| 1.1 Remove extraneous files and directories - @APP_Config_catalogs@/webapps/examples | CIS Apache Tomcat 9 L2 v1.2.0 Middleware | Unix | CONFIGURATION MANAGEMENT |
| 1.1 Remove extraneous files and directories - /webapps/docs | CIS Apache Tomcat 9 L2 v1.2.0 Middleware | Unix | CONFIGURATION MANAGEMENT |
| 1.1 Remove extraneous files and directories - /webapps/host-manager | CIS Apache Tomcat 9 L2 v1.2.0 Middleware | Unix | CONFIGURATION MANAGEMENT |
| 1.1 Remove extraneous files and directories - /webapps/manager | CIS Apache Tomcat 9 L2 v1.2.0 Middleware | Unix | CONFIGURATION MANAGEMENT |
| 2.6 Disable Apache Service | CIS Oracle Solaris 11.4 L1 v1.1.0 | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.10 Disable Apache Service | CIS Solaris 11.1 L1 v1.0.0 | Unix | |
| 2.10 Disable Apache Service | CIS Solaris 11.2 L1 v1.1.0 | Unix | |
| 2.10 Disable Apache Service | CIS Solaris 11 L1 v1.1.0 | Unix | |
| 3.2 Disable the Shutdown port | CIS Apache Tomcat 9 L2 v1.2.0 Middleware | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.1 Use secure Realms | CIS Apache Tomcat 9 L2 v1.2.0 Middleware | Unix | ACCESS CONTROL |
| 7.1 Application specific logging | CIS Apache Tomcat 9 L2 v1.2.0 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| 7.1 Application specific logging | CIS Apache Tomcat 11 v1.0.0 L2 | Unix | AUDIT AND ACCOUNTABILITY |
| 7.1 Application specific logging | CIS Apache Tomcat 10.1 v1.1.0 L2 | Unix | AUDIT AND ACCOUNTABILITY |
| 7.1 Application specific logging | CIS Apache Tomcat 8 L2 v1.1.0 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| 7.1 Application specific logging | CIS Apache Tomcat 10 L2 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 7.1 Application specific logging | CIS Apache Tomcat 10 L2 v1.1.0 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| 7.1 Application specific logging | CIS Apache Tomcat 8 L2 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 7.2 Specify file handler in logging.properties files - check if java.util.logging.ConsoleHandler logging is enabled in web application | CIS Apache Tomcat 9 L1 v1.2.0 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| 7.2 Specify file handler in logging.properties files - check if org.apache.juli.FileHandler logging is enabled in default | CIS Apache Tomcat 9 L1 v1.2.0 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| 7.3 Ensure className is set correctly in context.xml | CIS Apache Tomcat 9 L2 v1.2.0 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| 7.4 Ensure directory in context.xml is a secure location - configuration | CIS Apache Tomcat 9 L1 v1.2.0 Middleware | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 9.1 Starting Tomcat with Security Manager | CIS Apache Tomcat 9 L1 v1.2.0 Middleware | Unix | CONFIGURATION MANAGEMENT |
| 9.2 Disabling auto deployment of applications | CIS Apache Tomcat 9 L2 v1.2.0 Middleware | Unix | CONFIGURATION MANAGEMENT |
| 9.3 Disable deploy on startup of applications | CIS Apache Tomcat 9 L2 v1.2.0 Middleware | Unix | CONFIGURATION MANAGEMENT |
| 10.15 Do not resolve hosts on logging valves | CIS Apache Tomcat 9 L2 v1.2.0 Middleware | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 10.18 Use the logEffectiveWebXml and metadata-complete settings for deploying applications in production - context.xml | CIS Apache Tomcat 9 L1 v1.2.0 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| 11.2 Ensure Apache Processes Run in the httpd_t Confined Context | CIS Apache HTTP Server 2.2 L2 v3.6.0 Middleware | Unix | ACCESS CONTROL |
