| 18.6.14.1 (L1) Ensure 'Hardened UNC Paths' is set to 'Enabled, with 'Require Mutual Authentication', 'Require Integrity', and 'Require Privacy' set for all NETLOGON and SYSVOL shares' | CIS Microsoft Windows Server 2016 v4.0.0 L1 DC | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.6.14.1 (L1) Ensure 'Hardened UNC Paths' is set to 'Enabled, with 'Require Mutual Authentication', 'Require Integrity', and 'Require Privacy' set for all NETLOGON and SYSVOL shares' | CIS Microsoft Windows Server 2019 Stand-alone v3.0.0 L1 MS | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.9.11.1.9 Ensure 'Choose how BitLocker-protected fixed drives can be recovered: Do not enable BitLocker until recovery information is stored to AD DS for fixed data drives' is set to 'Enabled: False' | CIS Windows 7 Workstation Bitlocker v3.2.0 | Windows | CONTINGENCY PLANNING, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.9.11.2.3 Ensure 'Choose how BitLocker-protected operating system drives can be recovered: Allow data recovery agent' is set to 'Enabled: False' | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | CONTINGENCY PLANNING, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.9.11.2.4 Ensure 'Choose how BitLocker-protected operating system drives can be recovered: Recovery Password' is set to 'Enabled: Require 48-digit recovery password' | CIS Windows 7 Workstation Bitlocker v3.2.0 | Windows | CONTINGENCY PLANNING, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.9.11.2.11 (BL) Ensure 'Configure minimum PIN length for startup' is set to 'Enabled: 7 or more characters' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | CONFIGURATION MANAGEMENT |
| 18.9.11.2.15 Ensure 'Require additional authentication at startup: Configure TPM startup key:' is set to 'Enabled: Do not allow startup key with TPM' | CIS Windows 7 Workstation Bitlocker v3.2.0 | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.9.11.2.21 (BL) Ensure 'Require additional authentication at startup: Configure TPM startup key:' is set to 'Enabled: Do not allow startup key with TPM' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.9.11.2.21 (BL) Ensure 'Require additional authentication at startup: Configure TPM startup key:' is set to 'Enabled: Do not allow startup key with TPM' | CIS Microsoft Windows 8.1 v2.4.1 L2 Bitlocker | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.9.11.3.9 Ensure 'Choose how BitLocker-protected removable drives can be recovered: Do not enable BitLocker until recovery information is stored to AD DS for removable data drives' is set to 'Enabled: False' | CIS Windows 7 Workstation Bitlocker v3.2.0 | Windows | CONTINGENCY PLANNING, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.9.11.3.9 Ensure 'Choose how BitLocker-protected removable drives can be recovered: Do not enable BitLocker until recovery information is stored to AD DS for removable data drives' is set to 'Enabled: False' | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | CONTINGENCY PLANNING, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.9.11.3.9 Ensure 'Choose how BitLocker-protected removable drives can be recovered: Do not enable BitLocker until recovery information is stored to AD DS for removable data drives' is set to 'Enabled: False' | CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0 | Windows | CONTINGENCY PLANNING, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.9.11.3.14 Ensure 'Deny write access to removable drives not protected by BitLocker: Do not allow write access to devices configured in another organization' is set to 'Enabled: False' | CIS Windows 