| 1.7 Audit docker daemon | CIS Docker 1.11.0 v1.0.0 L1 Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 1.97 WN19-CC-000030 | CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT III | Windows | CONFIGURATION MANAGEMENT |
| 1.97 WN19-CC-000030 | CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT III | Windows | CONFIGURATION MANAGEMENT |
| 1.97 WN22-CC-000030 | CIS Microsoft Windows Server 2022 STIG v3.0.0 MS CAT III | Windows | CONFIGURATION MANAGEMENT |
| 1.97 WN22-CC-000030 | CIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT III | Windows | CONFIGURATION MANAGEMENT |
| 2 - Specify file handler in jetty-logging.properties files - org.eclipse.jetty.LEVEL=INFO | TNS Best Practice Jetty 9 Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 2 - Specify file handler in jetty-logging.properties files - org.eclipse.jetty.websocket.LEVEL=DEBUG | TNS Best Practice Jetty 9 Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 2.1.6 - AirWatch - Limit the 'Number of failed attempts allowed' | AirWatch - CIS Google Android 4 v1.0.0 L1 | MDM | ACCESS CONTROL |
| 2.7.1 Ensure Screen Saver Corners Are Secure | CIS Apple macOS 26 Tahoe v1.0.0 L2 | Unix | ACCESS CONTROL |
| 3.3.5 Secure the JDK 32-bit runtime library - FILE_PERMISSIONS | CIS IBM DB2 9 Benchmark v3.0.1 Level 2 OS Windows | Windows | |
| 3.3.6 Secure the JDK 64-bit runtime library - FILE_PERMISSIONS | CIS IBM DB2 9 Benchmark v3.0.1 Level 2 OS Windows | Windows | |
| 4.4.2.2.3 Ensure password length is configured | CIS Red Hat Enterprise Linux 7 v4.0.0 L1 Server | Unix | IDENTIFICATION AND AUTHENTICATION |
| 4.4.2.2.3 Ensure password length is configured | CIS Oracle Linux 7 v4.0.0 L1 Server | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.3.2.2.2 Ensure password length is configured | CIS AlmaLinux OS 10 v1.0.0 L1 Server | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.3.3.2.2 Ensure password length is configured | CIS Oracle Linux 8 v4.0.0 L1 Workstation | Unix | IDENTIFICATION AND AUTHENTICATION |
| 6 - Run your Instance as non privileged user | TNS Best Practice JBoss 7 Linux | Unix | ACCESS CONTROL |
| 7 - File system permissions of log files | TNS Best Practice JBoss 7 Linux | Unix | CONFIGURATION MANAGEMENT |
| 7.2 Specify file handler in logging.properties files - check if java.util.logging.ConsoleHandler exists in web application | CIS Apache Tomcat 8 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 7.2 Specify file handler in logging.properties files - check if java.util.logging.ConsoleHandler exists inin default | CIS Apache Tomcat 8 L1 v1.1.0 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| 8.3.19 Set 'Scripting of Java applets' to 'Enabled:Disable' | CIS IE 11 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 20 - Enable Encryption | TNS Best Practice JBoss 7 Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| AMLS-NM-000370 - The Arista Multilayer Switch must generate audit records showing starting and ending time for administrator access to the system - all logging | DISA STIG Arista MLS DCS-7000 Series NDM v1r4 | Arista | AUDIT AND ACCOUNTABILITY |
| AMLS-NM-000370 - The Arista Multilayer Switch must generate audit records showing starting and ending time for administrator access to the system - trap logging | DISA STIG Arista MLS DCS-7000 Series NDM v1r4 | Arista | AUDIT AND ACCOUNTABILITY |
| AMLS-NM-000380 - The Arista Multilayer Switch must generate audit records when concurrent logons from different workstations occur - show logging | DISA STIG Arista MLS DCS-7000 Series NDM v1r4 | Arista | AUDIT AND ACCOUNTABILITY |
| APPNET0064 - .Net applications that invoke NetFx40_LegacySecurityPolicy must apply previous versions of .NET STIG guidance. | DISA Microsoft DotNet Framework 4.0 STIG v2r7 | Windows | CONFIGURATION MANAGEMENT |
| DTBI670 - Scripting of Java applets must be disallowed (Restricted Sites zone). | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | CONFIGURATION MANAGEMENT |
| DTBI670-IE11 - Scripting of Java applets must be disallowed (Restricted Sites zone). | DISA STIG IE 11 v2r6 | Windows | CONFIGURATION MANAGEMENT |
| FNFG-FW-000075 - The FortiGate firewall implementation must manage excess bandwidth to limit the effects of packet flooding types of denial-of-service (DoS) attacks. | DISA Fortigate Firewall STIG v1r4 | FortiGate | SYSTEM AND COMMUNICATIONS PROTECTION |
