| 1.12 Ensure host-based intrusion detection tool is used | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.12 Ensure host-based intrusion detection tool is used - mcafeetp package | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.12 Ensure host-based intrusion detection tool is used - mfetpd process | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 2.1.4 Ensure 'SECURE_REGISTER_' Is Set to 'TCPS' or 'IPC' | CIS Oracle Server 18c Linux v1.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.1.4 Ensure 'SECURE_REGISTER_' Is Set to 'TCPS' or 'IPC' | CIS Oracle Server 18c Windows v1.1.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.1.4 Ensure 'SECURE_REGISTER_' Is Set to 'TCPS' or 'IPC' | CIS Oracle Server 12c Windows v3.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.1.4 Ensure 'SECURE_REGISTER_' Is Set to 'TCPS' or 'IPC' | CIS Oracle Server 12c Linux v3.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2.4 Ensure 'LOCAL_LISTENER' Is Set Appropriately | CIS Oracle Server 11g R2 DB v2.2.0 | OracleDB | |
| 4.2.3 Enable Outbreak Prevention Database | CIS Fortigate 7.0.x v1.3.0 L2 | FortiGate | SYSTEM AND INFORMATION INTEGRITY |
| 4.2.4 Enable AI /heuristic based malware detection | CIS Fortigate 7.0.x v1.3.0 L2 | FortiGate | SYSTEM AND INFORMATION INTEGRITY |
| 4.2.6 Ensure inline scanning with FortiGuard AI-Based Sandbox Service is enabled | CIS Fortigate 7.0.x v1.3.0 L1 | FortiGate | SYSTEM AND INFORMATION INTEGRITY |
| 5.9 Ensure XProtect Is Running and Updated | CIS Apple macOS 13.0 Ventura Cloud-tailored v1.1.0 L1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 5.9 Ensure XProtect Is Running and Updated | CIS Apple macOS 15.0 Sequoia Cloud-tailored v1.0.0 L1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 5.9 Ensure XProtect Is Running and Updated | CIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 5.10 Ensure XProtect Is Running and Updated | CIS Apple macOS 14.0 Sonoma v2.1.0 L1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 5.10 Ensure XProtect Is Running and Updated | CIS Apple macOS 15.0 Sequoia v1.1.0 L1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 5.11 Ensure XProtect Is Running and Updated | CIS Apple macOS 13.0 Ventura v3.1.0 L1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 5.11 Ensure XProtect Is Running and Updated | CIS Apple macOS 12.0 Monterey Cloud-tailored v1.1.0 L1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 5.11 Ensure XProtect Is Running and Updated | CIS Apple macOS 12.0 Monterey v4.0.0 L1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 5.11 Ensure XProtect Is Running and Updated | CIS Apple macOS 11.0 Big Sur v4.0.0 L1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 6.2 Ensure a secure antivirus profile is applied to all relevant security policies | CIS Palo Alto Firewall 8 Benchmark L1 v1.0.0 | Palo_Alto | SYSTEM AND INFORMATION INTEGRITY |
| CASA-FW-000150 - The Cisco ASA must be configured to enable threat detection to mitigate risks of denial-of-service (DoS) attacks. | DISA STIG Cisco ASA FW v2r1 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CASA-FW-000220 - The Cisco ASA must be configured to implement scanning threat detection. | DISA STIG Cisco ASA FW v2r1 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CIS VMware ESXi 6.5 v1.0.0 Level 2 | CIS VMware ESXi 6.5 v1.0.0 Level 2 | VMware | |
| DISA_STIG_McAfee_VirusScan_8.8_Local_Client_v6r1.audit from DISA McAfee VirusScan 8.8 Local Client v6r1 STIG | DISA McAfee VirusScan 8.8 Local Client STIG v6r1 | Windows | |
| DISA_STIG_McAfee_VirusScan_8.8_Managed_Client_v6r1.audit from DISA McAfee VirusScan 8.8 Managed Client Security Technical implementation Guide v6r1 STIG | DISA McAfee VirusScan 8.8 Managed Client STIG v6r1 | Windows | |
| DTAM138 - McAfee VirusScan Access Protection Policies must be configured to prevent McAfee services from being stopped. | DISA McAfee VirusScan 8.8 Managed Client STIG v6r1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| DTAM138 - McAfee VirusScan Access Protection Rules must be configured to prevent McAfee services from being stopped. | DISA McAfee VirusScan 8.8 Local Client STIG v6r1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| DTAM165 - McAfee VirusScan On-Access Scanner All Processes settings must be configured to detect unwanted programs. | DISA McAfee VirusScan 8.8 Local Client STIG v6r1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-000 - The McAfee VirusScan Enterprise for Linux Web interface must be disabled unless the system is on a segregated network. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | CONFIGURATION MANAGEMENT |
| DTAVSEL-301 - Access to the McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x Web UI must be enforced by firewall rules. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | CONFIGURATION MANAGEMENT |
| EX13-MB-000265 - Exchange servers must have an approved DoD email-aware virus protection software installed. | DISA Microsoft Exchange 2013 Mailbox Server STIG v2r3 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| EX16-MB-000530 - Exchange servers must have an approved DoD email-aware virus protection software installed. | DISA Microsoft Exchange 2016 Mailbox Server STIG v2r6 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| EX19-MB-000134 - Exchange servers must have an approved DOD email-aware virus protection software installed. | DISA Microsoft Exchange 2019 Mailbox Server STIG v2r2 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| FireEye - Binary analysis AV-suite is enabled | TNS FireEye | FireEye | SYSTEM AND INFORMATION INTEGRITY |
| FireEye - TNS Best Practices FireEye Audit | TNS FireEye | FireEye | |
| GEN006480 - The system must have a host-based intrusion detection tool installed. | DISA STIG for Oracle Linux 5 v2r1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| GEN006480 - The system must have a host-based intrusion detection tool installed. | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | SYSTEM AND INFORMATION INTEGRITY |
| JUSX-IP-000031 - The Juniper Networks SRX Series Gateway IDPS must either forward the traffic from inbound connections to be more deeply inspected for malicious code and Layer 7 threats, or the Antivirus and Unified Threat Management (UTM) license must be installed, active, and policies and rules configured. | DISA Juniper SRX Services Gateway IDPS v2r1 | Juniper | CONFIGURATION MANAGEMENT |
| RHEL-06-000020 - The system must use a Linux Security Module configured to enforce limits on system services. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | ACCESS CONTROL |
| RHEL-06-000285 - The system must have a host-based intrusion detection tool installed - hipclient process | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-06-000285 - The system must have a host-based intrusion detection tool installed - MFEhiplsm | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| SonicWALL - Client AV Enforcement On - DMZ | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND INFORMATION INTEGRITY |
| SonicWALL - Client AV Enforcement On - LAN | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND INFORMATION INTEGRITY |
| SonicWALL - Client AV Enforcement On - WLAN | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND INFORMATION INTEGRITY |
| SonicWALL - GAV ON - DMZ | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND INFORMATION INTEGRITY |
| SonicWALL - GAV ON - LAN | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND INFORMATION INTEGRITY |
| SonicWALL - GAV ON - WAN | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND INFORMATION INTEGRITY |
| SonicWALL - GAV ON - WLAN | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND INFORMATION INTEGRITY |
| TNS_BestPractice_Citrix_XenServer.audit from TNS Citrix XenServer Best Practices | TNS Citrix XenServer | Unix | |