7 Workstation Bitlocker v3.2.0 | Windows | MEDIA PROTECTION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.9.11.3.14 Ensure 'Deny write access to removable drives not protected by BitLocker: Do not allow write access to devices configured in another organization' is set to 'Enabled: False' | CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0 | Windows | MEDIA PROTECTION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.9.11.3.18 (BL) Ensure 'Deny write access to removable drives not protected by BitLocker: Do not allow write access to devices configured in another organization' is set to 'Enabled: False' | CIS Microsoft Windows 8.1 v2.4.1 L2 Bitlocker | Windows | ACCESS CONTROL, MEDIA PROTECTION |
| 18.10.9.2.9 (L1) Ensure 'Choose how BitLocker-protected operating system drives can be recovered: Configure storage of BitLocker recovery information to AD DS:' is set to 'Enabled: Store recovery passwords and key packages' | CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.10.10.1.10 Ensure 'Configure use of smart cards on fixed data drives: Require use of smart cards on fixed data drives' is set to 'Enabled: True' | CIS Microsoft Windows 11 Stand-alone v5.0.0 L1 BL | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.10.10.1.13 (BL) Ensure 'Configure use of smart cards on fixed data drives: Require use of smart cards on fixed data drives' is set to 'Enabled: True' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.10.10.1.13 (BL) Ensure 'Configure use of smart cards on fixed data drives: Require use of smart cards on fixed data drives' is set to 'Enabled: True' | CIS Microsoft Windows 10 Enterprise v4.0.0 BL | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.10.10.1.13 Ensure 'Configure use of smart cards on fixed data drives: Require use of smart cards on fixed data drives' is set to 'Enabled: True' | CIS Microsoft Windows 11 Enterprise v5.0.1 BL | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.10.10.2.8 (BL) Ensure 'Choose how BitLocker-protected operating system drives can be recovered: Save BitLocker recovery information to AD DS for operating system drives' is set to 'Enabled: True' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.10.10.2.9 (BL) Ensure 'Choose how BitLocker-protected operating system drives can be recovered: Configure storage of BitLocker recovery information to AD DS:' is set to 'Enabled: Store recovery passwords and key packages' | CIS Microsoft Windows 10 Enterprise v4.0.0 BL | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.10.10.2.9 (BL) Ensure 'Choose how BitLocker-protected operating system drives can be recovered: Configure storage of BitLocker recovery information to AD DS:' is set to 'Enabled: Store recovery passwords and key packages' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.10.10.2.9 Ensure 'Choose how BitLocker-protected operating system drives can be recovered: Configure storage of BitLocker recovery information to AD DS:' is set to 'Enabled: Store recovery passwords and key packages' | CIS Microsoft Windows 11 Enterprise v5.0.1 BL | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.10.10.2.10 Ensure 'Choose how BitLocker-protected operating system drives can be recovered: Do not enable BitLocker until recovery information is stored to AD DS for operating system drives' is set to 'Enabled: True' | CIS Microsoft Windows 11 Enterprise v5.0.1 L1 BL | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.10.10.3.10 Ensure 'Configure use of smart cards on removable data drives: Require use of smart cards on removable data drives' is set to 'Enabled: True' | CIS Microsoft