| 1.5 Enable OS X update installs | CIS Apple OSX 10.11 El Capitan L1 v1.1.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.5 Enable OS X update installs | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.6 Ensure AppArmor is installed | CIS Google Container-Optimized OS v1.2.0 L1 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 2.1.1.2 Ensure chrony is configured | CIS Google Container-Optimized OS v1.2.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 2.1.4 Point-in-Time Recovery | CIS Oracle MySQL Community Server 8.4 v1.0.0 L2 Database | MySQLDB | CONTINGENCY PLANNING |
| 2.1.5 Point-in-Time Recovery | CIS Oracle MySQL Enterprise Edition 8.0 v1.4.0 L2 Database | MySQLDB | CONTINGENCY PLANNING |
| 2.4 Do Not Reuse Usernames | CIS MySQL 5.7 Community Database L1 v2.0.0 | MySQLDB | ACCESS CONTROL |
| 2.4 Do Not Reuse Usernames | CIS MySQL 5.7 Enterprise Database L1 v2.0.0 | MySQLDB | ACCESS CONTROL |
| 2.12 Ensure AES Encryption Mode for AES_ENCRYPT/AES_DECRYPT is Configured Correctly | CIS Oracle MySQL Enterprise Edition 8.0 v1.4.0 L2 Database | MySQLDB | SYSTEM AND SERVICES ACQUISITION |
| 2.16 Require Client-Side Certificates (X.509) | CIS Oracle MySQL Community Server 8.4 v1.0.0 L2 Database | MySQLDB | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.3.3 Ensure iptables is installed | CIS Google Container-Optimized OS v1.2.0 L1 Server | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.5 Configure Solaris Auditing - active audit policies | CIS Solaris 11.2 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.5 Configure Solaris Auditing - active non-attributable audit flags | CIS Solaris 11.2 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.5 Configure Solaris Auditing - active user default audit flags | CIS Solaris 11.2 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.5 Configure Solaris Auditing - audit condition=auditing | CIS Solaris 11.2 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.5 Configure Solaris Auditing - configured audit policies | CIS Solaris 11.2 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.5 Configure Solaris Auditing - configured non-attributable audit flags | CIS Solaris 11.2 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.5 Configure Solaris Auditing - configured user default audit flags | CIS Solaris 11.2 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.5 Configure Solaris Auditing - p_minfree | CIS Solaris 11.2 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.5 Configure Solaris Auditing - Plugin | CIS Solaris 11.2 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.5 Configure Solaris Auditing - userattr audit_flags root | CIS Solaris 11.2 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.10 Use MySQL TDE for At-Rest Data Encryption | CIS Oracle MySQL Enterprise Edition 8.0 v1.4.0 L2 Database | MySQLDB | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.1 (L1) Ensure the DCUI timeout is set to 600 seconds or less | CIS VMware ESXi 7.0 v1.4.0 L1 | VMware | ACCESS CONTROL |
| 5.1 Ensure 'Microsoft FTP Service (FTPSVC)' is set to 'Not Installed' (STIG only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC | Windows | CONFIGURATION MANAGEMENT |
| 5.1 Ensure 'Microsoft FTP Service (FTPSVC)' is set to 'Not Installed' (STIG only) | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC | Windows | CONFIGURATION MANAGEMENT |
| 5.1 Set 'Turn off Encryption Support' to 'Use TLS 1.1 and TLS 1.2' | CIS IE 11 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.6 Ensure ALL Events are Audited | CIS Oracle MySQL Enterprise Edition 8.0 v1.4.0 L2 Database | MySQLDB | AUDIT AND ACCOUNTABILITY |
| 7.3 Ensure 'sql_mode' Contains 'NO_AUTO_CREATE_USER' - '@@global.sql_mode' | CIS MySQL 5.7 Community Database L1 v2.0.0 | MySQLDB | PLANNING, SYSTEM AND SERVICES ACQUISITION |
| 7.3 Ensure 'sql_mode' Contains 'NO_AUTO_CREATE_USER' - '@@session.sql_mode' | CIS MySQL 5.7 Enterprise Database L1 v2.0.0 | MySQLDB | PLANNING, SYSTEM AND SERVICES ACQUISITION |
| CIS FreeBSD Benchmark v1.0.5 | CIS FreeBSD v1.0.5 | Unix | |
