| 1.1.2 Ensure 'Enable Log on High DP Load' is enabled | CIS Palo Alto Firewall 8 Benchmark L1 v1.0.0 | Palo_Alto | AUDIT AND ACCOUNTABILITY |
| 1.1.4.1.1 Ensure select data center regions for meetings/webinars hosted by your account is set to enabled | CIS Zoom L1 v1.0.0 | Zoom | CONFIGURATION MANAGEMENT |
| 1.1.4.1.1 Ensure select data center regions for meetings/webinars hosted by your account is set to enabled | CIS Zoom L2 v1.0.0 | Zoom | CONFIGURATION MANAGEMENT |
| 1.1.5.2 Ensure ask users to integrate Office 365 calendar when they sign in is set to disabled | CIS Zoom L2 v1.0.0 | Zoom | CONFIGURATION MANAGEMENT |
| 1.10 Use Dedicated "mgmt" Interface and VRF for Administrative Functions | CIS Cisco NX-OS v1.2.0 L2 | Cisco | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 1.13.10 Ensure 'Prompt User To Choose Security Settings If Default settings Fail' is set to Disabled | CIS Microsoft Office Outlook 2016 v1.1.0 Level 1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.13.10 Ensure 'Prompt User To Choose Security Settings If Default settings Fail' is set to Disabled | CIS Microsoft Office Outlook 2013 v1.1.0 Level 1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.309 RHEL-09-432035 | CIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 2.15 Ensure 'sa' Login Account has been renamed | CIS SQL Server 2008 R2 DB Engine L1 v1.7.0 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| 2.16 Ensure 'AUTO_CLOSE' is set to 'OFF' on contained databases | CIS SQL Server 2012 Database L1 AWS RDS v1.6.0 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| 2.16 Ensure 'AUTO_CLOSE' is set to 'OFF' on contained databases | CIS SQL Server 2012 Database L1 DB v1.6.0 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| 4.1 Create a user for the container | CIS Docker 1.13.0 v1.0.0 L1 Docker | Unix | ACCESS CONTROL |
| 4.1 Ensure a user for the container has been created | CIS Docker Community Edition v1.1.0 L1 Docker | Unix | ACCESS CONTROL |
| 4.2 Ensure 'Software Update' returns 'Your software is up to date.' | MobileIron - CIS Apple iOS 10 v2.0.0 Institution Owned L1 | MDM | SYSTEM AND INFORMATION INTEGRITY |
| 4.2 Ensure 'Software Update' returns 'Your software is up to date.' | AirWatch - CIS Apple iOS 11 v1.0.0 End User Owned L1 | MDM | SYSTEM AND INFORMATION INTEGRITY |
| 4.2 Ensure 'Software Update' returns 'Your software is up to date.' | AirWatch - CIS Apple iOS 13 and iPadOS 13 v1.0.0 End User Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 4.2 Ensure 'Software Update' returns 'Your software is up to date.' | AirWatch - CIS Apple iOS 14 and iPadOS 14 Institution Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 4.2 Ensure 'Software Update' returns 'Your software is up to date.' | MobileIron - CIS Apple iOS 14 and iPadOS 14 Institution Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 4.4 Ensure 'Software Update' returns 'Your software is up to date.' | MobileIron - CIS Apple iOS 26 v1.0.0 L1 End User Owned | MDM | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 4.4 Ensure 'Software Update' returns 'Your software is up to date.' | AirWatch - CIS Apple iPadOS 18 v2.0.0 L1 End User Owned | MDM | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 6.2 Ensure Log Files are Stored on a Non-System Partition | CIS MariaDB 10.11 v1.0.0 L1 MariaDB RDBMS MySQLDB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| 6.2 Ensure Log Files are Stored on a Non-System Partition | CIS Oracle MySQL Enterprise Edition 8.0 v1.5.0 L1 MySQL RDBMS MySQLDB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| 6.2 Ensure Log Files are Stored on a Non-System Partition | CIS Oracle MySQL Enterprise Edition 8.4 v1.1.0 L1 MySQL RDBMS on Linux MySQLDB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| 6.6 Ensure ModSecurity Is Installed and Enabled | CIS Apache HTTP Server 2.2 L2 v3.6.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.12 Set 'Prompt user to choose security settings if default settings fail' to 'Disabled' | CIS MS Office Outlook 2010 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.2 Ensure Asymmetric Key Size is set to 'greater than or equal to 2048' in non-system databases | CIS Microsoft SQL Server 2019 v1.5.2 L1 AWS RDS | MS_SQLDB | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.2 Ensure Asymmetric Key Size is set to 'greater than or equal to 2048' in non-system databases | CIS SQL Server 2008 R2 DB Engine L1 v1.7.0 | MS_SQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.14 (L1) Virtual machines must remove unnecessary parallel port devices | CIS VMware ESXi 8.0 v1.2.0 L1 VMware | VMware | CONFIGURATION MANAGEMENT |
