| 1.3.1 Ensure AIDE is installed | CIS CentOS Linux 8 Server L1 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 1.3.1 Ensure AIDE is installed | CIS Fedora 28 Family Linux Server L1 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.1 Ensure monitoring and alerting exist for ACCOUNTADMIN and SECURITYADMIN role grants | CIS Snowflake Foundations v1.0.0 L1 | Snowflake | AUDIT AND ACCOUNTABILITY |
| 2.2 Ensure monitoring and alerting exist for MANAGE GRANTS privilege grants | CIS Snowflake Foundations v1.0.0 L1 | Snowflake | AUDIT AND ACCOUNTABILITY |
| 2.4 Ensure monitoring and alerting exist for password sign-in without MFA | CIS Snowflake Foundations v1.0.0 L1 | Snowflake | AUDIT AND ACCOUNTABILITY |
| 2.5 Ensure monitoring and alerting exist for creation, update and deletion of security integrations | CIS Snowflake Foundations v1.0.0 L1 | Snowflake | AUDIT AND ACCOUNTABILITY |
| 3.1.7.4 Ensure That Microsoft Defender for SQL Servers on Machines Is Set To 'On' | CIS Microsoft Azure Foundations v3.0.0 L2 | microsoft_azure | RISK ASSESSMENT, SYSTEM AND SERVICES ACQUISITION |
| 5.3.1 Ensure AIDE is installed | CIS Red Hat EL8 Server L1 v3.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 5.3.1 Ensure AIDE is installed | CIS Red Hat Enterprise Linux 7 v4.0.0 L1 Server | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 6.1 Ensure that MongoDB uses a non-default port | CIS MongoDB 7 v1.1.0 L1 MongoDB | Windows | CONFIGURATION MANAGEMENT |
| 6.1.1 Ensure AIDE is installed | CIS Rocky Linux 9 v2.0.0 L1 Workstation | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 6.1.1 Ensure AIDE is installed | CIS SUSE Linux Enterprise 15 v2.0.0 L1 Server | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 18.9.47.15 Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block' | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.42.16 (L1) Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block' | CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.42.16 (L1) Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block' | CIS Microsoft Windows Server 2019 v3.0.1 L1 DC | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.42.16 (L1) Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block' | CIS Microsoft Windows Server 2016 v3.0.0 L1 DC | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.42.16 (L1) Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block' | CIS Microsoft Windows Server 2019 v3.0.1 L1 MS | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.42.16 (L1) Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block' | CIS Microsoft Windows Server 2019 Stand-alone v2.0.0 L1 MS | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.42.16 (L1) Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block' | CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.42.16 Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block' | CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Domain Controller | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.42.16 Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block' | CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 MS | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.42.16 Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block' | CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 Domain Controller | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.42.16 Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block' | CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 DC | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.42.16 Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block' | CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 MS | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.43.16 (L1) Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block' | CIS Microsoft Windows Server 2025 v1.0.0 L1 MS | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.43.16 (L1) Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.43.16 (L1) Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.43.16 (L1) Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.43.16 (L1) Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block' | CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.43.16 (L1) Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NG | Windows | SYSTEM AND INFORMATION INTEGRITY |
| F5BI-AS-000109 - The BIG-IP ASM module must be configured to update malicious code protection mechanisms and signature definitions when providing content filtering to virtual servers for whenever new releases are available in accordance with organizational configuration management policy and procedures. | DISA F5 BIG-IP Application Security Manager STIG v2r2 | F5 | SYSTEM AND INFORMATION INTEGRITY |
| JUSX-IP-000012 - To protect against unauthorized data mining, the Juniper Networks SRX Series Gateway IDPS must prevent code injection attacks launched against application objects, including, at a minimum, application URLs and application code. | DISA Juniper SRX Services Gateway IDPS v2r1 | Juniper | ACCESS CONTROL |
| PANW-AG-000147 - The Palo Alto Networks security platform must inspect inbound and outbound SMTP and Extended SMTP communications traffic (if authorized) for protocol compliance and protocol anomalies. | DISA STIG Palo Alto ALG v3r2 | Palo_Alto | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| PANW-AG-000148 - The Palo Alto Networks security platform must inspect inbound and outbound FTP and FTPS communications traffic (if authorized) for protocol compliance and protocol anomalies. | DISA STIG Palo Alto ALG v3r2 | Palo_Alto | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| User Account Control: Detect application installations and prompt for elevation | MSCT Windows 11 v24H2 v1.0.0 | Windows | ACCESS CONTROL |
| User Account Control: Detect application installations and prompt for elevation | MSCT Windows Server 1903 MS v1.19.9 | Windows | ACCESS CONTROL |
| User Account Control: Detect application installations and prompt for elevation | MSCT Windows Server 2012 R2 DC v1.0.0 | Windows | ACCESS CONTROL |
| User Account Control: Detect application installations and prompt for elevation | MSCT Windows Server 2012 R2 MS v1.0.0 | Windows | ACCESS CONTROL |
| User Account Control: Detect application installations and prompt for elevation | MSCT Windows Server 2016 DC v1.0.0 | Windows | ACCESS CONTROL |
| User Account Control: Detect application installations and prompt for elevation | MSCT Windows Server 2016 MS v1.0.0 | Windows | ACCESS CONTROL |
| User Account Control: Detect application installations and prompt for elevation | MSCT Windows 10 1903 v1.19.9 | Windows | ACCESS CONTROL |
| User Account Control: Detect application installations and prompt for elevation | MSCT Windows Server 2022 v1.0.0 | Windows | ACCESS CONTROL |
| User Account Control: Detect application installations and prompt for elevation | MSCT Windows 10 1909 v1.0.0 | Windows | ACCESS CONTROL |
| User Account Control: Detect application installations and prompt for elevation | MSCT Windows 10 v20H2 v1.0.0 | Windows | ACCESS CONTROL |
| User Account Control: Detect application installations and prompt for elevation | MSCT Windows 10 v22H2 v1.0.0 | Windows | ACCESS CONTROL |
| User Account Control: Detect application installations and prompt for elevation | MSCT Windows Server 1903 DC v1.19.9 | Windows | ACCESS CONTROL |
| User Account Control: Detect application installations and prompt for elevation | MSCT Windows Server v1909 DC v1.0.0 | Windows | ACCESS CONTROL |
| User Account Control: Detect application installations and prompt for elevation | MSCT Windows Server v20H2 DC v1.0.0 | Windows | ACCESS CONTROL |
| User Account Control: Detect application installations and prompt for elevation - EnableInstallerDetection | MSCT Windows Server 2025 MS v1.0.0 | Windows | ACCESS CONTROL |
| User Account Control: Detect application installations and prompt for elevation - EnableInstallerDetection | MSCT Windows Server 2025 DC v1.0.0 | Windows | ACCESS CONTROL |
