| 1.11 Ensure that all users granted the ACCOUNTADMIN role have an email address assigned | CIS Snowflake Foundations v1.0.0 L1 | Snowflake | ACCESS CONTROL |
| 1.208 WN19-SO-000010 | CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II | Windows | ACCESS CONTROL |
| 1.208 WN19-SO-000010 | CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II | Windows | ACCESS CONTROL |
| 1.210 WN19-SO-000030 | CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II | Windows | ACCESS CONTROL |
| 1.211 WN19-SO-000040 | CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II | Windows | ACCESS CONTROL |
| 2.1.1.1.5 Set maximimum value for 'ip ssh authentication-retries' | CIS Cisco IOS 12 L1 v4.0.0 | Cisco | ACCESS CONTROL |
| 2.2 Disable/Modify Default Accts - 'security.passwd.rootaccess.enable = off' | TNS NetApp Data ONTAP 7G | NetApp | ACCESS CONTROL |
| 2.2.17 Ensure 'PDB_OS_CREDENTIAL' is NOT null | CIS Oracle Server 18c DB Unified Auditing v1.1.0 | OracleDB | ACCESS CONTROL |
| 2.2.17 Ensure 'PDB_OS_CREDENTIAL' is NOT null | CIS Oracle Server 19c DB Traditional Auditing v1.2.0 | OracleDB | ACCESS CONTROL |
| 3.2 - Default Accounts - Review default accounts | NetApp Security Hardening Guide for ONTAP 9 v1.7.0 | Netapp_API | ACCESS CONTROL |
| 3.3 Ensure 'PASSWORD_LIFE_TIME' Is Less than or Equal to '90' | CIS Oracle Server 19c DB Traditional Auditing v1.2.0 | OracleDB | ACCESS CONTROL |
| 4.2.20 Ensure SSH LoginGraceTime is set to one minute or less | CIS Debian 10 Workstation L1 v2.0.0 | Unix | ACCESS CONTROL |
| 5.1.5 Ensure an Inventory of user accounts is established and maintained | CIS IBM AIX 7 v1.1.0 L1 | Unix | ACCESS CONTROL |
| 5.3.2 (L1) Ensure 'Access reviews' for Guest Users are configured | CIS Microsoft 365 Foundations v5.0.0 L1 E5 | microsoft_azure | ACCESS CONTROL |
| 5.3.3 (L1) Ensure 'Access reviews' for privileged roles are configured | CIS Microsoft 365 Foundations v5.0.0 L1 E5 | microsoft_azure | ACCESS CONTROL |
| 5.5 NFS - 'wafl.nt_admin_priv_map_to_root = on' | TNS NetApp Data ONTAP 7G | NetApp | ACCESS CONTROL |
| 6.1.4 Disable 'Allow guests to connect to shared folders' - SMB Sharing | CIS Apple macOS 10.12 L1 v1.2.0 | Unix | ACCESS CONTROL |
| 6.1.4 Disable 'Allow guests to connect to shared folders' - SMB Sharing | CIS Apple macOS 10.13 L1 v1.1.0 | Unix | ACCESS CONTROL |
| 6.1.4 Disable 'Allow guests to connect to shared folders' - SMB Sharing | CIS Apple OSX 10.11 El Capitan L1 v1.1.0 | Unix | ACCESS CONTROL |
| 6.1.4 Disable 'Allow guests to connect to shared folders' - SMB Sharing | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | ACCESS CONTROL |
| 6.1.5 Remove Guest home folder | CIS Apple macOS 10.13 L1 v1.1.0 | Unix | ACCESS CONTROL |
| 6.1.5 Remove Guest home folder | CIS Apple macOS 10.12 L1 v1.2.0 | Unix | ACCESS CONTROL |
| 6.1.5 Remove Guest home folder | CIS Apple OSX 10.11 El Capitan L1 v1.1.0 | Unix | ACCESS CONTROL |
| 7.2.11 (L1) Ensure the SharePoint default sharing link permission is set | CIS Microsoft 365 Foundations v5.0.0 L1 E3 | microsoft_azure | ACCESS CONTROL |
| 8.2.3 (L1) Ensure external Teams users cannot initiate conversations | CIS Microsoft 365 Foundations v5.0.0 L1 E3 | microsoft_azure | ACCESS CONTROL |
| 8.5.1 (L2) Ensure anonymous users can't join a meeting | CIS Microsoft 365 Foundations v5.0.0 L2 E5 | microsoft_azure | ACCESS CONTROL |
