| 2.2 Set the logging level | CIS Docker 1.12.0 v1.0.0 L1 Docker | Unix | AUDIT AND ACCOUNTABILITY |
| 2.2 Set the logging level | CIS Docker 1.11.0 v1.0.0 L1 Docker | Unix | AUDIT AND ACCOUNTABILITY |
| 2.6 Ensure 'Remote Access' Server Configuration Option is set to '0' | CIS SQL Server 2008 R2 DB Engine L1 v1.7.0 | MS_SQLDB | SYSTEM AND INFORMATION INTEGRITY |
| 2.6 Ensure 'Remote Access' Server Configuration Option is set to '0' | CIS SQL Server 2012 Database L1 AWS RDS v1.6.0 | MS_SQLDB | SYSTEM AND INFORMATION INTEGRITY |
| 2.10 Ensure Unnecessary SQL Server Protocols are set to 'Disabled' | CIS SQL Server 2012 Database L1 OS v1.6.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.11 Use authorization plugin | CIS Docker 1.12.0 v1.0.0 L2 Docker | Unix | IDENTIFICATION AND AUTHENTICATION |
| 2.11 Use authorization plugin | CIS Docker 1.11.0 v1.0.0 L2 Docker | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.1 Ensure swarm mode is not Enabled, if not needed | CIS Docker v1.7.0 L1 Docker - Linux | Unix | CONFIGURATION MANAGEMENT |
| 18.6.8.1 (L1) Ensure 'Audit insecure guest logon' is set to 'Enabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker | Windows | AUDIT AND ACCOUNTABILITY |
| 18.6.8.1 (L1) Ensure 'Audit insecure guest logon' is set to 'Enabled' | CIS Microsoft Windows Server 2025 v1.0.0 L1 DC | Windows | AUDIT AND ACCOUNTABILITY |
| 18.6.8.1 (L1) Ensure 'Audit insecure guest logon' is set to 'Enabled' | CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BL | Windows | AUDIT AND ACCOUNTABILITY |
| 18.6.8.1 (L1) Ensure 'Audit insecure guest logon' is set to 'Enabled' | CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 | Windows | AUDIT AND ACCOUNTABILITY |
| 18.6.8.1 (L1) Ensure 'Audit insecure guest logon' is set to 'Enabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 | Windows | AUDIT AND ACCOUNTABILITY |
| 18.6.8.1 (L1) Ensure 'Audit insecure guest logon' is set to 'Enabled' | CIS Microsoft Windows Server 2025 v1.0.0 L1 MS | Windows | AUDIT AND ACCOUNTABILITY |
| 18.9.59.3.9.1 (L1) Ensure 'Always prompt for password upon connection' is set to 'Enabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.9.59.3.9.1 Ensure 'Always prompt for password upon connection' is set to 'Enabled' | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 18.9.59.3.9.1 Ensure 'Always prompt for password upon connection' is set to 'Enabled' | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| CASA-FW-000020 - The Cisco ASA must immediately use updates made to policy enforcement mechanisms such as firewall rules, security policies, and security zones. | DISA STIG Cisco ASA FW v2r1 | Cisco | ACCESS CONTROL |
| CASA-FW-000200 - The Cisco ASA must be configured to send log data of denied traffic to a central audit server for analysis - Logging Host | DISA STIG Cisco ASA FW v2r1 | Cisco | CONFIGURATION MANAGEMENT |
| DKER-EE-001370 - log-opts on all Docker Engine - Enterprise nodes must be configured. | DISA STIG Docker Enterprise 2.x Linux/Unix v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| DKER-EE-002080 - Docker Enterprise exec commands must not be used with privileged option. | DISA STIG Docker Enterprise 2.x Linux/Unix v2r2 | Unix | CONFIGURATION MANAGEMENT |
| DKER-EE-002090 - Docker Enterprise exec commands must not be used with the user option. | DISA STIG Docker Enterprise 2.x Linux/Unix v2r2 | Unix | CONFIGURATION MANAGEMENT |
| FNFG-FW-000100 - The FortiGate firewall must send traffic log entries to a central audit server for management and configuration of the traffic log entries. | DISA Fortigate Firewall STIG v1r3 | FortiGate | AUDIT AND ACCOUNTABILITY |
| GEN000241 - The system clock must be synchronized continuously - 'maxpoll 10' | DISA STIG for Oracle Linux 5 v2r1 | Unix | CONFIGURATION MANAGEMENT |
| GEN000241 - The system clock must be synchronized continuously - 'maxpoll 10' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | CONFIGURATION MANAGEMENT |
| GEN000241 - The system clock must be synchronized continuously, or at least daily - 'NTP daemon is running' | DISA STIG AIX 6.1 v1r14 | Unix | CONFIGURATION MANAGEMENT |
