| 1.1.18.9 (L2) Ensure 'network.IDN_show_punycode' is set to 'Enabled' | CIS Mozilla Firefox ESR GPO v1.0.0 L2 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.2.29 (L2) Configure 'Log on as a service' | CIS Microsoft Windows 8.1 v2.4.1 L2 | Windows | ACCESS CONTROL |
| 4.8.5 Ensure administrative user accounts are locked | CIS IBM AIX 7 v1.0.0 L1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.6 (L2) Ensure Strict Lockdown mode is enabled | CIS VMware ESXi 7.0 v1.5.0 L2 | VMware | ACCESS CONTROL |
| 7.2.4 (L2) Ensure OneDrive content sharing is restricted | CIS Microsoft 365 Foundations v5.0.0 L2 E3 | microsoft_azure | ACCESS CONTROL, MEDIA PROTECTION |
| 7.2.4 (L2) Ensure OneDrive content sharing is restricted | CIS Microsoft 365 Foundations v5.0.0 L2 E5 | microsoft_azure | ACCESS CONTROL, MEDIA PROTECTION |
| 8.4.7 (L2) Ensure Unity Window Contents is disabled | CIS VMware ESXi 7.0 v1.5.0 L2 | VMware | CONFIGURATION MANAGEMENT |
| 8.4.8 (L2) Ensure Unity Push Update is disabled | CIS VMware ESXi 7.0 v1.5.0 L2 | VMware | CONFIGURATION MANAGEMENT |
| 8.4.12 (L2) Ensure Request Disk Topology is disabled | CIS VMware ESXi 7.0 v1.5.0 L2 | VMware | CONFIGURATION MANAGEMENT |
| 8.4.13 (L2) Ensure Trash Folder State is disabled | CIS VMware ESXi 7.0 v1.5.0 L2 | VMware | CONFIGURATION MANAGEMENT |
| 8.5.8 (L2) Ensure external meeting chat is off | CIS Microsoft 365 Foundations v5.0.0 L2 E3 | microsoft_azure | PLANNING, SYSTEM AND SERVICES ACQUISITION |
| AIX7-00-002013 - Audit logs on the AIX system must be owned by root. | DISA STIG AIX 7.x v3r1 | Unix | AUDIT AND ACCOUNTABILITY |
| ALMA-09-011130 - AlmaLinux OS 9 library files must have mode 755 or less permissive. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-011900 - AlmaLinux OS 9 cron configuration files directory must be owned by root. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-018500 - AlmaLinux OS 9 must not accept router advertisements on all IPv6 interfaces. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-024990 - AlmaLinux OS 9 system accounts must not have an interactive login shell. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-025320 - AlmaLinux OS 9 must use a separate file system for /var/log. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-048860 - AlmaLinux OS 9 must generate audit records for any use of the "crontab" command. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| ALMA-09-051060 - AlmaLinux OS 9 must generate audit records for any use of the "unix_update" command. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| ALMA-09-051170 - AlmaLinux OS 9 must generate audit records for any use of the "userhelper" command. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| ALMA-09-052050 - AlmaLinux OS 9 must allocate audit record storage capacity to store at least one week's worth of audit records. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| ALMA-09-057110 - AlmaLinux OS 9 audit system must protect auditing rules from unauthorized change. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-14-004022 The macOS system must require users to reauthenticate for privilege escalation when using the "sudo" command. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| APPNET0065 - Trust must be established prior to enabling the loading of remote code in .Net 4. | DISA STIG for Microsoft Dot Net Framework 4.0 v2r6 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| GEN005505 - The operating system must implement DoD-approved encryption to protect the confidentiality of SSH connections. | DISA STIG Solaris 10 X86 v2r4 | Unix | ACCESS CONTROL |
| MD7X-00-004400 MongoDB must use NIST FIPS 140-2 or 140-3 validated cryptographic modules for cryptographic operations. | DISA MongoDB Enterprise Advanced 7.x STIG v1r1 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| OL07-00-030710 - The Oracle Linux operating system must audit all uses of the newgrp command. | DISA Oracle Linux 7 STIG v3r2 | Unix | AUDIT AND ACCOUNTABILITY |
| OL08-00-030311 - OL 8 must generate audit records for any use of the "postdrop" command. | DISA Oracle Linux 8 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL08-00-030316 - OL 8 must generate audit records for any use of the "setsebool" command. | DISA Oracle Linux 8 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL08-00-030320 - OL 8 must generate audit records for any use of the "ssh-keysign" command. | DISA Oracle Linux 8 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL08-00-030370 - OL 8 must generate audit records for any use of the "gpasswd" command. | DISA Oracle Linux 8 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL08-00-030580 - OL 8 must generate audit records for any use of the "kmod" command. | DISA Oracle Linux 8 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| PHTN-30-000005 - The Photon operating system must set a session inactivity timeout of 15 minutes or less. | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | ACCESS CONTROL, MAINTENANCE |
| PHTN-30-000062 - The Photon operating system must require users to reauthenticate for privilege escalation. | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| PHTN-40-000133 The Photon operating system must require users to reauthenticate for privilege escalation. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| PHTN-67-000005 - The Photon operating system must set a session inactivity timeout of 15 minutes or less - readonly | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | ACCESS CONTROL, MAINTENANCE |
| RHEL-08-030317 - Successful/unsuccessful uses of unix_chkpwd in RHEL 8 must generate an audit record. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030600 - Successful/unsuccessful modifications to the lastlog file in RHEL 8 must generate an audit record. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-09-652015 - RHEL 9 must have the packages required for encrypting offloaded audit logs installed. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| SRG-OS-000147-ESXI5 - The operating system, at managed interfaces, must deny network traffic by default and must allow network traffic by exception (i.e., deny all, permit by exception). | DISA STIG VMWare ESXi Server 5 STIG v2r1 | VMware | CONFIGURATION MANAGEMENT |
| SRG-OS-000152-ESXI5 - The operating system must implement host-based boundary protection mechanisms for servers, workstations, and mobile devices. | DISA STIG VMWare ESXi Server 5 STIG v2r1 | VMware | CONFIGURATION MANAGEMENT |
| SRG-OS-000157-ESXI5 - The SSH client must be configured to not use CBC-based ciphers. | DISA STIG VMWare ESXi Server 5 STIG v2r1 | VMware | CONFIGURATION MANAGEMENT |
| SRG-OS-99999-ESXI5-000137 - The system must disable the Managed Object Browser (MOB) - MOB | DISA STIG VMWare ESXi Server 5 STIG v2r1 | VMware | CONFIGURATION MANAGEMENT |
| WN16-AU-000260 - Windows Server 2016 must be configured to audit Logon/Logoff - Logon successes. | DISA Microsoft Windows Server 2016 STIG v2r10 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN16-AU-000340 - Windows Server 2016 must be configured to audit Policy Change - Authorization Policy Change successes. | DISA Microsoft Windows Server 2016 STIG v2r10 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN22-AU-000190 - Windows Server 2022 must be configured to audit logon successes. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN22-AU-000320 - Windows Server 2022 must be configured to audit System - IPsec Driver successes. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN22-AU-000340 - Windows Server 2022 must be configured to audit System - Other System Events successes. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN22-AU-000380 - Windows Server 2022 must be configured to audit System - System Integrity successes. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN22-DC-000240 - Windows Server 2022 must be configured to audit DS Access - Directory Service Access successes. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
