| 1.2 Ensure Snowflake SCIM integration is configured to automatically provision and deprovision users and groups (i.e. roles) | CIS Snowflake Foundations v1.0.0 L2 | Snowflake | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 1.3.8 Ensure 'New Password Differs By Characters' is greater than or equal to 3 | CIS Palo Alto Firewall 8 Benchmark L1 v1.0.0 | Palo_Alto | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 1.6.4 Configure NTP Authentication | CIS Cisco NX-OS v1.2.0 L2 | Cisco | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.6 (L1) Ensure 'Allow log on through Remote Desktop Services' is set to 'Administrators, Remote Desktop Users' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 2.2.7 Ensure 'Back up files and directories' is set to 'Administrators' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2.10 Ensure 'Create a pagefile' is set to 'Administrators' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2.12 Ensure 'Create global objects' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2.15 Ensure 'Debug programs' is set to 'Administrators' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2.21 Ensure 'Enable computer and user accounts to be trusted for delegation' is set to 'No One' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2.22 Ensure 'Force shutdown from a remote system' is set to 'Administrators' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2.25 Ensure 'Increase scheduling priority' is set to 'Administrators' - Administrators | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2.25 Ensure 'Increase scheduling priority' is set to 'Administrators' - Window Manager\Window Manager Group' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2.26 Ensure 'Load and unload device drivers' is set to 'Administrators' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2.30 Ensure 'Manage auditing and security log' is set to 'Administrators' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.3.7.7 (L2) Ensure 'Interactive logon: Number of previous logons to cache (in case domain controller is not available)' is set to '4 or fewer logon(s)' | CIS Microsoft Windows 8.1 v2.4.1 L2 | Windows | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| 2.3.7.7 (L2) Ensure 'Interactive logon: Number of previous logons to cache (in case domain controller is not available)' is set to '4 or fewer logon(s)' | CIS Microsoft Windows 8.1 v2.4.1 L2 Bitlocker | Windows | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| 2.5 Ensure that the User-ID Agent has minimal permissions if User-ID is enabled | CIS Palo Alto Firewall 8 Benchmark L1 v1.0.0 | Palo_Alto | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| 2.14 Ensure containers are restricted from acquiring new privileges | CIS Docker v1.7.0 L1 Docker - Linux | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 4.04 init.ora - 'remote_os_roles = FALSE' | CIS v1.1.0 Oracle 11g OS Windows Level 1 | Windows | ACCESS CONTROL |
| 4.6 Ensure only authorized users and groups belong to the esxAdminsGroup group | CIS VMware ESXi 6.7 v1.3.0 Level 1 | VMware | ACCESS CONTROL |
| 4.08 init.ora - 'os_roles = FALSE' | CIS v1.1.0 Oracle 11g OS L1 | Unix | ACCESS CONTROL |
| 4.08 init.ora - 'os_roles = FALSE' | CIS v1.1.0 Oracle 11g OS Windows Level 1 | Windows | ACCESS CONTROL |
| 6.8 Ensure that a 'Custom banned password list' is set to 'Enforce' | CIS Microsoft Azure Foundations v4.0.0 L1 | microsoft_azure | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 17.8.1 (L1) Ensure 'Audit Sensitive Privilege Use' is set to 'Success and Failure' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 18.9.85.1 (L1) Ensure 'Allow user control over installs' is set to 'Disabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.9.85.2 (L1) Ensure 'Always install with elevated privileges' is set to 'Disabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| 19.7.41.1 (L1) Ensure 'Always install with elevated privileges' is set to 'Disabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| Big Sur - Enforce Auto Logout After 24 Hours of Inactivity | NIST macOS Big Sur v1.4.0 - CNSSI 1253 | Unix | ACCESS CONTROL |
| Big Sur - Enforce Auto Logout After 24 Hours of Inactivity | NIST macOS Big Sur v1.4.0 - 800-53r5 High | Unix | ACCESS CONTROL |
| Big Sur - Enforce Auto Logout After 24 Hours of Inactivity | NIST macOS Big Sur v1.4.0 - 800-53r4 High | Unix | ACCESS CONTROL |
| Big Sur - Enforce Auto Logout After 24 Hours of Inactivity | NIST macOS Big Sur v1.4.0 - All Profiles | Unix | ACCESS CONTROL |
| Big Sur - Enforce Auto Logout After 24 Hours of Inactivity | NIST macOS Big Sur v1.4.0 - 800-171 | Unix | ACCESS CONTROL |
| Big Sur - Enforce Auto Logout After 24 Hours of Inactivity | NIST macOS Big Sur v1.4.0 - 800-53r5 Moderate | Unix | ACCESS CONTROL |
| Catalina - Enforce Auto Logout After 24 Hours of Inactivity | NIST macOS Catalina v1.5.0 - 800-171 | Unix | ACCESS CONTROL |
| Catalina - Enforce Auto Logout After 24 Hours of Inactivity | NIST macOS Catalina v1.5.0 - 800-53r4 Moderate | Unix | ACCESS CONTROL |
| Catalina - Enforce Auto Logout After 24 Hours of Inactivity | NIST macOS Catalina v1.5.0 - 800-53r5 High | Unix | ACCESS CONTROL |
| Catalina - Enforce Auto Logout After 24 Hours of Inactivity | NIST macOS Catalina v1.5.0 - CNSSI 1253 | Unix | ACCESS CONTROL |
| Catalina - Enforce Auto Logout After 24 Hours of Inactivity | NIST macOS Catalina v1.5.0 - 800-53r5 Moderate | Unix | ACCESS CONTROL |
| Catalina - Enforce Auto Logout After 24 Hours of Inactivity | NIST macOS Catalina v1.5.0 - All Profiles | Unix | ACCESS CONTROL |
| HP ProCurve - 'Secure Management VLAN is configured' | TNS HP ProCurve | HPProCurve | ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| HP ProCurve - 'Secure Management VLAN is enabled' | TNS HP ProCurve | HPProCurve | ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| Monterey - Automatically Remove or Disable Temporary or Emergency User Accounts within 72 Hours | NIST macOS Monterey v1.0.0 - 800-53r4 High | Unix | ACCESS CONTROL |
| Monterey - Automatically Remove or Disable Temporary or Emergency User Accounts within 72 Hours | NIST macOS Monterey v1.0.0 - 800-53r5 Moderate | Unix | ACCESS CONTROL |
| Monterey - Automatically Remove or Disable Temporary or Emergency User Accounts within 72 Hours | NIST macOS Monterey v1.0.0 - All Profiles | Unix | ACCESS CONTROL |
| Monterey - Enforce Auto Logout After 24 Hours of Inactivity | NIST macOS Monterey v1.0.0 - 800-171 | Unix | ACCESS CONTROL |
| Monterey - Enforce Auto Logout After 24 Hours of Inactivity | NIST macOS Monterey v1.0.0 - 800-53r5 High | Unix | ACCESS CONTROL |
| Monterey - Enforce Auto Logout After 24 Hours of Inactivity | NIST macOS Monterey v1.0.0 - All Profiles | Unix | ACCESS CONTROL |
| Monterey - Enforce Auto Logout After 24 Hours of Inactivity | NIST macOS Monterey v1.0.0 - 800-53r4 Moderate | Unix | ACCESS CONTROL |
| Monterey - Enforce Auto Logout After 24 Hours of Inactivity | NIST macOS Monterey v1.0.0 - 800-53r5 Moderate | Unix | ACCESS CONTROL |
| Monterey - Enforce Auto Logout After 24 Hours of Inactivity | NIST macOS Monterey v1.0.0 - CNSSI 1253 | Unix | ACCESS CONTROL |
