| 1.12 WN19-00-000120 | CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II | Windows | CONFIGURATION MANAGEMENT |
| 1.12 WN22-00-000120 | CIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT II | Windows | CONFIGURATION MANAGEMENT |
| 2.1 Ensure monitoring and alerting exist for ACCOUNTADMIN and SECURITYADMIN role grants | CIS Snowflake Foundations v1.0.0 L1 | Snowflake | AUDIT AND ACCOUNTABILITY |
| 2.2 Ensure monitoring and alerting exist for MANAGE GRANTS privilege grants | CIS Snowflake Foundations v1.0.0 L1 | Snowflake | AUDIT AND ACCOUNTABILITY |
| 2.4 Ensure monitoring and alerting exist for password sign-in without MFA | CIS Snowflake Foundations v1.0.0 L1 | Snowflake | AUDIT AND ACCOUNTABILITY |
| 2.5 Ensure monitoring and alerting exist for creation, update and deletion of security integrations | CIS Snowflake Foundations v1.0.0 L1 | Snowflake | AUDIT AND ACCOUNTABILITY |
| 6.1 Ensure that MongoDB uses a non-default port | CIS MongoDB 8 v1.0.0 L1 Windows | Windows | CONFIGURATION MANAGEMENT |
| 6.1 Ensure that MongoDB uses a non-default port | CIS MongoDB 7 v1.2.0 L1 Windows | Windows | CONFIGURATION MANAGEMENT |
| 18.10.43.16 (L1) Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block' | CIS Microsoft Windows Server 2025 v1.0.0 L1 MS | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.43.16 (L1) Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.43.16 (L1) Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NG | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.43.16 (L1) Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block' | CIS Microsoft Windows Server 2022 Stand-alone v1.0.0 L1 MS | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.43.16 (L1) Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block' | CIS Microsoft Windows Server 2019 Stand-alone v3.0.0 L1 MS | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.43.16 (L1) Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block' | CIS Microsoft Windows Server 2019 v4.0.0 L1 MS | Windows | SYSTEM AND INFORMATION INTEGRITY |
| External authentication is disabled | TNS Citrix Hypervisor | Unix | IDENTIFICATION AND AUTHENTICATION |
| High availability is enabled | TNS Citrix Hypervisor | Unix | CONTINGENCY PLANNING |
| Host is enabled | TNS Citrix Hypervisor | Unix | CONFIGURATION MANAGEMENT |
| HP ProCurve - 'Disable HTTP' | TNS HP ProCurve | HPProCurve | CONFIGURATION MANAGEMENT |
| HP ProCurve - 'Enable DHCP snooping' | TNS HP ProCurve | HPProCurve | SYSTEM AND COMMUNICATIONS PROTECTION |
| HP ProCurve - 'Enable SNMPv3' | TNS HP ProCurve | HPProCurve | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| HP ProCurve - 'Enable SSH' | TNS HP ProCurve | HPProCurve | CONFIGURATION MANAGEMENT |
| JUSX-IP-000011 - To protect against unauthorized data mining, the Juniper Networks SRX Series Gateway IDPS must prevent code injection attacks launched against data storage objects, including, at a minimum, databases, database records, queries, and fields. | DISA Juniper SRX Services Gateway IDPS v2r1 | Juniper | ACCESS CONTROL |
| PANW-AG-000147 - The Palo Alto Networks security platform must inspect inbound and outbound SMTP and Extended SMTP communications traffic (if authorized) for protocol compliance and protocol anomalies. | DISA STIG Palo Alto ALG v3r4 | Palo_Alto | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| SonicWALL - AAA - LDAP server is trusted | TNS SonicWALL v5.9 | SonicWALL | CONFIGURATION MANAGEMENT |
| SonicWALL - Anti-Spyware - LAN | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND INFORMATION INTEGRITY |
| SonicWALL - Anti-Spyware - WAN | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND INFORMATION INTEGRITY |
| SonicWALL - Content Filtering On - WLAN | TNS SonicWALL v5.9 | SonicWALL | ACCESS CONTROL |
| SonicWALL - GAV ON - DMZ | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND INFORMATION INTEGRITY |
| SonicWALL - GMS hostname/IP - Review | TNS SonicWALL v5.9 | SonicWALL | CONFIGURATION MANAGEMENT |
| SonicWALL - IDP ON - LAN | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND INFORMATION INTEGRITY |
| SonicWALL - IDP ON - WLAN | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND INFORMATION INTEGRITY |
| SonicWALL - Login Banner - VPN Zone | TNS SonicWALL v5.9 | SonicWALL | ACCESS CONTROL |
| SonicWALL - Login Banner - WAN Zone | TNS SonicWALL v5.9 | SonicWALL | ACCESS CONTROL |
| SonicWALL - Security Services - Gateway AV - Activated | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND INFORMATION INTEGRITY |
| SonicWALL - Security Services - Gateway AV - FTP Outbound | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND INFORMATION INTEGRITY |
| SonicWALL - Security Services - IDP - Signature DB Present | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND INFORMATION INTEGRITY |
| SonicWALL - SSL Control - Detect SSLv2 | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND INFORMATION INTEGRITY |
| SonicWALL - SSL Control ON - DMZ | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND INFORMATION INTEGRITY |
| SonicWALL - SSL Control ON - WLAN | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND INFORMATION INTEGRITY |
| SYMP-AG-000240 - The reverse proxy Symantec ProxySG providing intermediary services for FTP must inspect inbound FTP communications traffic for protocol compliance and protocol anomalies - Policy Rules | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| SYMP-AG-000250 - Symantec ProxySG providing intermediary services for FTP must inspect outbound FTP communications traffic for protocol compliance and protocol anomalies. | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| User Account Control: Detect application installations and prompt for elevation | MSCT Windows 10 v1507 v1.0.0 | Windows | ACCESS CONTROL |
| User Account Control: Detect application installations and prompt for elevation | MSCT Windows 10 1809 v1.0.0 | Windows | ACCESS CONTROL |
| User Account Control: Detect application installations and prompt for elevation | MSCT Windows 10 v21H1 v1.0.0 | Windows | ACCESS CONTROL |
| User Account Control: Detect application installations and prompt for elevation | MSCT Windows Server v2004 DC v1.0.0 | Windows | ACCESS CONTROL |
| User Account Control: Detect application installations and prompt for elevation | MSCT MSCT Windows Server 2022 DC v1.0.0 | Windows | ACCESS CONTROL |
| User Account Control: Detect application installations and prompt for elevation | MSCT Windows 10 1803 v1.0.0 | Windows | ACCESS CONTROL |
| User Account Control: Detect application installations and prompt for elevation | MSCT Windows Server 2019 MS v1.0.0 | Windows | ACCESS CONTROL |
| User Account Control: Detect application installations and prompt for elevation | MSCT Windows Server v20H2 MS v1.0.0 | Windows | ACCESS CONTROL |
| XenServer - Use a static IP on the storage network interface | TNS Citrix XenServer | Unix | |