| 7.15 (L2) Virtual machines must remove unnecessary CD/DVD devices | CIS VMware ESXi 8.0 v1.2.0 L2 | VMware | CONFIGURATION MANAGEMENT |
| 7.16 (L1) Virtual machines must remove unnecessary floppy devices | CIS VMware ESXi 8.0 v1.2.0 L1 VMware | VMware | CONFIGURATION MANAGEMENT |
| 9.5 Ensure the Timeout Limits for Request Headers is Set to 40 or Less | CIS Apache HTTP Server 2.4 v2.3.0 L1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| 9.5 Ensure the Timeout Limits for Request Headers is Set to 40 or Less - mod_reqtimeout | CIS Apache HTTP Server 2.2 L1 v3.6.0 | Unix | CONFIGURATION MANAGEMENT |
| 9.5 Ensure the Timeout Limits for Request Headers is Set to 40 or Less - mod_reqtimeout | CIS Apache HTTP Server 2.2 L2 v3.6.0 | Unix | CONFIGURATION MANAGEMENT |
| 9.5 Ensure the Timeout Limits for Request Headers is Set to 40 or Less - RequestReadTimeout | CIS Apache HTTP Server 2.2 L1 v3.6.0 | Unix | CONFIGURATION MANAGEMENT |
| 9.23 Find Un-owned Files and Directories | CIS Solaris 11.2 L1 v1.1.0 | Unix | ACCESS CONTROL |
| 9.24 Find Un-owned Files and Directories | CIS Solaris 11 L1 v1.1.0 | Unix | ACCESS CONTROL |
| ALMA-09-032470 - AlmaLinux OS 9 must restrict the use of the "su" command. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | ACCESS CONTROL |
| CNTR-K8-000850 - Kubernetes Kubelet must deny hostname override. | DISA STIG Kubernetes v2r5 | Unix | CONFIGURATION MANAGEMENT |
| CNTR-K8-002000 - The Kubernetes API server must have the ValidatingAdmissionWebhook enabled. | DISA STIG Kubernetes v2r5 | Unix | ACCESS CONTROL |
| EX19-MB-000147 - The Exchange malware scanning agent must be configured for automatic updates. | DISA Microsoft Exchange 2019 Mailbox Server STIG v2r3 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| O19C-00-008400 - Oracle Database must be configured in accordance with the security configuration settings based on DOD security configuration and implementation guidance, including STIGs, NSA configuration guides, CTOs, DTMs, and IAVMs. | DISA Oracle Database 19c STIG v1r3 OracleDB | OracleDB | CONFIGURATION MANAGEMENT |
| O19C-00-008400 - Oracle Database must be configured in accordance with the security configuration settings based on DOD security configuration and implementation guidance, including STIGs, NSA configuration guides, CTOs, DTMs, and IAVMs. | DISA Oracle Database 19c STIG v1r5 OracleDB | OracleDB | CONFIGURATION MANAGEMENT |
| SOL-11.1-070100 - Duplicate User IDs (UIDs) must not exist for users within the organization. | DISA Solaris 11 SPARC STIG v3r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| SOL-11.1-070110 - Duplicate UIDs must not exist for multiple non-organizational users. | DISA Solaris 11 SPARC STIG v3r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| SOL-11.1-070130 - Reserved UIDs 0-99 must only be used by system accounts. | DISA Solaris 11 SPARC STIG v3r4 | Unix | CONFIGURATION MANAGEMENT |
| SOL-11.1-070130 - Reserved UIDs 0-99 must only be used by system accounts. | DISA Solaris 11 X86 STIG v3r4 | Unix | CONFIGURATION MANAGEMENT |
| SOL-11.1-070200 - The operating system must have no unowned files. | DISA Solaris 11 SPARC STIG v3r4 | Unix | CONFIGURATION MANAGEMENT |
| SOL-11.1-070200 - The operating system must have no unowned files. | DISA Solaris 11 X86 STIG v3r4 | Unix | CONFIGURATION MANAGEMENT |
| TCAT-AS-001470 - Tomcat server must be patched for security vulnerabilities. | DISA STIG Apache Tomcat Application Server 9 v3r3 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| vCenter: vcenter-8.vami-time | VMware vSphere Security Configuration and Hardening Guide | VMware | AUDIT AND ACCOUNTABILITY |
