| 1.1.6 - AirWatch - Disable 'Network Notification' | AirWatch - CIS Google Android 4 v1.0.0 L1 | MDM | ACCESS CONTROL |
| 1.1.6 - MobileIron - Disable 'Network Notification' | MobileIron - CIS Google Android 4 v1.0.0 L1 | MDM | ACCESS CONTROL |
| 1.1.9 - AirWatch - Turn off Auto-Join for all Wi-Fi networks | AirWatch - CIS Apple iOS 9 v1.0.0 L2 | MDM | ACCESS CONTROL |
| 1.1.10 - AirWatch - Turn off Auto-Join for all Wi-Fi networks | AirWatch - CIS Apple iOS 8 v1.0.0 L2 | MDM | ACCESS CONTROL |
| 1.8.11 Ensure overriding the screensaver lock-delay setting is prevented | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | ACCESS CONTROL |
| 1.25 (L1) Ensure 'List of names that will bypass the HSTS policy check' is set to 'Disabled' | CIS Google Chrome L1 v3.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.3.10.8 Configure 'Network access: Remotely accessible registry paths and sub-paths' is configured - Network access: Remotely accessible registry paths and sub-paths is configured | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC | Windows | ACCESS CONTROL |
| 2.3.10.8 Ensure 'Network access: Remotely accessible registry paths and sub-paths' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 3.8 Ensure that VPC Flow Logs is Enabled for Every Subnet in a VPC Network | CIS Google Cloud Platform v3.0.0 L2 | GCP | AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY |
| 5.4.2 Ensure Control Plane Authorized Networks is Enabled | CIS Google Kubernetes Engine (GKE) Autopilot v1.1.0 L2 | GCP | ACCESS CONTROL, MEDIA PROTECTION |
| 5.126 - Web Publishing and online ordering wizards prevented from downloading list of providers. | DISA Windows Vista STIG v6r41 | Windows | CONFIGURATION MANAGEMENT |
| 6.2 Monitor Docker containers usage, performance and metering | CIS Docker 1.11.0 v1.0.0 L1 Docker | Unix | |
| 6.12 Update the Java Runtime Environment (JRE) regularly if Java is in use | CIS Sybase 15.0 L2 OS Unix v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 6.12 Update the Java Runtime Environment (JRE) regularly if Java is in use | CIS Sybase 15.0 L2 OS Windows v1.1.0 | Windows | |
| 11.02 AMM - 'Monitor AMM' | CIS v1.1.0 Oracle 11g OS L1 | Unix | |
| 18.5.11.1 (L1) Ensure 'Prohibit installation and configuration of Network Bridge on your DNS domain network' is set to 'Enabled' | CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1 | Windows | CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.5.11.2 (L1) Ensure 'Prohibit installation and configuration of Network Bridge on your DNS domain network' is set to 'Enabled' | CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DC | Windows | CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.5.11.2 (L1) Ensure 'Prohibit installation and configuration of Network Bridge on your DNS domain network' is set to 'Enabled' | CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MS | Windows | CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.5.11.2 Ensure 'Prohibit installation and configuration of Network Bridge on your DNS domain network' is set to 'Enabled' | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | ACCESS CONTROL |
| 18.6.11.2 (L1) Ensure 'Prohibit installation and configuration of Network Bridge on your DNS domain network' is set to 'Enabled' | CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1 | Windows | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| 18.6.11.2 (L1) Ensure 'Prohibit installation and configuration of Network Bridge on your DNS domain network' is set to 'Enabled' | CIS Microsoft Windows Server 2016 v3.0.0 L1 DC | Windows | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| 18.6.11.2 (L1) Ensure 'Prohibit installation and configuration of Network Bridge on your DNS domain network' is set to 'Enabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NG | Windows | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| 18.6.11.2 (L1) Ensure 'Prohibit installation and configuration of Network Bridge on your DNS domain network' is set to 'Enabled' | CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 | Windows | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| 18.6.11.2 Ensure 'Prohibit installation and configuration of Network Bridge on your DNS domain network' is set to 'Enabled' | CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 MS | Windows | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| 18.6.11.2 Ensure 'Prohibit installation and configuration of Network Bridge on your DNS domain network' is set to 'Enabled' | CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 MS | Windows | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| 18.8.7.1.3 (BL) Ensure 'Prevent installation of devices that match any of these device IDs: Also apply to matching devices that are already installed.' is set to 'True' (checked) | CIS Microsoft Windows 8.1 v2.4.1 L2 Bitlocker | Windows | MEDIA PROTECTION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.8.7.1.3 Ensure 'Prevent installation of devices using drivers that match these device setup classes: Also apply to matching devices that are already installed.' is set to 'True' (checked) | CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0 | Windows | MEDIA PROTECTION |
