| 5.2.3.2 (L1) Ensure custom banned passwords lists are used | CIS Microsoft 365 Foundations v5.0.0 L1 E3 | microsoft_azure | IDENTIFICATION AND AUTHENTICATION |
| 8.15 (L2) VMware Tools must deactivate Guest Operations unless required | CIS VMware ESXi 8.0 v1.2.0 L2 | VMware | CONFIGURATION MANAGEMENT |
| 18.7.11 (L1) Ensure 'Point and Print Restrictions: When installing drivers for a new connection' is set to 'Enabled: Show warning and elevation prompt' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL | Windows | ACCESS CONTROL |
| 18.7.11 (L1) Ensure 'Point and Print Restrictions: When installing drivers for a new connection' is set to 'Enabled: Show warning and elevation prompt' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NG | Windows | ACCESS CONTROL |
| 20.17 Ensure 'Deny-all, permit-by-exception policy to allow the execution of authorized software programs' | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC | Windows | CONFIGURATION MANAGEMENT |
| 20.17 Ensure 'Deny-all, permit-by-exception policy to allow the execution of authorized software programs' | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS | Windows | CONFIGURATION MANAGEMENT |
| 20.17 Ensure 'Deny-all, permit-by-exception policy to allow the execution of authorized software programs' (STIG only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS | Windows | CONFIGURATION MANAGEMENT |
| AIOS-13-011100 - Apple iOS/iPadOS must implement the management setting: require the user to enter a password when connecting to an AirPlay-enabled device for the first time. | MobileIron - DISA Apple iOS/iPadOS 13 v2r1 | MDM | ACCESS CONTROL |
| AIOS-15-010900 - Apple iOS/iPadOS 15 must implement the management setting: require the user to enter a password when connecting to an AirPlay-enabled device for the first time. | MobileIron - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-16-010900 - Apple iOS/iPadOS 16 must implement the management setting: require the user to enter a password when connecting to an AirPlay-enabled device for the first time. | MobileIron - DISA Apple iOS/iPadOS 16 v2r1 | MDM | ACCESS CONTROL |
| AIOS-17-010900 - Apple iOS/iPadOS 17 must implement the management setting: require the user to enter a password when connecting to an AirPlay-enabled device. | MobileIron - DISA Apple iOS/iPadOS 17 v2r1 | MDM | ACCESS CONTROL |
| AIOS-17-010950 - Apple iOS/iPadOS 17 must implement the management setting: require passcode for incoming Airplay connection requests. | AirWatch - DISA Apple iOS/iPadOS 17 v2r1 | MDM | ACCESS CONTROL |
| AIOS-17-010950 - Apple iOS/iPadOS 17 must implement the management setting: require passcode for incoming Airplay connection requests. | MobileIron - DISA Apple iOS/iPadOS 17 v2r1 | MDM | ACCESS CONTROL |
| AIOS-17-710900 - Apple iOS/iPadOS 17 must implement the management setting: require the user to enter a password when connecting to an AirPlay-enabled device. | MobileIron - DISA Apple iOS/iPadOS BYOAD 17 v1r1 | MDM | ACCESS CONTROL |
| AIOS-17-710950 - Apple iOS/iPadOS 17 must implement the management setting: require passcode for incoming Airplay connection requests. | AirWatch - DISA Apple iOS/iPadOS 17 BYOAD v1r1 | MDM | ACCESS CONTROL |
| AIOS-18-010950 - Apple iOS/iPadOS 18 must implement the management setting: require passcode for incoming Airplay connection requests. | MobileIron - DISA Apple iOS/iPadOS 18 v1r1 | MDM | ACCESS CONTROL |
| AIX7-00-003127 - The control script lists of preloaded libraries must contain only absolute paths on AIX systems. | DISA STIG AIX 7.x v3r1 | Unix | CONFIGURATION MANAGEMENT |
| Android Compliance Policy - Block apps from unknown sources | Tenable Best Practices for Microsoft Intune Android v1.0 | microsoft_azure | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| CISC-RT-000500 - The Cisco BGP router must be configured to reject inbound route advertisements for any prefixes belonging to the local autonomous system (AS). | DISA Cisco IOS Router RTR STIG v3r3 | Cisco | ACCESS CONTROL |
| DTAM141 - McAfee VirusScan Access Protection: Common Standard Protection must be set to prevent modification of McAfee files and settings. | DISA McAfee VirusScan 8.8 Managed Client STIG v6r1 | Windows | CONFIGURATION MANAGEMENT |
| DTAM142 - McAfee VirusScan Access Protection Rules Common Standard Protection must be set to prevent modification of McAfee Common Management Agent files and settings. | DISA McAfee VirusScan 8.8 Local Client STIG v6r1 | Windows | CONFIGURATION MANAGEMENT |
| DTAM143 - McAfee VirusScan Access Protection Rules Common Standard Protection must be set to prevent modification of McAfee Scan Engine files and settings. | DISA McAfee VirusScan 8.8 Local Client STIG v6r1 | Windows | CONFIGURATION MANAGEMENT |
| DTAM143 - McAfee VirusScan Access Protection: Common Standard Protection must be set to prevent modification of McAfee Scan Engine files and settings. | DISA McAfee VirusScan 8.8 Managed Client STIG v6r1 | Windows | CONFIGURATION MANAGEMENT |
