| 1.4.1.3 Ensure known default accounts do not exist | CIS Cisco Firewall v8.x L1 v4.2.0 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| 1.4.1.3 Ensure known default accounts do not exist | CIS Cisco ASA 9.x Firewall L1 v1.1.0 | Cisco | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 1.21 Ensure access to AWSCloudShellFullAccess is restricted | CIS Amazon Web Services Foundations v5.0.0 L1 | amazon_aws | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 2.1.1.4 Audit Security Keys Used With AppleIDs | CIS Apple macOS 14.0 Sonoma v2.0.0 L2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 2.9 Ensure SNS Topics do not Allow Everyone To Publish | CIS Amazon Web Services Three-tier Web Architecture L1 1.0.0 | amazon_aws | ACCESS CONTROL |
| 2.10 Ensure SNS Topics do not Allow Everyone To Subscribe | CIS Amazon Web Services Three-tier Web Architecture L1 1.0.0 | amazon_aws | ACCESS CONTROL |
| 4.3 Ensure 'CHECK_POLICY' Option is set to 'ON' for All SQL Authenticated Logins | CIS SQL Server 2016 Database L1 AWS RDS v1.4.0 | MS_SQLDB | IDENTIFICATION AND AUTHENTICATION |
| 4.3 Ensure 'CHECK_POLICY' Option is set to 'ON' for All SQL Authenticated Logins | CIS SQL Server 2017 Database L1 DB v1.3.0 | MS_SQLDB | IDENTIFICATION AND AUTHENTICATION |
| 4.3 Ensure 'CHECK_POLICY' Option is set to 'ON' for All SQL Authenticated Logins | CIS SQL Server 2022 Database L1 DB v1.1.0 | MS_SQLDB | IDENTIFICATION AND AUTHENTICATION |
| 6.20 Ensure Web tier Security Group has no inbound rules for CIDR of 0 (Global Allow) | CIS Amazon Web Services Three-tier Web Architecture L1 1.0.0 | amazon_aws | SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.23 Ensure App tier Security Group has no inbound rules for CIDR of 0 (Global Allow) | CIS Amazon Web Services Three-tier Web Architecture L1 1.0.0 | amazon_aws | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.7 Check Permissions on User Home Directories | CIS Solaris 11.2 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 9.8 Check Permissions on User "." (Hidden) Files | CIS Solaris 11.2 L1 v1.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 9.11 Check Groups in passwd(4) | CIS Solaris 11.1 L1 v1.0.0 | Unix | ACCESS CONTROL |
| 9.11 Check Permissions on User .netrc Files | CIS Oracle Solaris 11.4 L1 v1.1.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 9.13 Check That Defined Home Directories Exist | CIS Solaris 11.2 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 9.13 Check That Defined Home Directories Exist | CIS Solaris 11 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 9.14 Check User Home Directory Ownership | CIS Solaris 11.1 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 9.14 Check User Home Directory Ownership | CIS Solaris 11.2 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 9.22 Find World Writable Files | CIS Solaris 11.1 L1 v1.0.0 | Unix | ACCESS CONTROL |
| EX13-EG-000095 - Exchange Outbound Connection Timeout must be 10 minutes or less. | DISA Microsoft Exchange 2013 Edge Transport Server STIG v1r6 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX13-EG-000100 - Exchange Outbound Connection Limit per Domain Count must be controlled. | DISA Microsoft Exchange 2013 Edge Transport Server STIG v1r6 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX13-MB-000230 - The Exchange Outbound Connection Timeout must be 10 minutes or less. | DISA Microsoft Exchange 2013 Mailbox Server STIG v2r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX16-ED-000190 - Exchange Outbound Connection Timeout must be 10 minutes or less. | DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r5 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX16-ED-000200 - Exchange Outbound Connection Limit per Domain Count must be controlled. | DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r6 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX16-MB-000460 - The Exchange Outbound Connection Timeout must be 10 minutes or less. | DISA Microsoft Exchange 2016 Mailbox Server STIG v2r6 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| iOS Compliance Policy - Managed Email Profile Required | Tenable Best Practices for Microsoft Intune iOS v1.0 | microsoft_azure | ACCESS CONTROL |
| iOS Compliance Policy - Required password type | Tenable Best Practices for Microsoft Intune iOS v1.0 | microsoft_azure | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| iOS Device Management - Account modification | Tenable Best Practices for Microsoft Intune iOS v1.0 | microsoft_azure | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| iOS Device Management - Activation Lock | Tenable Best Practices for Microsoft Intune iOS v1.0 | microsoft_azure | ACCESS CONTROL |
| iOS Device Management - Backup to iCloud | Tenable Best Practices for Microsoft Intune iOS v1.0 | microsoft_azure | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| iOS Device Management - Bluetooth modification | Tenable Best Practices for Microsoft Intune iOS v1.0 | microsoft_azure | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| iOS Device Management - Control Center access while device locked | Tenable Best Practices for Microsoft Intune iOS v1.0 | microsoft_azure | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| iOS Device Management - Download content from iBook store flagged as 'Erotica' | Tenable Best Practices for Microsoft Intune iOS v1.0 | microsoft_azure | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| iOS Device Management - Encrypted backup | Tenable Best Practices for Microsoft Intune iOS v1.0 | microsoft_azure | ACCESS CONTROL |
| iOS Device Management - iCloud Photo Library | Tenable Best Practices for Microsoft Intune iOS v1.0 | microsoft_azure | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| iOS Device Management - Multiplayer gaming | Tenable Best Practices for Microsoft Intune iOS v1.0 | microsoft_azure | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| iOS Device Management - Notification Center access while device locked | Tenable Best Practices for Microsoft Intune iOS v1.0 | microsoft_azure | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| iOS Device Management - Notification settings modification | Tenable Best Practices for Microsoft Intune iOS v1.0 | microsoft_azure | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| iOS Device Management - Require AirPlay outgoing requests pairing password | Tenable Best Practices for Microsoft Intune iOS v1.0 | microsoft_azure | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| iOS Device Management - Safari Autofill | Tenable Best Practices for Microsoft Intune iOS v1.0 | microsoft_azure | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| iOS Device Management - Screen capture | Tenable Best Practices for Microsoft Intune iOS v1.0 | microsoft_azure | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| macOS Compliance Policy - Password expiration (days) | Tenable Best Practices for Microsoft Intune macOS v1.0 | microsoft_azure | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| macOS Device Management - Incoming connections | Tenable Best Practices for Microsoft Intune macOS v1.0 | microsoft_azure | ACCESS CONTROL |
| macOS Device Management - Maximum minutes of inactivity until screen locks | Tenable Best Practices for Microsoft Intune macOS v1.0 | microsoft_azure | ACCESS CONTROL |
| macOS Device Management - Number of previous passwords to prevent reuse | Tenable Best Practices for Microsoft Intune macOS v1.0 | microsoft_azure | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| macOS Device Management - Password | Tenable Best Practices for Microsoft Intune macOS v1.0 | microsoft_azure | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| macOS Device Management - Password expiration (days) | Tenable Best Practices for Microsoft Intune macOS v1.0 | microsoft_azure | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| WBSP-AS-000920 - The WebSphere Application Server files must be owned by the non-root WebSphere user ID. | DISA IBM WebSphere Traditional 9 STIG v1r1 | Unix | CONFIGURATION MANAGEMENT |
| WBSP-AS-000920 - The WebSphere Application Server files must be owned by the non-root WebSphere user ID. | DISA IBM WebSphere Traditional 9 STIG v1r1 Middleware | Unix | CONFIGURATION MANAGEMENT |
