| 1.1 Ensure a separate user and group exist for Cassandra - user exists in group | CIS Apache Cassandra 3.11 L1 Unix Audit v1.0.0 | Unix | ACCESS CONTROL |
| 1.1 Ensure a separate user and group exist for Cassandra - user exists in group | CIS Apache Cassandra 3.11 L2 Unix Audit v1.0.0 | Unix | ACCESS CONTROL |
| 1.1.1.9 Ensure usb-storage kernel module is not available | CIS Ubuntu Linux 22.04 LTS v3.0.0 L2 Workstation | Unix | IDENTIFICATION AND AUTHENTICATION |
| 1.1.1.10 Ensure usb-storage kernel module is not available | CIS Oracle Linux 10 v1.0.0 L2 Workstation | Unix | MEDIA PROTECTION |
| 1.1.1.10 Ensure usb-storage kernel module is not available | CIS Red Hat Enterprise Linux 10 v1.0.1 L1 Server | Unix | MEDIA PROTECTION |
| 1.1.1.10 Ensure usb-storage kernel module is not available | CIS Red Hat Enterprise Linux 8 v4.0.0 L2 Workstation | Unix | MEDIA PROTECTION |
| 1.1.1.10 Ensure usb-storage kernel module is not available | CIS Rocky Linux 10 v1.0.0 L1 Server | Unix | IDENTIFICATION AND AUTHENTICATION |
| 1.1.1.10 Ensure usb-storage kernel module is not available | CIS Rocky Linux 8 v3.0.0 L1 Server | Unix | MEDIA PROTECTION |
| 1.1.1.10 Ensure usb-storage kernel module is not available | CIS AlmaLinux OS 8 v4.0.0 L1 Server | Unix | MEDIA PROTECTION |
| 1.4 Enable system data files and security update installs - 'ConfigDataInstall' | CIS Apple macOS 10.12 L1 v1.2.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.4 Enable system data files and security update installs - 'CriticalUpdateInstall' | CIS Apple macOS 10.12 L1 v1.2.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.6.1.13 Ensure 'Configure Attack Surface Reduction rules: Set the state for each ASR rule' is set to 'e6db77e5-3df2-4cf1-b95a-636979351e5b:1' | CIS Microsoft Defender Antivirus v1.0.0 L1 Workstation | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 1.6.1.16 Ensure 'Configure Attack Surface Reduction rules: Set the state for each ASR rule' is set to '92e97fa1-2edf-4476-bdd6-9dd0b4dddc7b:1' | CIS Microsoft Defender Antivirus v1.0.0 L1 Workstation | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 1.13.6 Ensure 'Configure Add-In Trust Level' is set to Enabled:Trust all loaded and installed COM addins | CIS Microsoft Office Outlook 2016 v1.1.0 Level 1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.1.1 Disable Bluetooth, if no paired devices exist - Bluetooth is disabled | CIS Apple OSX 10.11 El Capitan L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.8 Ensure monitoring and alerting exists for new share exposures | CIS Snowflake Foundations v1.0.0 L1 | Snowflake | AUDIT AND ACCOUNTABILITY |
| APPL-14-003080 - The macOS system must disable accounts after 35 days of inactivity. | DISA Apple macOS 14 Sonoma STIG v2r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Disable Accounts after 35 Days of Inactivity | NIST macOS Big Sur v1.4.0 - 800-171 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Disable Accounts after 35 Days of Inactivity | NIST macOS Big Sur v1.4.0 - CNSSI 1253 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Disable Accounts after 35 Days of Inactivity | NIST macOS Big Sur v1.4.0 - 800-53r4 Moderate | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Catalina - Disable Accounts after 35 Days of Inactivity | NIST macOS Catalina v1.5.0 - 800-53r4 Moderate | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Catalina - Disable Accounts after 35 Days of Inactivity | NIST macOS Catalina v1.5.0 - 800-53r5 High | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Catalina - Disable Accounts after 35 Days of Inactivity | NIST macOS Catalina v1.5.0 - All Profiles | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Catalina - Disable Accounts after 35 Days of Inactivity | NIST macOS Catalina v1.5.0 - 800-53r4 High | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| DTAM022 - McAfee VirusScan On-Delivery Email Scanner must be configured to find unknown program threats and trojans. | DISA McAfee VirusScan 8.8 Local Client STIG v6r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTAM023 - McAfee VirusScan On Delivery Email Scan Policies must be configured to find unknown macro threats. | DISA McAfee VirusScan 8.8 Managed Client STIG v6r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTAM023 - McAfee VirusScan On Delivery Email Scanner Properties must be configured to find unknown macro threats. | DISA McAfee VirusScan 8.8 Local Client STIG v6r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTAM027 - McAfee VirusScan On Delivery Email Scanner Properties must be configured to decode MIME encoded files. | DISA McAfee VirusScan 8.8 Local Client STIG v6r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTAM028 - McAfee VirusScan On Delivery Email Scan Policies must be