| 1.118 (L1) Ensure 'Restrict exposure of local IP address by WebRTC' is set to 'Enabled: Allow public interface over http default route. This doesn't expose the local IP address' | CIS Microsoft Edge v3.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 1.125 (L1) Ensure 'Specifies whether SharedArrayBuffers can be used in a non cross-origin-isolated context' is set to 'Disabled' | CIS Microsoft Edge v3.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 3.1.2 Ensure SCTP is disabled | CIS Fedora 28 Family Linux Server L2 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.1.5 Ensure SCTP is disabled | CIS Ubuntu Linux 20.04 LTS Server L2 v2.0.1 | Unix | CONFIGURATION MANAGEMENT |
| 3.1.5 Ensure SCTP is disabled | CIS Ubuntu Linux 20.04 LTS Workstation L2 v2.0.1 | Unix | CONFIGURATION MANAGEMENT |
| 3.1.5 Ensure SCTP is disabled | CIS Debian 10 Workstation L2 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.2.4 Ensure sctp kernel module is not available | CIS Ubuntu Linux 18.04 LTS v2.2.0 L2 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 3.2.4 Ensure sctp kernel module is not available | CIS Ubuntu Linux 22.04 LTS v2.0.0 L2 Server | Unix | CONFIGURATION MANAGEMENT |
| 3.2.4 Ensure sctp kernel module is not available | CIS Oracle Linux 9 v2.0.0 L2 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 3.2.4 Ensure sctp kernel module is not available | CIS AlmaLinux OS 9 v2.0.0 L2 Server | Unix | CONFIGURATION MANAGEMENT |
| 3.2.4 Ensure sctp kernel module is not available | CIS Debian Linux 11 v2.0.0 L2 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 3.2.4 Ensure sctp kernel module is not available | CIS Red Hat EL8 Server L2 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.2.4 Ensure sctp kernel module is not available | CIS Oracle Linux 8 Workstation L2 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.4.2 Ensure SCTP is disabled | CIS Amazon Linux 2 STIG v2.0.0 L2 Server | Unix | CONFIGURATION MANAGEMENT |
| 3.4.2 Ensure SCTP is disabled - grep modprobe.d | CIS Aliyun Linux 2 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.4.2 Ensure SCTP is disabled - lsmod | CIS Debian 9 Workstation L1 v1.0.1 | Unix | CONFIGURATION MANAGEMENT |
| 3.4.2 Ensure SCTP is disabled - lsmod | CIS Distribution Independent Linux Workstation L2 v2.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 3.4.2 Ensure SCTP is disabled - lsmod | CIS Fedora 19 Family Linux Workstation L2 v1.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 3.4.2 Ensure SCTP is disabled - modprobe | CIS Debian 9 Workstation L1 v1.0.1 | Unix | CONFIGURATION MANAGEMENT |
| 3.4.2 Ensure SCTP is disabled - modprobe | CIS Distribution Independent Linux Server L2 v2.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 3.4.2 Ensure SCTP is disabled - modprobe | CIS Ubuntu Linux 16.04 LTS Workstation L2 v2.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 3.4.2 Ensure SCTP is disabled - modprobe | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 3.5.2 Ensure SCTP is disabled | CIS CentOS 6 Server L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.5.2 Ensure SCTP is disabled | CIS SUSE Linux Enterprise Server 11 L1 v2.1.1 | Unix | CONFIGURATION MANAGEMENT |
| 3.5.2 Ensure SCTP is disabled | CIS Oracle Linux 6 Workstation L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.5.2 Ensure SCTP is disabled | CIS Red Hat 6 Server L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.5.2 Ensure SCTP is disabled - lsmod | CIS Ubuntu Linux 18.04 LXD Host L2 Workstation v1.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 3.5.2 Ensure SCTP is disabled - modprobe | CIS Debian Family Workstation L2 v1.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 3.5.2 Ensure SCTP is disabled (lsmod) | CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.5.2 Ensure SCTP is disabled (modprobe) | CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.6 Set 'Allow basic authentication' to 'False' | CIS Microsoft Exchange Server 2016 CAS v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 4.2.1 Ensure firewalld is installed | CIS SUSE Linux Enterprise 15 v2.0.1 L1 Server | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.2.1 Ensure firewalld is installed | CIS SUSE Linux Enterprise 15 v2.0.1 L1 Workstation | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.5 Configure Solaris Auditing - not_terminated | CIS Solaris 11.2 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 6.5.4 (L1) Ensure SMTP AUTH is disabled | CIS Microsoft 365 Foundations v5.0.0 L1 E5 | microsoft_azure | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| AOSX-13-000056 - The macOS system must implement an approved Key Exchange Algorithm. | DISA STIG Apple Mac OSX 10.13 v2r5 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE |
| Control which extensions cannot be installed | MSCT Edge v86 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| EDGE-00-000003 - Bypassing of Microsoft Defender SmartScreen warnings about downloads must be disabled. | DISA STIG Edge v2r2 | Windows | MAINTENANCE |
| EDGE-00-000051 - Microsoft Defender SmartScreen must be configured to block potentially unwanted apps. | DISA STIG Edge v2r2 | Windows | CONFIGURATION MANAGEMENT |
| EDGE-00-000061 - Relaunch notification must be required. | DISA STIG Edge v2r2 | Windows | CONFIGURATION MANAGEMENT |
| EX16-MB-000600 - Exchange services must be documented and unnecessary services must be removed or disabled. | DISA Microsoft Exchange 2016 Mailbox Server STIG v2r6 | Windows | CONFIGURATION MANAGEMENT |
| EX19-MB-000134 - Exchange servers must have an approved DOD email-aware virus protection software installed. | DISA Microsoft Exchange 2019 Mailbox Server STIG v2r2 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| JUEX-L2-000170 - If STP is used, the Juniper EX switch must be configured to implement Rapid STP, or Multiple STP, where VLANs span multiple switches with redundant links. | DISA Juniper EX Series Layer 2 Switch v2r3 | Juniper | CONFIGURATION MANAGEMENT |
| OL6-00-000124 - The Datagram Congestion Control Protocol (DCCP) must be disabled unless required. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-06-000124 - The Datagram Congestion Control Protocol (DCCP) must be disabled unless required. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| Specifies whether to allow websites to make requests to more-private network endpoints | MSCT Edge v114 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Specifies whether to allow websites to make requests to more-private network endpoints | MSCT Edge v127 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| WBSP-AS-000140 - The WebSphere Application Server bus security must be enabled. | DISA IBM WebSphere Traditional 9 STIG v1r1 Middleware | Unix | ACCESS CONTROL |
| WBSP-AS-000140 - The WebSphere Application Server bus security must be enabled. | DISA IBM WebSphere Traditional 9 Windows STIG v1r1 | Windows | ACCESS CONTROL |
| WN10-00-000005 - Domain-joined systems must use Windows 10 Enterprise Edition 64-bit version. | DISA Microsoft Windows 10 STIG v3r4 | Windows | CONFIGURATION MANAGEMENT |
