| 1.4.3.2 Ensure 'aaa authentication http console' is configured correctly | CIS Cisco ASA 9.x Firewall L1 v1.1.0 | Cisco | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| 2.2.15 (L1) Ensure 'Create global objects' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE' | CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MS | Windows | ACCESS CONTROL |
| 2.2.15 (L1) Ensure 'Create global objects' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE' | CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1 | Windows | ACCESS CONTROL |
| 2.2.15 (L1) Ensure 'Create global objects' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE' | CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1 | Windows | ACCESS CONTROL |
| 2.2.16 (L1) Ensure 'Create global objects' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE' | CIS Microsoft Windows Server 2025 v1.0.0 L1 DC | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.16 (L1) Ensure 'Create global objects' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE' | CIS Microsoft Windows Server 2025 v1.0.0 L1 MS | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.16 Ensure 'Create global objects' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE' | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.17 Ensure 'Create global objects' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE' | CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Domain Controller | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.17 Ensure 'Create global objects' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE' | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 3.1.18 Reserve the desired port number or name for incoming SSL connections | CIS IBM DB2 9 Benchmark v3.0.1 Level 2 OS Linux | Unix | CONFIGURATION MANAGEMENT |
| 3.2.7 Secure permissions for the log mirror location | CIS IBM DB2 9 Benchmark v3.0.1 Level 1 DB | IBM_DB2DB | |
| 3.2.7 Secure permissions for the log mirror location | CIS IBM DB2 9 Benchmark v3.0.1 Level 1 OS Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 3.2.7 Secure permissions for the log mirror location | CIS IBM DB2 9 Benchmark v3.0.1 Level 1 OS Windows | Windows | AUDIT AND ACCOUNTABILITY |
| 3.2.7 Secure permissions for the log mirror location - FILE_PERMISSIONS | CIS IBM DB2 9 Benchmark v3.0.1 Level 1 OS Windows | Windows | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| 5.2 Specify a Secure Authentication Type (AUTHENTICATION) | CIS IBM DB2 11 v1.1.0 Linux OS Level 1 | Unix | ACCESS CONTROL |
| 5.12 Ensure Proper Use Of ALLOW_NONEXISTENT_DEFINER | CIS Oracle MySQL Enterprise Edition 8.0 v1.4.0 L1 Database | MySQLDB | PLANNING, SYSTEM AND SERVICES ACQUISITION |
| 5.12 Ensure Proper Use Of ALLOW_NONEXISTENT_DEFINER | CIS Oracle MySQL Community Server 8.4 v1.0.0 L1 Database | MySQLDB | PLANNING, SYSTEM AND SERVICES ACQUISITION |
| 20.64 Ensure 'TFTP Client' is 'not installed' | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC | Windows | CONFIGURATION MANAGEMENT |
| 20.64 Ensure 'TFTP Client' is 'not installed' | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS | Windows | CONFIGURATION MANAGEMENT |
| ALMA-09-029060 - AlmaLinux OS 9 must not have the telnet-server package installed. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| CIS_Microsoft_Windows_Server_2019_STIG_v3.0.0_Next_Generation_Windows_Security_-_Domain_Controller.audit from CIS Microsoft Windows Server 2019 STIG Benchmark v3.0.0 | CIS Microsoft Windows Server 2019 STIG v3.0.0 NG DC | Windows | |
| CIS_Microsoft_Windows_Server_2022_STIG_v2.0.0_Next_Generation_Windows_Security_-_Domain_Controller.audit from CIS Microsoft Windows Server 2022 STIG Benchmark v2.0.0 | CIS Microsoft Windows Server 2022 STIG v2.0.0 NG DC | Windows | |
| CIS_MongoDB_3.6_Benchmark_Level_2_DB_v1.1.0.audit from CIS MongoDB 3.6 Benchmark | CIS MongoDB 3.6 Database Audit L2 v1.1.0 | MongoDB | |
| DG0091-ORACLE11 - Custom and GOTS application source code stored in the database should be protected with encryption or encoding. | DISA STIG Oracle 11 Instance v9r1 Database | OracleDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| EPAS-00-011300 - The EDB Postgres Advanced Server must generate audit records when unsuccessful attempts to delete privileges/permissions occur. | EnterpriseDB PostgreSQL Advanced Server DB v2r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| MADB-10-002800 - Database software, including MariaDB configuration files, must be stored in dedicated directories, separate from the host OS and other applications. | DISA MariaDB Enterprise 10.x v2r3 DB | MySQLDB | CONFIGURATION MANAGEMENT |
