| 4.2.1 Restrict Access to SYSCAT.AUDITPOLICIES | CIS IBM DB2 11 v1.2.0 Database Level 1 | IBM_DB2DB | ACCESS CONTROL, MEDIA PROTECTION |
| 4.2.1 Restrict Access to SYSCAT.AUDITPOLICIES | CIS IBM DB2 12.1 v1.0.0 Database Level 1 | IBM_DB2DB | ACCESS CONTROL, MEDIA PROTECTION |
| 4.2.49 Restrict Access to SYSCAT.AUDITEXCEPTIONS | CIS IBM DB2 12.1 v1.0.0 Database Level 1 | IBM_DB2DB | ACCESS CONTROL, MEDIA PROTECTION |
| 4.3.1 Restrict Access to SYSIBM.SYSAUDITPOLICIES | CIS IBM DB2 12.1 v1.0.0 Database Level 1 | IBM_DB2DB | ACCESS CONTROL, MEDIA PROTECTION |
| 4.3.1 Restrict Access to SYSIBM.SYSAUDITPOLICIES | CIS IBM DB2 11 v1.2.0 Database Level 1 | IBM_DB2DB | ACCESS CONTROL, MEDIA PROTECTION |
| 4.3.47 Restrict Access to SYSIBM.SYSAUDITEXCEPTIONS | CIS IBM DB2 12.1 v1.0.0 Database Level 1 | IBM_DB2DB | ACCESS CONTROL, MEDIA PROTECTION |
| 6.1 Restrict Access to SYSCAT.AUDITPOLICIES | CIS IBM DB2 9 Benchmark v3.0.1 Level 2 DB | IBM_DB2DB | ACCESS CONTROL |
| 6.1 Restrict Access to SYSCAT.AUDITPOLICIES | CIS IBM DB2 9 Benchmark v3.0.1 Level 1 DB | IBM_DB2DB | ACCESS CONTROL |
| 8.1.4.1 Ensure That Microsoft Defender for Containers Is Set To 'On' | CIS Microsoft Azure Foundations v5.0.0 L2 | microsoft_azure | RISK ASSESSMENT |
| 12.50 Intrusion detection system on host - 'Utilize' | CIS v1.1.0 Oracle 11g OS L2 | Unix | |
| 12.50 Intrusion detection system on host - 'Utilize' | CIS v1.1.0 Oracle 11g OS Windows Level 2 | Windows | |
| AIOS-18-017700 - DOD Apple iOS/iPadOS 18 devices must have a Mobile Threat Detection (MTD) app installed. | AirWatch - DISA Apple iOS/iPadOS 18 v2r2 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-26-017700 - DOD Apple iOS/iPadOS 26 devices must have a Mobile Threat Detection (MTD) app installed - MTD app installed. | MobileIron - DISA Apple iOS/iPadOS 26 v1r2 | MDM | CONFIGURATION MANAGEMENT |
| AIX7-00-002144 - The AIX /etc/syslog.conf file must be owned by root. | DISA STIG AIX 7.x v3r1 | Unix | CONFIGURATION MANAGEMENT |
| AIX7-00-002145 - The AIX /etc/syslog.conf file must be group-owned by system. | DISA STIG AIX 7.x v3r1 | Unix | CONFIGURATION MANAGEMENT |
| AIX7-00-002146 - The AIX /etc/syslog.conf file must have a mode of 0640 or less permissive. | DISA STIG AIX 7.x v3r1 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-045340 - AlmaLinux OS 9 must have the Advanced Intrusion Detection Environment (AIDE) package installed. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r6 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| APPL-26-003080 - The macOS system must disable accounts after 35 days of inactivity. | DISA Apple macOS 26 Tahoe STIG v1r2 | Unix | ACCESS CONTROL |
| AZLX-23-001060 - Amazon Linux 2023 must have the Advanced Intrusion Detection Environment (AIDE) package installed. | DISA Amazon Linux 2023 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| DG0095-ORACLE11 - Audit trail data should be reviewed daily or more frequently. | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | |
| DG0095-ORACLE11 - Audit trail data should be reviewed daily or more frequently. | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | |
| F5BI-AP-300041 - The F5 BIG-IP appliance that provides intermediary services for SMTP must inspect inbound and outbound SMTP and Extended SMTP communications traffic for protocol compliance and protocol anomalies. | DISA F5 BIG-IP TMOS ALG STIG v1r2 | F5 | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| F5BI-LT-000307 - The BIG-IP Core implementation must be configured to inspect for protocol compliance and protocol anomalies in inbound HTTP and HTTPS traffic to virtual servers. | DISA F5 BIG-IP Local Traffic Manager STIG v2r4 | F5 | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| GOOG-14-013400 - Google Android 14 devices must have a Mobile Threat Detection (MTD) app installed. | AirWatch - DISA Google Android 14 COPE STIG v2r3 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-14-013400 - Google Android 14 devices must have a Mobile Threat Detection (MTD) app installed. | MobileIron - DISA Google Android 14 COPE STIG v2r3 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-14-713400 - Google Android 14 BYOAD devices must have a Mobile Threat Detection (MTD) app installed. | MobileIron - DISA Google Android 14 BYOAD v1r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-14-713400 - Google Android 14 BYOAD devices must have a Mobile Threat Detection (MTD) app installed. | AirWatch - DISA Google Android 14 BYOAD v1r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-16-013400 - Google Android 16 devices must have a Mobile Threat Detection (MTD) app installed. | MobileIron - DISA Google Android 16 COPE STIG v1r1 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-16-013400 - Google Android 16 devices must have a Mobile Threat Detection (MTD) app installed. | AirWatch - DISA Google Android 16 COPE STIG v1r1 | MDM | CONFIGURATION MANAGEMENT |
| JUSX-AG-000146 - The Juniper SRX Services Gateway Firewall must generate an alert to, at a minimum, the ISSO and ISSM when unusual/unauthorized activities or conditions are detected during continuous monitoring of communications traffic as it traverses inbound or outbound across internal security boundaries. | DISA Juniper SRX Services Gateway ALG v3r3 | Juniper | SYSTEM AND INFORMATION INTEGRITY |
| JUSX-IP-000009 - The Juniper Networks SRX Series Gateway IDPS must block any prohibited mobile code at the enclave boundary when it is detected. | DISA Juniper SRX Services Gateway IDPS v2r1 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUSX-VN-000008 - The Juniper SRX Services Gateway VPN must be configured to use IPsec with SHA256 or greater to negotiate hashing to protect the integrity of remote access sessions. | DISA Juniper SRX Services Gateway VPN v3r2 | Juniper | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| SLES-12-010510 - The SUSE operating system must notify the System Administrator (SA) when AIDE discovers anomalies in the operation of any security functions. | DISA SLES 12 STIG v3r4 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 20' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 104' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 105' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 106' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 108' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 110' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 111' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 117' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 131' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 132' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 152' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 172' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 178' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| WN12-CC-000065 - The detection of compatibility issues for applications and drivers must be turned off. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN12-CC-000065 - The detection of compatibility issues for applications and drivers must be turned off. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN19-00-000120 - Windows Server 2019 must have a host-based intrusion detection and prevention service installed. | DISA Microsoft Windows Server 2019 STIG v3r8 | Windows | CONFIGURATION MANAGEMENT |
| WN22-00-000120 - Windows Server 2022 must have a host-based intrusion detection and prevention service installed. | DISA Microsoft Windows Server 2022 STIG v2r8 | Windows | CONFIGURATION MANAGEMENT |
