| 12.50 Intrusion detection system on host - 'Utilize' | CIS v1.1.0 Oracle 11g OS L2 | Unix | |
| CIS_Apple_macOS_14_Sonoma_STIG_v1.0.0_CAT_I.audit from CIS Apple macOS 14 (Sonoma) STIG Benchmark v1.0.0 | CIS Apple macOS 14 (Sonoma) STIG v1.0.0 CAT I | Unix | |
| CIS_Apple_macOS_14_Sonoma_STIG_v1.0.0_CAT_II.audit from CIS Apple macOS 14 (Sonoma) STIG Benchmark v1.0.0 | CIS Apple macOS 14 (Sonoma) STIG v1.0.0 CAT II | Unix | |
| CIS_Apple_macOS_14_Sonoma_STIG_v1.0.0_CAT_III.audit from CIS Apple macOS 14 (Sonoma) STIG Benchmark v1.0.0 | CIS Apple macOS 14 (Sonoma) STIG v1.0.0 CAT III | Unix | |
| CIS_Azure_Compute_Microsoft_Windows_Server_2019_v1.0.0_L1_DC.audit from CIS Azure Compute Microsoft Windows Server 2019 Benchmark v1.0.0 | CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DC | Windows | |
| CIS_Azure_Compute_Microsoft_Windows_Server_2019_v1.0.0_NG_DC.audit from CIS Azure Compute Microsoft Windows Server 2019 Benchmark v1.0.0 | CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 NG DC | Windows | |
| CIS_Azure_Compute_Microsoft_Windows_Server_2019_v1.0.0_NG_MS.audit from CIS Azure Compute Microsoft Windows Server 2019 Benchmark v1.0.0 | CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 NG MS | Windows | |
| CIS_Fedora_28_Family_Linux_Server_L1_v1.0.0.audit from CIS Fedora 19 Family Linux Benchmark v1.0.0 | CIS Fedora 19 Family Linux Server L2 v1.0.0 | Unix | |
| CIS_Fedora_28_Family_Linux_Workstation_L1_v1.0.0.audit from CIS Fedora 19 Family Linux Benchmark v1.0.0 | CIS Fedora 19 Family Linux Workstation L2 v1.0.0 | Unix | |
| CIS_Google_Chrome_Group_Policy_v1.0.0_L2.audit from CIS Google Chrome Group Policy Benchmark v1.0.0 | CIS Google Chrome Group Policy v1.0.0 L2 | Windows | |
| CIS_Microsoft_Exchange_Server_2016_Level_1_Edge_v1.0.0.audit from CIS Microsoft Exchange Server 2016 v1.0.0 Benchmark | CIS Microsoft Exchange Server 2016 Edge v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| CIS_Microsoft_Exchange_Server_2016_Level_1_UM_v1.0.0.audit from CIS Microsoft Exchange Server 2016 v1.0.0 Benchmark | CIS Microsoft Exchange Server 2016 UM v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| CIS_Microsoft_Windows_Server_2025_Stand-alone_v1.0.0_L2_MS.audit from CIS Microsoft Windows Server 2025 Stand-alone v1.0.0 | CIS Microsoft Windows Server 2025 Stand-alone v1.0.0 L2 MS | Windows | |
| CIS_Microsoft_Windows_Server_2025_Stand-alone_v1.0.0_NG_MS.audit from CIS Microsoft Windows Server 2025 Stand-alone v1.0.0 | CIS Microsoft Windows Server 2025 Stand-alone v1.0.0 NG MS | Windows | |
| CIS_Palo_Alto_Firewall_8_Benchmark_L2_v1.0.0.audit from CIS Palo Alto Firewall 8 Benchmark v1.0.0 | CIS Palo Alto Firewall 8 Benchmark L2 v1.0.0 | Palo_Alto | |
| CIS_Red_Hat_Enterprise_Linux_9_STIG_v1.0.0_CAT_III.audit from CIS Red Hat Enterprise Linux 9 STIG Benchmark v1.0.0 | CIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT III | Unix | |
| CIS_Ubuntu_Linux_22.04_LTS_STIG_v1.0.0_CAT_I.audit from CIS Ubuntu Linux 22.04 LTS STIG Benchmark v1.0.0 | CIS Ubuntu Linux 22.04 LTS STIG v1.0.0 CAT I | Unix | |
| CIS_Ubuntu_Linux_22.04_LTS_STIG_v1.0.0_CAT_II.audit from CIS Ubuntu Linux 22.04 LTS STIG Benchmark v1.0.0 | CIS Ubuntu Linux 22.04 LTS STIG v1.0.0 CAT II | Unix | |
| CIS_Ubuntu_Linux_24.04_LTS_STIG_v1.0.0_CAT_III.audit from CIS Ubuntu Linux 24.04 LTS STIG Benchmark v1.0.0 | CIS Ubuntu Linux 24.04 LTS STIG v1.0.0 CAT III | Unix | |
| CIS_Visual_Studio_Code_GPO_v1.0.0_L1.audit from CIS Visual Studio Code GPO Benchmark v1.0.0 | CIS Visual Studio Code GPO v1.0.0 L1 | Windows | |
| CIS_Visual_Studio_Code_GPO_v1.0.0_L2.audit from CIS Visual Studio Code GPO Benchmark v1.0.0 | CIS Visual Studio Code GPO v1.0.0 L2 | Windows | |
