| 1.2.1.3 Ensure repo_gpgcheck is globally activated | CIS Red Hat Enterprise Linux 9 v2.0.0 L2 Workstation | Unix | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 1.2.1.3 Ensure repo_gpgcheck is globally activated | CIS Rocky Linux 9 v2.0.0 L2 Server | Unix | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 1.2.3 Ensure repo_gpgcheck is globally activated | CIS CentOS Linux 7 v4.0.0 L2 Workstation | Unix | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 1.2.3 Ensure repo_gpgcheck is globally activated | CIS AlmaLinux OS 8 Server L2 v3.0.0 | Unix | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 1.2.4 Ensure repo_gpgcheck is globally activated | CIS Amazon Linux 2023 Server L2 v1.0.0 | Unix | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 1.3.1.8 Ensure SETroubleshoot is not installed | CIS Oracle Linux 9 v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 1.7.2 Ensure 'TLS 1.2' is set for HTTPS access | CIS Cisco Firewall v8.x L1 v4.2.0 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.8.6.1 Ensure 'Default File Format' is set to Enabled (Word Document (.docx)) | CIS Microsoft Office Word 2016 v1.1.0 | Windows | CONFIGURATION MANAGEMENT |
| 2.1 Disable Local-only Graphical Login Environment | CIS Solaris 11.2 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.3.7.4 (L1) Ensure 'Interactive logon: Prompt user to change password before expiration' is set to 'between 5 and 14 days' | CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DC | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3.7.4 (L1) Ensure 'Interactive logon: Prompt user to change password before expiration' is set to 'between 5 and 14 days' | CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MS | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3.7.6 (L1) Ensure 'Interactive logon: Prompt user to change password before expiration' is set to 'between 5 and 14 days' | CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3.7.6 (L1) Ensure 'Interactive logon: Prompt user to change password before expiration' is set to 'between 5 and 14 days' | CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3.7.6 (L1) Ensure 'Interactive logon: Prompt user to change password before expiration' is set to 'between 5 and 14 days' | CIS Microsoft Windows Server 2022 Stand-alone v1.0.0 L1 MS | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3.7.6 (L1) Ensure 'Interactive logon: Prompt user to change password before expiration' is set to 'between 5 and 14 days' | CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3.7.6 (L1) Ensure 'Interactive logon: Prompt user to change password before expiration' is set to 'between 5 and 14 days' | CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3.7.7 (L1) Ensure 'Interactive logon: Prompt user to change password before expiration' is set to 'between 5 and 14 days' | CIS Microsoft Windows Server 2016 v3.0.0 L1 DC | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3.7.7 (L1) Ensure 'Interactive logon: Prompt user to change password before expiration' is set to 'between 5 and 14 days' | CIS Microsoft Windows Server 2019 v4.0.0 L1 DC | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3.7.7 (L1) Ensure 'Interactive logon: Prompt user to change password before expiration' is set to 'between 5 and 14 days' | CIS Microsoft Windows Server 2019 v4.0.0 L1 MS | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3.7.7 (L1) Ensure 'Interactive logon: Prompt user to change password before expiration' is set to 'between 5 and 14 days' | CIS Windows Server 2012 DC L1 v3.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3.7.7 (L1) Ensure 'Interactive logon: Prompt user to change password before expiration' is set to 'between 5 and 14 days' | CIS Microsoft Windows Server 2022 v4.0.0 L1 DC | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3.7.7 (L1) Ensure 'Interactive logon: Prompt user to change password before expiration' is set to 'between 5 and 14 days' | CIS Windows Server 2012 MS L1 v3.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3.7.7 (L1) Ensure 'Interactive logon: Prompt user to change password before expiration' is set to 'between 5 and 14 days' | CIS Windows Server 2012 R2 DC L1 v3.