| 1.2.2 Set 'transport input ssh' for 'line vty' connections | CIS Cisco IOS XE 16.x v2.1.0 L1 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| 1.29 (L2) Ensure 'Allow features to download assets from the Asset Delivery Service' is set to 'Disabled' | CIS Microsoft Edge v3.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 1.36 (L1) Ensure 'Allow importing of payment info' is set to 'Disabled' | CIS Microsoft Edge v3.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.1.4.1 Ensure 'Default file format' is set to 'Enabled: Access 2007' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.4 Configure TCP Wrappers - Allow localhost. | CIS Solaris 10 L1 v5.2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.4 Configure TCP Wrappers - Deny access to this server from all networks | CIS Solaris 10 L1 v5.2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.4 Configure TCP Wrappers - Make sure that /etc/hosts.allow does exist. | CIS Solaris 10 L1 v5.2 | Unix | CONFIGURATION MANAGEMENT |
| 2.4 Configure TCP Wrappers - Make sure that /etc/hosts.deny does exist. | CIS Solaris 10 L1 v5.2 | Unix | CONFIGURATION MANAGEMENT |
| 3.3 Enable Stack Protection - Makes sure 'noexec_user_stack_log' is set to 1 in /etc/system. Note: Only applicable if NX bit is set. | CIS Solaris 10 L1 v5.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.3 Enable Stack Protection - Makes sure 'noexec_user_stack' is set to 1 in /etc/system. Note: Only applicable if NX bit is set. | CIS Solaris 10 L1 v5.2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 4.3 Enable Debug Level Daemon Logging - Check if permissions for /var/log/connlog are OK. | CIS Solaris 10 L1 v5.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.9 Enable Kernel Level Auditing - Check audit condition is set to auditing | CIS Solaris 10 L1 v5.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 6.3 Use CloudFront Content Distribution Network | CIS Amazon Web Services Three-tier Web Architecture L1 1.0.0 | amazon_aws | |
| 6.10.1.9 Ensure Strong Key Exchange Methods are set for SSH | CIS Juniper OS Benchmark v2.1.0 L1 | Juniper | IDENTIFICATION AND AUTHENTICATION |
| 6.12 Set EEPROM Security Mode and Log Failed Access - SPARC only. Should *not* be 'security-mode=none'. | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
| 7.3 Set Strong Password Creation Policies - Check MINLOWER is set to 1 | CIS Solaris 10 L1 v5.2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 7.3 Set Strong Password Creation Policies - Check NAMECHECK is set to YES | CIS Solaris 10 L1 v5.2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 7.8 Set 'mesg n' as Default for All Users in /etc/.login | CIS Solaris 10 L1 v5.2 | Unix | CONFIGURATION MANAGEMENT |
| 7.8 Set 'mesg n' as Default for All Users in /etc/profile | CIS Solaris 10 L1 v5.2 | Unix | CONFIGURATION MANAGEMENT |
| 7.11 Ensure HTTP Strict Transport Security Is Enabled - 'httpd.conf Strict-Transport-Security 'max-age=480' | CIS Apache HTTP Server 2.2 L2 v3.6.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 8.2 Create Warning Banner for CDE Users - Check if 'Dtlogin*greeting.persLabelString' is not set to default string. | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
| 8.2 Create Warning Banner for CDE Users - Check if 'Dtlogin*greeting.persLabelString' is set appropriately. | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
| 8.2 Create Warning Banner for CDE Users - Check if file permissions for files under /etc/dt/config/*/Xresources are OK. | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
| 10.12 Force SSL for all applications | CIS Apache Tomcat 8 L2 v1.1.0 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 10.12 Force SSL for all applications | CIS Apache Tomcat 8 L2 v1.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Allow user-level native messaging hosts (installed without admin permissions) | MSCT Edge v129 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Allow user-level native messaging hosts (installed without admin permissions) | MSCT Edge v131 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Allow user-level native messaging hosts (installed without admin permissions) | MSCT Edge v114 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Allow user-level native messaging hosts (installed without admin permissions) | MSCT Microsoft Edge Version 80 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Allow user-level native messaging hosts (installed without admin permissions) | MSCT Edge v88 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Allow user-level native messaging hosts (installed without admin permissions) | MSCT edge v96 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Allow user-level native messaging hosts (installed without admin permissions) | MSCT Edge v132 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| CISC-ND-000010 - The Cisco switch must be configured to limit the number of concurrent management sessions to an organization-defined number. | DISA STIG Cisco IOS Switch NDM v3r2 | Cisco | ACCESS CONTROL |
| Dynamic Code Settings | MSCT Edge v128 v1.0.0 | Windows | |
| Dynamic Code Settings | MSCT Edge v133 v1.0.0 | Windows | |
| Dynamic Code Settings | MSCT Edge v136 v1.0.0 | Windows | |
| Dynamic Code Settings | MSCT Edge v137 v1.0.0 | Windows | |
| Dynamic Code Settings | MSCT Edge v129 v1.0.0 | Windows | |
| Dynamic Code Settings | MSCT Edge v134 v1.0.0 | Windows | |
| Dynamic Code Settings | MSCT Edge v132 v1.0.0 | Windows | |
| Force WebSQL to be enabled | MSCT Edge v114 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Force WebSQL to be enabled | MSCT Edge v127 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Force WebSQL to be enabled | MSCT Edge v107 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Force WebSQL to be enabled | MSCT Edge v117 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Force WebSQL to be enabled | MSCT Edge v124 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| WBSP-AS-001630 - The WebSphere Application Server plugin must be configured to use HTTPS only - HttpQueueInboundDefault | DISA IBM WebSphere Traditional 9 STIG v1r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| WBSP-AS-001630 - The WebSphere Application Server plugin must be configured to use HTTPS only - HttpQueueInboundDefault | DISA IBM WebSphere Traditional 9 STIG v1r1 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| WBSP-AS-001630 - The WebSphere Application Server plugin must be configured to use HTTPS only - WCInboundDefault | DISA IBM WebSphere Traditional 9 STIG v1r1 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| WBSP-AS-001630 - The WebSphere Application Server plugin must be configured to use HTTPS only - WCInboundDefault | DISA IBM WebSphere Traditional 9 STIG v1r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| WBSP-AS-001630 - The WebSphere Application Server plugin must be configured to use HTTPS only. | DISA IBM WebSphere Traditional 9 Windows STIG v1r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
