| 2.5.1.2 Ensure all user storage APFS volumes are encrypted | CIS Apple macOS 10.15 Catalina v3.0.0 L1 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.5.1.2 Ensure all user storage APFS volumes are encrypted | CIS Apple macOS 11.0 Big Sur v4.0.0 L1 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.15 Audit Dictation | CIS Apple macOS 12.0 Monterey v4.0.0 L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.18.1 Audit Dictation | CIS Apple macOS 13.0 Ventura v3.0.0 L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 4.1.6 Ensure events that modify the system's Mandatory Access Controls are collected - /usr/share/selinux | CIS Debian Family Server L2 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.6 Ensure nfs server is not running | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.10 Verify iPhone Mirroring Settings | AirWatch - CIS Apple iOS 18 Benchmark v1.0.0 L1 End User Owned | MDM | CONFIGURATION MANAGEMENT |
| 4.10 Verify iPhone Mirroring Settings | MobileIron - CIS Apple iOS 18 v1.0.0 L1 End User Owned | MDM | CONFIGURATION MANAGEMENT |
| 4.10 Verify iPhone Mirroring Settings | AirWatch - CIS Apple iOS 18 v1.0.0 L1 Institution Owned | MDM | CONFIGURATION MANAGEMENT |
| 4.10 Verify iPhone Mirroring Settings | MobileIron - CIS Apple iOS 18 v1.0.0 L1 Institution Owned | MDM | CONFIGURATION MANAGEMENT |
| 5.2.14 Ensure only strong MAC algorithms are used - approved MAC algorithms | CIS Distribution Independent Linux Server L1 v2.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.2.14 Ensure only strong MAC algorithms are used - approved MAC algorithms | CIS Distribution Independent Linux Workstation L1 v2.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.2.14 Ensure only strong MAC algorithms are used - weak MAC algorithms | CIS Distribution Independent Linux Server L1 v2.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.2.14 Ensure only strong MAC algorithms are used - weak MAC algorithms | CIS Distribution Independent Linux Workstation L1 v2.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.8 Extensible Firmware Interface (EFI) password | CIS Apple OSX 10.9 L2 v1.3.0 | Unix | |
| AIOS-17-010850 - Apple iOS/iPadOS 17 must implement the management setting: not allow use of iPhone widgets on Mac. | MobileIron - DISA Apple iOS/iPadOS 17 v2r1 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-010850 - Apple iOS/iPadOS 18 must implement the management setting: not allow use of iPhone widgets on Mac. | AirWatch - DISA Apple iOS/iPadOS 18 v1r1 | MDM | CONFIGURATION MANAGEMENT |
| Big Sur - Configure System to Fail to a Known Safe State if System Initialization, Shutdown, or Abort Fails | NIST macOS Big Sur v1.4.0 - 800-53r4 High | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Big Sur - Configure System to Fail to a Known Safe State if System Initialization, Shutdown, or Abort Fails | NIST macOS Big Sur v1.4.0 - All Profiles | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Big Sur - Configure System to Fail to a Known Safe State if System Initialization, Shutdown, or Abort Fails | NIST macOS Big Sur v1.4.0 - 800-53r5 High | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| BIND-9X-001702 - The BIND 9.x server implementation must prohibit the forwarding of queries to servers controlled by organizations outside of the U.S. Government. | DISA BIND 9.x STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| Catalina - Configure System to Fail to a Known Safe State if System Initialization, Shutdown, or Abort Fails | NIST macOS Catalina v1.5.0 - 800-53r5 High | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Catalina - Configure System to Fail to a Known Safe State if System Initialization, Shutdown, or Abort Fails | NIST macOS Catalina v1.5.0 - 800-53r4 High | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Catalina - Configure System to Fail to a Known Safe State if System Initialization, Shutdown, or Abort Fails | NIST macOS Catalina v1.5.0 - All Profiles | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| DISA STIG VMware vSphere ESXi 6 Security Technical Implementation Guide Version 1 Release 5 | DISA STIG VMware vSphere 6.x ESXi OS v1r5 | Unix | |
| DISA_F5_BIG-IP_APM_v2r4.audit from DISA F5 BIG-IP Access Policy Manager v2r4 STIG | DISA F5 BIG-IP Access Policy Manager STIG v2r4 | F5 | |
