| 2.2.17 Ensure 'PDB_OS_CREDENTIAL' is NOT null | CIS Oracle Server 18c DB Traditional Auditing v1.1.0 | OracleDB | ACCESS CONTROL |
| 2.8.3 Ensure the OS is not Activate When Resuming from Sleep - Intel DestroyFVKeyOnStandby | CIS Apple macOS 10.15 Catalina v3.0.0 L2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.8.3 Ensure the OS is not Activate When Resuming from Sleep - Intel hibernatemode | CIS Apple macOS 10.15 Catalina v3.0.0 L2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 4.2 Ensure 'CHECK_EXPIRATION' Option is set to 'ON' for All SQL Authenticated Logins Within the Sysadmin Role | CIS SQL Server 2017 Database L1 DB v1.3.0 | MS_SQLDB | ACCESS CONTROL |
| 9.4 Ensure 'safRegistry' is configured | CIS IBM WebSphere Liberty v1.0.0 L1 | Unix | ACCESS CONTROL |
| 18.9.24.1 (L1) Ensure 'Enumeration policy for external devices incompatible with Kernel DMA Protection' is set to 'Enabled: Block All' | CIS Microsoft Windows Server 2019 Stand-alone v3.0.0 L1 MS | Windows | CONFIGURATION MANAGEMENT |
| 18.9.24.1 (L1) Ensure 'Enumeration policy for external devices incompatible with Kernel DMA Protection' is set to 'Enabled: Block All' | CIS Microsoft Windows Server 2019 v4.0.0 L1 DC | Windows | CONFIGURATION MANAGEMENT |
| 18.9.24.1 (L1) Ensure 'Enumeration policy for external devices incompatible with Kernel DMA Protection' is set to 'Enabled: Block All' | CIS Microsoft Windows Server 2019 v4.0.0 L1 MS | Windows | CONFIGURATION MANAGEMENT |
| 18.10.93.4.2 (L1) Ensure 'Select when Preview Builds and Feature Updates are received' is set to 'Enabled: 180 or more days' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NG | Windows | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 18.10.93.4.2 (L1) Ensure 'Select when Preview Builds and Feature Updates are received' is set to 'Enabled: 180 or more days' | CIS Microsoft Windows Server 2019 v4.0.0 L1 MS | Windows | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| ALMA-09-022350 - The kdump service on AlmaLinux OS 9 must be disabled. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-031150 - AlmaLinux OS 9 must not have the ypserv package installed. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-001020 - The macOS system must audit the enforcement actions used to restrict access associated with changes to the system - fr | DISA STIG Apple macOS 11 v1r8 | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| APPL-11-001020 - The macOS system must audit the enforcement actions used to restrict access associated with changes to the system - fw | DISA STIG Apple macOS 11 v1r8 | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| APPL-12-001020 - The macOS system must audit the enforcement actions used to restrict access associated with changes to the system. | DISA STIG Apple macOS 12 v1r9 | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| Citrix ADC - ARP - Spoofing | Tenable Best Practice Citrix ADC v1.0.0 | Citrix_Application_Delivery | CONFIGURATION MANAGEMENT |
| Citrix ADC - System Parameters - Allow Default Partition | Tenable Best Practice Citrix ADC v1.0.0 | Citrix_Application_Delivery | ACCESS CONTROL |
| Citrix ADM - SSL - Settings - TLS v1 | Tenable Best Practice Citrix ADM v1.0.0 | Citrix_Application_Delivery | SYSTEM AND COMMUNICATIONS PROTECTION |
| Citrix ADM - Syslog - Configure server | Tenable Best Practice Citrix ADM v1.0.0 | Citrix_Application_Delivery | AUDIT AND ACCOUNTABILITY |
| Citrix ADM - System Settings - Communication with instances | Tenable Best Practice Citrix ADM v1.0.0 | Citrix_Application_Delivery | SYSTEM AND COMMUNICATIONS PROTECTION |
| Citrix ADM - System Settings - Secure Access Only | Tenable Best Practice Citrix ADM v1.0.0 | Citrix_Application_Delivery | SYSTEM AND COMMUNICATIONS PROTECTION |
| Citrix ADM - System Settings - Session Unit | Tenable Best Practice Citrix ADM v1.0.0 | Citrix_Application_Delivery | ACCESS CONTROL |
| Citrix ADM - User Administration - Password Policy - Invalid Login Attempts | Tenable Best Practice Citrix ADM v1.0.0 | Citrix_Application_Delivery | ACCESS CONTROL |
| EX19-ED-000118 - Exchange receive connectors must control the number of recipients chunked on a single message. | DISA Microsoft Exchange 2019 Edge Server STIG v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| GEN003820 - The rsh daemon must not be running. | DISA STIG Solaris 10 SPARC v2r4 | Unix | ACCESS CONTROL |
