| 1.12 Ensure there is only one active access key for any single IAM user | CIS Amazon Web Services Foundations v5.0.0 L1 | amazon_aws | ACCESS CONTROL |
| 1.15 Ensure all Public Web Tier SSL\TLS certificates are >30 days from Expiration | CIS Amazon Web Services Three-tier Web Architecture L2 1.0.0 | amazon_aws | SYSTEM AND INFORMATION INTEGRITY |
| 1.18 Ensure that all expired SSL/TLS certificates stored in AWS IAM are removed | CIS Amazon Web Services Foundations v5.0.0 L1 | amazon_aws | AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY |
| Citrix ADC - ARP - Spoofing | Tenable Best Practice Citrix ADC v1.0.0 | Citrix_Application_Delivery | CONFIGURATION MANAGEMENT |
| Citrix ADC - NTP - Authentication | Tenable Best Practice Citrix ADC v1.0.0 | Citrix_Application_Delivery | AUDIT AND ACCOUNTABILITY |
| Citrix ADC - NTP - Servers count | Tenable Best Practice Citrix ADC v1.0.0 | Citrix_Application_Delivery | AUDIT AND ACCOUNTABILITY |
| Citrix ADC - NTP - Synchronization | Tenable Best Practice Citrix ADC v1.0.0 | Citrix_Application_Delivery | AUDIT AND ACCOUNTABILITY |
| Citrix ADC - SNMP - Community names | Tenable Best Practice Citrix ADC v1.0.0 | Citrix_Application_Delivery | IDENTIFICATION AND AUTHENTICATION |
| Citrix ADC - System Parameters - Allow Default Partition | Tenable Best Practice Citrix ADC v1.0.0 | Citrix_Application_Delivery | ACCESS CONTROL |
| Citrix ADC - System Parameters - FIPS mode | Tenable Best Practice Citrix ADC v1.0.0 | Citrix_Application_Delivery | SYSTEM AND COMMUNICATIONS PROTECTION |
| Citrix ADC - System Parameters - Force Password Change (nsroot) | Tenable Best Practice Citrix ADC v1.0.0 | Citrix_Application_Delivery | IDENTIFICATION AND AUTHENTICATION |
| Citrix ADC - System Parameters - Idle Session Timeout | Tenable Best Practice Citrix ADC v1.0.0 | Citrix_Application_Delivery | ACCESS CONTROL |
| Citrix ADC - System Parameters - Local Authentication | Tenable Best Practice Citrix ADC v1.0.0 | Citrix_Application_Delivery | ACCESS CONTROL |
| Citrix ADC - System Parameters - Minimum Password Length | Tenable Best Practice Citrix ADC v1.0.0 | Citrix_Application_Delivery | IDENTIFICATION AND AUTHENTICATION |
| Citrix ADC - System Parameters - Restricted Timeout | Tenable Best Practice Citrix ADC v1.0.0 | Citrix_Application_Delivery | ACCESS CONTROL |
| Citrix ADC - System Parameters - Strong Password | Tenable Best Practice Citrix ADC v1.0.0 | Citrix_Application_Delivery | IDENTIFICATION AND AUTHENTICATION |
| Citrix ADM - NTP - Authentication | Tenable Best Practice Citrix ADM v1.0.0 | Citrix_Application_Delivery | AUDIT AND ACCOUNTABILITY |
| Citrix ADM - NTP - Servers count | Tenable Best Practice Citrix ADM v1.0.0 | Citrix_Application_Delivery | AUDIT AND ACCOUNTABILITY |
| Citrix ADM - NTP - Synchronization | Tenable Best Practice Citrix ADM v1.0.0 | Citrix_Application_Delivery | AUDIT AND ACCOUNTABILITY |
| Citrix ADM - SSL - Settings - SSL v3 | Tenable Best Practice Citrix ADM v1.0.0 | Citrix_Application_Delivery | SYSTEM AND COMMUNICATIONS PROTECTION |
| Citrix ADM - SSL - Settings - TLS v1 | Tenable Best Practice Citrix ADM v1.0.0 | Citrix_Application_Delivery | SYSTEM AND COMMUNICATIONS PROTECTION |
| Citrix ADM - SSL - Settings - TLSv1.1 | Tenable Best Practice Citrix ADM v1.0.0 | Citrix_Application_Delivery | SYSTEM AND COMMUNICATIONS PROTECTION |
| Citrix ADM - Syslog - Configure server | Tenable Best Practice Citrix ADM v1.0.0 | Citrix_Application_Delivery | AUDIT AND ACCOUNTABILITY |
| Citrix ADM - System Settings - Communication with instances | Tenable Best Practice Citrix ADM v1.0.0 | Citrix_Application_Delivery | SYSTEM AND COMMUNICATIONS PROTECTION |
| Citrix ADM - System Settings - Disable Shell access for non-nsroot User | Tenable Best Practice Citrix ADM v1.0.0 | Citrix_Application_Delivery | CONFIGURATION MANAGEMENT |
| Citrix ADM - System Settings - Secure Access Only | Tenable Best Practice Citrix ADM v1.0.0 | Citrix_Application_Delivery | SYSTEM AND COMMUNICATIONS PROTECTION |
| Citrix ADM - System Settings - Session Timeout | Tenable Best Practice Citrix ADM v1.0.0 | Citrix_Application_Delivery | ACCESS CONTROL |
| Citrix ADM - System Settings - Session Unit | Tenable Best Practice Citrix ADM v1.0.0 | Citrix_Application_Delivery | ACCESS CONTROL |