| FNFG-FW-000090 - The FortiGate firewall must fail to a secure state if the firewall filtering functions fail unexpectedly. | DISA Fortigate Firewall STIG v1r4 | FortiGate | SYSTEM AND COMMUNICATIONS PROTECTION |
| FNFG-FW-000105 - If communication with the central audit server is lost, the FortiGate firewall must generate a real-time alert to, at a minimum, the SA and ISSO. | DISA Fortigate Firewall STIG v1r4 | FortiGate | AUDIT AND ACCOUNTABILITY |
| FNFG-FW-000115 - The FortiGate firewall must apply ingress filters to traffic that is inbound to the network through any active external interface. | DISA Fortigate Firewall STIG v1r4 | FortiGate | SYSTEM AND COMMUNICATIONS PROTECTION |
| FNFG-FW-000120 - The FortiGate firewall must apply egress filters to traffic outbound from the network through any internal interface. | DISA Fortigate Firewall STIG v1r4 | FortiGate | SYSTEM AND COMMUNICATIONS PROTECTION |
| FNFG-FW-000130 - The FortiGate firewall must restrict traffic entering the VPN tunnels to the management network to only the authorized management packets based on destination address. | DISA Fortigate Firewall STIG v1r4 | FortiGate | SYSTEM AND COMMUNICATIONS PROTECTION |
| FNFG-FW-000150 - The FortiGate firewall must generate an alert that can be forwarded to, at a minimum, the Information System Security Officer (ISSO) and Information System Security Manager (ISSM) when denial-of-service (DoS) incidents are detected. | DISA Fortigate Firewall STIG v1r4 | FortiGate | SYSTEM AND INFORMATION INTEGRITY |
| FNFG-FW-000155 - The FortiGate firewall must allow authorized users to record a packet-capture-based IP, traffic type (TCP, UDP, or ICMP), or protocol. | DISA Fortigate Firewall STIG v1r4 | FortiGate | AUDIT AND ACCOUNTABILITY |
| IBM i : Minimum Length of Passwords (QPWDMINLEN) - '>=6' | IBM System i Security Reference for V7R1 and V6R1 | AS/400 | IDENTIFICATION AND AUTHENTICATION |
| PHTN-40-000067 - The Photon operating system must restrict access to the kernel message buffer. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| PHTN-40-000068 - The Photon operating system must be configured to use TCP syncookies. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| PHTN-40-000105 - The Photon operating system must enable symlink access control protection in the kernel. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | ACCESS CONTROL |
| PHTN-40-000160 - The Photon operating system must implement address space layout randomization to protect its memory from unauthorized code execution. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| PHTN-40-000224 - The Photon operating system must not respond to IPv4 Internet Control Message Protocol (ICMP) echoes sent to a broadcast address. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-40-000226 - The Photon operating system must prevent IPv4 Internet Control Message Protocol (ICMP) secure redirect messages from being accepted. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-40-000227 - The Photon operating system must not send IPv4 Internet Control Message Protocol (ICMP) redirects. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-40-000229 - The Photon operating system must use a reverse-path filter for IPv4 network traffic. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-40-000231 - The Photon operating system must not perform IPv4 packet forwarding. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-40-000232 - The Photon operating system must send TCP timestamps. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-40-000244 - The Photon operating system must enable hardlink access control protection in the kernel. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-40-000246 - The Photon operating system must restrict core dumps. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| SOL-11.1-040340 - Consecutive login attempts for SSH must be limited to 3. | DISA Solaris 11 SPARC STIG v3r4 | Unix | CONFIGURATION MANAGEMENT |
| WG190 IIS6 - The web server must use a vendor-supported version of the web server software. | DISA STIG IIS 6.0 Server v6r16 | Windows | SYSTEM AND INFORMATION INTEGRITY |
