| 1.1.23 Disable USB Storage - lsmod | CIS Debian Family Workstation L2 v1.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.1.23 Disable USB Storage - modprobe | CIS Debian Family Workstation L2 v1.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.1.24 Disable USB Storage - lsmod | CIS Fedora 19 Family Linux Server L1 v1.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.1.24 Disable USB Storage - lsmod | CIS Fedora 19 Family Linux Workstation L2 v1.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.1.24 Disable USB Storage - lsmod | CIS Ubuntu Linux 16.04 LTS Workstation L2 v2.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.1.24 Disable USB Storage - modprobe | CIS Fedora 19 Family Linux Server L1 v1.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.1.24 Disable USB Storage - modprobe | CIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.1.24 Disable USB Storage - modprobe | CIS Ubuntu Linux 16.04 LTS Workstation L2 v2.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.2 (L1) Host hardware must enable UEFI Secure Boot | CIS VMware ESXi 8.0 v1.3.0 L1 VMware | VMware | SYSTEM AND SERVICES ACQUISITION |
| 1.6.1.10 Ensure 'Configure Attack Surface Reduction rules: Set the state for each ASR rule' is set to '3b576869-a4ec-4529-8536-b80a7769e899:1' | CIS Microsoft Defender Antivirus v1.0.0 L1 Server | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 1.6.1.10 Ensure 'Configure Attack Surface Reduction rules: Set the state for each ASR rule' is set to '3b576869-a4ec-4529-8536-b80a7769e899:1' | CIS Microsoft Defender Antivirus v1.0.0 L1 Workstation | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 1.7.8 Ensure GDM autorun-never is enabled | CIS Debian Linux 12 v1.1.0 L1 Server | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, MEDIA PROTECTION |
| 1.7.8 Ensure GDM autorun-never is enabled | CIS Debian Linux 12 v1.1.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, MEDIA PROTECTION |
| 1.7.8 Ensure GDM autorun-never is enabled | CIS Ubuntu Linux 20.04 LTS v3.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, MEDIA PROTECTION |
| 1.7.8 Ensure GDM autorun-never is enabled | CIS Ubuntu Linux 22.04 LTS v3.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, MEDIA PROTECTION |
| 1.8.8 Ensure GDM autorun-never is enabled | CIS Oracle Linux 9 v2.0.0 L1 Workstation | Unix | MEDIA PROTECTION |
| 1.8.8 Ensure GDM autorun-never is enabled | CIS Red Hat Enterprise Linux 9 v2.0.0 L1 Workstation | Unix | MEDIA PROTECTION |
| 1.8.8 Ensure GDM autorun-never is enabled | CIS Rocky Linux 9 v2.0.0 L1 Server | Unix | MEDIA PROTECTION |
| 1.8.8 Ensure GDM autorun-never is enabled | CIS Ubuntu Linux 18.04 LTS v2.2.0 L1 Server | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, MEDIA PROTECTION |
| 1.8.8 Ensure GDM autorun-never is enabled | CIS Red Hat Enterprise Linux 9 v2.0.0 L1 Server | Unix | MEDIA PROTECTION |
| 1.8.8 Ensure GDM autorun-never is enabled | CIS SUSE Linux Enterprise 15 v2.0.1 L1 Workstation | Unix | MEDIA PROTECTION |
| 1.8.8 Ensure GDM autorun-never is enabled | CIS Ubuntu Linux 18.04 LTS v2.2.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, MEDIA PROTECTION |
| 1.8.8 Ensure GDM autorun-never is enabled | CIS Debian Linux 10 v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, MEDIA PROTECTION |
| 1.8.9 Ensure GDM autorun-never is enabled | CIS Red Hat Enterprise Linux 8 STIG v2.0.0 L1 Server | Unix | MEDIA PROTECTION |
| 2.1.2 (L1) Ensure the Common Attachment Types Filter is enabled | CIS Microsoft 365 Foundations v6.0.1 L1 E3 | microsoft_azure | SYSTEM AND INFORMATION INTEGRITY |
| 2.1.2 (L1) Ensure the Common Attachment Types Filter is enabled | CIS Microsoft 365 Foundations v6.0.1 L1 E5 | microsoft_azure | SYSTEM AND INFORMATION INTEGRITY |
| 6.8 Ensure that PAN-DB URL Filtering is used | CIS Palo Alto Firewall 10 v1.3.0 L1 | Palo_Alto | SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.8 Ensure that PAN-DB URL Filtering is used | CIS Palo Alto Firewall 11 v1.2.0 L1 | Palo_Alto | SYSTEM AND COMMUNICATIONS PROTECTION |
| 12.50 Intrusion detection system on host - 'Utilize' | CIS v1.1.0 Oracle 11g OS L2 | Unix | |
| 12.50 Intrusion detection system on host - 'Utilize' | CIS v1.1.0 Oracle 11g OS Windows Level 2 | Windows | |