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3.7.7 (L1) Ensure 'Interactive logon: Prompt user to change password before expiration' is set to 'between 5 and 14 days' | CIS Microsoft Windows Server 2025 v1.0.0 L1 DC | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3.7.7 (L1) Ensure 'Interactive logon: Prompt user to change password before expiration' is set to 'between 5 and 14 days' | CIS Microsoft Windows Server 2025 v1.0.0 L1 MS | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3.7.7 Ensure 'Interactive logon: Prompt user to change password before expiration' is set to 'between 5 and 14 days' | CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Member Server | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3.7.7 Ensure 'Interactive logon: Prompt user to change password before expiration' is set to 'between 5 and 14 days' | CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Domain Controller | Windows | IDENTIFICATION AND AUTHENTICATION |
| 4.4.3 Ensure password reuse is limited | CIS Debian 10 Workstation L1 v2.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.2.6 Ensure sudo authentication timeout is configured | CIS Ubuntu Linux 20.04 LTS v3.0.0 L1 Workstation | Unix | ACCESS CONTROL |
| 5.2.6 Ensure sudo authentication timeout is configured | CIS Ubuntu Linux 20.04 LTS v3.0.0 L1 Server | Unix | ACCESS CONTROL |
| 5.3.2 Ensure lockout for failed password attempts is configured - password-auth 'auth [default=die] pam_faillock.so authfail audit deny=5 unlock_time=900' | CIS Amazon Linux v2.1.0 L1 | Unix | ACCESS CONTROL |
| 5.3.2 Ensure lockout for failed password attempts is configured - password-auth 'auth sufficient pam_faillock.so authsucc audit deny=5 unlock_time=900' | CIS Amazon Linux v2.1.0 L1 | Unix | ACCESS CONTROL |
| 5.3.2 Ensure lockout for failed password attempts is configured - system-auth 'auth [default=die] pam_faillock.so' | CIS Aliyun Linux 2 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 5.3.3 Ensure password reuse is limited | CIS SUSE Linux Enterprise 12 v3.2.1 L1 Server | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.3.3 Ensure password reuse is limited | CIS SUSE Linux Enterprise 12 v3.2.1 L1 Workstation | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.3.3 Ensure password reuse is limited - password-auth | CIS Aliyun Linux 2 L1 v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.3.3 Ensure password reuse is limited - system-auth | CIS Aliyun Linux 2 L1 v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.4.3 Ensure password reuse is limited | CIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0 | Unix | ACCESS CONTROL |
| 5.14 Ensure 'on-failure' container restart policy is set to '5' - 'MaximumRetryCount' | CIS Docker Community Edition v1.1.0 L1 Docker | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.15 Ensure that the 'on-failure' container restart policy is set to '5' | CIS Docker v1.8.0 L1 OS Linux | Unix | CONFIGURATION MANAGEMENT |
| 9.2.3 Limit Password Reuse | CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| Configure IPsec Tunnel Parameters - rekey | Tenable Cisco Viptela SD-WAN - vEdge | Cisco_Viptela | ACCESS CONTROL |
| DISA_STIG_BIND_9_v2r3.audit from DISA BIND 9.x v2r3 STIG | DISA BIND 9.x STIG v2r3 | Unix | |
| DISA_STIG_PostgreSQL_9-x_on_RHEL_v2r5_OS.audit from DISA PostgreSQL 9.x v2r5 STIG | DISA STIG PostgreSQL 9.x on RHEL OS v2r5 | Unix | |
| Enable IKE Version 1/2 - group | Tenable Cisco Viptela SD-WAN - vEdge | Cisco_Viptela | SYSTEM AND COMMUNICATIONS PROTECTION |
| Enable IKE Version 1/2 - rekey | Tenable Cisco Viptela SD-WAN - vEdge | Cisco_Viptela | ACCESS CONTROL |
| Ensure 'HTTP session timeout' is less than or equal to '5' minutes | Tenable Cisco Firepower Best Practices Audit | Cisco | CONFIGURATION MANAGEMENT |
| RHEL-06-000274 - The system must prohibit the reuse of passwords within five iterations - password-auth. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| VCEM-67-000005 - ESX Agent Manager must record user access in a format that enables monitoring of remote access. | DISA STIG VMware vSphere 6.7 EAM Tomcat v1r4 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WBLC-01-000033 - Oracle WebLogic must enforce the organization-defined time period during which the limit of consecutive invalid access attempts by a user is counted. | Oracle WebLogic Server 12c Linux v2r2 | Unix | CONFIGURATION MANAGEMENT |
