[BESAdmin-Announcements] BigFix Compliance: Updated CIS Checklist for MacOS 15, published 2025-08-12

Announcements for BES Administrators besadmin-announcements at bigmail.bigfix.com
Wed Aug 13 07:26:19 PDT 2025 

*Product:*

BigFix Compliance

*Title:*
Updated CIS Checklist for MacOS 15 to support a more recent version of the
benchmark

*Security Benchmark:*
CIS Apple macOS 15.0 Sequoia Benchmark, v1.1.0

*Published Sites:*
CIS Checklist for MacOS 15, site version 6
(The site version is provided for air-gap customers.)

*Details:*

●      Total New Fixlets: 10

●      Total Updated Fixlets:7

●      Total Deleted Fixlets: 3

●      Total Fixlets in Site: 105



●      New Fixlets:

2.1.1.2    Audit iCloud Drive

2.5.1.1    Ensure External Intelligence Extensions Is Disabled

2.5.1.2    Ensure Writing Tools Is Disabled

2.5.1.3    Ensure Mail Summarization Is Disabled

2.5.1.4    Ensure Notes Summarization Is Disabled

2.5.2.1    Ensure Siri Is Disabled

2.9.1       Ensure Help Apple Improve Search Is Disabled

2.14.1     Audit Game Center Settings

5.10        Ensure XProtect Is Running and Updated

6.3.10     Ensure Show Status Bar Is Enabled



●      Updated Fixlets:

2.11.1      Ensure an Inactivity Interval of 20 Minutes Or Less for the
Screen Saver Is Enabled

2.10.1.2   Ensure Sleep and Display Sleep Is Enabled on Apple Silicon
Devices

4.3           Ensure NFS Server Is Disabled

5.2.2        Ensure Password Minimum Length Is Configured

5.1.7        Ensure No World Writable Folders Exist in the Library Folder

5.2.8        Ensure Password History Is Configured

5.7           Ensure an Administrator Account Cannot Login to Another
User's Active and Locked Session



●      Deleted Fixlets:

1.2          Ensure Auto Update Is Enabled

2.5.1       Audit Siri Settings

2.3.3.1    Ensure DVD or CD Sharing Is Disabled



●      Both analysis and remediation checks are included

●      Some of the checks allow you to use the parameterized setting to
enable customization for compliance evaluation. Note that parameterization
and remediation actions require the creation of a custom site.

*Actions to take:*

●       To subscribe to the above site, you can use the License Overview
Dashboard to enable and gather the site. Note that you must be entitled to
the BigFix Compliance product, and you must be using BigFix version 11 and
later.

●       If you use custom sites, update your custom sites accordingly to
use the latest content. You can synchronize your content by using the
Synchronize Custom Checks wizard. For more information, see
https://help.hcl-software.com/bigfix/11.0/compliance/Compliance/SCM_Users_Guide/c_using_synchronize_custom_checks_wiz.html

*More information:*
To know more about the BigFix Compliance SCM checklists, please see the
following resources:

●       BigFix Forum:
https://forum.bigfix.com/c/release-announcements/compliance

●       BigFix Compliance SCM Checklists:
https://bigfix-wiki.hcltechsw.com/wikis/home?lang=en-us#!/wiki/BigFix%20Wiki/page/SCM%20Checklists

We hope you find this latest release of SCM content useful and effective.
Thank you!
*– The BigFix Compliance team*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://bigmail.bigfix.com/pipermail/besadmin-announcements/attachments/20250813/85322323/attachment.html>

More information about the Besadmin-announcements mailing list