| 2.2 Ensure that MongoDB does not bypass authentication via the localhost exception | CIS MongoDB L1 Unix Audit v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.4 Ensure an industry standard authentication mechanism is used - authorization | CIS MongoDB L2 Unix Audit v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 2.4 Ensure an industry standard authentication mechanism is used - clusterAuthMode | CIS MongoDB L2 Unix Audit v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 2.4 Ensure an industry standard authentication mechanism is used - mode | CIS MongoDB L2 Unix Audit v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.1 Ensure TLS or SSL protects all network communications | CIS MongoDB L1 Unix Audit v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.3 Ensure that logging captures as much information as possible | CIS MongoDB L2 Unix Audit v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 6.7 Ensure that the REST API is disabled | CIS MongoDB L2 Unix Audit v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 7.1 Ensure that key file permissions are set correctly | CIS MongoDB L1 Unix Audit v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 7.2 Ensure that database file permissions are set correctly | CIS MongoDB L1 Unix Audit v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 18.8.3.1 Ensure 'Include command line in process creation events' is set to 'Enabled' | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC | Windows | AUDIT AND ACCOUNTABILITY |
| 18.8.3.1 Ensure 'Include command line in process creation events' is set to 'Enabled' | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS | Windows | AUDIT AND ACCOUNTABILITY |
| 20.6 (L1) Ensure 'PowerShell 2.0 is not Installed' | CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| CIS Security Benchmark For Microsoft IIS 7.0/7.5 v1.8.0 Level II. | CIS IIS 7 L2 v1.8.0 | Windows | |
| CIS_Microsoft_Intune_for_Windows_10_v4.0.0_L1.audit from CIS Microsoft Intune for Windows 10 Benchmark v4.0.0 | CIS Microsoft Intune for Windows 10 v4.0.0 L1 | Windows | |
| CIS_Microsoft_Intune_for_Windows_10_v4.0.0_L2.audit from CIS Microsoft Intune for Windows 10 Benchmark v4.0.0 | CIS Microsoft Intune for Windows 10 v4.0.0 L2 | Windows | |
| CIS_Microsoft_Intune_for_Windows_11_v4.0.0_L1.audit from CIS Microsoft Intune for Windows 11 Benchmark v4.0.0 | CIS Microsoft Intune for Windows 11 v4.0.0 L1 | Windows | |
| CIS_Microsoft_Intune_for_Windows_11_v4.0.0_L2.audit from CIS Microsoft Intune for Windows 11 Benchmark v4.0.0 | CIS Microsoft Intune for Windows 11 v4.0.0 L2 | Windows | |
| CIS_Microsoft_Windows_10_EMS_Gateway_v3.0.0_L1.audit from CIS Microsoft Windows 10 EMS Gateway Benchmark v3.0.0 | CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1 | Windows | |
| CIS_MongoDB_3.4_Benchmark_Level_1_OS_Windows_v1.0.0.audit from CIS MongoDB 3.4 Benchmark v1.0.0 | CIS MongoDB 3.4 L1 Windows Audit v1.0.0 | Windows | |
| CIS_MongoDB_Benchmark_Level_1_OS_Windows_v1.0.0.audit from CIS MongoDB Benchmark v1.0.0 | CIS MongoDB L1 Windows Audit v1.0.0 | Windows | |
| DISA_Oracle_11g_Instance_v9r1_OS_Windows.audit from DISA Oracle Database 11g Instance STIG v9r1 STIG | DISA STIG Oracle 11 Instance v9r1 OS Windows | Windows | |
| DISA_STIG_Oracle_Database_12c_v3r2_OS_Windows.audit from DISA Oracle Database 12c v3r2 STIG | DISA STIG Oracle 12c v3r2 Windows | Windows | |
| EP11-00-002600 - The audit information produced by the EDB Postgres Advanced Server must be protected from unauthorized read access. | EDB PostgreSQL Advanced Server v11 Windows OS Audit v2r4 | Windows | AUDIT AND ACCOUNTABILITY |
| EP11-00-002800 - The audit information produced by the EDB Postgres Advanced Server must be protected from unauthorized deletion. | EDB PostgreSQL Advanced Server v11 Windows OS Audit v2r4 | Windows | AUDIT AND ACCOUNTABILITY |
| EP11-00-003200 - Software, applications, and configuration files that are part of, or related to, the Postgres Plus Advanced Server installation must be monitored to discover unauthorized changes. | EDB PostgreSQL Advanced Server v11 Windows OS Audit v2r4 | Windows | CONFIGURATION MANAGEMENT |
| EP11-00-003400 - Database software, including EDB Postgres Advanced Server configuration files, must be stored in dedicated directories, separate from the host OS and other applications. | EDB PostgreSQL Advanced Server v11 Windows OS Audit v2r4 | Windows | CONFIGURATION MANAGEMENT |
| EP11-00-003900 - Unused database components which are integrated in the EDB Postgres Advanced Server and cannot be uninstalled must be disabled. | EDB PostgreSQL Advanced Server v11 Windows OS Audit v2r4 | Windows | CONFIGURATION MANAGEMENT |
