| 1.1.4 (L1) Ensure administrative accounts use licenses with a reduced application footprint | CIS Microsoft 365 Foundations v5.0.0 L1 E3 | microsoft_azure | ACCESS CONTROL |
| 1.1.4 (L1) Ensure administrative accounts use licenses with a reduced application footprint | CIS Microsoft 365 Foundations v5.0.0 L1 E5 | microsoft_azure | ACCESS CONTROL |
| 1.4.1.3 Ensure known default accounts do not exist | CIS Cisco Firewall ASA 9 L1 v4.1.0 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| 1.4.1.3 Ensure known default accounts do not exist | CIS Cisco Firewall v8.x L1 v4.2.0 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| 1.9 Audit Docker files and directories - /etc/docker | CIS Docker 1.11.0 v1.0.0 L1 Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 1.9 Audit Docker files and directories - /etc/docker | CIS Docker 1.12.0 v1.0.0 L1 Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 1.10 Audit Docker files and directories - /etc/docker | CIS Docker 1.6 v1.0.0 L1 Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 2.2.2 Ensure rsh client is not installed | CIS Debian Family Workstation L1 v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 2.2.2 Ensure rsh client is not installed | CIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 2.2.2.2 Ensure 'Accept cookies' is set to 'From websites I visit' or 'From current website only' | MobileIron - CIS Apple iOS 11 v1.0.0 End User Owned L1 | MDM | ACCESS CONTROL |
| 2.2.2.2 Ensure 'Accept cookies' is set to 'From websites I visit' or `From current website only` | AirWatch - CIS Apple iOS 12 v1.0.0 End User Owned L1 | MDM | |
| 2.3.2 Ensure rsh client is not installed | CIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 2.3.2 Ensure rsh client is not installed | CIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 3.2.2.2 Ensure 'Accept cookies' is set to 'From websites I visit' or 'From current website only' | AirWatch - CIS Apple iPadOS 17 Institutionally Owned L1 | MDM | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 3.2.2.2 Ensure 'Accept cookies' is set to 'From websites I visit' or 'From current website only' | AirWatch - CIS Apple iOS 10 v2.0.0 Institution Owned L1 | MDM | |
| 3.2.2.2 Ensure 'Accept cookies' is set to 'From websites I visit' or 'From current website only' | MobileIron - CIS Apple iOS 10 v2.0.0 Institution Owned L1 | MDM | ACCESS CONTROL |
| 3.2.2.2 Ensure 'Accept cookies' is set to 'From websites I visit' or 'From current website only' | MobileIron - CIS Apple iOS 11 v1.0.0 Institution Owned L1 | MDM | ACCESS CONTROL |
| 3.2.2.2 Ensure 'Accept cookies' is set to 'From websites I visit' or 'From current website only' | MobileIron - CIS Apple iPadOS 18 v1.0.0 L1 Institutionally Owned | MDM | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 3.2.2.2 Ensure 'Accept cookies' is set to 'From websites I visit' or `From current website only` | AirWatch - CIS Apple iOS 13 and iPadOS 13 Institution Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 4.1 Ensure yearly rekeying is enabled for a Snowflake account | CIS Snowflake Foundations v1.0.0 L2 | Snowflake | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.20 Check for Presence of User .forward Files | CIS Solaris 11.2 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 9.21 Check for Presence of User .forward Files | CIS Solaris 11 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 9.21 Check for Presence of User .forward Files | CIS Solaris 11.1 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| CIS_IBM_DB2_9_Benchmark_v3.0.1_Level_2_OS_Windows.audit from CIS IBM DB2 9 Benchmark v3.0.1 | CIS IBM DB2 9 Benchmark v3.0.1 Level 1 OS Windows | Windows | |
| CIS_IBM_DB2_11_v1.1.0_Level_1_OS_Linux.audit from CIS IBM DB2 11 v1.1.0 Benchmark | CIS IBM DB2 11 v1.1.0 Linux OS Level 1 | Unix | |
| DG0102-ORACLE11 - DBMS processes or services should run under custom, dedicated OS accounts - 'tns services are using correct service account' | DISA STIG Oracle 11 Instance v9r1 OS Unix | Unix | ACCESS CONTROL |
| DTAVSEL-202 - The nails user and nailsgroup group must be restricted to the least privilege access required for the intended role - group | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5 | Unix | ACCESS CONTROL |
