| 1.8 Ensure 'Attachment Filtering Agent' is configured | CIS Microsoft Exchange Server 2019 L1 Edge v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.2.1 Ensure X Window System is not installed | CIS Ubuntu Linux 18.04 LTS v2.2.0 L2 Server | Unix | CONFIGURATION MANAGEMENT |
| 2.2.1 Ensure xorg-x11-server-common is not installed | CIS Amazon Linux 2023 v1.0.0 L2 Server | Unix | CONFIGURATION MANAGEMENT |
| 2.2.2 Ensure X Window System is not installed | CIS Distribution Independent Linux Server L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.2.2 Ensure X11 Server components are not installed | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 2.2.2 Ensure X11 Server components are not installed | CIS SUSE Linux Enterprise 12 v3.2.1 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 2.2.2 Ensure X11 Server components are not installed | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 2.2.2 Ensure xorg-x11-server-common is not installed | CIS Fedora 28 Family Linux Server L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.2.5 Set 'logging trap informational' | CIS Cisco IOS 15 L1 v4.1.1 | Cisco | AUDIT AND ACCOUNTABILITY |
| 3.1.10 Secure the Java Development Kit Installation Path (JDK_PATH) | CIS IBM DB2 11 v1.2.0 Windows OS Level 1 | Windows | ACCESS CONTROL, MEDIA PROTECTION |
| 3.1.10 Secure the Java Development Kit Installation Path (JDK_PATH) | CIS IBM DB2 11 v1.2.0 Linux OS Level 1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 4.2.9 Ensure 'ocsp.enable' certificate revocation is set to 'true' | CIS IBM WebSphere Liberty v1.0.0 L1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.4.4 Ensure default user umask is 027 or more restrictive - /etc/login.defs | CIS Debian Family Server L1 v1.0.0 | Unix | ACCESS CONTROL |
| 5.4.4 Ensure default user umask is 027 or more restrictive - /etc/login.defs | CIS Debian Family Workstation L1 v1.0.0 | Unix | ACCESS CONTROL |
| 5.4.4 Ensure default user umask is 027 or more restrictive - /etc/pam.d/common-session | CIS Debian Family Workstation L1 v1.0.0 | Unix | ACCESS CONTROL |
| 5.4.4 Ensure default user umask is 027 or more restrictive - /etc/pam.d/common-session | CIS Debian Family Server L1 v1.0.0 | Unix | ACCESS CONTROL |
| 8.3.1 Set 'Java permissions' to 'Enabled:Disable Java' | CIS IE 11 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 8.4.1 Set 'Java permissions' to 'Enabled:Disable Java' | CIS IE 11 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 8.7.1 Set 'Java permissions' to 'Enabled:Disable Java' | CIS IE 11 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 8.8.1 Set 'Java permissions' to 'Enabled:Disable Java' | CIS IE 11 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 8.9.1 Set 'Java permissions' to 'Enabled:Disable Java' | CIS IE 11 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 8.10.1 Set 'Java permissions' to 'Enabled:Disable Java' | CIS IE 11 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| DISA_STIG_Crunchy_Data_PostgreSQL_v3r1_OS_Linux.audit from DISA Crunchy Data PostgreSQL v3r1 STIG | DISA STIG Crunchy Data PostgreSQL OS v3r1 | Unix | |
| DISA_STIG_Kubernetes_v2r5.audit from DISA Kubernetes v2r5 STIG | DISA STIG Kubernetes v2r5 | Unix | |
| DISA_STIG_Microsoft_Edge_v2r3.audit from DISA Microsoft Edge v2r3 STIG | DISA STIG Edge v2r3 | Windows | |
| DISA_STIG_Microsoft_Edge_v2r5.audit from DISA Microsoft Edge STIG v2r5 | DISA Microsoft Edge STIG v2r5 | Windows | |
| DISA_STIG_Microsoft_OneDrive_v2r4.audit from DISA Microsoft OneDrive v2r4 STIG | DISA STIG Microsoft OneDrive v2r4 | Windows | |
| DISA_STIG_Oracle_Database_11.2g_v2r5_Database.audit from DISA Oracle Database 11.2g v2r5 STIG | DISA STIG Oracle 11.2g v2r5 Database | OracleDB | |
| DISA_STIG_Oracle_Database_11.2g_v2r5_OS_Linux.audit from DISA Oracle Database 11.2g v2r5 STIG | DISA STIG Oracle 11.2g v2r5 Linux | Unix | |
| DISA_STIG_Oracle_Database_11.2g_v2r5_OS_Windows.audit from DISA Oracle Database 11.2g v2r5 STIG | DISA STIG Oracle 11.2g v2r5 Windows | Windows | |
