| 1.29 OL08-00-010171 | CIS Oracle Linux 8 STIG v1.0.0 CAT III | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.158 WN16-DC-000130 | CIS Microsoft Windows Server 2016 STIG v4.0.0 DC CAT II | Windows | IDENTIFICATION AND AUTHENTICATION |
| 1.159 WN19-DC-000130 | CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II | Windows | IDENTIFICATION AND AUTHENTICATION |
| 1.355 RHEL-09-651030 | CIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT III | Unix | CONFIGURATION MANAGEMENT |
| 2.2.1 Enable "Set time and date automatically" | CIS Apple OSX 10.9 L2 v1.3.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.11 Ensure XProtect Is Running and Updated | CIS Apple macOS 11.0 Big Sur v4.0.0 L1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.13.1 (L1) Ensure 'Boot-Start Driver Initialization Policy' is set to 'Enabled: Good, unknown and bad but critical' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.13.1 (L1) Ensure 'Boot-Start Driver Initialization Policy' is set to 'Enabled: Good, unknown and bad but critical' | CIS Microsoft Windows Server 2019 Stand-alone v3.0.0 L1 MS | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.13.1 Ensure 'Boot-Start Driver Initialization Policy' is set to 'Enabled: Good, unknown and bad but critical' | CIS Microsoft Windows 11 Enterprise v5.0.1 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.13.1 Ensure 'Boot-Start Driver Initialization Policy' is set to 'Enabled: Good, unknown and bad but critical' | CIS Microsoft Windows Server 2022 v5.0.0 L1 DC | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.13.1 Ensure 'Boot-Start Driver Initialization Policy' is set to 'Enabled: Good, unknown and bad but critical' | CIS Microsoft Windows 11 Stand-alone v5.0.0 L1 BL | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Boot-Start Driver Initialization Policy | MSCT Windows 11 v22H2 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Boot-Start Driver Initialization Policy | MSCT Windows 10 v22H2 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Boot-Start Driver Initialization Policy | MSCT Windows 11 v25H2 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Boot-Start Driver Initialization Policy | MSCT Windows 11 v23H2 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Boot-Start Driver Initialization Policy | MSCT Windows 11 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Boot-Start Driver Initialization Policy | MSCT Windows Server 1903 MS v1.19.9 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Boot-Start Driver Initialization Policy | MSCT Windows Server 2019 MS v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Boot-Start Driver Initialization Policy | MSCT Windows Server 2025 DC v2506 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Boot-Start Driver Initialization Policy | MSCT Windows Server v20H2 MS v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| EP11-00-001100 - The EDB Postgres Advanced Server must allow only the ISSM (or individuals or roles appointed by the ISSM) to select which auditable events are to be audited. | EDB PostgreSQL Advanced Server v11 Windows OS Audit v2r4 | Windows | AUDIT AND ACCOUNTABILITY |
| EX16-ED-000730 - The application must configure malicious code protection mechanisms to perform periodic scans of the information system every seven days. | DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r6 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| FireEye - Inline blocking network whitelists | TNS FireEye | FireEye | SYSTEM AND COMMUNICATIONS PROTECTION |
| FireEye - IPMI is enabled | TNS FireEye | FireEye | CONFIGURATION MANAGEMENT |
| FireEye - List patches | TNS FireEye | FireEye | SYSTEM AND INFORMATION INTEGRITY |
| FireEye - Login banner | TNS FireEye | FireEye | ACCESS CONTROL |
| FireEye - Workorder stats | TNS FireEye | FireEye | AUDIT AND ACCOUNTABILITY |
| OL07-00-020210 - The Oracle Linux operating system must enable SELinux. | DISA Oracle Linux 7 STIG v3r5 | Unix | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| OL07-00-020220 - The Oracle Linux operating system must enable the SELinux targeted policy. | DISA Oracle Linux 7 STIG v3r5 | Unix | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| OL08-00-010170 - OL 8 must use a Linux Security Module configured to enforce limits on system services. | DISA Oracle Linux 8 STIG v2r7 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OL08-00-010360 - The OL 8 file integrity tool must notify the system administrator (SA) when changes to the baseline configuration or anomalies in the operation of any security functions are discovered within an organizationally defined frequency. | DISA Oracle Linux 8 STIG v2r7 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| OL08-00-010450 - OL 8 must enable the SELinux targeted policy. | DISA Oracle Linux 8 STIG v2r7 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| PANW-AG-000049 - The Palo Alto Networks security platform must block phone home traffic. | DISA Palo Alto Networks ALG STIG v3r4 | Palo_Alto | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-07-020210 - The Red Hat Enterprise Linux operating system must enable SELinux. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| RHEL-07-020220 - The Red Hat Enterprise Linux operating system must enable the SELinux targeted policy. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| RHEL-08-010170 - RHEL 8 must use a Linux Security Module configured to enforce limits on system services. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-08-010360 - The RHEL 8 file integrity tool must notify the system administrator when changes to the baseline configuration or anomalies in the operation of any security functions are discovered within an organizationally defined frequency. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-010450 - RHEL 8 must enable the SELinux targeted policy. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| RHEL-10-701010 - RHEL 10 must clear memory when it is freed to prevent use-after-free attacks. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| SLEM-05-431015 - SLEM 5 must use a Linux Security Module configured to enforce limits on system services. | DISA SUSE Linux Enterprise Micro SLEM 5 STIG v1r3 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| SLEM-05-431020 - SLEM 5 must enable the SELinux targeted policy. | DISA SUSE Linux Enterprise Micro SLEM 5 STIG v1r3 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| SLES-15-010419 - The SUSE operating system must use a file integrity tool to verify correct operation of all security functions. | DISA SUSE Linux Enterprise Server 15 STIG v2r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| UBTU-16-010500 - A file integrity tool must be installed to verify correct operation of all security functions in the Ubuntu operating system. | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| UBTU-16-010540 - The file integrity tool must notify the system administrator when changes to the baseline configuration or anomalies in the operation of any security functions are discovered - default | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| UBTU-18-010515 - The Ubuntu operating system must use a file integrity tool to verify correct operation of all security functions. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| UBTU-20-010450 - The Ubuntu operating system must use a file integrity tool to verify correct operation of all security functions. | DISA Canonical Ubuntu 20.04 LTS STIG v2r4 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| UBTU-22-651010 - Ubuntu 22.04 LTS must use a file integrity tool to verify correct operation of all security functions. | DISA Canonical Ubuntu 22.04 LTS STIG v2r7 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| UBTU-24-100100 - Ubuntu 24.04 LTS must use a file integrity tool to verify correct operation of all security functions. | DISA Canonical Ubuntu 24.04 LTS STIG v1r4 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| VCSA-70-000150 - vCenter must provide an immediate real-time alert to the system administrator (SA) and information system security officer (ISSO), at a minimum, of all audit failure events requiring real-time alerts. | DISA STIG VMware vSphere 7.0 vCenter v1r3 | VMware | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| VCSA-80-000150 - The vCenter server must provide an immediate real-time alert to the system administrator (SA) and information system security officer (ISSO), at a minimum, of all audit failure events requiring real-time alerts. | DISA VMware vSphere 8.0 vCenter STIG v2r3 | VMware | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
