| 4.1.9 Ensure login and logout events are collected - auditctl faillog | CIS Distribution Independent Linux Workstation L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.9 Ensure login and logout events are collected - auditctl faillog | CIS Distribution Independent Linux Server L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.9 Ensure login and logout events are collected - auditctl lastlog | CIS Distribution Independent Linux Server L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.9 Ensure login and logout events are collected - auditctl lastlog | CIS Distribution Independent Linux Workstation L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.9 Ensure login and logout events are collected - auditctl tallylog | CIS Distribution Independent Linux Server L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.9 Ensure login and logout events are collected - auditctl tallylog | CIS Distribution Independent Linux Workstation L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.9 Ensure login and logout events are collected - faillog | CIS Distribution Independent Linux Server L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.9 Ensure login and logout events are collected - faillog | CIS Distribution Independent Linux Workstation L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.9 Ensure login and logout events are collected - lastlog | CIS Distribution Independent Linux Workstation L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.9 Ensure login and logout events are collected - tallylog | CIS Distribution Independent Linux Server L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.10 Ensure session initiation information is collected - auditctl btmp | CIS Distribution Independent Linux Server L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.10 Ensure session initiation information is collected - auditctl utmp | CIS Distribution Independent Linux Workstation L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.10 Ensure session initiation information is collected - auditctl utmp | CIS Distribution Independent Linux Server L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.10 Ensure session initiation information is collected - btmp | CIS Distribution Independent Linux Server L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.10 Ensure session initiation information is collected - utmp | CIS Distribution Independent Linux Server L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.10 Ensure session initiation information is collected - wtmp | CIS Distribution Independent Linux Server L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| AIOS-16-707500 - Apple iOS/iPadOS 16 must be configured to not display notifications when the device is locked. | MobileIron - DISA Apple iOS/iPadOS BYOAD 16 v1r1 | MDM | ACCESS CONTROL |
| AIOS-17-007500 - Apple iOS/iPadOS 17 must be configured to not display notifications when the device is locked. | MobileIron - DISA Apple iOS/iPadOS 17 v2r1 | MDM | ACCESS CONTROL |
| AIOS-17-707500 - Apple iOS/iPadOS 17 must be configured to not display notifications when the device is locked. | AirWatch - DISA Apple iOS/iPadOS 17 BYOAD v1r1 | MDM | ACCESS CONTROL |
| AIOS-17-707600 - Apple iOS/iPadOS 17 must not display notifications (calendar information) when the device is locked - calendar information when the device is locked. | AirWatch - DISA Apple iOS/iPadOS 17 BYOAD v1r1 | MDM | ACCESS CONTROL |
| APPL-11-000007 - The macOS system must be configured to disable hot corners - bottom left | DISA STIG Apple macOS 11 v1r5 | Unix | ACCESS CONTROL |
| APPL-11-000007 - The macOS system must be configured to disable hot corners - bottom right | DISA STIG Apple macOS 11 v1r8 | Unix | ACCESS CONTROL |
| APPL-13-000007 - The macOS system must be configured to disable hot corners. | DISA STIG Apple macOS 13 v1r5 | Unix | ACCESS CONTROL |
| APPL-15-000009 - The macOS system must prevent AdminHostInfo from being available at LoginWindow. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | ACCESS CONTROL |
| Big Sur - Enforce Screen Saver Timeout | NIST macOS Big Sur v1.4.0 - 800-53r4 Moderate | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Enforce Screen Saver Timeout | NIST macOS Big Sur v1.4.0 - 800-53r4 High | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Enforce Screen Saver Timeout | NIST macOS Big Sur v1.4.0 - CNSSI 1253 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Enforce Screen Saver Timeout | NIST macOS Big Sur v1.4.0 - 800-171 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Enforce Screen Saver Timeout | NIST macOS Big Sur v1.4.0 - 800-53r5 High | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Enforce Screen Saver Timeout | NIST macOS Big Sur v1.4.0 - 800-53r5 Moderate | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Enforce Screen Saver Timeout | NIST macOS Big Sur v1.4.0 - All Profiles | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Enforce Screen Saver Timeout | NIST macOS Big Sur v1.4.0 - 800-53r5 Low | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Catalina - Enforce Screen Saver Timeout | NIST macOS Catalina v1.5.0 - 800-53r4 Moderate | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Catalina - Enforce Screen Saver Timeout | NIST macOS Catalina v1.5.0 - 800-53r5 High | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Catalina - Enforce Screen Saver Timeout | NIST macOS Catalina v1.5.0 - 800-53r5 Low | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Catalina - Enforce Screen Saver Timeout | NIST macOS Catalina v1.5.0 - 800-53r4 High | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Catalina - Enforce Screen Saver Timeout | NIST macOS Catalina v1.5.0 - 800-53r5 Moderate | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Catalina - Enforce Screen Saver Timeout | NIST macOS Catalina v1.5.0 - CNSSI 1253 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Catalina - Enforce Screen Saver Timeout | NIST macOS Catalina v1.5.0 - 800-171 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Catalina - Enforce Screen Saver Timeout | NIST macOS Catalina v1.5.0 - All Profiles | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| GOOG-13-006800 - Google Android 13 must be configured to not display the following (work profile) notifications when the device is locked: | AirWatch - DISA Google Android 13 COPE v2r2 | MDM | ACCESS CONTROL |
| GOOG-13-006800 - Google Android 13 must be configured to not display the following (work profile) notifications when the device is locked: | MobileIron - DISA Google Android 13 COPE v2r2 | MDM | ACCESS CONTROL |
| GOOG-14-006800 - Google Android 14 must be configured to not display the following (work profile) notifications when the device is locked: | MobileIron - DISA Google Android 14 COBO v2r2 | MDM | ACCESS CONTROL |
| GOOG-14-006800 - Google Android 14 must be configured to not display the following (work profile) notifications when the device is locked: | AirWatch - DISA Google Android 14 COPE v2r2 | MDM | ACCESS CONTROL |
| GOOG-15-006800 - Google Android 15 must be configured to not display the following (work profile) notifications when the device is locked: | AirWatch - DISA Google Android 15 COPE v1r2 | MDM | ACCESS CONTROL |
| HONW-13-006800 - Honeywell Android 13 must be configured to not display the following (work profile) notifications when the device is locked: | AirWatch - DISA Honeywell Android 13 COPE v1r1 | MDM | ACCESS CONTROL |
| OL09-00-002106 - OL 9 must conceal, via the session lock, information previously visible on the display with a publicly viewable image. | DISA Oracle Linux 9 STIG v1r2 | Unix | ACCESS CONTROL |
| RHEL-09-271085 - RHEL 9 must conceal, via the session lock, information previously visible on the display with a publicly viewable image. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | ACCESS CONTROL |
| SLES-15-010140 - The SUSE operating system must conceal, via the session lock, information previously visible on the display with a publicly viewable image in the graphical user interface (GUI). | DISA SUSE Linux Enterprise Server 15 STIG v2r4 | Unix | ACCESS CONTROL |
| WN11-CC-000385 - Windows Ink Workspace must be configured to disallow access above the lock. | DISA Microsoft Windows 11 STIG v2r4 | Windows | ACCESS CONTROL |
