| 3.1.1 Set an appropriate default database for all users | CIS Sybase 15.0 L1 DB v1.1.0 | SybaseDB | |
| 6 - Run your Instance as non privileged user | TNS Best Practice JBoss 7 Linux | Unix | ACCESS CONTROL |
| 11 - JSP Regeneration | TNS Best Practice JBoss 7 Linux | Unix | CONFIGURATION MANAGEMENT |
| 14 - Restrict access to binaries directory - owner | TNS Best Practice Jetty 9 Linux | Unix | ACCESS CONTROL |
| 14 - SSL Encryption - Modify WSDL Address | TNS Best Practice JBoss 7 Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 19 - Restrict access to logging.properties - owner | TNS Best Practice Jetty 9 Linux | Unix | ACCESS CONTROL |
| 20 - Restrict access to server.xml - owner | TNS Best Practice Jetty 9 Linux | Unix | ACCESS CONTROL |
| 24 - Remove extraneous files and directories - $JETTY_BASE/webapps/examples | TNS Best Practice Jetty 9 Linux | Unix | CONFIGURATION MANAGEMENT |
| 24 - Remove extraneous files and directories - $JETTY_BASE/webapps/ROOT/admin | TNS Best Practice Jetty 9 Linux | Unix | CONFIGURATION MANAGEMENT |
| 27 - Ensure SSLEnabled is set to True for Sensitive Connectors - SSLEnabled | TNS Best Practice Jetty 9 Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 27 - Ensure SSLEnabled is set to True for Sensitive Connectors - SSLEngine | TNS Best Practice Jetty 9 Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Adtran : Disable FTP | TNS Adtran AOS Best Practice Audit | Adtran | CONFIGURATION MANAGEMENT |
| Adtran : Disable WEP security mode | TNS Adtran AOS Best Practice Audit | Adtran | ACCESS CONTROL |
| Adtran : Enable Firewall | TNS Adtran AOS Best Practice Audit | Adtran | SYSTEM AND COMMUNICATIONS PROTECTION |
| Adtran : Enable stateful inspection on firewall | TNS Adtran AOS Best Practice Audit | Adtran | SYSTEM AND COMMUNICATIONS PROTECTION |
| Adtran : Encrypt passwords | TNS Adtran AOS Best Practice Audit | Adtran | IDENTIFICATION AND AUTHENTICATION |
| Adtran : Ensure discovery protocols such as LLDP are not enabled on public interfaces | TNS Adtran AOS Best Practice Audit | Adtran | CONFIGURATION MANAGEMENT |
| Adtran : Firewall - Deny by Default ACL | TNS Adtran AOS Best Practice Audit | Adtran | SYSTEM AND COMMUNICATIONS PROTECTION |
| Adtran : Secure Web Access - HTTPS enabled | TNS Adtran AOS Best Practice Audit | Adtran | SYSTEM AND COMMUNICATIONS PROTECTION |
| Adtran : Set 'motd' Banner | TNS Adtran AOS Best Practice Audit | Adtran | ACCESS CONTROL |
| Adtran : SNMP 'PRIVATE' community string not used | TNS Adtran AOS Best Practice Audit | Adtran | IDENTIFICATION AND AUTHENTICATION |
| Adtran : SNMPv3 is used with 'priv' | TNS Adtran AOS Best Practice Audit | Adtran | ACCESS CONTROL |
| CISC-RT-000510 - The Cisco BGP router must be configured to reject inbound route advertisements from a customer edge (CE) router for prefixes that are not allocated to that customer. | DISA Cisco IOS Router RTR STIG v3r3 | Cisco | ACCESS CONTROL |
| Citrix ADC - NTP - Synchronization | Tenable Best Practice Citrix ADC v1.0.0 | Citrix_Application_Delivery | AUDIT AND ACCOUNTABILITY |
| Citrix ADC - System Parameters - FIPS mode | Tenable Best Practice Citrix ADC v1.0.0 | Citrix_Application_Delivery | SYSTEM AND COMMUNICATIONS PROTECTION |
| Citrix ADC - System Parameters - Idle Session Timeout | Tenable Best Practice Citrix ADC v1.0.0 | Citrix_Application_Delivery | ACCESS CONTROL |
| Citrix ADM - NTP - Synchronization | Tenable Best Practice Citrix ADM v1.0.0 | Citrix_Application_Delivery | AUDIT AND ACCOUNTABILITY |
| Citrix ADM - SSL - Settings - TLSv1.1 | Tenable Best Practice Citrix ADM v1.0.0 | Citrix_Application_Delivery | SYSTEM AND COMMUNICATIONS PROTECTION |
| Citrix ADM - System Settings - Session Timeout | Tenable Best Practice Citrix ADM v1.0.0 | Citrix_Application_Delivery | ACCESS CONTROL |