| DTAVSEL-202 - The nails user and nailsgroup group must be restricted to the least privilege access required for the intended role - group | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | ACCESS CONTROL |
| DTAVSEL-202 - The nails user and nailsgroup group must be restricted to the least privilege access required for the intended role - user | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | ACCESS CONTROL |
| DTAVSEL-202 - The nails user and nailsgroup group must be restricted to the least privilege access required for the intended role - user | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5 | Unix | ACCESS CONTROL |
| IBM i : Inactive Job Time-Out Message Queue (QINACTMSGQ) - '*DSCJOB' | IBM System i Security Reference for V7R1 and V6R1 | AS/400 | ACCESS CONTROL |
| IBM i : Requirement for Numeric Character in Passwords (QPWDRQDDGT) - '1' | IBM System i Security Reference for V7R1 and V6R1 | AS/400 | IDENTIFICATION AND AUTHENTICATION |
| IBM i : Requirement for Numeric Character in Passwords (QPWDRQDDGT) - '1' | IBM System i Security Reference for V7R2 | AS/400 | IDENTIFICATION AND AUTHENTICATION |
| IBM i : Restriction of Consecutive Digits for Passwords (QPWDLMTAJC) - '0' | IBM System i Security Reference for V7R1 and V6R1 | AS/400 | IDENTIFICATION AND AUTHENTICATION |
| IBM i : Restriction of Consecutive Digits for Passwords (QPWDLMTAJC) - '0' | IBM System i Security Reference for V7R2 | AS/400 | IDENTIFICATION AND AUTHENTICATION |
| IBM i : Restriction of Repeated Characters for Passwords (QPWDLMTREP) - '1' | IBM System i Security Reference for V7R1 and V6R1 | AS/400 | IDENTIFICATION AND AUTHENTICATION |
| IBM i : Secure Sockets Layer (SSL) cipher specification list (QSSLCSL) | IBM System i Security Reference for V7R2 | AS/400 | SYSTEM AND COMMUNICATIONS PROTECTION |
| MD3X-00-000280 - Unused database components, DBMS software, and database objects must be removed. | DISA STIG MongoDB Enterprise Advanced 3.x v2r3 OS | Unix | CONFIGURATION MANAGEMENT |
| O19C-00-005800 - Oracle Database must off-load audit data to a separate log management facility; this must be continuous and in near-real-time for systems with a network connection to the storage facility, and weekly or more often for stand-alone systems. | DISA Oracle Database 19c STIG v1r1 Database | OracleDB | AUDIT AND ACCOUNTABILITY |
| RHEL-06-000010 - The Red Hat Enterprise Linux operating system must be a vendor-supported release. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-06-000020 - The system must use a Linux Security Module configured to enforce limits on system services. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | ACCESS CONTROL |
| RHEL-07-010090 - The Red Hat Enterprise Linux operating system must have the screen package installed. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | ACCESS CONTROL |
| RHEL-07-020220 - The Red Hat Enterprise Linux operating system must enable the SELinux targeted policy. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| RHEL-07-020250 - The Red Hat Enterprise Linux operating system must be a vendor supported release. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-07-030211 - The Red Hat Enterprise Linux operating system must label all off-loaded audit logs before sending them to the central log server. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-07-040201 - The Red Hat Enterprise Linux operating system must implement virtual address space randomization. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | CONFIGURATION MANAGEMENT |
| Tenable_Best_Practices_Cisco_Firepower_Management_Center_OS.audit | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | |
| vCenter : restrict-Linux-clients | VMWare vSphere 5.X Hardening Guide | VMware | |
| WBSP-AS-000020 - The WebSphere Application Server admin console session timeout must be configured. | DISA IBM WebSphere Traditional 9 STIG v1r1 Middleware | Unix | ACCESS CONTROL |
| WBSP-AS-000020 - The WebSphere Application Server admin console session timeout must be configured. | DISA IBM WebSphere Traditional 9 STIG v1r1 | Unix | ACCESS CONTROL |
