| 4.4 Ensure images are scanned and rebuilt to include security patches | CIS Docker Community Edition v1.1.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 9.1.4.1 Ensure That Microsoft Defender for Containers Is Set To 'On' | CIS Microsoft Azure Foundations v4.0.0 L2 | microsoft_azure | RISK ASSESSMENT |
| Adtran : Disable SSLv2 | TNS Adtran AOS Best Practice Audit | Adtran | CONFIGURATION MANAGEMENT |
| Adtran : Disable Telnet | TNS Adtran AOS Best Practice Audit | Adtran | CONFIGURATION MANAGEMENT |
| Adtran : Enable NTP | TNS Adtran AOS Best Practice Audit | Adtran | |
| Adtran : Enable service password-encryption | TNS Adtran AOS Best Practice Audit | Adtran | IDENTIFICATION AND AUTHENTICATION |
| Adtran : Encrypt enable password | TNS Adtran AOS Best Practice Audit | Adtran | IDENTIFICATION AND AUTHENTICATION |
| Adtran : Ensure DHCP is Disabled unless needed | TNS Adtran AOS Best Practice Audit | Adtran | CONFIGURATION MANAGEMENT |
| Adtran : Ensure the log level is set at an appropriate setting | TNS Adtran AOS Best Practice Audit | Adtran | AUDIT AND ACCOUNTABILITY |
| Adtran : Set 'login' Banner | TNS Adtran AOS Best Practice Audit | Adtran | ACCESS CONTROL |
| Adtran : SNMP 'PUBLIC' community string not used | TNS Adtran AOS Best Practice Audit | Adtran | IDENTIFICATION AND AUTHENTICATION |
| Adtran : Web Session Timeout <= 900 secs | TNS Adtran AOS Best Practice Audit | Adtran | ACCESS CONTROL |
| DB2X-00-005400 - DB2 must protect the confidentiality and integrity of all information at rest. | DISA STIG IBM DB2 v10.5 LUW v2r1 Database | IBM_DB2DB | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTAVSEL-301 - Access to the McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x Web UI must be enforced by firewall rules. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | CONFIGURATION MANAGEMENT |
| Ensure that the 'local-infile' database flag for a Cloud Databases Mysql instance is set to '0' | Tenable Best Practices RackSpace v2.0.0 | Rackspace | SYSTEM AND COMMUNICATIONS PROTECTION |
| Ensure that the 'max_allowed_packet' database flag for a Cloud Databases Mysql instance is set | Tenable Best Practices RackSpace v2.0.0 | Rackspace | SYSTEM AND COMMUNICATIONS PROTECTION |
| Ensure that the 'max_connections' database flag for a Cloud Databases Mysql instance is set | Tenable Best Practices RackSpace v2.0.0 | Rackspace | SYSTEM AND COMMUNICATIONS PROTECTION |
| Ensure that the 'wait_timeout' database flag for a Cloud Databases Mysql instance is set | Tenable Best Practices RackSpace v2.0.0 | Rackspace | SYSTEM AND COMMUNICATIONS PROTECTION |
| Extreme : Review all accounts | TNS Extreme ExtremeXOS Best Practice Audit | Extreme_ExtremeXOS | ACCESS CONTROL |
| Extreme : SNMP community name != public | TNS Extreme ExtremeXOS Best Practice Audit | Extreme_ExtremeXOS | IDENTIFICATION AND AUTHENTICATION |
| Huawei: Device clock = UTC | TNS Huawei VRP Best Practice Audit | Huawei | CONFIGURATION MANAGEMENT |
| Huawei: Device clock disable DST adjustment | TNS Huawei VRP Best Practice Audit | Huawei | CONFIGURATION MANAGEMENT |
| Huawei: Enable SSH | TNS Huawei VRP Best Practice Audit | Huawei | SYSTEM AND COMMUNICATIONS PROTECTION |
| Huawei: External Syslog server is configured | TNS Huawei VRP Best Practice Audit | Huawei | AUDIT AND ACCOUNTABILITY |
| Huawei: HTTPS Server requires SSL policy | TNS Huawei VRP Best Practice Audit | Huawei | SYSTEM AND COMMUNICATIONS PROTECTION |
