Mozilla Firefox Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
The installed version of Firefox must be supported.
Using versions of an application that are not supported by the vendor is not permitted. Vendors respond to security flaws with updates and patches. These updates are not available for unsupported v...Rule High Severity -
Firefox must be configured to not use a password store with or without a master password.
Firefox can be set to store passwords for sites visited by the user. These individual passwords are stored in a file and can be protected by a master password. Autofill of the password can then be ...Rule Medium Severity -
Firefox must be configured to disable the installation of extensions.
A browser extension is a program that has been installed into the browser to add functionality. Where a plug-in interacts only with a web page and usually a third-party external application (e.g., ...Rule Medium Severity -
Firefox development tools must be disabled.
Information needed by an attacker to begin looking for possible vulnerabilities in a web browser includes any information about the web browser and plug-ins or modules being used. When debugging or...Rule Low Severity -
Firefox fingerprinting protection must be enabled.
The Content Blocking/Tracking Protection feature stops Firefox from loading content from malicious sites. The content might be a script or an image, for example. If a site is on one of the tracker ...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules