| 1.1.20.1 (L2) Ensure 'Search Suggestions' is set to 'Disabled' | CIS Mozilla Firefox ESR GPO v1.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 1.3.6 (L2) Ensure the customer lockbox feature is enabled | CIS Microsoft 365 Foundations v5.0.0 L2 E5 | microsoft_azure | CONFIGURATION MANAGEMENT |
| 2.3.1.3 Ensure 'Accounts: Guest account status' is set to 'Disabled' (STIG DC & MS only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3.1.3 Ensure 'Accounts: Guest account status' is set to 'Disabled' (STIG DC & MS only) | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3.1.3 Ensure 'Accounts: Guest account status' is set to 'Disabled' (STIG only) | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS | Windows | IDENTIFICATION AND AUTHENTICATION |
| 4.4 Harden Usage for 'local_infile' on MariaDB Clients | CIS MariaDB 10.6 Database L1 v1.1.0 | MySQLDB | CONFIGURATION MANAGEMENT |
| 6.3.2 Set Lockout for Failed Password Attempts - auth required pam_tally2.so deny=5 onerr=fail | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | ACCESS CONTROL |
| 8.5.1 (L2) Ensure anonymous users can't join a meeting | CIS Microsoft 365 Foundations v5.0.0 L2 E5 | microsoft_azure | ACCESS CONTROL |
| 8.5.9 (L2) Ensure meeting recording is off by default | CIS Microsoft 365 Foundations v5.0.0 L2 E5 | microsoft_azure | PLANNING, SYSTEM AND SERVICES ACQUISITION |
| 9.2.1 Ensure Password Fields are Not Empty | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| ALMA-09-006620 - The systemd Ctrl-Alt-Delete burst key sequence in AlmaLinux OS 9 must be disabled. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | ACCESS CONTROL |
| ALMA-09-010910 - AlmaLinux OS 9 library files must be group-owned by root or a system account. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-046660 - AlmaLinux OS 9 must audit all uses of the delete_module, init_module and finit_module system calls. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| ALMA-09-047870 - Successful/unsuccessful uses of the umount2 system call in AlmaLinux OS 9 must generate an audit record. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| ALMA-09-055680 - AlmaLinux OS 9 audit log directory must be owned by root to prevent unauthorized read access. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| ALMA-09-055790 - AlmaLinux OS 9 audit log directory must have 0700 permissions to prevent unauthorized read access. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| ALMA-09-056010 - AlmaLinux OS 9 audit logs must be owned by root to prevent unauthorized read access. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| AOSX-13-000195 - The macOS system must be configured so that any connection to the system must display the Standard Mandatory DoD Notice and Consent Banner before granting access to the system - 'Banner file' | DISA STIG Apple Mac OSX 10.13 v2r5 | Unix | ACCESS CONTROL |
| AOSX-13-000195 - The macOS system must be configured so that any connection to the system must display the Standard Mandatory DoD Notice and Consent Banner before granting access to the system - 'Banner text' | DISA STIG Apple Mac OSX 10.13 v2r5 | Unix | ACCESS CONTROL |
| AOSX-15-000025 - The macOS system must be configured so that any connection to the system must display the Standard Mandatory DoD Notice and Consent Banner before granting GUI access to the system - Banner text | DISA STIG Apple Mac OSX 10.15 v1r10 | Unix | ACCESS CONTROL |
| APPL-11-000008 - The macOS system must be configured with Wi-Fi support software disabled. | DISA STIG Apple macOS 11 v1r8 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| APPL-11-000025 - The macOS system must be configured so that any connection to the system must display the Standard Mandatory DoD Notice and Consent Banner before granting GUI access to the system. | DISA STIG Apple macOS 11 v1r5 | Unix | ACCESS CONTROL |
| APPL-11-000025 - The macOS system must be configured so that any connection to the system must display the Standard Mandatory DoD Notice and Consent Banner before granting GUI access to the system. | DISA STIG Apple macOS 11 v1r8 | Unix | ACCESS CONTROL |
| APPL-15-004001 - The macOS system must configure Apple System Log (ASL) files owned by root and group to wheel. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DG0126-ORACLE11 - Password reuse should be prevented where supported by the DBMS - 'No unlimited REUSE_MAX or REUSE_TIME for non DEFAULT profiles' | DISA STIG Oracle 11 Instance v9r1 Database | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| GOOG-15-006600 - Google Android 15 must be configured to enforce an application installation policy by specifying an application allow list that restricts applications by the following characteristics: [selection: list of digital signatures, cryptographic hash values, names, application version]. | AirWatch - DISA Google Android 15 COBO v1r2 | MDM | CONFIGURATION MANAGEMENT |
| KNOX-07-901500 - The Samsung must be configured to enforce a Container application install policy by specifying an application whitelist. | MobileIron - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | CONFIGURATION MANAGEMENT |
| KNOX-07-901500 - The Samsung must be configured to enforce a Container application install policy by specifying an application whitelist. | AirWatch - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | CONFIGURATION MANAGEMENT |
| O112-C1-004500 - DBA OS accounts must be granted only those host system privileges necessary for the administration of the DBMS. | DISA STIG Oracle 11.2g v2r5 Windows | Windows | CONFIGURATION MANAGEMENT |
| O121-C1-004500 - DBA OS accounts must be granted only those host system privileges necessary for the administration of the DBMS. | DISA STIG Oracle 12c v3r2 Windows | Windows | CONFIGURATION MANAGEMENT |
| OL08-00-030122 - The OL 8 audit system must protect logon UIDs from unauthorized change. | DISA Oracle Linux 8 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
| OL08-00-030360 - OL 8 must generate audit records for any use of the "init_module" and "finit_module" system calls. | DISA Oracle Linux 8 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| PHTN-67-000033 - The Photon operating system must disable the loading of unnecessary kernel modules - bluetooth | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| PHTN-67-000033 - The Photon operating system must disable the loading of unnecessary kernel modules - cramfs | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| PHTN-67-000033 - The Photon operating system must disable the loading of unnecessary kernel modules - hfsplus | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| PHTN-67-000033 - The Photon operating system must disable the loading of unnecessary kernel modules - squashfs | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| RHEL-08-030121 - RHEL 8 audit system must protect auditing rules from unauthorized change. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030122 - RHEL 8 audit system must protect logon UIDs from unauthorized change. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-09-211045 - The systemd Ctrl-Alt-Delete burst key sequence in RHEL 9 must be disabled. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | ACCESS CONTROL |
| RHEL-09-211050 - The x86 Ctrl-Alt-Delete key sequence must be disabled on RHEL 9. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | ACCESS CONTROL |
| RHEL-09-231030 - RHEL 9 must use a separate file system for the system audit data path. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-09-253010 - RHEL 9 must be configured to use TCP syncookies. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-09-255025 - RHEL 9 must display the Standard Mandatory DOD Notice and Consent Banner before granting local or remote access to the system via a SSH logon. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | ACCESS CONTROL |
| RHEL-09-412035 - RHEL 9 must automatically exit interactive command shell user sessions after 10 minutes of inactivity. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| UBTU-24-200580 - Ubuntu 24.04 LTS must prevent all software from executing at higher privilege levels than users executing the software and the audit system must be configured to audit the execution of privileged functions. | DISA Canonical Ubuntu 24.04 LTS STIG v1r1 | Unix | ACCESS CONTROL |
| WN16-SO-000490 - User Account Control must automatically deny standard user requests for elevation. | DISA Microsoft Windows Server 2016 STIG v2r10 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN19-CC-000360 - Windows Server 2019 Remote Desktop Services must always prompt a client for passwords upon connection. | DISA Microsoft Windows Server 2019 STIG v3r4 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN19-DC-000050 - Windows Server 2019 Kerberos policy user ticket renewal maximum lifetime must be limited to seven days or less. | DISA Microsoft Windows Server 2019 STIG v3r4 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN22-CC-000340 - Windows Server 2022 must not save passwords in the Remote Desktop Client. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN22-DC-000050 - Windows Server 2022 Kerberos policy user ticket renewal maximum lifetime must be limited to seven days or less. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | IDENTIFICATION AND AUTHENTICATION |
