| 1.1.1.1.7 Ensure enhanced weak passcode detection is set to enabled | CIS Zoom L2 v1.0.0 | Zoom | CONFIGURATION MANAGEMENT |
| 1.12 Ensure host-based intrusion detection tool is used - mfetpd process | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.21 Ensure 'Improve harmful app detection' is set to Enabled | MobileIron - CIS Google Android 7 v1.0.0 L1 | MDM | |
| 1.21 Ensure 'Improve harmful app detection' is set to Enabled | AirWatch - CIS Google Android 7 v1.0.0 L1 | MDM | |
| 2.2.1.10 Ensure 'Force Apple Watch wrist detection' is set to 'Enabled' | AirWatch - CIS Apple iOS 14 and iPadOS 14 v1.0.0 End User Owned L1 | MDM | ACCESS CONTROL |
| 2.2.1.10 Ensure 'Force Apple Watch wrist detection' is set to 'Enabled' | AirWatch - CIS Apple iOS 12 v1.0.0 End User Owned L1 | MDM | |
| 2.2.1.13 Ensure 'Force Apple Watch wrist detection' is set to 'Enabled' | AirWatch - CIS Apple iPadOS 17 v1.1.0 End User Owned L1 | MDM | ACCESS CONTROL, MEDIA PROTECTION |
| 2.2.1.13 Ensure 'Force Apple Watch wrist detection' is set to 'Enabled' | MobileIron - CIS Apple iPadOS 17 v1.1.0 End User Owned L1 | MDM | ACCESS CONTROL, MEDIA PROTECTION |
| 2.2.1.13 Ensure 'Force Apple Watch wrist detection' is set to 'Enabled' | MobileIron - CIS Apple iOS 18 v1.0.0 L1 End User Owned | MDM | ACCESS CONTROL, MEDIA PROTECTION |
| 2.2.1.13 Ensure 'Force Apple Watch wrist detection' is set to 'Enabled' | AirWatch - CIS Apple iOS 17 Benchmark v1.1.0 End User Owned L1 | MDM | ACCESS CONTROL, MEDIA PROTECTION |
| 2.2.1.13 Ensure 'Force Apple Watch wrist detection' is set to 'Enabled' | AirWatch - CIS Apple iOS 18 Benchmark v1.0.0 L1 End User Owned | MDM | ACCESS CONTROL, MEDIA PROTECTION |
| 2.9.2 (L1) Ensure 'Enable leak detection for entered credentials' Is Set to 'Enabled' | CIS Google Chrome Group Policy v1.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 3.1.1.1.4 Ensure use enhanced weak password detection is set to enabled | CIS Zoom L2 v1.0.0 | Zoom | CONFIGURATION MANAGEMENT |
| 3.2.1.24 Ensure 'Force Apple Watch wrist detection' is set to 'Enabled' | MobileIron - CIS Apple iOS 14 and iPadOS 14 Institution Owned L1 | MDM | ACCESS CONTROL |
| 3.2.1.27 Ensure 'Force Apple Watch wrist detection' is set to 'Enabled' | MobileIron - CIS Apple iPadOS 17 Institutionally Owned L1 | MDM | ACCESS CONTROL, MEDIA PROTECTION |
| 3.2.1.27 Ensure 'Force Apple Watch wrist detection' is set to 'Enabled' | AirWatch - CIS Apple iPadOS 18 v1.0.0 L1 Institutionally Owned | MDM | ACCESS CONTROL, MEDIA PROTECTION |
| 3.2.1.27 Ensure 'Force Apple Watch wrist detection' is set to 'Enabled' | MobileIron - CIS Apple iPadOS 18 v1.0.0 L1 Institutionally Owned | MDM | ACCESS CONTROL, MEDIA PROTECTION |
| 3.2.1.27 Ensure 'Force Apple Watch wrist detection' is set to 'Enabled' | AirWatch - CIS Apple iOS 18 v1.0.0 L1 Institution Owned | MDM | ACCESS CONTROL, MEDIA PROTECTION |
| 4.2.5 Enable grayware detection on antivirus | CIS Fortigate 7.0.x v1.3.0 L2 | FortiGate | SYSTEM AND INFORMATION INTEGRITY |
| 6.2.6 Ensure root PATH Integrity | CIS Amazon Linux v2.1.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 6.7 Ensure the OWASP ModSecurity Core Rule Set Is Installed and Enabled - Active Rules | CIS Apache HTTP Server 2.2 L2 v3.6.0 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.7 Ensure the OWASP ModSecurity Core Rule Set Is Installed and Enabled - Active Rules | CIS Apache HTTP Server 2.2 L2 v3.6.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.7 Ensure the OWASP ModSecurity Core Rule Set Is Installed and Enabled - Inbound Anomaly Threshold | CIS Apache HTTP Server 2.2 L2 v3.6.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.7 Ensure the OWASP ModSecurity Core Rule Set Is Installed and Enabled - Paranoia Level | CIS Apache HTTP Server 2.2 L2 v3.6.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.19 Ensure that User Credential Submission uses the action of 'block' or 'continue' on the URL categories | CIS Palo Alto Firewall 10 v1.2.0 L1 | Palo_Alto | SYSTEM AND INFORMATION INTEGRITY |
| 6.19 Ensure that User Credential Submission uses the action of 'block' or 'continue' on the URL categories | CIS Palo Alto Firewall 11 v1.1.0 L1 | Palo_Alto | SYSTEM AND INFORMATION INTEGRITY |