| 8.5.2 (L1) Ensure anonymous users and dial-in callers can't start a meeting | CIS Microsoft 365 Foundations v5.0.0 L1 E3 | microsoft_azure | ACCESS CONTROL |
| 8.5.2 (L1) Ensure anonymous users and dial-in callers can't start a meeting | CIS Microsoft 365 Foundations v5.0.0 L1 E5 | microsoft_azure | ACCESS CONTROL |
| 8.5.4 (L1) Ensure users dialing in can't bypass the lobby | CIS Microsoft 365 Foundations v5.0.0 L1 E5 | microsoft_azure | ACCESS CONTROL |
| 8.5.5 (L2) Ensure meeting chat does not allow anonymous users | CIS Microsoft 365 Foundations v5.0.0 L2 E3 | microsoft_azure | ACCESS CONTROL |
| 8.5.7 (L1) Ensure external participants can't give or request control | CIS Microsoft 365 Foundations v5.0.0 L1 E3 | microsoft_azure | ACCESS CONTROL |
| 8.5.7 (L1) Ensure external participants can't give or request control | CIS Microsoft 365 Foundations v5.0.0 L1 E5 | microsoft_azure | ACCESS CONTROL |
| Account Management - Review account groups assigned to 'netadmin' | Tenable Cisco Viptela SD-WAN - vEdge | Cisco_Viptela | ACCESS CONTROL |
| Account Management - Review account groups assigned to 'netadmin' | Tenable Cisco Viptela SD-WAN - vSmart | Cisco_Viptela | ACCESS CONTROL |
| Big Sur - Disable Guest Access to Shared SMB Folders | NIST macOS Big Sur v1.4.0 - 800-171 | Unix | ACCESS CONTROL |
| Big Sur - Disable Guest Access to Shared SMB Folders | NIST macOS Big Sur v1.4.0 - 800-53r4 Moderate | Unix | ACCESS CONTROL |
| Big Sur - Disable Guest Access to Shared SMB Folders | NIST macOS Big Sur v1.4.0 - 800-53r5 Low | Unix | ACCESS CONTROL |
| Brocade - administrator account is enabled with admin role assigned | Tenable Best Practices Brocade FabricOS | Brocade | ACCESS CONTROL |
| Brocade - Review Enabled Accounts | Tenable Best Practices Brocade FabricOS | Brocade | ACCESS CONTROL |
| Fortigate - Admin SCP - 'disabled' | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | ACCESS CONTROL |
| Fortigate - Ensure default admin usernames are not used | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | ACCESS CONTROL |
| Monterey - Disable Guest Access to Shared SMB Folders | NIST macOS Monterey v1.0.0 - 800-171 | Unix | ACCESS CONTROL |
| Monterey - Disable Guest Access to Shared SMB Folders | NIST macOS Monterey v1.0.0 - All Profiles | Unix | ACCESS CONTROL |
| Review the list of Current Rackspace Users | Tenable Best Practices RackSpace v2.0.0 | Rackspace | ACCESS CONTROL |
| Review the list of Rackspace Tenants | Tenable Best Practices RackSpace v2.0.0 | Rackspace | ACCESS CONTROL |
| Review Users per Rackspace Database Instance | Tenable Best Practices RackSpace v2.0.0 | Rackspace | ACCESS CONTROL |
| Salesforce.com : Monitoring Login History - 'Inactive System Administrators' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | ACCESS CONTROL |
| Salesforce.com : Monitoring Login History - 'No users are frozen' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | ACCESS CONTROL |
| Salesforce.com : Monitoring Login History - 'No users are password locked' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | ACCESS CONTROL |
| Salesforce.com : Setting Session Security - 'PermissionsPasswordNeverExpires = true' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | ACCESS CONTROL |
