A file that is used to implement all, or some, of a benchmark. Many benchmarks have 1 or more audits to cover different configuration profiles or different targeted platforms.
A document from a compliance authority that dictates a configuration for a secure posture of a targeted platform. CIS Benchmark, DISA STIG.
An implementation of a recommendation from a source authority benchmark.
An authority that provides prescriptive security guidance. Common authorities are CIS and DISA.
Regulatory, industry, and framework identifiers. Examples include NIST, PCI, and HIPAA
A version of the guidance provided by the source authority.
A revision of the Tenable audit file.