| 1.2 Ensure Auto Update Is Enabled | CIS Apple macOS 10.15 Catalina v3.0.0 L1 | Unix | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 1.51 APPL-14-001060 | CIS Apple macOS 14 (Sonoma) STIG v1.0.0 CAT II | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.146 APPL-14-005058 | CIS Apple macOS 14 (Sonoma) STIG v1.0.0 CAT II | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| 2.1.1.3 Ensure iCloud Drive Document and Desktop Sync Is Disabled | CIS Apple macOS 13.0 Ventura v4.0.0 L2 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.5.1.3 Ensure all user storage CoreStorage volumes are encrypted | CIS Apple macOS 12.0 Monterey v4.0.0 L1 | Unix | IDENTIFICATION AND AUTHENTICATION, MEDIA PROTECTION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.10 Audit Siri Settings | CIS Apple macOS 11.0 Big Sur v4.0.0 L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.13 Audit Siri Settings | CIS Apple macOS 10.14 v2.0.0 L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.18.1 Ensure On-Device Dictation Is Enabled | CIS Apple macOS 15.0 Sequoia v2.0.0 L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 7.12 Siri on macOS | CIS Apple macOS 10.12 L1 v1.2.0 | Unix | CONFIGURATION MANAGEMENT |
| 7.12 Siri on macOS | CIS Apple macOS 10.13 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| APPL-13-001060 - The macOS system must accept and verify Personal Identity Verification (PIV) credentials, implement a local cache of revocation data to support path discovery and validation in case of the inability to access revocation information via the network, and only allow the use of DOD PKI-established certificate authorities for verification of the establishment of protected sessions. | DISA STIG Apple macOS 13 v1r5 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-13-003001 - The macOS system must issue or obtain public key certificates under an appropriate certificate policy from an approved service provider. | DISA STIG Apple macOS 13 v1r5 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-14-002060 - The macOS system must apply gatekeeper settings to block applications from unidentified developers. | DISA Apple macOS 14 Sonoma STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| APPL-26-002060 - The macOS system must apply gatekeeper settings to block applications from unidentified developers. | DISA Apple macOS 26 Tahoe STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| Big Sur - Apply Gatekeeper Settings to Block Applications from Unidentified Developers | NIST macOS Big Sur v1.4.0 - 800-53r4 High | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| Big Sur - Apply Gatekeeper Settings to Block Applications from Unidentified Developers | NIST macOS Big Sur v1.4.0 - 800-53r5 Moderate | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| Big Sur - Apply Gatekeeper Settings to Block Applications from Unidentified Developers | NIST macOS Big Sur v1.4.0 - All Profiles | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| Big Sur - Apply Gatekeeper Settings to Block Applications from Unidentified Developers | NIST macOS Big Sur v1.4.0 - 800-53r4 Moderate | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| Big Sur - Apply Gatekeeper Settings to Block Applications from Unidentified Developers | NIST macOS Big Sur v1.4.0 - 800-53r5 High | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| Big Sur - Configure System to Fail to a Known Safe State if System Initialization, Shutdown, or Abort Fails | NIST macOS Big Sur v1.4.0 - All Profiles | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Big Sur - Ensure Secure Boot Level Set to Full | NIST macOS Big Sur v1.4.0 - 800-53r4 High | Unix | SYSTEM AND INFORMATION INTEGRITY |
| Big Sur - Ensure Secure Boot Level Set to Full | NIST macOS Big Sur v1.4.0 - 800-53r5 Moderate | Unix | SYSTEM AND INFORMATION INTEGRITY |
| BIND-9X-001360 - The BIND 9.x server implementation must prohibit the forwarding of queries to servers controlled by organizations outside of the U.S. government. | DISA BIND 9.x STIG v3r1 | Unix | CONFIGURATION MANAGEMENT |