Windows 11 Stand-alone v5.0.0 L2 BL | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.10.10.3.10 Ensure 'Configure use of smart cards on removable data drives: Require use of smart cards on removable data drives' is set to 'Enabled: True' | CIS Microsoft Windows 11 Stand-alone v5.0.0 L1 BL | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.10.10.3.13 (BL) Ensure 'Configure use of smart cards on removable data drives: Require use of smart cards on removable data drives' is set to 'Enabled: True' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| CIS Control 5 (5.1) Establish Secure Configurations | CAS Implementation Group 1 Audit File | Unix | CONFIGURATION MANAGEMENT |
| CIS Docker Community Edition v1.1.0 L1 Docker | CIS Docker Community Edition v1.1.0 L1 Docker | Unix | |
| CIS Internet Explorer 11 Benchmark Version 1.0.0 | CIS IE 11 v1.0.0 | Windows | |
| CIS_Apache_Tomcat_9_L1_v1.2.0_Middleware.audit from CIS Apache Tomcat 9 Benchmark | CIS Apache Tomcat 9 L1 v1.2.0 Middleware | Unix | |
| CIS_Debian_Linux_10_v2.0.0_L2_Workstation.audit from CIS Debian Linux 10 v2.0.0 | CIS Debian Linux 10 v2.0.0 L2 Workstation | Unix | |
| CIS_Debian_Linux_11_v2.0.0_L2_Workstation.audit from CIS Debian Linux 11 v2.0.0 | CIS Debian Linux 11 v2.0.0 L2 Workstation | Unix | |
| CIS_Debian_Linux_12_v1.1.0_L1_Server.audit from CIS Debian Linux 12 v1.1.0 | CIS Debian Linux 12 v1.1.0 L1 Server | Unix | |
| CIS_Debian_Linux_13_v1.0.0_L1_Workstation.audit from CIS Debian Linux 13 v1.0.0 | CIS Debian Linux 13 v1.0.0 L1 Workstation | Unix | |
| CIS_Kubernetes_v1.1.0_Level_1.audit from CIS Kubernetes Benchmark v1.1.0 | CIS Kubernetes 1.7.0 Benchmark v1.1.0 L1 | Unix | |
| CIS_Kubernetes_v1.1.0_Level_2.audit from CIS Kubernetes Benchmark v1.1.0 | CIS Kubernetes 1.7.0 Benchmark v1.1.0 L2 | Unix | |
| CIS_Kubernetes_v1.3.0_Level_2.audit from CIS Kubernetes Benchmark v1.3.0 | CIS Kubernetes 1.11 Benchmark v1.3.0 L2 | Unix | |
| CIS_Kubernetes_v1.20_v1.0.1_Level_2_Worker.audit from CIS Kubernetes v1.20 Benchmark v1.0.1 | CIS Kubernetes v1.20 Benchmark v1.0.1 L2 Worker | Unix | CONFIGURATION MANAGEMENT |
| CIS_Kubernetes_v1.23_v1.0.1_Level_2_Master.audit from CIS Kubernetes v1.23 Benchmark v1.0.1 | CIS Kubernetes v1.23 Benchmark v1.0.1 L2 Master | Unix | CONFIGURATION MANAGEMENT |
| CIS_Kubernetes_v1.24_v1.0.0_Level_1_Master.audit from CIS Kubernetes v1.24 Benchmark v1.0.0 | CIS Kubernetes v1.24 Benchmark v1.0.0 L1 Master | Unix | CONFIGURATION MANAGEMENT |
| CIS_MongoDB_3.6_Benchmark_Level_1_OS_Unix_v1.1.0.audit from CIS MongoDB 3.6 Benchmark | CIS MongoDB 3.6 L1 Unix Audit v1.1.0 | Unix | |
| CIS_MongoDB_3.6_Benchmark_Level_1_OS_Windows_v1.1.0.audit from CIS MongoDB 3.6 Benchmark | CIS MongoDB 3.6 L1 Windows Audit v1.1.0 | Windows | |
| CIS_MongoDB_4_Benchmark_Level_1_OS_Windows_v1.0.0.audit from CIS MongoDB 4 Benchmark | CIS MongoDB 4 L1 OS Windows v1.0.0 | Windows | |
| CIS_mongodb_5_Benchmark_Level_1_OS_Linux_v1.2.0.audit from CIS MongoDB 5 Benchmark | CIS MongoDB 5 L1 OS Linux v1.2.0 | Unix | |
| CIS_MongoDB_5_Benchmark_Level_2_OS_Linux_v1.2.0.audit from CIS MongoDB 5 Benchmark | CIS MongoDB 5 L2 OS Linux v1.2.0 | Unix | |
| CIS_MongoDB_Benchmark_Level_1_OS_Unix_v1.0.0.audit from CIS MongoDB Benchmark v1.0.0 | CIS MongoDB L1 Unix Audit v1.0.0 | Unix | |
| CIS_Oracle_Database_19c_v2.0.0_L1_RDBMS_On_Host_OS_Windows.audit from CIS Oracle Database 19c v2.0.0 | CIS Oracle Database 19c v2.0.0 L1 RDBMS On Host OS Windows | Windows | |
| CIS_Oracle_Linux_9_v2.0.0_L2_Workstation.audit from CIS Oracle Linux 9 v2.0.0 | CIS Oracle Linux 9 v2.0.0 L2 Workstation | Unix | |
