| 1.7.1.2 Ensure SELinux is not disabled in bootloader configuration - enforcing | CIS Fedora 19 Family Linux Workstation L1 v1.0.0 | Unix | ACCESS CONTROL |
| 1.7.1.2 Ensure SELinux is not disabled in bootloader configuration - selinux | CIS Fedora 19 Family Linux Server L1 v1.0.0 | Unix | ACCESS CONTROL |
| 2.6 Configure TLS authentication for Docker daemon - tlscert | CIS Docker 1.12.0 v1.0.0 L1 Docker | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.6 Configure TLS authentication for Docker daemon - tlskey | CIS Docker 1.12.0 v1.0.0 L1 Docker | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.1.2 Set 'no ip proxy-arp' | CIS Cisco IOS 15 L2 v4.1.1 | Cisco | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.9 Ensure 'MachineKey validation method - .Net 4.5' is configured | CIS IIS 8.0 v1.5.1 Level 1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.16 Verify that Docker socket file permissions are set to 660 or more restrictive | CIS Docker 1.11.0 v1.0.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 4.22 sqlnet.ora - 'Set tcp.excluded_nodes to valid values' | CIS v1.1.0 Oracle 11g OS Windows Level 2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.2.8 Ensure SSH HostbasedAuthentication is disabled | CIS Debian Family Server L1 v1.0.0 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 5.2.9 Ensure SSH HostbasedAuthentication is disabled | CIS Distribution Independent Linux Workstation L1 v2.0.0 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 5.2.9 Ensure SSH HostbasedAuthentication is disabled | CIS Fedora 19 Family Linux Server L1 v1.0.0 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 5.2.9 Ensure SSH HostbasedAuthentication is disabled | CIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 5.3.10 Ensure SSH HostbasedAuthentication is disabled | CIS Red Hat 6 Workstation L1 v3.0.0 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 5.3.11 Ensure SSH HostbasedAuthentication is disabled | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 18.10.44.6 (NG) Ensure 'Turn on Microsoft Defender Application Guard in Managed Mode' is set to 'Enabled: 1' | CIS Microsoft Windows 10 Enterprise v4.0.0 NG | Windows | SYSTEM AND INFORMATION INTEGRITY |
| ALMA-09-024000 - AlmaLinux OS 9 must be configured so that the cryptographic hashes of system files match vendor values. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| Configure Attack Surface Reduction rules - 5beb7efe-fd9a-4556-801d-275e5ffc04cc | MSCT Windows 10 1809 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Configure Attack Surface Reduction rules - 5beb7efe-fd9a-4556-801d-275e5ffc04cc | MSCT Windows 10 v2004 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Configure Attack Surface Reduction rules - 9e6c4e1f-7d60-472f-ba1a-a39ef669e4b2 | MSCT Windows 10 v2004 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Configure Attack Surface Reduction rules - 9e6c4e1f-7d60-472f-ba1a-a39ef669e4b2 | MSCT Windows 10 v20H2 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Configure Attack Surface Reduction rules - 92E97FA1-2EDF-4476-BDD6-9DD0B4DDDC7B | MSCT Windows 10 1909 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Configure Attack Surface Reduction rules - 7674ba52-37eb-4a4f-a9a1-f0f9a1619a2c | MSCT Windows 10 1909 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Configure Attack Surface Reduction rules - 7674ba52-37eb-4a4f-a9a1-f0f9a1619a2c | MSCT Windows 10 v21H1 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Configure Attack Surface Reduction rules - 75668c1f-73b5-4cf0-bb93-3ecf5cb7cc84 | MSCT Windows 10 1803 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Configure Attack Surface Reduction rules - b2b3f03d-6a65-4f7b-a9c7-1c7ef74a9ba4 | MSCT Windows 10 v21H1 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Configure Attack Surface Reduction rules - be9ba2d9-53ea-4cdc-84e5-9b1eeee46550 | MSCT Windows 10 1903 v1.19.9 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Configure Attack Surface Reduction rules - be9ba2d9-53ea-4cdc-84e5-9b1eeee46550 | MSCT Windows 10 1909 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Configure Attack Surface Reduction rules - c1db55ab-c21a-4637-bb3f-a12568109d35 | MSCT Windows 10 v20H2 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Configure Attack Surface Reduction rules - d3e037e1-3eb8-44c8-a917-57927947596d | MSCT Windows 10 1809 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Configure Attack Surface Reduction rules - d3e037e1-3eb8-44c8-a917-57927947596d | MSCT Windows 10 1909 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Configure Attack Surface Reduction rules - d3e037e1-3eb8-44c8-a917-57927947596d | MSCT Windows 10 v20H2 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Configure Attack Surface Reduction rules - d3e037e1-3eb8-44c8-a917-57927947596d | MSCT Windows 10 v21H1 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Configure Attack Surface Reduction rules - d4f940ab-401b-4efc-aadc-ad5f3c50688a | MSCT Windows 10 1803 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Configure Attack Surface Reduction rules - d4f940ab-401b-4efc-aadc-ad5f3c50688a | MSCT Windows 10 1903 v1.19.9 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Configure Attack Surface Reduction rules - ExploitGuard_ASR_Rules | MSCT Windows 10 1809 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Configure Attack Surface Reduction rules - ExploitGuard_ASR_Rules | MSCT Windows 10 v21H1 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| EDGE-00-000008 - The ability of sites to show pop-ups must be disabled. | DISA STIG Edge v2r2 | Windows | CONFIGURATION MANAGEMENT |
| FGFW-ND-000205 - The FortiGate device must implement replay-resistant authentication mechanisms for network access to privileged accounts | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | IDENTIFICATION AND AUTHENTICATION |
| GOOG-12-010600 - Google Android 12 must be configured to disallow configuration of date and time. | AirWatch - DISA Google Android 12 COBO v1r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-12-010600 - Google Android 12 must be configured to disallow configuration of date and time. | AirWatch - DISA Google Android 12 COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-13-010600 - Google Android 13 must be configured to disallow configuration of date and time. | AirWatch - DISA Google Android 13 COPE v2r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-13-706700 - Google Android 13 allowlist must be configured to not include applications with the following characteristics (work profile only): | AirWatch - DISA Google Android 13 BYOD v1r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-14-010600 - Google Android 14 must be configured to disallow configuration of date and time. | AirWatch - DISA Google Android 14 COBO v2r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-14-010600 - Google Android 14 must be configured to disallow configuration of date and time. | MobileIron - DISA Google Android 14 COPE v2r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-15-010600 - Google Android 15 must be configured to disallow configuration of date and time. | AirWatch - DISA Google Android 15 COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-15-010600 - Google Android 15 must be configured to disallow configuration of date and time. | MobileIron - DISA Google Android 15 COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-15-012500 - Google Android 15 must be configured to disable 'Private Space' use. | AirWatch - DISA Google Android 15 COBO v1r2 | MDM | CONFIGURATION MANAGEMENT |
| Login: Exponential Backoff is set | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | ACCESS CONTROL |
| RHEL-07-040400 - The Red Hat Enterprise Linux operating system must be configured so that the SSH daemon is configured to only use Message Authentication Codes (MACs) employing FIPS 140-2 approved cryptographic hash algorithms. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | ACCESS CONTROL |
| VM : limit-console-connections-two | VMWare vSphere 5.X Hardening Guide | VMware | ACCESS CONTROL |
