| 2.3.27.7 Ensure 'Automation Security' is set to 'Enabled: Disable Macros by default' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 2.3.27.11 Ensure 'Disable password to open UI' is set to 'Disabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.3.31.2 Ensure 'Suppress external signature services menu item' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 4.2 Enable Auditing of Incoming Network Connections | CIS Oracle Solaris 11.4 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.4 Enable Auditing of Process and Privilege Events | CIS Oracle Solaris 11.4 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 6.1.1 Ensure that 'security defaults' is enabled in Microsoft Entra ID | CIS Microsoft Azure Foundations v4.0.0 L1 | microsoft_azure | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 7.5 Firewall Consideration | CIS Apple macOS 10.12 L2 v1.2.0 | Unix | CONFIGURATION MANAGEMENT |
| 7.5 Firewall Consideration | CIS Apple OSX 10.9 L2 v1.3.0 | Unix | |
| ActiveX Control Initialization | MSCT M365 Apps for enterprise 2412 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| ActiveX Control Initialization | MSCT Office 2016 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| ActiveX Control Initialization | MSCT Office 365 ProPlus 1908 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| ActiveX Control Initialization | Microsoft 365 Apps for Enterprise 2306 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| ActiveX Control Initialization | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Automation Security | MSCT Microsoft 365 Apps for Enterprise 2206 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Automation Security | MSCT Office 2016 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Automation Security | MSCT Office 365 ProPlus 1908 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Automation Security | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Automation Security | MSCT M365 Apps for enterprise 2412 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Automation Security | Microsoft 365 Apps for Enterprise 2306 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Automation Security | MSCT M365 Apps for enterprise 2312 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| CIS_Microsoft_Windows_10_Stand-alone_v4.0.0_L1.audit from CIS Microsoft Windows 10 Stand-alone Benchmark v4.0.0 | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 | Windows | |
| CIS_Microsoft_Windows_10_Stand-alone_v4.0.0_L2.audit from CIS Microsoft Windows 10 Stand-alone Benchmark v4.0.0 | CIS Microsoft Windows 10 Stand-alone v4.0.0 L2 | Windows | |
| CIS_Microsoft_Windows_11_Stand-alone_v4.0.0_L1.audit from CIS Microsoft Windows 11 Stand-alone Benchmark v4.0.0 | CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 | Windows | |
| CIS_Microsoft_Windows_11_Stand-alone_v4.0.0_L2.audit from CIS Microsoft Windows 11 Stand-alone Benchmark v4.0.0 | CIS Microsoft Windows 11 Stand-alone v4.0.0 L2 | Windows | |
| CIS_Microsoft_Windows_Server_2022_Stand-alone_v1.0.0_NG_MS.audit from CIS Microsoft Windows Server 2022 Stand-alone Benchmark v1.0.0 | CIS Microsoft Windows Server 2022 Stand-alone v1.0.0 NG MS | Windows | |
| DTOO127 - Add-ins to Office applications must be signed by a Trusted Publisher. | DISA STIG Microsoft Excel 2016 v2r1 | Windows | CONFIGURATION MANAGEMENT |
| DTOO139 - The Save commands default file format must be configured. | DISA STIG Microsoft Word 2016 v1r1 | Windows | CONFIGURATION MANAGEMENT |
| DTOO193 - Office System - Automation Security to enforce macro level security in Office documents must be configured. | DISA STIG Office System 2010 v1r13 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO204 - Office System - External Signature Services Menu for Office must be suppressed. | DISA STIG Office System 2010 v1r13 | Windows | CONFIGURATION MANAGEMENT |
| DTOO218 - Level of calendar details that a user can publish must be restricted. | DISA STIG Microsoft Outlook 2013 v1r14 | Windows | CONFIGURATION MANAGEMENT |
| DTOO292 - Document behavior if file validation fails must be set - DisableEditFromPV | DISA STIG Microsoft Excel 2013 v1r8 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO292 - Document behavior if file validation fails must be set - OpenInProtectedView | DISA STIG Microsoft Excel 2013 v1r8 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO292 - Document behavior if file validation fails must be set. | DISA STIG Microsoft PowerPoint 2013 v1r7 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO408 - Office Presentation Service must be removed as an option for presenting PowerPoint and Word online. | DISA Microsoft Office System 2016 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
| EX19-MB-000147 - The Exchange malware scanning agent must be configured for automatic updates. | DISA Microsoft Exchange 2019 Mailbox Server STIG v2r2 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| MS.AAD.5.2v1 - Only administrators SHALL be allowed to consent to applications. | CISA SCuBA Microsoft 365 Entra ID v1.5.0 | microsoft_azure | ACCESS CONTROL, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| O365-CO-000014 - Add-on Management must be enabled for all Office 365 ProPlus programs. | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| O365-CO-000015 - Consistent MIME handling must be enabled for all Office 365 ProPlus programs. | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | IDENTIFICATION AND AUTHENTICATION |
| O365-CO-000016 - User name and password must be disabled in all Office programs. | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| O365-CO-000017 - The Information Bar must be enabled in all Office programs. | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| O365-CO-000018 - The Local Machine Zone Lockdown Security must be enabled in all Office programs. | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | CONFIGURATION MANAGEMENT |
| O365-CO-000020 - Navigate URL must be enabled in all Office programs. | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| O365-CO-000021 - Object Caching Protection must be enabled in all Office programs. | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | IDENTIFICATION AND AUTHENTICATION |
| O365-CO-000022 - Protection from zone elevation must be enabled in all Office programs. | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| O365-CO-000024 - File Download Restriction must be enabled in all Office programs. | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| O365-CO-000025 - The Save from URL feature must be enabled in all Office programs. | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| O365-CO-000026 - Scripted Windows Security restrictions must be enabled in all Office programs. | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Require that application add-ins are signed by Trusted Publisher - excel | MSCT M365 Apps for enterprise 2312 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Require that application add-ins are signed by Trusted Publisher - excel | MSCT M365 Apps for enterprise 2412 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Require that application add-ins are signed by Trusted Publisher - requireaddinsig - excel | MSCT Microsoft 365 Apps for Enterprise 2206 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