| DO3622-ORACLE11 - Oracle roles granted using the WITH ADMIN OPTION should not be granted to unauthorized accounts. | DISA STIG Oracle 11 Instance v9r1 Database | OracleDB | ACCESS CONTROL |
| EX13-EG-000235 - The Exchange Recipient filter must be enabled. | DISA Microsoft Exchange 2013 Edge Transport Server STIG v1r6 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| EX13-MB-000215 - The Exchange global inbound message size must be controlled. | DISA Microsoft Exchange 2013 Mailbox Server STIG v2r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX16-ED-000470 - The Exchange Recipient filter must be enabled. | DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r6 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| EX16-ED-000470 - The Exchange Recipient filter must be enabled. | DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r5 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| EX19-ED-000134 - The Exchange Recipient filter must be enabled. | DISA Microsoft Exchange 2019 Edge Server STIG v2r2 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Firewall Filter - Order terms with time sensitive protocols at the top | Juniper Hardening JunOS 12 Devices Checklist | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUNI-RT-000500 - The Juniper BGP router must be configured to reject inbound route advertisements from a customer edge (CE) Juniper router for prefixes that are not allocated to that customer - CE Juniper router. | DISA STIG Juniper Router RTR v3r2 | Juniper | ACCESS CONTROL |
| JUSX-DM-000087 - The Juniper SRX Services Gateway must have the number of rollbacks set to 5 or more. | DISA Juniper SRX Services Gateway NDM v3r2 | Juniper | CONFIGURATION MANAGEMENT |
| Management Services Security - Community strings and USM passwords should be difficult to guess and should follow a password policy | Juniper Hardening JunOS 12 Devices Checklist | Juniper | IDENTIFICATION AND AUTHENTICATION |
| O112-BP-022300 - System privileges granted using the WITH ADMIN OPTION must not be granted to unauthorized user accounts. | DISA STIG Oracle 11.2g v2r5 Database | OracleDB | CONFIGURATION MANAGEMENT |
| O112-BP-022500 - Oracle roles granted using the WITH ADMIN OPTION must not be granted to unauthorized accounts. | DISA STIG Oracle 11.2g v2r5 Database | OracleDB | CONFIGURATION MANAGEMENT |
| O121-BP-022300 - System privileges granted using the WITH ADMIN OPTION must not be granted to unauthorized user accounts. | DISA STIG Oracle 12c v3r2 Database | OracleDB | CONFIGURATION MANAGEMENT |
| Tenable_Best_Practices_Citrix_ADC_v1.0.0.audit from Tenable Best Practices | Tenable Best Practice Citrix ADC v1.0.0 | Citrix_Application_Delivery | |
| VCPG-67-000004 - VMware Postgres must be configured to overwrite older logs when necessary. | DISA STIG VMware vSphere 6.7 PostgreSQL v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| VCPG-70-000004 - VMware Postgres must be configured to overwrite older logs when necessary. | DISA STIG VMware vSphere 7.0 PostgreSQL v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| WatchGuard : DDoS Prevention - Distributed Denial-of-Service Prevention - Per Server Quota | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | SYSTEM AND COMMUNICATIONS PROTECTION |
| WatchGuard : ICMP Error Handling - 'network-unreachable' | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | SYSTEM AND COMMUNICATIONS PROTECTION |
| WatchGuard : IPS Logging Threat Level Critical - Enabled | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | AUDIT AND ACCOUNTABILITY |
| WatchGuard : NTP Enabled | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | AUDIT AND ACCOUNTABILITY |
| WBSP-AS-000960 - The WebSphere Application Server must be run as a non-admin user. | DISA IBM WebSphere Traditional 9 Windows STIG v1r1 | Windows | CONFIGURATION MANAGEMENT |
