| 1.3.1 Ensure 'Minimum Password Complexity' is enabled | CIS Palo Alto Firewall 6 Benchmark L1 v1.0.0 | Palo_Alto | IDENTIFICATION AND AUTHENTICATION |
| 2.1.5 Point-in-Time Recovery | CIS MySQL 5.7 Community Database L2 v2.0.0 | MySQLDB | CONTINGENCY PLANNING |
| 2.1.5 Point-in-Time Recovery | CIS MySQL 5.6 Enterprise Database L2 v2.0.0 | MySQLDB | CONTINGENCY PLANNING |
| 2.1.6 Disaster Recovery (DR) Plan | CIS MySQL 5.6 Community Database L1 v2.0.0 | MySQLDB | CONTINGENCY PLANNING |
| 2.3.7.10 Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or 'Force Logoff' (STIG DC & MS only) | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS | Windows | ACCESS CONTROL |
| 2.7 Ensure AES Encryption Mode for AES_ENCRYPT/AES_DECRYPT is Configured Correctly | CIS MySQL 5.6 Enterprise Database L2 v2.0.0 | MySQLDB | SYSTEM AND SERVICES ACQUISITION |
| 2.7 Ensure AES Encryption Mode for AES_ENCRYPT/AES_DECRYPT is Configured Correctly | CIS MySQL 5.6 Community Database L2 v2.0.0 | MySQLDB | SYSTEM AND SERVICES ACQUISITION |
| 2.8 Lock Out Accounts if Not Currently in Use | CIS MySQL 5.7 Enterprise Database L2 v2.0.0 | MySQLDB | ACCESS CONTROL |
| 2.8 Lock Out Accounts if Not Currently in Use | CIS MySQL 5.7 Community Database L2 v2.0.0 | MySQLDB | ACCESS CONTROL |
| 2.10 Use Dual Passwords to Enable Higher Frequency Password Rotation | CIS MySQL 8.0 Community Database L2 v1.1.0 | MySQLDB | IDENTIFICATION AND AUTHENTICATION |
| 2.12 Ensure AES Encryption Mode for AES_ENCRYPT/AES_DECRYPT is Configured Correctly | CIS MySQL 8.0 Community Database L2 v1.1.0 | MySQLDB | SYSTEM AND SERVICES ACQUISITION |
| 2.13 Require Client-Side Certificates (X.509) | CIS MySQL 5.7 Community Database L2 v2.0.0 | MySQLDB | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.16 Require Client-Side Certificates (X.509) | CIS MySQL 8.0 Community Database L2 v1.1.0 | MySQLDB | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.1 Create a non-root user account for local admin access | CIS VMware ESXi 5.5 v1.2.0 Level 1 | VMware | |
| 4.1 Ensure 'Receive connector: Configure protocol logging' is set to 'Verbose' | CIS Microsoft Exchange Server 2019 L1 Mailbox v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 4.4 Defend against Denial of Service Attacks | CIS ISC BIND 9.0/9.5 v2.0.0 | Unix | |
| 4.10 Use MySQL TDE for At-Rest Data Encryption | CIS MySQL 5.7 Enterprise Database L2 v2.0.0 | MySQLDB | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.10 Use MySQL TDE for At-Rest Data Encryption | CIS MySQL 5.7 Community Database L2 v2.0.0 | MySQLDB | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.10 Use MySQL TDE for At-Rest Data Encryption | CIS MySQL 8.0 Community Database L2 v1.1.0 | MySQLDB | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.1 Disallow JavaScript's Ability to Change the Status Bar Text | CIS Mozilla Firefox 38 ESR Linux L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 5.1 Ensure that WildFire file size upload limits are maximized | CIS Palo Alto Firewall 10 v1.2.0 L1 | Palo_Alto | SYSTEM AND INFORMATION INTEGRITY |
| 5.1 Ensure that WildFire file size upload limits are maximized | CIS Palo Alto Firewall 6 Benchmark L1 v1.0.0 | Palo_Alto | CONFIGURATION MANAGEMENT |
| 5.1 Ensure that WildFire file size upload limits are maximized | CIS Palo Alto Firewall 8 Benchmark L1 v1.0.0 | Palo_Alto | SYSTEM AND INFORMATION INTEGRITY |
| 5.7.3 Apply Security Context to Your Pods and Containers | CIS Kubernetes v1.23 Benchmark v1.0.1 L2 Master | Unix | CONFIGURATION MANAGEMENT |
| 6.1.1 Ensure That a MySQL Database Instance Does Not Allow Anyone To Connect With Administrative Privileges | CIS Google Cloud Platform v3.0.0 L1 | GCP | IDENTIFICATION AND AUTHENTICATION |
| 6.3 Ensure 'log_error_verbosity' is Set to '2' | CIS MySQL 5.7 Enterprise Database L2 v2.0.0 | MySQLDB | AUDIT AND ACCOUNTABILITY |
| 6.3 Ensure 'log_warnings' Is Set to '2' | CIS MySQL 5.6 Enterprise Database L2 v2.0.0 | MySQLDB | AUDIT AND ACCOUNTABILITY |
| 6.3 Ensure 'log_warnings' is Set to '2' | CIS MySQL 5.6 Community Database L2 v2.0.0 | MySQLDB | AUDIT AND ACCOUNTABILITY |
| 6.6 Ensure ALL Events are Audited - audit_log_filter | CIS MySQL 5.7 Enterprise Database L2 v2.0.0 | MySQLDB | AUDIT AND ACCOUNTABILITY, IDENTIFICATION AND AUTHENTICATION |
