| 1.2.3 Ensure 'Account lockout threshold' is set to '3 or fewer invalid logon attempt(s), but not 0' | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS | Windows | ACCESS CONTROL |
| 1.2.3 Ensure 'Account lockout threshold' is set to '3 or fewer invalid logon attempt(s), but not 0' | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC | Windows | ACCESS CONTROL |
| 1.2.3 Ensure 'Account lockout threshold' is set to '3 or fewer invalid logon attempt(s), but not 0' (STIG only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC | Windows | ACCESS CONTROL |
| 1.2.3 Ensure 'Account lockout threshold' is set to '3 or fewer invalid logon attempt(s), but not 0' (STIG only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS | Windows | ACCESS CONTROL |
| 1.7.6 Ensure GDM automatic mounting of removable media is disabled | CIS Ubuntu Linux 24.04 LTS v1.0.0 L1 Server | Unix | MEDIA PROTECTION |
| 1.7.8 Ensure GDM autorun-never is enabled | CIS Debian Linux 12 v1.1.0 L1 Server | Unix | MEDIA PROTECTION |
| 1.7.8 Ensure GDM autorun-never is enabled | CIS Debian Linux 12 v1.1.0 L1 Workstation | Unix | MEDIA PROTECTION |
| 2.3.9.5 (L1) Ensure 'Microsoft network server: Server SPN target name validation level' is set to 'Accept if provided by client' or higher | CIS Microsoft Windows Server 2019 Stand-alone v2.0.0 L1 MS | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.3.9.5 (L1) Ensure 'Microsoft network server: Server SPN target name validation level' is set to 'Accept if provided by client' or higher (MS only) | CIS Windows Server 2012 R2 MS L1 v3.0.0 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.3.9.5 (L1) Ensure 'Microsoft network server: Server SPN target name validation level' is set to 'Accept if provided by client' or higher (MS only) | CIS Microsoft Windows Server 2022 v4.0.0 L1 MS | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.3.9.5 (L1) Ensure 'Microsoft network server: Server SPN target name validation level' is set to 'Accept if provided by client' or higher (MS only) | CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1 | Windows | CONFIGURATION MANAGEMENT |
| 2.3.9.5 (L1) Ensure 'Microsoft network server: Server SPN target name validation level' is set to 'Accept if provided by client' or higher (MS only) | CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MS | Windows | CONFIGURATION MANAGEMENT |
| 2.3.9.5 (L1) Ensure 'Microsoft network server: Server SPN target name validation level' is set to 'Accept if provided by client' or higher (MS only) | CIS Microsoft Windows Server 2016 v3.0.0 L1 MS | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.3.9.5 (L1) Ensure 'Microsoft network server: Server SPN target name validation level' is set to 'Accept if provided by client' or higher (MS only) | CIS Microsoft Windows Server 2025 v1.0.0 L1 MS | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.3.9.5 Ensure 'Microsoft network server: Server SPN target name validation level' is set to 'Accept if provided by client' or higher (MS only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Member Server | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.3.9.5 Ensure 'Microsoft network server: Server SPN target name validation level' is set to 'Accept if provided by client' or higher (MS only) | CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 MS | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.3.9.5 Ensure 'Microsoft network server: Server SPN target name validation level' is set to 'Accept if provided by client' or higher (MS only) | CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 MS | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 3.1 Ensure the Apache Web Server Runs As a Non-Root User - 'apache account is configured' | CIS Apache HTTP Server 2.2 L1 v3.6.0 | Unix | ACCESS CONTROL |
| 3.1 Ensure the Apache Web Server Runs As a Non-Root User - 'apache account is configured' | CIS Apache HTTP Server 2.2 L1 v3.6.0 Middleware | Unix | ACCESS CONTROL |
| 3.1 Ensure the Apache Web Server Runs As a Non-Root User - 'apache account is configured' | CIS Apache HTTP Server 2.2 L2 v3.6.0 | Unix | ACCESS CONTROL |
| 3.1 Ensure the Apache Web Server Runs As a Non-Root User - 'httpd services are running as apache user' | CIS Apache HTTP Server 2.2 L2 v3.6.0 | Unix | ACCESS CONTROL |
| 3.1 Ensure the Apache Web Server Runs As a Non-Root User - 'httpd services are running as apache user' | CIS Apache HTTP Server 2.2 L1 v3.6.0 | Unix | ACCESS CONTROL |
| 3.1 Ensure the Apache Web Server Runs As a Non-Root User - 'httpd.conf Group = apache' | CIS Apache HTTP Server 2.2 L1 v3.6.0 | Unix | ACCESS CONTROL |
