| 1.1.10 Ensure separate partition exists for /var | CIS Amazon Linux 2 STIG v2.0.0 L2 Server | Unix | CONFIGURATION MANAGEMENT |
| 1.1.15 Ensure separate partition exists for /var/log | CIS Amazon Linux 2 STIG v2.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.2 Ensure redundant remote authentication servers are configured | CIS F5 Networks v1.0.0 L2 | F5 | ACCESS CONTROL |
| 2.5.3 Ensure hidden file serving is disabled | CIS NGINX v3.0.0 L1 Proxy | Unix | SYSTEM AND SERVICES ACQUISITION |
| 2.5.3 Ensure hidden file serving is disabled | CIS NGINX v3.0.0 L1 Webserver | Unix | SYSTEM AND SERVICES ACQUISITION |
| 3.1.1 Disable IPv6 | CIS Amazon Linux 2 STIG v2.0.0 L2 Server | Unix | CONFIGURATION MANAGEMENT |
| 3.3 Ensure error logging is enabled and set to the info logging level | CIS NGINX v3.0.0 L1 Loadbalancer | Unix | AUDIT AND ACCOUNTABILITY |
| 3.4.1 Ensure DCCP is disabled | CIS Amazon Linux 2 STIG v2.0.0 L2 Server | Unix | IDENTIFICATION AND AUTHENTICATION |
| 4.1.1.1 Ensure auditd is installed | CIS Amazon Linux 2 STIG v2.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.2.1 Ensure audit log storage size is configured | CIS Amazon Linux 2 STIG v2.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.2.2 Ensure audit logs are not automatically deleted | CIS Amazon Linux 2 STIG v2.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.2.5 Ensure system is disabled when audit logs are full | CIS Amazon Linux 2 STIG v2.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.1 Ensure events that modify date and time information are collected | CIS Amazon Linux 2 STIG v2.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.4 Ensure events that modify the system's Mandatory Access Controls are collected | CIS Amazon Linux 2 STIG v2.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.8 Ensure changes to system administration scope (sudoers) is collected | CIS Amazon Linux 2 STIG v2.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| 4.1.3.12 Ensure discretionary access control permission modification events are collected | CIS Amazon Linux 2 STIG v2.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.41 Ensure the audit configuration is immutable | CIS Amazon Linux 2 STIG v2.0.0 L2 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.1.3 Ensure access to SSH public host key files is configured | CIS Debian Linux 13 v1.0.0 L1 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.1.3 Ensure access to SSH public host key files is configured | CIS Debian Linux 13 v1.0.0 L1 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.3.8 Ensure SSH X11 forwarding is disabled | CIS Amazon Linux 2 STIG v2.0.0 L2 Server | Unix | CONFIGURATION MANAGEMENT |
| 5.3.16 Ensure only FIPS 140-2 ciphers are used for SSH | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| 5.3.16 Ensure only FIPS 140-2 ciphers are used for SSH | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| 6.1.1 Audit system file permissions | CIS Amazon Linux 2 STIG v2.0.0 L2 Server | Unix | CONFIGURATION MANAGEMENT |
| 6.7 Ensure FIPS 140-2 OpenSSL Cryptography Is Used - openssl version | CIS PostgreSQL 9.5 OS v1.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.12.2 Ensure At Least 2 External SYSLOG Hosts are Set with Any/Info | CIS Juniper OS Benchmark v2.1.0 L2 | Juniper | AUDIT AND ACCOUNTABILITY |
| 7.6 Ensure TLS 1.2 is enabled | CIS IIS 8.0 v1.5.1 Level 1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.10.18.2 Ensure 'Enable App Installer Experimental Features' is set to 'Disabled' | CIS Microsoft Windows Server 2022 v5.0.0 L1 DC | Windows | CONFIGURATION MANAGEMENT |
| 18.10.18.2 Ensure 'Enable App Installer Experimental Features' is set to 'Disabled' | CIS Microsoft Windows Server 2022 v5.0.0 L1 MS | Windows | CONFIGURATION MANAGEMENT |
| 18.10.18.5 Ensure 'Enable App Installer ms-appinstaller protocol' is set to 'Disabled' | CIS Microsoft Windows Server 2022 v5.0.0 L1 DC | Windows | CONFIGURATION MANAGEMENT |
| 18.10.18.5 Ensure 'Enable App Installer ms-appinstaller protocol' is set to 'Disabled' | CIS Microsoft Windows Server 2025 v2.0.0 L1 MS | Windows | CONFIGURATION MANAGEMENT |