| DISA_STIG_Docker_Enterprise_2.x_Linux_Unix_DTR_v2r2.audit from DISA Docker Enterprise 2.x Linux/UNIX v2r2 STIG | DISA STIG Docker Enterprise 2.x Linux/Unix DTR v2r2 | Unix | |
| DISA_STIG_Docker_Enterprise_2.x_Linux_Unix_v2r2.audit from DISA Docker Enterprise 2.x Linux/UNIX v2r2 STIG | DISA STIG Docker Enterprise 2.x Linux/Unix v2r2 | Unix | |
| DISA_STIG_McAfee_VSEL_1.9.x_2.0.x_Managed_Client_v1r5.audit from DISA McAfee VSEL 1.9/2.0 Managed Client v1r5 STIG | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5 | Unix | |
| DISA_STIG_Microsoft_OneNote_2016_v1r2.audit for Microsoft OneNote 2016, from DISA STIG Microsoft OneNote 2016 v1r2 | DISA STIG Microsoft OneNote 2016 v1r2 | Windows | |
| DISA_STIG_Microsoft_Publisher_2016_v1r3.audit for Microsoft Publisher 2016, from DISA STIG Microsoft Publisher 2016 v1r3 | DISA STIG Microsoft Publisher 2016 v1r3 | Windows | |
| DISA_STIG_Microsoft_Visio_2016_v1r1.audit for Microsoft Visio 2016, from DISA STIG Microsoft Visio 2016 v1r1 | DISA STIG Microsoft Visio 2016 v1r1 | Windows | |
| DISA_STIG_Microsoft_Windows_2012_Server_DNS_v2r7.audit from DISA Microsoft Windows 2012 Server Domain Name System v2r7 STIG | DISA Microsoft Windows 2012 Server DNS STIG v2r7 | Windows | |
| DISA_STIG_Microsoft_Word_2016_v1r1.audit for Microsoft Word 2016, from DISA STIG Microsoft Word 2016 v1r1 | DISA STIG Microsoft Word 2016 v1r1 | Windows | |
| DISA_STIG_Server_2012_and_2012_R2_DC_v3r7.audit from DISA Microsoft Windows Server 2012/2012 R2 Domain Controller v3r7 STIG | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | |
| DISA_STIG_Server_2012_and_2012_R2_MS_v3r7.audit from DISA Microsoft Windows Server 2012/2012 R2 Member Server v3r7 STIG | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | |
| DISA_STIG_Splunk_Enterprise_7.x_for_Windows_OS_v3r1.audit from DISA Splunk Enterprise 7.x for Windows v3r1 STIG | DISA STIG Splunk Enterprise 7.x for Windows v3r1 OS | Windows | |
| DISA_STIG_Splunk_Enterprise_7.x_for_Windows_REST_API_v3r1.audit from DISA Splunk Enterprise 7.x for Windows v3r1 STIG | DISA STIG Splunk Enterprise 7.x for Windows v3r1 REST API | Splunk | |
| DISA_STIG_Splunk_Enterprise_8.x_for_Linux_OS_v2r1.audit from DISA Splunk Enterprise 8.x for Linux v2r1 STIG | DISA STIG Splunk Enterprise 8.x for Linux v2r1 STIG OS | Unix | |
| DISA_STIG_Splunk_Enterprise_8.x_for_Linux_REST_API_v2r1.audit from DISA Splunk Enterprise 8.x for Linux v2r1 STIG | DISA STIG Splunk Enterprise 8.x for Linux v2r1 STIG REST API | Splunk | |
| DISA_STIG_Windows_Firewall_v2r2.audit from DISA Microsoft Windows Defender Firewall with Advanced Security v2r2 STIG | DISA Microsoft Windows Firewall v2r2 | Windows | |
| DISA_VMware_vSphere_8.0_vCenter_Appliance_Lookup_Service_STIG_v2r1.audit from DISA VMware vSphere 8.0 vCenter Appliance Lookup Service STIG v2r1 | DISA VMware vSphere 8.0 vCenter Appliance Lookup Service STIG v2r1 | Unix | |
| DISA_VMware_vSphere_8.0_vCenter_Appliance_Photon_OS_4.0_STIG_v2r1.audit from DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | |
| EX16-ED-000570 - Exchange must render hyperlinks from email sources from non-.mil domains as unclickable. | DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r5 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| EX19-ED-000122 - Active hyperlinks in messages from non .mil domains must be rendered unclickable. | DISA Microsoft Exchange 2019 Edge Server STIG v2r2 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| GEN002860 - Audit logs must be rotated daily. | DISA STIG for Oracle Linux 5 v2r1 | Unix | CONFIGURATION MANAGEMENT |
| GEN002860 - Audit logs must be rotated daily. | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | CONFIGURATION MANAGEMENT |
| Monterey - Configure System to Fail to a Known Safe State if System Initialization, Shutdown, or Abort Fails | NIST macOS Monterey v1.0.0 - All Profiles | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Monterey - Configure System to Fail to a Known Safe State if System Initialization, Shutdown, or Abort Fails | NIST macOS Monterey v1.0.0 - 800-53r4 High | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Monterey - Configure System to Fail to a Known Safe State if System Initialization, Shutdown, or Abort Fails | NIST macOS Monterey v1.0.0 - 800-53r5 High | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