| 11.2 Ensure Apache Processes Run in the httpd_t Confined Context - apachectl | CIS Apache HTTP Server 2.2 L2 v3.6.0 | Unix | ACCESS CONTROL |
| 11.2 Ensure Apache Processes Run in the httpd_t Confined Context - httpd | CIS Apache HTTP Server 2.2 L2 v3.6.0 | Unix | ACCESS CONTROL |
| AS24-U1-000900 - The Apache web server must remove all export ciphers to protect the confidentiality and integrity of transmitted information. | DISA STIG Apache Server 2.4 Unix Server v3r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| DISA_Microsoft_Windows_11_STIG_v2r3.audit from DISA Microsoft Windows 11 STIG v2r3 | DISA Microsoft Windows 11 STIG v2r3 | Windows | |
| DISA_STIG_Cisco_ASA_NDM_v2r2.audit from DISA Cisco ASA NDM v2r2 STIG | DISA STIG Cisco ASA NDM v2r2 | Cisco | |
| DISA_STIG_IBM_DB2_v10.5_LUW_v2r1_OS_Linux.audit from DISA IBM DB2 V10.5 LUW v2r1 STIG | DISA STIG IBM DB2 v10.5 LUW v2r1 OS Linux | Unix | |
| DISA_STIG_Microsoft_Access_2013_v1r7.audit from DISA Microsoft Access 2013 v1r7 STIG | DISA STIG Microsoft Access 2013 v1r7 | Windows | |
| DISA_STIG_Microsoft_Defender_Antivirus_v2r4.audit from DISA Microsoft Defender Antivirus v2r4 STIG | DISA STIG Microsoft Defender Antivirus v2r4 | Windows | |
| DISA_STIG_Microsoft_Excel_2013_v1r8.audit from DISA Microsoft Excel 2013 v1r8 STIG | DISA STIG Microsoft Excel 2013 v1r8 | Windows | |
| DISA_STIG_Microsoft_Excel_2016_v2r1.audit from DISA Microsoft Excel 2016 v2r1 STIG | DISA STIG Microsoft Excel 2016 v2r1 | Windows | |
| DISA_STIG_Microsoft_InfoPath_2013_v1r6.audit from DISA Microsoft InfoPath 2013 v1r6 STIG | DISA STIG Microsoft InfoPath 2013 v1r6 | Windows | |
| DISA_STIG_Microsoft_Outlook_2016_v2r3.audit from DISA Microsoft Outlook 2016 v2r3 STIG | DISA STIG Microsoft Outlook 2016 v2r3 | Windows | |
| DISA_STIG_Microsoft_PowerPoint_2010_v1r11.audit from DISA Microsoft PowerPoint 2010 v1r11 STIG | DISA STIG Office 2010 PowerPoint v1r11 | Windows | |
| DISA_STIG_Microsoft_PowerPoint_2013_v1r7.audit from DISA Microsoft PowerPoint 2013 v1r7 STIG | DISA STIG Microsoft PowerPoint 2013 v1r7 | Windows | |
| DISA_STIG_Microsoft_Project_2010_v1r10.audit from DISA Microsoft Project 2010 v1r10 STIG | DISA STIG Office 2010 Project v1r10 | Windows | |
| DISA_STIG_Microsoft_Project_2013_v1r5.audit from DISA Microsoft Project 2013 v1r5 STIG | DISA STIG Microsoft Project 2013 v1r5 | Windows | |
| DISA_STIG_Microsoft_Publisher_2010_v1r12.audit from DISA Microsoft Publisher 2010 v1r12 STIG | DISA STIG Office 2010 Publisher v1r12 | Windows | |
| DISA_STIG_Microsoft_Publisher_2013_v1r6.audit from DISA Microsoft Publisher 2013 v1r6 STIG | DISA STIG Microsoft Publisher 2013 v1r6 | Windows | |
| DISA_STIG_Microsoft_Word_2013_v1r7.audit from DISA Microsoft Word 2013 v1r7 STIG | DISA STIG Microsoft Word 2013 v1r7 | Windows | |
| DISA_STIG_Oracle_Linux_5_v2r1.audit from DISA Oracle Linux 5 v2r1 STIG | DISA STIG for Oracle Linux 5 v2r1 | Unix | |
| DISA_STIG_SharePoint_2013_v2r4.audit from DISA Microsoft SharePoint 2013 v2r4 STIG | DISA STIG SharePoint 2013 v2r4 | Windows | |
| DISA_STIG_Solaris_10_SPARC_v2r4.audit from DISA Solaris 10 SPARC v2r4 STIG | DISA STIG Solaris 10 SPARC v2r4 | Unix | |
| DISA_STIG_Solaris_11_SPARC_v3r1.audit from DISA Solaris 11 SPARC v3r1 STIG | DISA STIG Solaris 11 SPARC v3r1 | Unix | |