| DTAM154 - McAfee VirusScan On-Demand scan must be configured to scan memory for rootkits. | DISA McAfee VirusScan 8.8 Managed Client STIG v6r1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| DTAM154 - McAfee VirusScan On-Demand scan must be configured to scan memory for rootkits. | DISA McAfee VirusScan 8.8 Local Client STIG v6r1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| FireEye - A scheduled system backup job is configured | TNS FireEye | FireEye | CONTINGENCY PLANNING |
| FireEye - AAA failed logins are tracked | TNS FireEye | FireEye | ACCESS CONTROL |
| FireEye - AAA lockouts are enabled | TNS FireEye | FireEye | ACCESS CONTROL |
| FireEye - AAA lockouts occur after at most 5 failures | TNS FireEye | FireEye | |
| FireEye - AAA tries local authentication first | TNS FireEye | FireEye | IDENTIFICATION AND AUTHENTICATION |
| FireEye - AAA user mapping default | TNS FireEye | FireEye | CONFIGURATION MANAGEMENT |
| FireEye - Boot image must be signed | TNS FireEye | FireEye | SYSTEM AND INFORMATION INTEGRITY |
| FireEye - Boot manager password is set | TNS FireEye | FireEye | SYSTEM AND INFORMATION INTEGRITY |
| FireEye - Configuration auditing logs the required number of changes | TNS FireEye | FireEye | CONFIGURATION MANAGEMENT |
| FireEye - Custom SNORT rules are enabled | TNS FireEye | FireEye | SYSTEM AND INFORMATION INTEGRITY |
| FireEye - FENet security content updates are applied automatically | TNS FireEye | FireEye | |
| FireEye - IPMI should be connected to a restricted management network | TNS FireEye | FireEye | |
| FireEye - LDAP encryption certificates are verified | TNS FireEye | FireEye | IDENTIFICATION AND AUTHENTICATION |
| FireEye - NTP is enabled | TNS FireEye | FireEye | AUDIT AND ACCOUNTABILITY |
| FireEye - Reports are run on a schedule | TNS FireEye | FireEye | AUDIT AND ACCOUNTABILITY |
| FireEye - SNMP trap hosts that use community override use a secure community string | TNS FireEye | FireEye | IDENTIFICATION AND AUTHENTICATION |
| FireEye - SNMP traps use a secure community string | TNS FireEye | FireEye | IDENTIFICATION AND AUTHENTICATION |
| FireEye - SNMP v3 users have passwords | TNS FireEye | FireEye | ACCESS CONTROL |
| FireEye - SNMP v3 uses AES instead of DES | TNS FireEye | FireEye | ACCESS CONTROL |
| FireEye - SSH users are logged out after 15 minutes of inactivity or less | TNS FireEye | FireEye | ACCESS CONTROL |
| FireEye - The appliance uses a trusted DNS server | TNS FireEye | FireEye | SYSTEM AND COMMUNICATIONS PROTECTION |
| FireEye - USB media is not auto-mounted | TNS FireEye | FireEye | MEDIA PROTECTION |
| FireEye - User connections are limited by subnet or VLAN | TNS FireEye | FireEye | SYSTEM AND COMMUNICATIONS PROTECTION |
| FireEye - Web interface does not use the system self-signed certificate | TNS FireEye | FireEye | IDENTIFICATION AND AUTHENTICATION |
| JUSX-IP-000014 - To protect against unauthorized data mining, the Juniper Networks SRX Series Gateway IDPS must detect code injection attacks launched against data storage objects, including, at a minimum, databases, database records, queries, and fields. | DISA Juniper SRX Services Gateway IDPS v2r1 | Juniper | ACCESS CONTROL |
| JUSX-IP-000015 - To protect against unauthorized data mining, the Juniper Networks SRX Series Gateway IDPS must detect code injection attacks launched against application objects, including, at a minimum, application URLs and application code. | DISA Juniper SRX Services Gateway IDPS v2r1 | Juniper | ACCESS CONTROL |
| SYMP-AG-000670 - Symantec ProxySG providing content filtering must generate an alert to, at a minimum, the ISSO and ISSM when denial-of-service (DoS) incidents are detected - DoS incidents are detected. Rules | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | SYSTEM AND INFORMATION INTEGRITY |