| 18.9.77.14 Ensure 'Turn off Windows Defender AntiVirus' is set to 'Disabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| ALMA-09-045340 - AlmaLinux OS 9 must have the Advanced Intrusion Detection Environment (AIDE) package installed. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r6 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| APPL-15-003080 - The macOS system must disable accounts after 35 days of inactivity. | DISA Apple macOS 15 Sequoia STIG v1r7 | Unix | ACCESS CONTROL |
| BIND-9X-001890 - The BIND 9.x server implementation must maintain at least three file versions of the local log file. | DISA BIND 9.x STIG v3r1 | Unix | AUDIT AND ACCOUNTABILITY |
| BIND-9X-001900 - The BIND 9.x server implementation must be configured with a channel to send audit records to a local file. | DISA BIND 9.x STIG v3r1 | Unix | AUDIT AND ACCOUNTABILITY |
| CIS Control 8 (8.4) Configure Anti-Malware Scanning of Removable Media | CAS Implementation Group 1 Audit File | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-004 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to decompress archives when scanning. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-101 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must be configured to decompress archives when scanning. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| EX16-MB-000500 - Exchange must have anti-spam filtering enabled - ContentFilterConfig | DISA Microsoft Exchange 2016 Mailbox Server STIG v2r6 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| EX19-ED-000142 - Exchange must have anti-spam filtering configured. | DISA Microsoft Exchange 2019 Edge Server STIG v2r2 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| F5BI-AP-300041 - The F5 BIG-IP appliance that provides intermediary services for SMTP must inspect inbound and outbound SMTP and Extended SMTP communications traffic for protocol compliance and protocol anomalies. | DISA F5 BIG-IP TMOS ALG STIG v1r2 | F5 | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| F5BI-LT-000303 - The BIG-IP Core implementation must be configured to inspect for protocol compliance and protocol anomalies in inbound SMTP and Extended SMTP communications traffic to virtual servers. | DISA F5 BIG-IP Local Traffic Manager STIG v2r4 | F5 | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| JUSX-VN-000008 - The Juniper SRX Services Gateway VPN must be configured to use IPsec with SHA256 or greater to negotiate hashing to protect the integrity of remote access sessions. | DISA Juniper SRX Services Gateway VPN v3r2 | Juniper | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| MS.DEFENDER.1.2v1 - All users SHALL be added to Exchange Online Protection (EOP) in either the standard or strict preset security policy. | CISA SCuBA Microsoft 365 Defender v1.5.0 | microsoft_azure | ACCESS CONTROL, SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| MSFT-11-011000 - Microsoft Android 11 devices must be configured to disable the use of third-party keyboards. | AirWatch - DISA Microsoft Android 11 COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
| PANW-IP-000043 - The Palo Alto Networks security platform must use a Vulnerability Protection Profile that blocks any critical, high, or medium threats. | DISA Palo Alto Networks IDPS STIG v3r2 | Palo_Alto | SYSTEM AND COMMUNICATIONS PROTECTION |
| SLEM-05-651035 - SLEM 5 must notify the system administrator (SA) when Advanced Intrusion Detection Environment (AIDE) discovers anomalies in the operation of any security functions. | DISA SUSE Linux Enterprise Micro SLEM 5 STIG v1r4 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| UBTU-24-100840 - Ubuntu 24.04 LTS SSH server must be configured to use only FIPS 140-3 validated key exchange algorithms. | DISA Canonical Ubuntu 24.04 LTS STIG v1r5 | Unix | ACCESS CONTROL |
| WN12-CC-000065 - The detection of compatibility issues for applications and drivers must be turned off. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN12-CC-000065 - The detection of compatibility issues for applications and drivers must be turned off. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