configured to scan email message body. | DISA McAfee VirusScan 8.8 Managed Client STIG v6r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTAM158 - McAfee VirusScan On-Delivery Email Scan Policies must be configured to send a notification email to the IAO, IAM, and/or ePO administrator when a threatened email message is detected - bSendMailToUser | DISA McAfee VirusScan 8.8 Managed Client STIG v6r1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| DTAM158 - McAfee VirusScan On-Delivery Email Scan Policies must be configured to send a notification email to the IAO, IAM, and/or ePO administrator when a threatened email message is detected. | DISA McAfee VirusScan 8.8 Managed Client STIG v6r1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| DTAM158 - McAfee VirusScan On-Delivery Email Scanner must be configured to send a notification email to the IAO, IAM and/or ePO administrator when a threatening email message is detected. - bSendMailToUser | DISA McAfee VirusScan 8.8 Local Client STIG v6r1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| DTAM162 - McAfee VirusScan On Delivery Email Scan Policies, When a threat is found, must be configured to clean attachments as the first action and delete attachments if the first action fails. | DISA McAfee VirusScan 8.8 Managed Client STIG v6r1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| DTAM163 - McAfee VirusScan On Delivery Email Scanner Properties must be configured to delete attachments if the first action fails for when an unwanted attachment is found. | DISA McAfee VirusScan 8.8 Local Client STIG v6r1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| EX19-ED-000125 - Exchange filtered messages must be archived. | DISA Microsoft Exchange 2019 Edge Server STIG v2r2 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| EX19-MB-000137 - Exchange must have anti-spam filtering installed. | DISA Microsoft Exchange 2019 Mailbox Server STIG v2r3 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| EX19-MB-000138 - Exchange must have anti-spam filtering enabled. | DISA Microsoft Exchange 2019 Mailbox Server STIG v2r3 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| F5BI-AP-300042 - The F5 BIG-IP appliance that intermediary services for FTP must inspect inbound and outbound FTP communications traffic for protocol compliance and protocol anomalies. | DISA F5 BIG-IP TMOS ALG STIG v1r2 | F5 | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| F5BI-LT-000305 - The BIG-IP Core implementation must be configured to inspect for protocol compliance and protocol anomalies in inbound FTP and FTPS communications traffic to virtual servers. | DISA F5 BIG-IP Local Traffic Manager STIG v2r4 | F5 | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| GOOG-15-010900 - Android 15 devices must be configured to disable the use of third-party keyboards. | AirWatch - DISA Google Android 15 COBO STIG v1r3 | MDM | CONFIGURATION MANAGEMENT |
| Monterey - Disable Accounts after 35 Days of Inactivity | NIST macOS Monterey v1.0.0 - 800-53r4 Moderate | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Monterey - Disable Accounts after 35 Days of Inactivity | NIST macOS Monterey v1.0.0 - All Profiles | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| RHEL-10-200630 - RHEL 10 must have the Advanced Intrusion Detection Environment (AIDE) package installed. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| SYMP-AG-000240 - The reverse proxy Symantec ProxySG providing intermediary services for FTP must inspect inbound FTP communications traffic for protocol compliance and protocol anomalies - Forwarding Host | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| SYMP-AG-000270 - Symantec ProxySG providing intermediary services for HTTP must inspect outbound HTTP traffic for protocol compliance and protocol anomalies - Explicit | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| SYMP-AG-000270 - Symantec ProxySG providing intermediary services for HTTP must inspect outbound HTTP traffic for protocol compliance and protocol anomalies - Internal | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| Turn off real-time protection | MSCT Windows Server 2025 DC v2506 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Turn off real-time protection | MSCT Windows 11 v23H2 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| WBLC-02-000069 - Oracle WebLogic must generate audit records for the DoD-selected list of auditable events - HTTP Access Log | Oracle WebLogic Server 12c Linux v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| WBLC-02-000069 - Oracle WebLogic must generate audit records for the DoD-selected list of auditable events - HTTP Access Log | Oracle WebLogic Server 12c Linux v2r2 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