| GEN000241 - The system clock must be synchronized continuously, or at least daily - 'NTP daemon is running' | DISA STIG AIX 5.3 v1r2 | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| GEN000241 - The system clock must be synchronized continuously, or at least daily - 'NTP daemon is started at boot' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN000241 - The system clock must be synchronized continuously, or at least daily - 'NTP daemon is started at boot' | DISA STIG AIX 6.1 v1r14 | Unix | CONFIGURATION MANAGEMENT |
| GEN000241 - The system clock must be synchronized continuously. | DISA STIG Solaris 10 X86 v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN000241 - The system clock must be synchronized continuously. | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | CONFIGURATION MANAGEMENT |
| GEN000241 - The system clock must be synchronized continuously. | DISA STIG Solaris 10 SPARC v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN000242 - The system must use at least two time sources for clock synchronization - 'NTP daemon is started at boot' | DISA STIG AIX 5.3 v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN000242 - The system must use at least two time sources for clock synchronization - service ntp server 1 | DISA STIG Solaris 10 X86 v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN000242 - The system must use at least two time sources for clock synchronization - service ntp server 2 | DISA STIG Solaris 10 X86 v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN000244 - The system must use time sources local to the enclave. | DISA STIG for Oracle Linux 5 v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN000244 - The system must use time sources local to the enclave. | DISA STIG Solaris 10 SPARC v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN000244 - The system must use time sources local to the enclave. | DISA STIG Solaris 10 X86 v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN000244 - The system must use time sources local to the enclave. | DISA STIG AIX 6.1 v1r14 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN000244 - The system must use time sources that are local to the enclave | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | AUDIT AND ACCOUNTABILITY |
| JUSX-IP-000001 - The Juniper Networks SRX Series Gateway IDPS must provide audit record generation capability for detecting events based on implementation of policy filters, rules, and signatures. | DISA Juniper SRX Services Gateway IDPS v2r1 | Juniper | AUDIT AND ACCOUNTABILITY |
| Network Security - Set the source address for all route engine generated traffic - syslog | Juniper Hardening JunOS 12 Devices Checklist | Juniper | AUDIT AND ACCOUNTABILITY |
| Network Security - Set the source address for all route engine generated traffic - tacplus-server | Juniper Hardening JunOS 12 Devices Checklist | Juniper | IDENTIFICATION AND AUTHENTICATION |
| SYMP-AG-000210 - Symantec ProxySG must use a centralized log server. | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | AUDIT AND ACCOUNTABILITY |
| VCENTER-000031 - The vCenter Administrator role must be secured by assignment to specific users authorized as vCenter Administrators. | DISA STIG VMWare ESXi vCenter 5 STIG v2r1 | VMware | CONFIGURATION MANAGEMENT |
| VCPG-70-000018 - VMware Postgres must be configured to log to 'stderr'. | DISA STIG VMware vSphere 7.0 PostgreSQL v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| VCSA-70-000280 - The vCenter server must be configured to send events to a central log server. | DISA STIG VMware vSphere 7.0 vCenter v1r3 | VMware | AUDIT AND ACCOUNTABILITY |
| WN16-00-000420 - Windows PowerShell 2.0 must not be installed. | DISA Microsoft Windows Server 2016 STIG v2r10 | Windows | CONFIGURATION MANAGEMENT |
| WN19-00-000410 - Windows Server 2019 must not have Windows PowerShell 2.0 installed. | DISA Microsoft Windows Server 2019 STIG v3r4 | Windows | CONFIGURATION MANAGEMENT |
| WN22-00-000410 - Windows Server 2022 must not have Windows PowerShell 2.0 installed. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