| Catalina - Apply Gatekeeper Settings to Block Applications from Unidentified Developers | NIST macOS Catalina v1.5.0 - 800-53r5 Moderate | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| Catalina - Apply Gatekeeper Settings to Block Applications from Unidentified Developers | NIST macOS Catalina v1.5.0 - All Profiles | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| Catalina - Apply Gatekeeper Settings to Block Applications from Unidentified Developers | NIST macOS Catalina v1.5.0 - CNSSI 1253 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| Catalina - Apply Gatekeeper Settings to Block Applications from Unidentified Developers | NIST macOS Catalina v1.5.0 - 800-53r5 Low | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| Catalina - Configure System to Fail to a Known Safe State if System Initialization, Shutdown, or Abort Fails | NIST macOS Catalina v1.5.0 - 800-53r4 High | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Catalina - Configure System to Fail to a Known Safe State if System Initialization, Shutdown, or Abort Fails | NIST macOS Catalina v1.5.0 - All Profiles | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Catalina - Ensure all Federal Laws, Executive Orders, Directives, Policies, Regulations, Standards, and Guidance for Authentication to a Cryptographic Module are Met | NIST macOS Catalina v1.5.0 - 800-53r5 Moderate | Unix | IDENTIFICATION AND AUTHENTICATION |
| Catalina - Ensure all Federal Laws, Executive Orders, Directives, Policies, Regulations, Standards, and Guidance for Authentication to a Cryptographic Module are Met | NIST macOS Catalina v1.5.0 - All Profiles | Unix | IDENTIFICATION AND AUTHENTICATION |
| DISA_IBM_WebSphere_Traditional_9_Windows_v1r1.audit for DISA IBM WebSphere Traditional 9 STIG v1r1 | DISA IBM WebSphere Traditional 9 Windows STIG v1r1 | Windows | |
| DISA_IIS_6.0_Web_Server_v6r16.audit from DISA Microsoft IIS 6.0 Server v6r16 STIG | DISA STIG IIS 6.0 Server v6r16 | Windows | |
| DISA_STIG_Adobe_Acrobat_Pro_XI_v1r2.audit from DISA Adobe Acrobat Pro XI V1R2 STIG | DISA Adobe Acrobat Pro XI STIG v1r2 | Windows | |
| DISA_STIG_Canonical_Ubuntu_22.04_LTS_v2r8.audit from DISA Canonical Ubuntu 22.04 LTS STIG v2r8 | DISA Canonical Ubuntu 22.04 LTS STIG v2r8 | Unix | |
| DISA_STIG_Canonical_Ubuntu_24.04_LTS_v1r5.audit from DISA Canonical Ubuntu 24.04 LTS STIG v1r5 | DISA Canonical Ubuntu 24.04 LTS STIG v1r5 | Unix | |
| DISA_STIG_Microsoft_Internet_Explorer_11_v2r6.audit from DISA Microsoft Internet Explorer 11 v2r6 STIG | DISA STIG IE 11 v2r6 | Windows | |
| DISA_STIG_Microsoft_Office_365_ProPlus_v3r5.audit from DISA Microsoft Office 365 ProPlus STIG v3r5 | DISA Microsoft Office 365 ProPlus STIG v3r5 | Windows | |
| DISA_STIG_Microsoft_Office_System_2010_v1r13.audit from DISA Microsoft Office System 2010 v1r13 STIG | DISA STIG Office System 2010 v1r13 | Windows | |
| DISA_STIG_Microsoft_Office_System_2016_v2r5.audit from DISA Microsoft Office System 2016 STIG v2r5 | DISA Microsoft Office System 2016 STIG v2r5 | Windows | |
| DISA_STIG_Oracle_WebLogic_Server_12c_Windows_v2r2.audit from DISA Oracle WebLogic Server 12c v2r2 STIG | Oracle WebLogic Server 12c Windows v2r2 | Windows | |
| DISA_STIG_VMware_vSphere_7.0_VAMI_v1r2.audit from DISA VMware vSphere 7.0 VAMI v1r2 STIG | DISA STIG VMware vSphere 7.0 VAMI v1r2 | Unix | |
| Monterey - Apply Gatekeeper Settings to Block Applications from Unidentified Developers | NIST macOS Monterey v1.0.0 - 800-53r5 Moderate | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| Monterey - Apply Gatekeeper Settings to Block Applications from Unidentified Developers | NIST macOS Monterey v1.0.0 - 800-53r4 Moderate | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| Monterey - Apply Gatekeeper Settings to Block Applications from Unidentified Developers | NIST macOS Monterey v1.0.0 - 800-53r5 High | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| Monterey - Apply Gatekeeper Settings to Block Applications from Unidentified Developers | NIST macOS Monterey v1.0.0 - All Profiles | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| Monterey - Apply Gatekeeper Settings to Block Applications from Unidentified Developers | NIST macOS Monterey v1.0.0 - 800-171 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| Monterey - Apply Gatekeeper Settings to Block Applications from Unidentified Developers | NIST macOS Monterey v1.0.0 - 800-53r5 Low | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| Monterey - Configure System to Fail to a Known Safe State if System Initialization, Shutdown, or Abort Fails | NIST macOS Monterey v1.0.0 - 800-53r4 High | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Monterey - Configure System to Fail to a Known Safe State if System Initialization, Shutdown, or Abort Fails | NIST macOS Monterey v1.0.0 - 800-53r5 High | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
