| 1.2.3 Limit SSH Login Attempts to 3 or less | CIS Cisco NX-OS v1.2.0 L1 | Cisco | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 1.3.1 Ensure 'Minimum Password Complexity' is enabled | CIS Palo Alto Firewall 6 Benchmark L1 v1.0.0 | Palo_Alto | IDENTIFICATION AND AUTHENTICATION |
| 1.6.5 Apply Security Context to Your Pods and Containers | CIS Kubernetes 1.11 Benchmark v1.3.0 L2 | Unix | |
| 2.2.28 Ensure 'Generate security audits' is set to 'LOCAL SERVICE, NETWORK SERVICE' - LOCAL SERVICE, NETWORK SERVICE | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS | Windows | AUDIT AND ACCOUNTABILITY |
| 2.7 Ensure 'passwordFormat' is not set to clear - Default | CIS IIS 7 L1 v1.8.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 4.4 Defend against Denial of Service Attacks | CIS ISC BIND 9.0/9.5 v2.0.0 | Unix | |
| 4.4 Enable Auditing of Process and Privilege Events - AUE_SETEUID : cis | CIS Solaris 11.2 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.4 Enable Auditing of Process and Privilege Events - AUE_SETREGID : cis | CIS Solaris 11.2 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.4 Enable Auditing of Process and Privilege Events - AUE_SETREUID : cis | CIS Solaris 11 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.11 Ensure 'Dynamic IP Address Restrictions' is enabled | CIS IIS 7 L1 v1.8.0 | Windows | |
| 5.3 Ensure 'ETW Logging' is enabled | CIS IIS 10 v1.2.1 Level 1 | Windows | AUDIT AND ACCOUNTABILITY |
| 5.3 Ensure 'ETW Logging' is enabled - Sites logFormat W3C | CIS IIS 10 v1.2.1 Level 1 | Windows | AUDIT AND ACCOUNTABILITY |
| 5.3 Ensure 'ETW Logging' is enabled - Sites logFormat W3C with ETW target | CIS IIS 10 v1.2.1 Level 1 | Windows | AUDIT AND ACCOUNTABILITY |
| 5.7.3 Apply Security Context to Your Pods and Containers | CIS Kubernetes v1.23 Benchmark v1.0.1 L2 Master | Unix | CONFIGURATION MANAGEMENT |
| 5.7.3 Apply Security Context to Your Pods and Containers | CIS Kubernetes v1.20 Benchmark v1.0.1 L2 Master | Unix | CONFIGURATION MANAGEMENT |
| ESXi : audit-exception-users | VMWare vSphere 6.5 Hardening Guide | VMware | ACCESS CONTROL |
| ESXi : config-ntp | VMWare vSphere 6.0 Hardening Guide | VMware | AUDIT AND ACCOUNTABILITY |
| ESXi : enable-strict-lockdown-mode | VMWare vSphere 6.0 Hardening Guide | VMware | ACCESS CONTROL |
| IIST-SI-000231 - Directory Browsing on the IIS 10.0 website must be disabled. | DISA IIS 10.0 Site v2r12 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| IIST-SV-000124 - The IIS 10.0 web server must have Multipurpose Internet Mail Extensions (MIME) that invoke OS shell programs disabled | DISA IIS 10.0 Server v2r10 | Windows | CONFIGURATION MANAGEMENT |
| IIST-SV-000124 - The IIS 10.0 web server must have Multipurpose Internet Mail Extensions (MIME) that invoke OS shell programs disabled. | DISA IIS 10.0 Server v3r4 | Windows | CONFIGURATION MANAGEMENT |
| IIST-SV-000125 - The IIS 10.0 web server must have Web Distributed Authoring and Versioning (WebDAV) disabled. | DISA IIS 10.0 Server v3r4 | Windows | CONFIGURATION MANAGEMENT |
| IIST-SV-000125 - The IIS 10.0 web server must have Web Distributed Authoring and Versioning (WebDAV) disabled. | DISA IIS 10.0 Server v2r10 | Windows | CONFIGURATION MANAGEMENT |