| EP11-00-004000 - Access to external executables must be disabled or restricted. | EDB PostgreSQL Advanced Server v11 Windows OS Audit v2r4 | Windows | CONFIGURATION MANAGEMENT |
| EP11-00-004200 - The EDB Postgres Advanced Server must uniquely identify and authenticate organizational users (or processes acting on behalf of organizational users). | EDB PostgreSQL Advanced Server v11 Windows OS Audit v2r4 | Windows | IDENTIFICATION AND AUTHENTICATION |
| EP11-00-004400 - If passwords are used for authentication, the EDB Postgres Advanced Server must transmit only encrypted representations of passwords. | EDB PostgreSQL Advanced Server v11 Windows OS Audit v2r4 | Windows | IDENTIFICATION AND AUTHENTICATION |
| EP11-00-004500 - The EDB Postgres Advanced Server, when utilizing PKI-based authentication, must validate certificates by performing RFC 5280-compliant certification path validation. | EDB PostgreSQL Advanced Server v11 Windows OS Audit v2r4 | Windows | IDENTIFICATION AND AUTHENTICATION |
| EP11-00-009100 - The EDB Postgres Advanced Server must only accept end entity certificates issued by DoD PKI or DoD-approved PKI Certification Authorities (CAs) for the establishment of all encrypted sessions. | EDB PostgreSQL Advanced Server v11 Windows OS Audit v2r4 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EP11-00-009600 - The EDB Postgres Advanced Server must maintain the confidentiality and integrity of information during reception. | EDB PostgreSQL Advanced Server v11 Windows OS Audit v2r4 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EP11-00-012700 - The EDB Postgres Advanced Server must implement NIST FIPS 140-2 or 140-3 validated cryptographic modules to provision digital signatures. | EDB PostgreSQL Advanced Server v11 Windows OS Audit v2r4 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Salesforce.com : AuthConfig - 'Auth Providers = Facebook is not configured' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | CONFIGURATION MANAGEMENT |
| Salesforce.com : AuthConfig - 'Auth Providers = MicrosoftACS Consumer Secret' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | |
| Salesforce.com : AuthConfig - 'Auth Providers = MicrosoftACS is not configured' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | CONFIGURATION MANAGEMENT |
| Salesforce.com : AuthConfig - 'Auth Providers = MicrosoftACS Token Endpoint URL' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | |
| Salesforce.com : AuthConfig - 'Auth Providers in use' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | |
| Salesforce.com : Data Access Control - 'Enable CSRF protection on GET requests on non-setup pages = true' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | SYSTEM AND COMMUNICATIONS PROTECTION |
| Salesforce.com : Email Services - 'IsErrorRoutingEnabled = True' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | SYSTEM AND INFORMATION INTEGRITY |
| Salesforce.com : Object Permissions - 'DefaultLeadAccess should not be Public Read/Write or Public Read/Write/Transfer' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | ACCESS CONTROL |
| WN19-DC-000180 - Windows Server 2019 Active Directory Domain object must be configured with proper audit settings. | DISA Microsoft Windows Server 2019 STIG v3r4 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN19-DC-000190 - Windows Server 2019 Active Directory Infrastructure object must be configured with proper audit settings. | DISA Microsoft Windows Server 2019 STIG v3r4 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN19-DC-000210 - Windows Server 2019 Active Directory AdminSDHolder object must be configured with proper audit settings. | DISA Microsoft Windows Server 2019 STIG v3r4 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN19-DC-000220 - Windows Server 2019 Active Directory RID Manager$ object must be configured with proper audit settings. | DISA Microsoft Windows Server 2019 STIG v3r4 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN22-DC-000170 - Windows Server 2022 Active Directory Group Policy objects must be configured with proper audit settings. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN22-DC-000180 - Windows Server 2022 Active Directory Domain object must be configured with proper audit settings. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN22-DC-000190 - Windows Server 2022 Active Directory Infrastructure object must be configured with proper audit settings. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN22-DC-000210 - Windows Server 2022 Active Directory AdminSDHolder object must be configured with proper audit settings. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
