| 1.5 Ensure Data Cluster Initialized Successfully | CIS PostgreSQL 10 OS v1.0.0 | Unix | ACCESS CONTROL |
| 1.5 Ensure Data Cluster Initialized Successfully | CIS PostgreSQL 9.5 OS v1.1.0 | Unix | ACCESS CONTROL |
| 1.5 Ensure Data Cluster Initialized Successfully | CIS PostgreSQL 9.6 DB v1.0.0 | PostgreSQLDB | ACCESS CONTROL |
| 1.5 Ensure Data Cluster Initialized Successfully | CIS PostgreSQL 11 OS v1.0.0 | Unix | ACCESS CONTROL |
| 2.3.5 Ensure LDAP client is not installed | CIS Debian 8 Workstation L1 v2.0.2 | Unix | CONFIGURATION MANAGEMENT |
| 2.3.5 Ensure LDAP client is not installed | CIS Debian 8 Server L1 v2.0.2 | Unix | CONFIGURATION MANAGEMENT |
| 2.3.17.4 Ensure 'User Account Control: Detect application installations and prompt for elevation' is set to 'Enabled' | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS | Windows | ACCESS CONTROL |
| 3.1.10 Secure the Java Development Kit Installation Path (JDK_PATH) | CIS IBM DB2 11 v1.1.0 Linux OS Level 1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 3.1.10 Secure the Java Development Kit Installation Path (JDK_PATH) | CIS IBM DB2 11 v1.1.0 Windows OS Level 1 | Windows | ACCESS CONTROL, MEDIA PROTECTION |
| 3.2.1.14 Ensure 'Allow trusting new enterprise app authors' is set to 'Disabled' | AirWatch - CIS Apple iPadOS 17 Institutionally Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 3.2.1.14 Ensure 'Allow trusting new enterprise app authors' is set to 'Disabled' | AirWatch - CIS Apple iPadOS 18 v1.0.0 L1 Institutionally Owned | MDM | CONFIGURATION MANAGEMENT |
| 3.2.1.14 Ensure 'Allow trusting new enterprise app authors' is set to 'Disabled' | AirWatch - CIS Apple iOS 17 Institution Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 3.011 - The required legal notice must be configured to display before console logon. | DISA Windows Vista STIG v6r41 | Windows | ACCESS CONTROL |
| 3.063 - Unauthorized named pipes are accessible with anonymous credentials. | DISA Windows Vista STIG v6r41 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 8.3.11 Set 'Allow installation of desktop items' to 'Enabled:Disable' | CIS IE 11 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 19.7.45.2.1 (L2) Ensure 'Prevent Codec Download' is set to 'Enabled' | CIS Microsoft Windows 8.1 v2.4.1 L2 Bitlocker | Windows | CONFIGURATION MANAGEMENT |
| AIOS-18-014900 - Apple iOS/iPadOS 18 must disable the installation of alternative marketplace apps. | AirWatch - DISA Apple iOS/iPadOS 18 v1r1 | MDM | CONFIGURATION MANAGEMENT |
| AS24-W1-000270 - The Apache web server must provide install options to exclude the installation of documentation, sample code, example applications, and tutorials. | DISA STIG Apache Server 2.4 Windows Server v3r3 | Windows | CONFIGURATION MANAGEMENT |
| AS24-W1-000270 - The Apache web server must provide install options to exclude the installation of documentation, sample code, example applications, and tutorials. | DISA STIG Apache Server 2.4 Windows Server v2r3 | Windows | CONFIGURATION MANAGEMENT |
| DTAVSEL-205 - A notification mechanism or process must be in place to notify Administrators of out of date DAT, detected malware and error codes - includeOdsTasks | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-205 - A notification mechanism or process must be in place to notify Administrators of out of date DAT, detected malware and error codes - programsAlert | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-205 - A notification mechanism or process must be in place to notify Administrators of out of date DAT, detected malware and error codes - SMTP port | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| Ensure packet fragments are restricted for untrusted interfaces | Tenable Cisco Firepower Threat Defense Best Practices Audit | Cisco_Firepower | SYSTEM AND COMMUNICATIONS PROTECTION |
| EP11-00-003300 - The EDB Postgres Advanced Server software installation account must be restricted to authorized users. | EDB PostgreSQL Advanced Server v11 DB Audit v2r4 | PostgreSQLDB | CONFIGURATION MANAGEMENT |