| 18.10.57.3.3.7 Ensure 'Do not allow WebAuthn redirection' is set to 'Enabled' | CIS Microsoft Windows 11 Enterprise v5.0.1 L2 BL | Windows | CONFIGURATION MANAGEMENT |
| CASA-ND-000450 - The Cisco ASA must be configured with only one local account to be used as the account of last resort in the event the authentication server is unavailable. | DISA STIG Cisco ASA NDM v2r4 | Cisco | ACCESS CONTROL |
| DTOO114 - Open/Save actions for Excel 2 worksheets must be blocked. | DISA STIG Microsoft Excel 2013 v1r8 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO114 - Open/Save actions for Excel 2 worksheets must be blocked. | DISA STIG Microsoft Excel 2016 v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| F5BI-DM-300040 - The F5 BIG-IP appliance must be configured to use at least two authentication servers to authenticate administrative users. | DISA F5 BIG-IP TMOS NDM STIG v1r2 | F5 | CONFIGURATION MANAGEMENT |
| F5BI-FW-300020 - The F5 BIG-IP appliance must deny network communications traffic by default and allow network communications traffic by exception (i.e., deny all, permit by exception). | DISA F5 BIG-IP TMOS Firewall STIG v1r1 | F5 | SYSTEM AND COMMUNICATIONS PROTECTION |
| IBMW-LS-000390 - Multifactor authentication for network access to privileged accounts must be used. | DISA IBM WebSphere Liberty Server STIG v2r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| Login: ssh - v2 and later is enabled | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | CONFIGURATION MANAGEMENT |
| Login: SSH is enabled | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | CONFIGURATION MANAGEMENT |
| SOL-11.1-060060 - The operating system must employ FIPS-validate or NSA-approved cryptography to implement digital signatures. | DISA Solaris 11 SPARC STIG v3r4 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| SOL-11.1-060060 - The operating system must employ FIPS-validate or NSA-approved cryptography to implement digital signatures. | DISA Solaris 11 X86 STIG v3r4 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| WBLC-02-000076 - Oracle WebLogic must produce audit records containing sufficient information to establish when (date and time) the events occurred. | Oracle WebLogic Server 12c Linux v2r2 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| WBLC-02-000076 - Oracle WebLogic must produce audit records containing sufficient information to establish when (date and time) the events occurred. | Oracle WebLogic Server 12c Windows v2r2 | Windows | AUDIT AND ACCOUNTABILITY |
| WBLC-02-000077 - Oracle WebLogic must produce audit records containing sufficient information to establish where the events occurred. | Oracle WebLogic Server 12c Windows v2r2 | Windows | AUDIT AND ACCOUNTABILITY |
| WBLC-02-000077 - Oracle WebLogic must produce audit records containing sufficient information to establish where the events occurred. | Oracle WebLogic Server 12c Linux v2r2 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| WBLC-02-000078 - Oracle WebLogic must produce audit records containing sufficient information to establish the sources of the events. | Oracle WebLogic Server 12c Windows v2r2 | Windows | AUDIT AND ACCOUNTABILITY |
| WBLC-02-000079 - Oracle WebLogic must produce audit records that contain sufficient information to establish the outcome (success or failure) of application server and application events. | Oracle WebLogic Server 12c Linux v2r2 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| WBLC-02-000079 - Oracle WebLogic must produce audit records that contain sufficient information to establish the outcome (success or failure) of application server and application events. | Oracle WebLogic Server 12c Windows v2r2 | Windows | AUDIT AND ACCOUNTABILITY |
| WBLC-02-000079 - Oracle WebLogic must produce audit records that contain sufficient information to establish the outcome (success or failure) of application server and application events. | Oracle WebLogic Server 12c Linux v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| WBLC-02-000080 - Oracle WebLogic must produce audit records containing sufficient information to establish the identity of any user/subject or process associated with the event. | Oracle WebLogic Server 12c Linux v2r2 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