| CIS_Palo_Alto_Firewall_9_Benchmark_v1.1.0_L1.audit from CIS Palo Alto Firewall 9 Benchmark v1.1.0 | CIS Palo Alto Firewall 9 v1.1.0 L1 | Palo_Alto | |
| CIS_Palo_Alto_Firewall_10_Benchmark_v1.2.0_L1.audit from CIS Palo Alto Firewall 10 Benchmark v1.2.0 | CIS Palo Alto Firewall 10 v1.2.0 L1 | Palo_Alto | |
| DG0019-ORACLE11 - Application software should be owned by a Software Application account - 'Oracle home directory file permissions are correct' | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | CONFIGURATION MANAGEMENT |
| DG0019-ORACLE11 - Application software should be owned by a Software Application account. | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | CONFIGURATION MANAGEMENT |
| DG0195-ORACLE11 - DBMS production application and data directories should be protected from developers on shared production/development DBMS host systems. | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | ACCESS CONTROL |
| DO3539-ORACLE11 - The Oracle REMOTE_OS_ROLES parameter should be set to FALSE - 'remote_os_roles = false' | DISA STIG Oracle 11 Instance v9r1 Database | OracleDB | |
| JBOS-AS-000045 - Silent Authentication must be removed from the Default Application Security Realm. | DISA JBoss EAP 6.3 STIG v2r5 | Unix | ACCESS CONTROL |
| JBOS-AS-000240 - Remote access to JMX subsystem must be disabled. | DISA JBoss EAP 6.3 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| MADB-10-010600 - MariaDB must generate audit records when privileges/permissions are deleted. | DISA MariaDB Enterprise 10.x v2r3 DB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| MADB-10-010700 - MariaDB must generate audit records when unsuccessful attempts to delete privileges/permissions occur. | DISA MariaDB Enterprise 10.x v2r3 DB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| MADB-10-010900 - MariaDB must generate audit records when unsuccessful attempts to delete security objects occur. | DISA MariaDB Enterprise 10.x v2r3 DB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| MYS8-00-009300 - The MySQL Database Server 8.0 must produce audit records of its enforcement of access restrictions associated with changes to the configuration of the MySQL Database Server 8.0 or database(s). | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | CONFIGURATION MANAGEMENT |
| MYS8-00-010400 - The MySQL Database Server 8.0 must require users to reauthenticate when organization-defined circumstances or situations require reauthentication. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | IDENTIFICATION AND AUTHENTICATION |
| MYS8-00-011100 - The MySQL Database Server 8.0 must automatically terminate a user session after organization-defined conditions or trigger events requiring session disconnect. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | ACCESS CONTROL |
| O121-BP-022000 - The Oracle REMOTE_OS_ROLES parameter must be set to FALSE. | DISA STIG Oracle 12c v3r2 Database | OracleDB | CONFIGURATION MANAGEMENT |
| O121-BP-024100 - DBMS production application and data directories must be protected from developers on shared production/development DBMS host systems. | DISA STIG Oracle 12c v3r2 Database | OracleDB | CONFIGURATION MANAGEMENT |
| O121-BP-024100 - DBMS production application and data directories must be protected from developers on shared production/development DBMS host systems. | DISA STIG Oracle 12c v3r2 Windows | Windows | CONFIGURATION MANAGEMENT |
| O121-BP-024100 - DBMS production application and data directories must be protected from developers on shared production/development DBMS host systems. | DISA STIG Oracle 12c v3r2 Linux | Unix | CONFIGURATION MANAGEMENT |
| VMCH-06-000043 - The system must use templates to deploy VMs whenever possible. | DISA STIG VMware vSphere Virtual Machine 6.x v1r1 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-67-000020 - System administrators must use templates to deploy virtual machines whenever possible. | DISA STIG VMware vSphere 6.7 Virtual Machine v1r3 | VMware | CONFIGURATION MANAGEMENT |