| FireEye - AAA LDAP binding user should not be an admin | TNS FireEye | FireEye | ACCESS CONTROL |
| FireEye - AAA user mapping source | TNS FireEye | FireEye | CONFIGURATION MANAGEMENT |
| FireEye - FENet patch updates are applied automatically | TNS FireEye | FireEye | SYSTEM AND INFORMATION INTEGRITY |
| FireEye - FireEye Web MPS version | TNS FireEye | FireEye | CONFIGURATION MANAGEMENT |
| FireEye - Greylist URL list | TNS FireEye | FireEye | AUDIT AND ACCOUNTABILITY |
| FireEye - Inline blocking mode configuration | TNS FireEye | FireEye | SYSTEM AND COMMUNICATIONS PROTECTION |
| FireEye - Inline blocking network whitelists | TNS FireEye | FireEye | SYSTEM AND COMMUNICATIONS PROTECTION |
| FireEye - Inline blocking signature policy exceptions | TNS FireEye | FireEye | SYSTEM AND COMMUNICATIONS PROTECTION |
| FireEye - Interface configuration | TNS FireEye | FireEye | SYSTEM AND COMMUNICATIONS PROTECTION |
| FireEye - IPMI is enabled | TNS FireEye | FireEye | CONFIGURATION MANAGEMENT |
| FireEye - List patches | TNS FireEye | FireEye | SYSTEM AND INFORMATION INTEGRITY |
| FireEye - Workorder stats | TNS FireEye | FireEye | AUDIT AND ACCOUNTABILITY |
| MD3X-00-000250 - MongoDB software installation account must be restricted to authorized users. | DISA STIG MongoDB Enterprise Advanced 3.x v2r3 OS | Unix | CONFIGURATION MANAGEMENT |
| MD4X-00-002100 - MongoDB software installation account must be restricted to authorized users. | DISA STIG MongoDB Enterprise Advanced 4.x v1r4 OS | Unix | CONFIGURATION MANAGEMENT |
| PGS9-00-003200 - The PostgreSQL software installation account must be restricted to authorized users. | DISA STIG PostgreSQL 9.x on RHEL DB v2r5 | PostgreSQLDB | CONFIGURATION MANAGEMENT |
| PHTN-30-000061 - The Photon operating system YUM repository must cryptographically verify the authenticity of all software packages during installation. | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | CONFIGURATION MANAGEMENT |
| VCTR-67-000076 - The vCenter Server Administrator role must be secured and assigned to specific users other than a Windows Administrator. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VCWN-65-000030 - The vCenter Server for Windows Administrator role must be secured and assigned to specific users other than a Windows Administrator. | DISA STIG VMware vSphere vCenter 6.5 v2r3 | VMware | CONFIGURATION MANAGEMENT |
| VM Tools: guest-8.tools-enable-syslog | VMware vSphere Security Configuration and Hardening Guide | VMware | CONFIGURATION MANAGEMENT |
| WN10-00-000165 - The Server Message Block (SMB) v1 protocol must be disabled on the SMB server. | DISA Microsoft Windows 10 STIG v3r4 | Windows | CONFIGURATION MANAGEMENT |
| WN11-00-000165 - The Server Message Block (SMB) v1 protocol must be disabled on the SMB server. | DISA Microsoft Windows 11 STIG v2r3 | Windows | CONFIGURATION MANAGEMENT |
| WN12-00-000170 - The Server Message Block (SMB) v1 protocol must be disabled on the SMB server. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN16-00-000411 - The Server Message Block (SMB) v1 protocol must be disabled on the SMB server. | DISA Microsoft Windows Server 2016 STIG v2r10 | Windows | CONFIGURATION MANAGEMENT |
| WN19-00-000390 - Windows Server 2019 must have the Server Message Block (SMB) v1 protocol disabled on the SMB server. | DISA Microsoft Windows Server 2019 STIG v3r4 | Windows | CONFIGURATION MANAGEMENT |
| WPAW-00-000800 - A Windows update service must be available to provide software updates for the PAW platform. | DISA MS Windows Privileged Access Workstation v3r1 | Windows | CONFIGURATION MANAGEMENT |
| WPAW-00-002300 - The local Administrators group on the Windows PAW must only include groups with accounts specifically designated to administer the PAW. | DISA MS Windows Privileged Access Workstation v3r1 | Windows | CONFIGURATION MANAGEMENT |