| GEN003830 - The rlogind service must not be running. | DISA STIG Solaris 10 X86 v2r4 | Unix | ACCESS CONTROL |
| GEN005510 - The SSH client must be configured to only use FIPS 140-2 approved ciphers. | DISA STIG Solaris 10 SPARC v2r4 | Unix | ACCESS CONTROL |
| Network Security - Ensure Source Routing has not been configured | Juniper Hardening JunOS 12 Devices Checklist | Juniper | CONFIGURATION MANAGEMENT |
| O112-OS-004600 - Use of the DBMS software installation account must be restricted. | DISA STIG Oracle 11.2g v2r5 Database | OracleDB | CONFIGURATION MANAGEMENT |
| OL07-00-020111 - The Oracle Linux operating system must disable the graphical user interface automounter unless required. | DISA Oracle Linux 7 STIG v3r2 | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| OL07-00-030700 - The Oracle Linux operating system must audit all uses of the sudoers file and all files in the /etc/sudoers.d/ directory. | DISA Oracle Linux 7 STIG v3r2 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-07-030870 - The Red Hat Enterprise Linux operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/passwd. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| SLES-12-020210 - The SUSE operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/group. | DISA SLES 12 STIG v3r2 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| SLES-12-020220 - The SUSE operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/shadow. | DISA SLES 12 STIG v3r2 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| SLES-12-020260 - The SUSE operating system must generate audit records for all uses of the sudo command. | DISA SLES 12 STIG v3r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SOL-11.1-050240 - The boundary protection system (firewall) must be configured to deny network traffic by default and must allow network traffic by exception (i.e., deny all, permit by exception). | DISA STIG Solaris 11 SPARC v3r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE |
| UBTU-16-020380 - Successful/unsuccessful uses of the mount command must generate an audit record - b32 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020380 - Successful/unsuccessful uses of the mount command must generate an audit record - path=/bin/mount | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020410 - Successful/unsuccessful uses of the ssh-keysign command must generate an audit record. | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020460 - The audit system must be configured to audit any usage of the setxattr system call - root b64 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020520 - Successful/unsuccessful uses of the chown command must generate an audit record - b32 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020520 - Successful/unsuccessful uses of the chown command must generate an audit record - b64 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020550 - Successful/unsuccessful uses of the lchown command must generate an audit record - b64 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020580 - Successful/unsuccessful uses of the fchmodat command must generate an audit record - b64 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020590 - Successful/unsuccessful uses of the open command must generate an audit record - EPERM b32 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020620 - Successful/unsuccessful uses of the creat command must generate an audit record - EACCES b32 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020620 - Successful/unsuccessful uses of the creat command must generate an audit record - EACCES b64 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020620 - Successful/unsuccessful uses of the creat command must generate an audit record - EPERM b64 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020630 - Successful/unsuccessful uses of the openat command must generate an audit record - EPERM b32 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020720 - Successful/unsuccessful uses of the chacl command must generate an audit record. | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
