| 1.6.1.8 Ensure 'Configure Attack Surface Reduction rules: Set the state for each ASR rule' is set to '5beb7efe-fd9a-4556-801d-275e5ffc04cc:2' or higher | CIS Microsoft Defender Antivirus v1.0.0 L1 Workstation | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 1.105 WN16-CC-000140 | CIS Microsoft Windows Server 2016 STIG v4.0.0 DC CAT II | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 6.22 Ensure that 'Inline Cloud Analysis' on Vulnerability Protection profiles are enabled if 'Advanced Threat Prevention' is available | CIS Palo Alto Firewall 10 v1.3.0 L1 | Palo_Alto | RISK ASSESSMENT |
| 8.1.7.3 Ensure That Microsoft Defender for (Managed Instance) Azure SQL Databases Is Set To 'On' | CIS Microsoft Azure Foundations v5.0.0 L2 | microsoft_azure | RISK ASSESSMENT, SYSTEM AND SERVICES ACQUISITION |
| 8.1.7.4 Ensure That Microsoft Defender for SQL Servers on Machines Is Set To 'On' | CIS Microsoft Azure Foundations v5.0.0 L2 | microsoft_azure | RISK ASSESSMENT, SYSTEM AND SERVICES ACQUISITION |
| 18.10.42.5.2 Ensure 'Join Microsoft MAPS' is set to 'Enabled: Advanced' | CIS Microsoft Windows Server 2025 v2.0.0 L1 DC | Windows | CONFIGURATION MANAGEMENT |
| 18.10.42.5.2 Ensure 'Join Microsoft MAPS' is set to 'Enabled: Advanced' | CIS Microsoft Windows Server 2025 v2.0.0 L1 MS | Windows | CONFIGURATION MANAGEMENT |
| 18.10.42.5.2 Ensure 'Join Microsoft MAPS' is set to 'Enabled: Advanced' | CIS Microsoft Windows 11 Enterprise v5.0.1 L1 BL | Windows | CONFIGURATION MANAGEMENT |
| 18.10.42.5.2 Ensure 'Join Microsoft MAPS' is set to 'Enabled: Advanced' | CIS Microsoft Windows Server 2022 v5.0.0 L1 DC | Windows | CONFIGURATION MANAGEMENT |
| 18.10.42.5.2 Ensure 'Join Microsoft MAPS' is set to 'Enabled: Advanced' | CIS Microsoft Windows Server 2022 v5.0.0 L1 MS | Windows | CONFIGURATION MANAGEMENT |
| 18.10.42.5.2 Ensure 'Join Microsoft MAPS' is set to 'Enabled: Advanced' | CIS Microsoft Windows 11 Enterprise v5.0.1 L1 | Windows | CONFIGURATION MANAGEMENT |
| 22.9 (L1) Ensure 'ASR: Block all Office applications from creating child processes' is set to 'Audit' or higher | CIS Microsoft Intune for Windows 10 v4.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 22.9 (L1) Ensure 'ASR: Block all Office applications from creating child processes' is set to 'Audit' or higher | CIS Microsoft Intune for Windows 11 v4.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| DTAM056 - McAfee VirusScan On-Demand scan actions, When a threat is found must be configured to clean files automatically as first action. | DISA McAfee VirusScan 8.8 Local Client STIG v6r1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| DTAM056 - McAfee VirusScan On-Demand scan actions, When a threat is found must be configured to clean files automatically as first action. | DISA McAfee VirusScan 8.8 Managed Client STIG v6r1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| DTAM057 - McAfee VirusScan On-Demand scan actions, When a threat is found must be configured to delete files automatically if first action fails. | DISA McAfee VirusScan 8.8 Local Client STIG v6r1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| DTAM057 - McAfee VirusScan On-Demand scan actions, When a threat is found must be configured to delete files automatically if first action fails. | DISA McAfee VirusScan 8.8 Managed Client STIG v6r1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| DTAM110 - McAfee VirusScan On-Access Default Processes Policies Actions for When a threat is found must be configured to clean files automatically as first action. | DISA McAfee VirusScan 8.8 Managed Client STIG v6r1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| DTAM111 - McAfee VirusScan On-Access Default Processes Policies actions for When a threat is found must be configured delete files automatically if first action fails. | DISA McAfee VirusScan 8.8 Managed Client STIG v6r1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| DTAM155 - McAfee VirusScan On-Demand scan actions, When an unwanted program is found must be configured to clean files automatically as first action. | DISA McAfee VirusScan 8.8 Managed Client STIG v6r1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| DTAM164 - McAfee VirusScan On-Demand scan actions, When an unwanted program is found must be configured to delete files automatically if first action fails. | DISA McAfee VirusScan 8.8 Managed Client STIG v6r1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-013 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to Clean as first action when a virus or Trojan is detected. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-013 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to Clean infected files automatically as first action when a virus or Trojan is detected. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-014 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to Move infected files to the quarantine directory if first action fails when a virus or Trojan is detected. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-014 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to Quarantine if first action fails when a virus or Trojan is detected. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-106 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must be configured to Clean infected files automatically as first action when a virus or Trojan is detected. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-106 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must be configured to Clean infected files automatically as first action when a virus or Trojan is detected. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-107 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must be configured to Move infected files to the quarantine directory if first action fails when a virus or Trojan is detected. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-107 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must be configured to Move infected files to the quarantine directory if first action fails when a virus or Trojan is detected. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| GEN008380 - A root kit check tool must be run on the system at least weekly. | DISA AIX 5.3 STIG v1r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| GOOG-10-003500 - Google Android 10 must be configured to disable USB mass storage mode. | MobileIron - DISA Google Android 10.x v2r1 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-11-003500 - Google Android 11 must be configured to disable USB mass storage mode. | AirWatch - DISA Google Android 11 COPE v2r1 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-11-011000 - Google Android 11 devices must be configured to disable the use of third-party keyboards. | MobileIron - DISA Google Android 11 COBO v2r1 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-12-008400 - Google Android 12 must be configured to disable USB mass storage mode. | AirWatch - DISA Google Android 12 COBO v1r2 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| GOOG-12-008400 - Google Android 12 must be configured to disable USB mass storage mode. | MobileIron - DISA Google Android 12 COBO v1r2 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| GOOG-12-010900 - Android 12 devices must be configured to disable the use of third-party keyboards. | MobileIron - DISA Google Android 12 COBO v1r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-13-008400 - Google Android 13 must be configured to disable USB mass storage mode. | MobileIron - DISA Google Android 13 COBO STIG v2r3 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| GOOG-13-710900 - Android 13 devices must be configured to disable the use of third-party keyboards (work profile only). | MobileIron - DISA Google Android 13 BYOAD v1r3 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-16-010900 - Android 16 devices must be configured to disable the use of third-party keyboards. | MobileIron - DISA Google Android 16 COPE STIG v1r1 | MDM | CONFIGURATION MANAGEMENT |
| HONW-09-003500 - The Honeywell Mobility Edge Android Pie device must be configured to disable USB mass storage mode. | MobileIron - DISA Honeywell Android 9.x COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
| HONW-13-010900 - Android 13 devices must be configured to disable the use of third-party keyboards. | MobileIron - DISA Honeywell Android 13 COPE STIG v1r1 | MDM | CONFIGURATION MANAGEMENT |
| KNOX-07-004500 - The Samsung Android 7 with Knox must be configured to disable USB mass storage mode. | AirWatch - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | CONFIGURATION MANAGEMENT |
| MOTO-09-003500 - The Motorola Android Pie must be configured to disable USB mass storage mode. | MobileIron - DISA Motorola Android Pie.x COBO v1r2 | MDM | CONFIGURATION MANAGEMENT |
| MSFT-11-003500 - Microsoft Android 11 must be configured to disable USB mass storage mode. | AirWatch - DISA Microsoft Android 11 COBO v1r2 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| SonicWALL - SSL Control - Certs - Untrusted CA | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND INFORMATION INTEGRITY |
| SonicWALL - SSL Control - Detect Weak Ciphers (<64 bits) | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND INFORMATION INTEGRITY |
| Turn off Windows Defender | MSCT Windows Server 2016 MS v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| ZEBR-10-003500 - Zebra Android 10 must be configured to disable USB mass storage mode. | MobileIron - DISA Zebra Android 10 COBO v1r2 | MDM | CONFIGURATION MANAGEMENT |
| ZEBR-10-011000 - Zebra Android 10 devices must be configured to disable the use of third-party keyboards. | MobileIron - DISA Zebra Android 10 COBO v1r2 | MDM | CONFIGURATION MANAGEMENT |
| ZEBR-10-011000 - Zebra Android 10 devices must be configured to disable the use of third-party keyboards. | MobileIron - DISA Zebra Android 10 COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