| 6.20 Ensure that User Credential Submission uses the action of 'block' or 'continue' on the URL categories - continue on the URL categories | CIS Palo Alto Firewall 9 v1.1.0 L1 | Palo_Alto | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| 6.20 Ensure that User Credential Submission uses the action of block or continue on the URL categories | CIS Palo Alto Firewall 8 Benchmark L1 v1.0.0 | Palo_Alto | CONFIGURATION MANAGEMENT |
| 20.66 Ensure 'The system uses a host-based intrusion detection or prevention system' | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 20.66 Ensure 'The system uses a host-based intrusion detection or prevention system' | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 20.66 Ensure 'The system uses a host-based intrusion detection or prevention system' | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 20.66 Ensure 'The system uses a host-based intrusion detection or prevention system' | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 20.66 Ensure 'The system uses a host-based intrusion detection or prevention system' (STIG only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 20.66 Ensure 'The system uses a host-based intrusion detection or prevention system' (STIG only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS | Windows | SYSTEM AND INFORMATION INTEGRITY |
| CISC-L2-000190 - The Cisco switch must enable Unidirectional Link Detection (UDLD) to protect against one-way connections. | DISA Cisco IOS XE Switch L2S STIG v3r2 | Cisco | CONFIGURATION MANAGEMENT |
| DG0102-ORACLE11 - DBMS processes or services should run under custom, dedicated OS accounts - 'tns services are using correct service account' | DISA STIG Oracle 11 Instance v9r1 OS Unix | Unix | ACCESS CONTROL |
| Ensure 'threat-detection statistics' is set to 'tcp-intercept' | Tenable Cisco Firepower Best Practices Audit | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| Ensure root PATH Integrity | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
| EX13-EG-003016 - A DoD-approved third party Exchange-aware malicious code protection application must be implemented. | DISA Microsoft Exchange 2013 Edge Transport Server STIG v1r6 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| EX13-MB-003031 - A DoD-approved third party Exchange-aware malicious code protection application must be implemented. | DISA Microsoft Exchange 2013 Mailbox Server STIG v2r3 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| GEN001160 - All files and directories must have a valid owner. | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | CONFIGURATION MANAGEMENT |
| GEN006480 - The system must have a host-based intrusion detection tool installed. | DISA STIG for Oracle Linux 5 v2r1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| JUSX-VN-000022 - The Juniper SRX Services Gateway VPN must terminate all network connections associated with a communications session at the end of the session. | DISA Juniper SRX Services Gateway VPN v3r2 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| SonicWALL - Detection Prevention - ICMP packets | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND COMMUNICATIONS PROTECTION |
| SYMP-AG-000540 - Symantec ProxySG must block outbound traffic containing known and unknown denial-of-service (DoS) attacks to protect against the use of internal information systems to launch any DoS attacks against other networks or endpoints. | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | SYSTEM AND COMMUNICATIONS PROTECTION |
| SYMP-NM-000320 - Symantec ProxySG must enable Attack Detection. | DISA Symantec ProxySG Benchmark NDM v1r2 | BlueCoat | SYSTEM AND COMMUNICATIONS PROTECTION |
| WG080 IIS6 - A compiler must not be installed on a production web server. - 'javac.exe search' | DISA STIG IIS 6.0 Server v6r16 | Windows | CONFIGURATION MANAGEMENT |
| WG080 IIS6 - A compiler must not be installed on a production web server. - 'msvc.exe search' | DISA STIG IIS 6.0 Server v6r16 | Windows | CONFIGURATION MANAGEMENT |
| WN12-GE-000022 - Servers must have a host-based Intrusion Detection System. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WNDF-AV-000001 - Microsoft Defender AV must be configured to block the Potentially Unwanted Application (PUA) feature - PUA feature. | DISA STIG Microsoft Defender Antivirus v2r4 | Windows | SYSTEM AND INFORMATION INTEGRITY |
