| 1.1.1.1 Ensure mounting of cramfs filesystems is disabled | CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 1.1.1.3 Ensure mounting of udf filesystems is disabled | CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 1.1.3 Ensure noexec option set on /tmp partition | CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 1.1.7 Ensure noexec option set on /dev/shm partition | CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT, MEDIA PROTECTION, SYSTEM AND SERVICES ACQUISITION |
| 1.1.8 Ensure nodev option set on /dev/shm partition | CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.1.14 Ensure /var/tmp partition includes the nosuid option | CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT, MEDIA PROTECTION, SYSTEM AND SERVICES ACQUISITION |
| 1.2.3 Ensure gpgcheck is globally activated | CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation | Unix | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 1.5.2 Ensure XD/NX support is enabled | CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.6.1.2 Ensure SELinux is not disabled in bootloader configuration | CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.7.7 Ensure permissions on /etc/issue.net are configured | CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 2.1.1 Ensure xinetd is not installed | CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 2.2.4 Ensure CUPS Server is not enabled | CIS Distribution Independent Linux Server L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.3.2 Ensure rsh client is not installed | CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 3.2.1 Ensure IP forwarding is disabled | CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 3.3.1 Ensure source routed packets are not accepted | CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 3.3.7 Ensure bogus ICMP responses are ignored | CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 3.5.1.4 Ensure firewalld service enabled and running | CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.5.1.5 Ensure firewalld default zone is set | CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.5.1.6 Ensure network interfaces are assigned to appropriate zone | CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.5.2.5 Ensure an nftables table exists | CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.5.2.8 Ensure nftables outbound and established connections are configured | CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.27 (L1) Ensure 'Telnet (TlntSvr)' is set to 'Disabled' or 'Not Installed' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | CONFIGURATION MANAGEMENT |
| 5.27 Ensure 'Telnet (TlntSvr)' is set to 'Disabled' or 'Not Installed' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | CONFIGURATION MANAGEMENT |
| 5.28 (L2) Ensure 'Server (LanmanServer)' is set to 'Disabled' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L2 BL NG | Windows | CONFIGURATION MANAGEMENT |
| 5.28 (L2) Ensure 'Server (LanmanServer)' is set to 'Disabled' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L2 NG | Windows | CONFIGURATION MANAGEMENT |
| 5.28 (L2) Ensure 'Server (LanmanServer)' is set to 'Disabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L2 BL NG | Windows | CONFIGURATION MANAGEMENT |
| 6.5.1 (L1) Host SSH daemon, if enabled, must use FIPS 140-2/140-3 validated ciphers | CIS VMware ESXi 8.0 v1.2.0 L1 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.11 (L1) Ensure 'Audit Other Logon Logoff Events' is set to 'Success and Failure' | CIS Microsoft Intune for Windows 10 v4.0.0 L1 | Windows | AUDIT AND ACCOUNTABILITY |
| 6.11 (L1) Ensure 'Audit Other Logon Logoff Events' is set to 'Success and Failure' | CIS Microsoft Intune for Windows 11 v4.0.0 L1 | Windows | AUDIT AND ACCOUNTABILITY |
| 17.5.4 (L1) Ensure 'Audit Other Logon/Logoff Events' is set to 'Success and Failure' | CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1 | Windows | AUDIT AND ACCOUNTABILITY |
| 17.5.4 (L1) Ensure 'Audit Other Logon/Logoff Events' is set to 'Success and Failure' | CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1 | Windows | AUDIT AND ACCOUNTABILITY |
| 17.5.5 (L1) Ensure 'Audit Other Logon/Logoff Events' is set to 'Success and Failure' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 | Windows | AUDIT AND ACCOUNTABILITY |
| 17.5.5 (L1) Ensure 'Audit Other Logon/Logoff Events' is set to 'Success and Failure' | CIS Microsoft Windows Server 2019 Stand-alone v3.0.0 L1 MS | Windows | AUDIT AND ACCOUNTABILITY |
| 17.5.5 (L1) Ensure 'Audit Other Logon/Logoff Events' is set to 'Success and Failure' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL | Windows | AUDIT AND ACCOUNTABILITY |
| 17.5.5 (L1) Ensure 'Audit Other Logon/Logoff Events' is set to 'Success and Failure' | CIS Microsoft Windows Server 2016 v4.0.0 L1 MS | Windows | AUDIT AND ACCOUNTABILITY |
| 17.5.5 (L1) Ensure 'Audit Other Logon/Logoff Events' is set to 'Success and Failure' | CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BL | Windows | AUDIT AND ACCOUNTABILITY |
| 17.5.5 (L1) Ensure 'Audit Other Logon/Logoff Events' is set to 'Success and Failure' | CIS Microsoft Windows Server 2022 v4.0.0 L1 DC | Windows | AUDIT AND ACCOUNTABILITY |
| 17.5.5 (L1) Ensure 'Audit Other Logon/Logoff Events' is set to 'Success and Failure' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 | Windows | AUDIT AND ACCOUNTABILITY |
| 17.5.5 (L1) Ensure 'Audit Other Logon/Logoff Events' is set to 'Success and Failure' | CIS Microsoft Windows Server 2019 v4.0.0 L1 MS | Windows | AUDIT AND ACCOUNTABILITY |
| 18.10.82.1 (L1) Ensure 'Configure the transmission of the user's password in the content of MPR notifications sent by winlogon.' is set to 'Disabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NG | Windows | CONFIGURATION MANAGEMENT |
| 18.10.82.1 (L1) Ensure 'Configure the transmission of the user's password in the content of MPR notifications sent by winlogon.' is set to 'Disabled' | CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BL | Windows | CONFIGURATION MANAGEMENT |
| 18.10.82.1 (L1) Ensure 'Configure the transmission of the user's password in the content of MPR notifications sent by winlogon.' is set to 'Disabled' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 90.1 (L1) Ensure 'Hypervisor Enforced Code Integrity' is set to 'Enabled with UEFI lock' | CIS Microsoft Intune for Windows 11 v4.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| CIS_MS_Windows_7_v3.2.0_Bitlocker.audit from CIS Microsoft Windows 7 Workstation Benchmark v3.2.0 | CIS Windows 7 Workstation Bitlocker v3.2.0 | Windows | |
| CIS_MS_Windows_7_v3.2.0_Level_1_Bitlocker.audit from CIS Microsoft Windows 7 Workstation Benchmark v3.2.0 | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | |
| CIS_MS_Windows_7_v3.2.0_Level_2_Bitlocker.audit from CIS Microsoft Windows 7 Workstation Benchmark v3.2.0 | CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0 | Windows | |
| CIS_MS_Windows_8.1_v2.4.1_Level_1_Bitlocker.audit from CIS Microsoft Windows 8.1 Workstation Benchmark v2.4.1 | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | |
| Salesforce.com : Email Services - 'AddressInactiveAction != 2' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | CONFIGURATION MANAGEMENT |
| Salesforce.com : Email Services - 'FunctionInactiveAction != 2' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | CONFIGURATION MANAGEMENT |
| WPAW-00-001060 - Device Guard Code Integrity Policy must be used on the Windows PAW to restrict applications that can run on the system (Device Guard User Mode Code Integrity). | DISA MS Windows Privileged Access Workstation v3r2 | Windows | CONFIGURATION MANAGEMENT |