| MD4X-00-005400 - MongoDB must enforce access restrictions associated with changes to the configuration of MongoDB or database(s). | DISA STIG MongoDB Enterprise Advanced 4.x v1r4 DB | MongoDB | CONFIGURATION MANAGEMENT |
| O121-C2-011700 - Unused database components that are integrated in the DBMS and cannot be uninstalled must be disabled. | DISA STIG Oracle 12c v3r2 Database | OracleDB | CONFIGURATION MANAGEMENT |
| OH12-1X-000007 - OHS must have the LoadModule ossl_module directive enabled to encrypt remote connections in accordance with the categorization of data hosted by the web server. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | ACCESS CONTROL |
| OH12-1X-000008 - OHS must have the SSLFIPS directive enabled to encrypt remote connections in accordance with the categorization of data hosted by the web server. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | ACCESS CONTROL |
| OH12-1X-000009 - OHS must have the SSLEngine, SSLProtocol, and SSLWallet directives enabled and configured to encrypt remote connections in accordance with the categorization of data hosted by the web server - SSLProtocol | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | ACCESS CONTROL |
| OL07-00-030660 - The Oracle Linux operating system must audit all uses of the chage command. | DISA Oracle Linux 7 STIG v3r2 | Unix | AUDIT AND ACCOUNTABILITY |
| OL07-00-030800 - The Oracle Linux operating system must audit all uses of the crontab command. | DISA Oracle Linux 7 STIG v3r2 | Unix | AUDIT AND ACCOUNTABILITY |
| PGS9-00-006400 - PostgreSQL must generate audit records when privileges/permissions are modified. | DISA STIG PostgreSQL 9.x on RHEL DB v2r5 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| PHTN-67-000010 - The Photon operating system must configure auditd to log to disk. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | AUDIT AND ACCOUNTABILITY |
| PHTN-67-000018 - The Photon operating system must have the auditd service running. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| PPS9-00-011200 - The EDB Postgres Advanced Server must generate audit records when privileges/permissions are deleted. | EDB PostgreSQL Advanced Server DB Audit v2r3 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| RHEL-07-030630 - The Red Hat Enterprise Linux operating system must audit all uses of the passwd command. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-08-030400 - Successful/unsuccessful uses of the crontab command in RHEL 8 must generate an audit record. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-09-252025 - RHEL 9 must disable the chrony daemon from acting as a server. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-654015 - RHEL 9 must audit all uses of the chmod, fchmod, and fchmodat system calls. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654020 - RHEL 9 must audit all uses of the chown, fchown, fchownat, and lchown system calls. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654055 - RHEL 9 must audit all uses of the setfiles command. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654060 - RHEL 9 must audit all uses of the setsebool command. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654105 - RHEL 9 must audit all uses of the kmod command. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654145 - RHEL 9 must audit all uses of the su command. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SLES-15-030530 - The SUSE operating system must generate audit records for all uses of the init_module and finit_module system calls. | DISA SUSE Linux Enterprise Server 15 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-24-900350 - Ubuntu 24.04 LTS must generate audit records for successful/unsuccessful uses of the delete_module syscall. | DISA Canonical Ubuntu 24.04 LTS STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
| VCWN-65-000009 - The vCenter Server for Windows must use Active Directory authentication. | DISA STIG VMware vSphere vCenter 6.5 v2r3 | VMware | IDENTIFICATION AND AUTHENTICATION |
| WN19-AU-000040 - Windows Server 2019 permissions for the Security event log must prevent access by non-privileged accounts. | DISA Microsoft Windows Server 2019 STIG v3r4 | Windows | AUDIT AND ACCOUNTABILITY |