| DISA_STIG_Oracle_Database_12c_v3r5_Database.audit from DISA Oracle Database 12c v3r5 STIG | DISA Oracle Database 12c STIG v3r5 OracleDB | OracleDB | |
| DISA_STIG_Oracle_Database_12c_v3r5_OS_Linux.audit from DISA Oracle Database 12c v3r5 STIG | DISA Oracle Database 12c STIG v3r5 Unix | Unix | |
| DISA_STIG_Oracle_Database_12c_v3r5_OS_Windows.audit from DISA Oracle Database 12c v3r5 STIG | DISA Oracle Database 12c STIG v3r5 Windows | Windows | |
| DISA_STIG_Oracle_Database_19c_v1r3_Unix.audit from DISA Oracle Database 19c STIG v1r3 | DISA Oracle Database 19c STIG v1r3 Unix | Unix | |
| DISA_STIG_Oracle_Database_19c_v1r3_Windows.audit from DISA Oracle Database 19c STIG v1r3 | DISA Oracle Database 19c STIG v1r3 Windows | Windows | |
| DISA_STIG_Oracle_MySQL_8.0_v2r2_Database.audit from DISA Oracle MySQL 8.0 v2r2 STIG | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | |
| DISA_STIG_Oracle_MySQL_8.0_v2r2_OS_Linux.audit from DISA Oracle MySQL 8.0 v2r2 STIG | DISA Oracle MySQL 8.0 v2r2 OS Linux | Unix | |
| DISA_STIG_Server_2012_and_2012_R2_DC_v3r7.audit from DISA Microsoft Windows Server 2012/2012 R2 Domain Controller v3r7 STIG | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | |
| DISA_STIG_Server_2012_and_2012_R2_MS_v3r7.audit from DISA Microsoft Windows Server 2012/2012 R2 Member Server v3r7 STIG | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | |
| JRE8-WN-000080 - Oracle JRE 8 must disable the dialog enabling users to grant permissions to execute signed content from an untrusted authority - deployment.security.askgrantdialog.notinca.locked | DISA STIG Oracle JRE 8 Windows v2r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| JRE8-WN-000150 - Oracle JRE 8 must enable the dialog to enable users to check publisher certificates for revocation - deployment.security.validation.crl.locked | DISA STIG Oracle JRE 8 Windows v2r1 | Windows | IDENTIFICATION AND AUTHENTICATION |
| JRE8-WN-000160 - Oracle JRE 8 must lock the option to enable users to check publisher certificates for revocation - deployment.security.revocation.check | DISA STIG Oracle JRE 8 Windows v2r1 | Windows | IDENTIFICATION AND AUTHENTICATION |
| JRE8-WN-000160 - Oracle JRE 8 must lock the option to enable users to check publisher certificates for revocation - eployment.security.revocation.check.locked | DISA STIG Oracle JRE 8 Windows v2r1 | Windows | IDENTIFICATION AND AUTHENTICATION |
| TCAT-AS-000750 - Tomcat must use FIPS-validated ciphers on secured connectors. | DISA STIG Apache Tomcat Application Server 9 v3r3 Middleware | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| WBLC-01-000009 - Oracle WebLogic must utilize cryptography to protect the confidentiality of remote access management sessions - Unsecure Listen Port | Oracle WebLogic Server 12c Linux v2r2 Middleware | Unix | ACCESS CONTROL |
| WBLC-06-000191 - Oracle WebLogic must employ strong identification and authentication techniques when establishing nonlocal maintenance and diagnostic sessions - SSL Listen Port | Oracle WebLogic Server 12c Linux v2r2 Middleware | Unix | MAINTENANCE |
| WBLC-08-000211 - Oracle WebLogic must establish a trusted communications path between the user and organization-defined security functions within the information system - SSL Listen Port | Oracle WebLogic Server 12c Linux v2r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| WBLC-08-000231 - Oracle WebLogic must protect the confidentiality of applications and leverage transmission protection mechanisms, such as TLS and SSL VPN, when deploying applications - AdminServer SSL Listen Port | Oracle WebLogic Server 12c Linux v2r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| WBLC-08-000239 - Oracle WebLogic must employ approved cryptographic mechanisms when transmitting sensitive data - Listen Port | Oracle WebLogic Server 12c Linux v2r2 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| WBLC-08-000239 - Oracle WebLogic must employ approved cryptographic mechanisms when transmitting sensitive data - Listen Port | Oracle WebLogic Server 12c Windows v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