| Huawei: Information Center is not disabled. | TNS Huawei VRP Best Practice Audit | Huawei | AUDIT AND ACCOUNTABILITY |
| Huawei: NTP is enabled | TNS Huawei VRP Best Practice Audit | Huawei | AUDIT AND ACCOUNTABILITY |
| Huawei: Set appropriate 'shell' header | TNS Huawei VRP Best Practice Audit | Huawei | ACCESS CONTROL |
| Huawei: SNMP appropriate trap host | TNS Huawei VRP Best Practice Audit | Huawei | AUDIT AND ACCOUNTABILITY |
| Huawei: SNMP Community string != public | TNS Huawei VRP Best Practice Audit | Huawei | IDENTIFICATION AND AUTHENTICATION |
| Huawei: SNMP is Configured | TNS Huawei VRP Best Practice Audit | Huawei | CONFIGURATION MANAGEMENT |
| Huawei: User Interfaces Idle Timeout Less Than 5 Minutes | TNS Huawei VRP Best Practice Audit | Huawei | ACCESS CONTROL |
| Review the list of Database Backups | Tenable Best Practices RackSpace v2.0.0 | Rackspace | CONTINGENCY PLANNING |
| WatchGuard : Authentication Settings - 'Authentication User Timeout' | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | ACCESS CONTROL |
| WatchGuard : DoS Prevention - Drop IKE Flood Attack | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | SYSTEM AND COMMUNICATIONS PROTECTION |
| WatchGuard : DoS Prevention - Drop IP Source Route | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | SYSTEM AND COMMUNICATIONS PROTECTION |
| WatchGuard : DoS Prevention - Drop UDP Flood Attack | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | SYSTEM AND COMMUNICATIONS PROTECTION |
| WatchGuard : Gateway AntiVirus - 'Enabled' | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | SYSTEM AND INFORMATION INTEGRITY |
| WatchGuard : ICMP Error Handling - 'host-unreachable' | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | SYSTEM AND COMMUNICATIONS PROTECTION |
| WatchGuard : ICMP Error Handling - 'port-unreachable' | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | SYSTEM AND COMMUNICATIONS PROTECTION |
| WatchGuard : ICMP Error Handling - 'time-exceeded' | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | SYSTEM AND COMMUNICATIONS PROTECTION |
| WatchGuard : IPS - 'Enabled' | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | SYSTEM AND INFORMATION INTEGRITY |
| WatchGuard : IPS Logging Threat Level Medium - Enabled | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | AUDIT AND ACCOUNTABILITY |
| WatchGuard : IPS Threat Level Action High - DROP or BLOCK | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | SYSTEM AND INFORMATION INTEGRITY |
| WatchGuard : Logging - Syslog Timestamps | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | AUDIT AND ACCOUNTABILITY |
| WatchGuard : Single Sign-On - 'Enabled' | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | IDENTIFICATION AND AUTHENTICATION |
| WatchGuard : SNMP Configuration - v3 user has password - priv protocol | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | ACCESS CONTROL |
| WatchGuard : WINS Servers | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | CONFIGURATION MANAGEMENT |
| WN16-DC-000290 - Domain Controller PKI certificates must be issued by the DoD PKI or an approved External Certificate Authority (ECA). | DISA Microsoft Windows Server 2016 STIG v2r10 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN19-DC-000290 - Windows Server 2019 domain Controller PKI certificates must be issued by the DoD PKI or an approved External Certificate Authority (ECA). | DISA Microsoft Windows Server 2019 STIG v3r4 | Windows | IDENTIFICATION AND AUTHENTICATION |