| 18.8.7.1.3 Ensure 'Prevent installation of devices using drivers that match these device setup classes: Also apply to matching devices that are already installed.' is set to 'True' (checked) | CIS Windows 7 Workstation Bitlocker v3.2.0 | Windows | MEDIA PROTECTION |
| DG0102-ORACLE11 - DBMS processes or services should run under custom, dedicated OS accounts - 'tns services are using correct service account' | DISA STIG Oracle 11 Instance v9r1 OS Unix | Unix | ACCESS CONTROL |
| ESXi: esxi-8.lockdown-exception-users | VMware vSphere Security Configuration and Hardening Guide | VMware | CONFIGURATION MANAGEMENT |
| JUEX-NM-000420 - The Juniper EX switch must be configured to generate an immediate real-time alert of all audit failure events requiring real-time alerts. | DISA Juniper EX Series Network Device Management v2r2 | Juniper | AUDIT AND ACCOUNTABILITY |
| Monitor file and program activity on your computer | MSCT Windows 11 v23H2 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| RHEL-07-010290 - The Red Hat Enterprise Linux operating system must not allow accounts configured with blank or null passwords. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-07-020019 - The Red Hat Enterprise Linux operating system must implement the Endpoint Security for Linux Threat Prevention tool. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| RHEL-07-030610 - The Red Hat Enterprise Linux operating system must generate audit records for all unsuccessful account access events. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-07-030620 - The Red Hat Enterprise Linux operating system must generate audit records for all successful account access events. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-07-030820 - The Red Hat Enterprise Linux operating system must audit all uses of the init_module and finit_module syscalls. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-07-040730 - The Red Hat Enterprise Linux operating system must not have a graphical display manager installed unless approved. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-07-040800 - SNMP community strings on the Red Hat Enterprise Linux operating system must be changed from the default. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-07-910055 - The Red Hat Enterprise Linux operating system must protect audit information from unauthorized read, modification, or deletion. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY |
| SYMP-AG-000640 - Reverse proxy Symantec ProxySG providing content filtering must continuously monitor inbound communications traffic crossing internal security boundaries for unusual or unauthorized activities or conditions. | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | SYSTEM AND INFORMATION INTEGRITY |
| WG610 A22 - Web sites must utilize ports, protocols, and services according to PPSM guidelines. | DISA STIG Apache Site 2.2 Unix v1r11 | Unix | |
| WG610 A22 - Web sites must utilize ports, protocols, and services according to PPSM guidelines. | DISA STIG Apache Site 2.2 Unix v1r11 Middleware | Unix | |
| WN10-00-000130 - Software certificate installation files must be removed from Windows 10. | DISA Microsoft Windows 10 STIG v3r4 | Windows | CONFIGURATION MANAGEMENT |
| WN11-00-000130 - Software certificate installation files must be removed from Windows 11. | DISA Microsoft Windows 11 STIG v2r3 | Windows | CONFIGURATION MANAGEMENT |
| WN12-GE-000020 - Software certificate installation files must be removed from Windows 2012/2012 R2. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN12-GE-000020 - Software certificate installation files must be removed from Windows 2012/2012 R2. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN16-00-000270 - Software certificate installation files must be removed from Windows Server 2016. | DISA Microsoft Windows Server 2016 STIG v2r10 | Windows | CONFIGURATION MANAGEMENT |
| WN19-00-000240 - Windows Server 2019 must have software certificate installation files removed. | DISA Microsoft Windows Server 2019 STIG v3r4 | Windows | CONFIGURATION MANAGEMENT |
| WN22-00-000240 - Windows Server 2022 must have software certificate installation files removed. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