| 3.1 Ensure the Apache Web Server Runs As a Non-Root User - 'httpd.conf Group = apache' | CIS Apache HTTP Server 2.2 L2 v3.6.0 | Unix | ACCESS CONTROL |
| 3.1 Ensure the Apache Web Server Runs As a Non-Root User - 'httpd.conf Group = apache' | CIS Apache HTTP Server 2.2 L1 v3.6.0 Middleware | Unix | ACCESS CONTROL |
| 3.1 Ensure the Apache Web Server Runs As a Non-Root User - 'httpd.conf User = apache' | CIS Apache HTTP Server 2.2 L1 v3.6.0 | Unix | ACCESS CONTROL |
| 3.1 Ensure the Apache Web Server Runs As a Non-Root User - 'httpd.conf User = apache' | CIS Apache HTTP Server 2.2 L1 v3.6.0 Middleware | Unix | ACCESS CONTROL |
| 3.1 Ensure the Apache Web Server Runs As a Non-Root User - 'httpd.conf User = apache' | CIS Apache HTTP Server 2.2 L2 v3.6.0 | Unix | ACCESS CONTROL |
| 7.2.10 (L1) Ensure reauthentication with verification code is restricted | CIS Microsoft 365 Foundations v5.0.0 L1 E3 | microsoft_azure | IDENTIFICATION AND AUTHENTICATION |
| 7.2.10 (L1) Ensure reauthentication with verification code is restricted | CIS Microsoft 365 Foundations v5.0.0 L1 E5 | microsoft_azure | IDENTIFICATION AND AUTHENTICATION |
| 18.5.19.2.1 (L2) Disable IPv6 (Ensure TCPIP6 Parameter 'DisabledComponents' is set to '0xff (255)') | CIS Microsoft Windows Server 2008 R2 Member Server Level 2 v3.3.1 | Windows | CONFIGURATION MANAGEMENT |
| 18.5.19.2.1 (L2) Disable IPv6 (Ensure TCPIP6 Parameter 'DisabledComponents' is set to '0xff (255)') | CIS Microsoft Windows Server 2008 R2 Domain Controller Level 2 v3.3.1 | Windows | CONFIGURATION MANAGEMENT |
| 18.5.19.2.1 (L2) Disable IPv6 (Ensure TCPIP6 Parameter 'DisabledComponents' is set to '0xff (255)') | CIS Microsoft Windows Server 2008 Domain Controller Level 2 v3.3.1 | Windows | CONFIGURATION MANAGEMENT |
| 18.6.19.2.1 (L2) Disable IPv6 (Ensure TCPIP6 Parameter 'DisabledComponents' is set to '0xff (255)') | CIS Microsoft Windows 10 Stand-alone v3.0.0 L2 NG | Windows | CONFIGURATION MANAGEMENT |
| 18.6.19.2.1 (L2) Disable IPv6 (Ensure TCPIP6 Parameter 'DisabledComponents' is set to '0xff (255)') | CIS Windows Server 2012 DC L2 v3.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.6.19.2.1 (L2) Disable IPv6 (Ensure TCPIP6 Parameter 'DisabledComponents' is set to '0xff (255)') | CIS Windows Server 2012 MS L2 v3.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.6.19.2.1 (L2) Disable IPv6 (Ensure TCPIP6 Parameter 'DisabledComponents' is set to '0xff (255)') | CIS Microsoft Windows Server 2019 v3.0.1 L2 DC | Windows | CONFIGURATION MANAGEMENT |
| 18.6.19.2.1 (L2) Disable IPv6 (Ensure TCPIP6 Parameter 'DisabledComponents' is set to '0xff (255)') | CIS Microsoft Windows Server 2019 Stand-alone v2.0.0 L2 MS | Windows | CONFIGURATION MANAGEMENT |
| 18.6.19.2.1 (L2) Disable IPv6 (Ensure TCPIP6 Parameter 'DisabledComponents' is set to '0xff (255)') | CIS Windows Server 2012 R2 DC L2 v3.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.6.19.2.1 Disable IPv6 (Ensure TCPIP6 Parameter 'DisabledComponents' is set to '0xff (255)') | CIS Microsoft Windows Server 2016 STIG v3.0.0 L2 DC | Windows | CONFIGURATION MANAGEMENT |
| 18.6.19.2.1 Disable IPv6 (Ensure TCPIP6 Parameter 'DisabledComponents' is set to '0xff (255)') | CIS Microsoft Windows Server 2016 STIG v3.0.0 L2 MS | Windows | CONFIGURATION MANAGEMENT |
| 18.6.19.2.1 Disable IPv6 (Ensure TCPIP6 Parameter 'DisabledComponents' is set to '0xff (255)') | CIS Microsoft Windows Server 2022 STIG v2.0.0 L2 Domain Controller | Windows | CONFIGURATION MANAGEMENT |
| 18.6.19.2.1 Disable IPv6 (Ensure TCPIP6 Parameter 'DisabledComponents' is set to '0xff (255)') | CIS Microsoft Windows Server 2022 STIG v2.0.0 L2 Member Server | Windows | CONFIGURATION MANAGEMENT |
| 18.9.24.1 (L1) Ensure 'EMET 5.52' or higher is installed | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 18.9.24.1 Ensure 'EMET 5.52' or higher is installed | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 18.9.24.1 Ensure 'EMET 5.52' or higher is installed | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 18.9.100.1 Ensure 'Turn on PowerShell Script Block Logging' is set to 'Enabled' | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS | Windows | AUDIT AND ACCOUNTABILITY |
| CIS Control 1 (1.6) Ensure that unauthorized assets are removed, quarantined or the inventory is updated | CAS Implementation Group 1 Audit File | Unix | CONFIGURATION MANAGEMENT |
| CIS_Cisco_Firewall_v8.x_Level_1_v4.2.0.audit for Cisco ASA 8 from CIS Cisco Firewall v8.x Benchmark v4.2.0 | CIS Cisco Firewall v8.x L1 v4.2.0 | Cisco | |
| CIS_Cisco_Firewall_v8.x_Level_1_v4.2.0.audit for Cisco Firewall v8.x from CIS Cisco Firewall v8.x Benchmark v4.2.0 | CIS Cisco Firewall v8.x L1 v4.2.0 | Cisco | |
