| 1.1.17 Ensure noexec option set on /dev/shm partition | CIS Debian 9 Workstation L1 v1.0.1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 1.1.22 Disable Automounting | CIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.1.22 Disable Automounting | CIS Oracle Linux 6 Server L1 v2.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.1.22 Disable Automounting | CIS Debian 9 Server L1 v1.0.1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.1.22 Disable Automounting | CIS Debian 9 Workstation L2 v1.0.1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.1.22 Disable Automounting | CIS CentOS 6 Workstation L2 v3.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.1.22.3 (L1) Ensure 'Email Tracking' is set to 'Enabled' | CIS Mozilla Firefox ESR GPO v1.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 1.1.23 Disable USB Storage - modprobe | CIS Oracle Linux 6 Server L1 v2.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 2.1.2 (L1) Ensure the Common Attachment Types Filter is enabled | CIS Microsoft 365 Foundations v5.0.0 L1 E3 | microsoft_azure | SYSTEM AND INFORMATION INTEGRITY |
| 2.1.2 (L1) Ensure the Common Attachment Types Filter is enabled | CIS Microsoft 365 Foundations v5.0.0 L1 E5 | microsoft_azure | SYSTEM AND INFORMATION INTEGRITY |
| 2.1.12 (L1) Ensure the connection filter IP allow list is not used | CIS Microsoft 365 Foundations v5.0.0 L1 E3 | microsoft_azure | SYSTEM AND INFORMATION INTEGRITY |
| 2.1.13 (L1) Ensure the connection filter safe list is off | CIS Microsoft 365 Foundations v5.0.0 L1 E5 | microsoft_azure | SYSTEM AND INFORMATION INTEGRITY |
| 2.1.14 (L1) Ensure inbound anti-spam policies do not contain allowed domains | CIS Microsoft 365 Foundations v5.0.0 L1 E3 | microsoft_azure | SYSTEM AND INFORMATION INTEGRITY |
| 2.4 Disable X-Powered-By HTTP Header and Rename the Server Value for all Connectors | CIS Apache Tomcat 10 L2 v1.1.0 Middleware | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 2.4 Disable X-Powered-By HTTP Header and Rename the Server Value for all Connectors | CIS Apache Tomcat 10 L2 v1.1.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 2.4.1 (L1) Ensure Priority account protection is enabled and configured | CIS Microsoft 365 Foundations v5.0.0 L1 E5 | microsoft_azure | SYSTEM AND INFORMATION INTEGRITY |
| 2.5 Disable client facing Stack Traces | CIS Apache Tomcat 10 L1 v1.1.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 2.5.2.1 Ensure Gatekeeper is Enabled | CIS Apple macOS 10.14 v2.0.0 L1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 2.5.7 Ensure Gatekeeper Is Enabled | CIS Apple macOS 10.15 Catalina v3.0.0 L1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 2.5.7 Ensure Gatekeeper Is Enabled | CIS Apple macOS 12.0 Monterey v4.0.0 L1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 2.7 Ensure Sever Header is Modified To Prevent Information Disclosure | CIS Apache Tomcat 10 L2 v1.1.0 Middleware | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 5.9 Ensure XProtect Is Running and Updated | CIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 5.11 Ensure XProtect Is Running and Updated | CIS Apple macOS 12.0 Monterey Cloud-tailored v1.1.0 L1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 5.11 Ensure XProtect Is Running and Updated | CIS Apple macOS 12.0 Monterey v4.0.0 L1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 6.25 Ensure that 'DNS Policies' is configured on Anti-Spyware profiles if 'DNS Security' license is available | CIS Palo Alto Firewall 11 v1.1.0 L1 | Palo_Alto | AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY |
| 9.1.3.1 Ensure that Defender for Servers is set to 'On' | CIS Microsoft Azure Foundations v4.0.0 L2 | microsoft_azure | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 18.10.42.13.2 (L1) Ensure 'Scan removable drives' is set to 'Enabled' | CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1 | Windows | MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 18.10.43.13.1 (L1) Ensure 'Scan removable drives' is set to 'Enabled' | CIS Windows Server 2012 R2 MS L1 v3.0.0 | Windows | MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 18.10.43.13.2 (L1) Ensure 'Scan packed executables' is set to 'Enabled' | CIS Microsoft Windows Server 2025 Stand-alone v1.0.0 L1 MS | Windows | MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 18.10.43.13.2 (L1) Ensure 'Scan packed executables' is set to 'Enabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL | Windows | MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 18.10.43.13.2 (L1) Ensure 'Scan packed executables' is set to 'Enabled' | CIS Microsoft Windows Server 2025 v1.0.0 L1 MS | Windows | MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 18.10.43.13.2 (L1) Ensure 'Scan packed executables' is set to 'Enabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 | Windows | MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 18.10.43.13.2 (L1) Ensure 'Scan packed executables' is set to 'Enabled' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NG | Windows | MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 18.10.43.13.2 (L1) Ensure 'Scan packed executables' is set to 'Enabled' | CIS Microsoft Windows Server 2022 Stand-alone v1.0.0 L1 MS | Windows | MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 18.10.43.13.3 (L1) Ensure 'Scan removable drives' is set to 'Enabled' | CIS Microsoft Windows Server 2022 v4.0.0 L1 DC | Windows | MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 18.10.43.13.3 (L1) Ensure 'Scan removable drives' is set to 'Enabled' | CIS Microsoft Windows Server 2022 Stand-alone v1.0.0 L1 MS | Windows | MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 18.10.43.13.3 (L1) Ensure 'Scan removable drives' is set to 'Enabled' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NG | Windows | MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 18.10.43.13.3 (L1) Ensure 'Scan removable drives' is set to 'Enabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL | Windows | MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 18.10.43.13.3 (L1) Ensure 'Scan removable drives' is set to 'Enabled' | CIS Microsoft Windows Server 2025 v1.0.0 L1 DC | Windows | MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 18.10.43.13.3 (L1) Ensure 'Scan removable drives' is set to 'Enabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker | Windows | MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 18.10.43.13.3 (L1) Ensure 'Scan removable drives' is set to 'Enabled' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NG | Windows | MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 18.10.43.13.3 (L1) Ensure 'Scan removable drives' is set to 'Enabled' | CIS Microsoft Windows Server 2016 v4.0.0 L1 DC | Windows | MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 18.10.43.13.3 (L1) Ensure 'Scan removable drives' is set to 'Enabled' | CIS Microsoft Windows Server 2016 v4.0.0 L1 MS | Windows | MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 20.1 (L1) Ensure 'Endpoint Protection is installed and in use' | CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 22.3 (L1) Ensure 'Allow Full Scan Removable Drive Scanning' is set to 'Allowed' | CIS Microsoft Intune for Windows 11 v4.0.0 L1 | Windows | MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| Big Sur - Enforce Gatekeeper 30 Day Automatic Rearm | NIST macOS Big Sur v1.4.0 - 800-53r4 Moderate | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| Big Sur - Enforce Gatekeeper 30 Day Automatic Rearm | NIST macOS Big Sur v1.4.0 - 800-53r5 Low | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| Catalina - Enforce Gatekeeper 30 Day Automatic Rearm | NIST macOS Catalina v1.5.0 - All Profiles | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| Monterey - Enforce Gatekeeper 30 Day Automatic Rearm | NIST macOS Monterey v1.0.0 - 800-53r4 Moderate | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| Monterey - Enforce Gatekeeper 30 Day Automatic Rearm | NIST macOS Monterey v1.0.0 - 800-53r5 Low | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
