'dev_ventura_cnssi' into ventura 2023-06-22 11:21:55 -04:00
Bob Gendler
006a27574a updated grep path 2023-06-20 12:12:06 -04:00
Bob Gendler
6d16dcf1d2 Merge branch 'dev_ventura_issue201' into ventura 2023-06-20 12:07:04 -04:00
Bob Gendler
201e16860c Merge branch 'dev_ventura_issue258' into ventura 2023-06-20 11:52:30 -04:00