| 6.6 Ensure ALL Events are Audited - audit_log_user | CIS MySQL 5.7 Enterprise Database L2 v2.0.0 | MySQLDB | AUDIT AND ACCOUNTABILITY, IDENTIFICATION AND AUTHENTICATION |
| 6.7 Set audit_log_strategy to SYNCHRONOUS or SEMISYNCRONOUS | CIS MySQL 5.7 Enterprise Database L2 v2.0.0 | MySQLDB | AUDIT AND ACCOUNTABILITY |
| 9.3 Ensure 'master_info_repository' Is Set to 'TABLE' | CIS MySQL 5.7 Enterprise Database L2 v2.0.0 | MySQLDB | CONFIGURATION MANAGEMENT |
| 9.3 Ensure 'master_info_repository' Is Set to 'TABLE' | CIS MySQL 5.7 Community Database L2 v2.0.0 | MySQLDB | CONFIGURATION MANAGEMENT |
| 9.3 Ensure 'master_info_repository' Is Set to 'TABLE' - TABLE | CIS MySQL 5.6 Enterprise Database L2 v2.0.0 | MySQLDB | CONFIGURATION MANAGEMENT |
| DO0120-ORACLE11 - The Oracle software installation account should not be granted excessive host system privileges - 'Oracle install account is not a member of the oracle group' | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | ACCESS CONTROL |
| DO0120-ORACLE11 - The Oracle software installation account should not be granted excessive host system privileges - 'Oracle service account is denied logon on locally right' | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | ACCESS CONTROL |
| DO0120-ORACLE11 - The Oracle software installation account should not be granted excessive host system privileges - 'Oracle services use appropriate service accounts' | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | ACCESS CONTROL |
| ESXi : config-snmp - 'snmp.receiver.X.community' | VMWare vSphere 6.0 Hardening Guide | VMware | IDENTIFICATION AND AUTHENTICATION |
| ESXi : config-snmp - 'snmp.receiver.X.enabled | VMWare vSphere 6.0 Hardening Guide | VMware | CONFIGURATION MANAGEMENT |
| GOOG-12-007200 - Google Android 12 must be configured to disable trust agents. | AirWatch - DISA Google Android 12 COBO v1r2 | MDM | IDENTIFICATION AND AUTHENTICATION |
| MYS8-00-000200 - MySQL Database Server 8.0 must limit the number of concurrent sessions to an organization-defined number per user for all accounts and/or account types. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | ACCESS CONTROL |
| MYS8-00-001800 - The MySQL Database Server 8.0 must be able to generate audit records when privileges/permissions are retrieved. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| MYS8-00-003200 - The MySQL Database Server 8.0 must generate audit records when privileges/permissions are deleted. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| MYS8-00-003800 - The MySQL Database Server 8.0 must generate audit records when successful logons or connections occur. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| MYS8-00-003900 - The MySQL Database Server 8.0 must generate audit records when unsuccessful logons or connection attempts occur. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| MYS8-00-004200 - The MySQL Database Server 8.0 must generate audit records showing starting and ending time for user access to the database(s). | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| MYS8-00-008100 - The MySQL Database Server 8.0 must protect its audit configuration from unauthorized modification. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| MYS8-00-011600 - The MySQL Database Server 8.0 must implement NIST FIPS 140-2 or 140-3 validated cryptographic modules to provision digital signatures. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| MYS8-00-011800 - The MySQL Database Server 8.0 must implement NIST FIPS 140-2 or 140-3 validated cryptographic modules to protect unclassified information requiring confidentiality and cryptographic protection, in accordance with the data owner's requirements. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| WPAW-00-002600 - If several PAWs are set up in virtual machines (VMs) on a host server, domain administrative accounts used to manage high-value IT resources must not have access to the VM host operating system (OS) (only domain administrative accounts designated to manage PAWs should be able to access the VM host OS). | DISA MS Windows Privileged Access Workstation v3r1 | Windows | CONFIGURATION MANAGEMENT |