| Citrix ADM - User Administration - Password Policy - Enable User Lockout | Tenable Best Practice Citrix ADM v1.0.0 | Citrix_Application_Delivery | ACCESS CONTROL |
| Citrix ADM - User Administration - Password Policy - Invalid Login Attempts | Tenable Best Practice Citrix ADM v1.0.0 | Citrix_Application_Delivery | ACCESS CONTROL |
| Citrix ADM - User Administration - Password Policy - Minimum Length | Tenable Best Practice Citrix ADM v1.0.0 | Citrix_Application_Delivery | IDENTIFICATION AND AUTHENTICATION |
| Configuring a pre-login or post-login message banner for the BIG-IP or Enterprise Manager system - Banner Enabled | Tenable F5 BIG-IP Best Practice Audit | F5 | ACCESS CONTROL |
| Configuring a secure password policy for the BIG-IP system - Required Special Characters | Tenable F5 BIG-IP Best Practice Audit | F5 | IDENTIFICATION AND AUTHENTICATION |
| Configuring an automatic logout for idle sessions - SSH | Tenable F5 BIG-IP Best Practice Audit | F5 | ACCESS CONTROL |
| Configuring LDAP remote authentication for Active Directory - SSL CA Cert | Tenable F5 BIG-IP Best Practice Audit | F5 | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Defining advanced NTP configurations on the BIG-IP system | Tenable F5 BIG-IP Best Practice Audit | F5 | AUDIT AND ACCOUNTABILITY |
| EX13-EG-003016 - A DoD-approved third party Exchange-aware malicious code protection application must be implemented. | DISA Microsoft Exchange 2013 Edge Transport Server STIG v1r6 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| EX13-MB-003031 - A DoD-approved third party Exchange-aware malicious code protection application must be implemented. | DISA Microsoft Exchange 2013 Mailbox Server STIG v2r3 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| EX16-ED-000550 - Exchange must have antispam filtering configured. | DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r6 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| EX16-ED-000730 - The application must configure malicious code protection mechanisms to perform periodic scans of the information system every seven days. | DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r5 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| EX16-ED-000730 - The application must configure malicious code protection mechanisms to perform periodic scans of the information system every seven days. | DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r6 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| EX16-ED-000760 - The application must be configured to block and quarantine malicious code upon detection, then send an immediate alert to appropriate individuals. | DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r6 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| EX16-ED-000760 - The application must be configured to block and quarantine malicious code upon detection, then send an immediate alert to appropriate individuals. | DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r5 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| EX16-ED-002410 - The application must update malicious code protection mechanisms whenever new releases are available in accordance with organizational configuration management policy and procedures. | DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r6 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| EX16-ED-002410 - The application must update malicious code protection mechanisms whenever new releases are available in accordance with organizational configuration management policy and procedures. | DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r5 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| EX19-ED-000142 - Exchange must have anti-spam filtering configured. | DISA Microsoft Exchange 2019 Edge Server STIG v2r2 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Overview of the HTTP profile | Tenable F5 BIG-IP Best Practice Audit | F5 | SYSTEM AND COMMUNICATIONS PROTECTION |
| Settings to Lock Down your BIG-IP - Remote Role | Tenable F5 BIG-IP Best Practice Audit | F5 | CONFIGURATION MANAGEMENT |
| Tenable_Best_Practices_F5_BIG-IP_v1.0.0.audit from K53108777: Hardening your F5 system | Tenable F5 BIG-IP Best Practice Audit | F5 | |
| Unable to limit Configuration utility access to clients using only TLSv1.1 or TLSv1.2 | Tenable F5 BIG-IP Best Practice Audit | F5 | ACCESS CONTROL |