| IIST-SV-000134 - The IIS 10.0 web server must use cookies to track session state. | DISA IIS 10.0 Server v3r4 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| IIST-SV-000138 - Directory Browsing on the IIS 10.0 web server must be disabled. | DISA IIS 10.0 Server v2r10 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| IIST-SV-000138 - Directory Browsing on the IIS 10.0 web server must be disabled. | DISA IIS 10.0 Server v3r4 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| IIST-SV-000145 - The IIS 10.0 web server must use a logging mechanism configured to allocate log record storage capacity large enough to accommodate the logging requirements of the IIS 10.0 web server. | DISA IIS 10.0 Server v2r10 | Windows | AUDIT AND ACCOUNTABILITY |
| IIST-SV-000145 - The IIS 10.0 web server must use a logging mechanism configured to allocate log record storage capacity large enough to accommodate the logging requirements of the IIS 10.0 web server. | DISA IIS 10.0 Server v3r4 | Windows | AUDIT AND ACCOUNTABILITY |
| IIST-SV-000220 - The Request Smuggling filter must be enabled. | DISA IIS 10.0 Server v3r4 | Windows | CONFIGURATION MANAGEMENT |
| IISW-SI-000231 - Directory Browsing on the IIS 8.5 website must be disabled. | DISA IIS 8.5 Site v2r9 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| IISW-SV-000124 - The IIS 8.5 web server must have Multipurpose Internet Mail Extensions (MIME) that invoke OS shell programs disabled - MIME that invoke OS shell programs disabled | DISA IIS 8.5 Server v2r7 | Windows | CONFIGURATION MANAGEMENT |
| IISW-SV-000145 - The IIS 8.5 web server must use a logging mechanism that is configured to allocate log record storage capacity large enough to accommodate the logging requirements of the IIS 8.5 web server. | DISA IIS 8.5 Server v2r7 | Windows | AUDIT AND ACCOUNTABILITY |
| NIST_macOS_Monterey_800-53r5_high_v1.0.0.audit from NIST macOS Monterey v1.0.0 | NIST macOS Monterey v1.0.0 - 800-53r5 High | Unix | |
| NIST_macOS_Monterey_cnssi-1253_v1.0.0.audit from NIST macOS Monterey v1.0.0 | NIST macOS Monterey v1.0.0 - CNSSI 1253 | Unix | |
| SHPT-00-000531 - SharePoint sites must not use NTLM - SharePoint sites must not use NTLM. | DISA STIG SharePoint 2010 v1r9 | Windows | IDENTIFICATION AND AUTHENTICATION |
| VM : disable-console-gui-options | VMWare vSphere 6.0 Hardening Guide | VMware | CONFIGURATION MANAGEMENT |
| VM : disable-unexposed-features-autologon | VMWare vSphere 6.0 Hardening Guide | VMware | ACCESS CONTROL |
| VM : disable-unexposed-features-biosbbs | VMWare vSphere 6.0 Hardening Guide | VMware | CONFIGURATION MANAGEMENT |
| VM : disable-unexposed-features-getcreds | VMWare vSphere 6.0 Hardening Guide | VMware | CONFIGURATION MANAGEMENT |
| VM : disable-unexposed-features-memsfss | VMWare vSphere 6.0 Hardening Guide | VMware | CONFIGURATION MANAGEMENT |
| VM : disable-unexposed-features-shellaction | VMWare vSphere 6.0 Hardening Guide | VMware | CONFIGURATION MANAGEMENT |
| VM : disable-unexposed-features-versionget | VMWare vSphere 6.0 Hardening Guide | VMware | CONFIGURATION MANAGEMENT |
| VM : disable-unexposed-features-versionset | VMWare vSphere 6.0 Hardening Guide | VMware | CONFIGURATION MANAGEMENT |
| VM : disable-vix-messages | VMWare vSphere 6.0 Hardening Guide | VMware | CONFIGURATION MANAGEMENT |
| VM : disable-VMtools-autoinstall | VMWare vSphere 6.0 Hardening Guide | VMware | CONFIGURATION MANAGEMENT |
| VM : disconnect-devices-floppy | VMWare vSphere 6.0 Hardening Guide | VMware | MEDIA PROTECTION |
| VM : prevent-device-interaction-connect | VMWare vSphere 6.0 Hardening Guide | VMware | ACCESS CONTROL |
| vNetwork : reject-forged-transmit - 'vSwitch' | VMWare vSphere 6.0 Hardening Guide | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| vNetwork : reject-mac-changes-dvportgroup | VMWare vSphere 6.0 Hardening Guide | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| vNetwork : restrict-port-level-overrides | VMWare vSphere 6.0 Hardening Guide | VMware | |