| GEN001605 - Run control scripts lists of preloaded libraries must contain only authorized paths - /etc/init.d/* | DISA STIG Solaris 10 SPARC v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN001610 - Run control scripts lists of preloaded libraries must contain only authorized paths - '/etc/rc.d/rc0.d/*' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | CONFIGURATION MANAGEMENT |
| GEN001610 - Run control scripts lists of preloaded libraries must contain only authorized paths - '/etc/rc.d/rc1.d/*' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | CONFIGURATION MANAGEMENT |
| GEN001610 - Run control scripts lists of preloaded libraries must contain only authorized paths - '/etc/rc.d/rc6.d/*' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | CONFIGURATION MANAGEMENT |
| GEN001610 - Run control scripts lists of preloaded libraries must contain only authorized paths - /etc/init.d/* | DISA STIG Solaris 10 SPARC v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN001610 - Run control scripts lists of preloaded libraries must contain only authorized paths - /etc/rc* | DISA STIG Solaris 10 X86 v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN001850 - Global initialization files lists of preloaded libraries must contain only authorized paths - '/etc/csh.cshrc' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | CONFIGURATION MANAGEMENT |
| GEN001850 - Global initialization files lists of preloaded libraries must contain only authorized paths - '/etc/environment' | DISA STIG AIX 6.1 v1r14 | Unix | CONFIGURATION MANAGEMENT |
| GEN001850 - Global initialization files lists of preloaded libraries must contain only authorized paths - '/etc/profile' | DISA STIG AIX 6.1 v1r14 | Unix | CONFIGURATION MANAGEMENT |
| GEN001850 - Global initialization files lists of preloaded libraries must contain only authorized paths - '/etc/profile' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | CONFIGURATION MANAGEMENT |
| GEN001850 - Global initialization files lists of preloaded libraries must contain only authorized paths - '/etc/suid_profile' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | CONFIGURATION MANAGEMENT |
| GEN001850 - Global initialization files lists of preloaded libraries must contain only authorized paths - /etc/.login | DISA STIG Solaris 10 SPARC v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN001850 - Global initialization files lists of preloaded libraries must contain only authorized paths - /etc/bashrc | DISA STIG Solaris 10 X86 v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN001850 - Global initialization files lists of preloaded libraries must contain only authorized paths - /etc/csh.cshrc | DISA STIG Solaris 10 X86 v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN001850 - Global initialization files lists of preloaded libraries must contain only authorized paths - /etc/environment | DISA STIG Solaris 10 X86 v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN001850 - Global initialization files lists of preloaded libraries must contain only authorized paths - /etc/security/environ | DISA STIG Solaris 10 SPARC v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN001850 - Global initialization files lists of preloaded libraries must contain only authorized paths - /etc/security/environ | DISA STIG Solaris 10 X86 v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN001850 - Global initialization files' lists of preloaded libraries must contain only absolute paths - '/etc/bashrc' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN001850 - Global initialization files' lists of preloaded libraries must contain only absolute paths - '/etc/environment' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN001850 - Global initialization files' lists of preloaded libraries must contain only absolute paths - '/etc/profile' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN001850 - Global initialization files' lists of preloaded libraries must contain only absolute paths - '/etc/security/.login' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN001902 - Local initialization files lists of preloaded libraries must contain only authorized paths. | DISA STIG AIX 6.1 v1r14 | Unix | CONFIGURATION MANAGEMENT |
| SOL-11.1-020340 - Run control scripts lists of preloaded libraries must contain only authorized paths. | DISA STIG Solaris 11 SPARC v3r1 | Unix | CONFIGURATION MANAGEMENT |
| SOL-11.1-020340 - Run control scripts lists of preloaded libraries must contain only authorized paths. | DISA STIG Solaris 11 X86 v3r1 | Unix | CONFIGURATION MANAGEMENT |
| SPLK-CL-000050 - Splunk Enterprise must use TLS 1.2 and SHA-2 or higher cryptographic algorithms. | DISA STIG Splunk Enterprise 7.x for Windows v3r1 REST API | Splunk | IDENTIFICATION AND AUTHENTICATION |
| VCWN-65-000061 - The vCenter Server for Windows must disable Password and Windows integrated authentication. | DISA STIG VMware vSphere vCenter 6.5 v2r3 | VMware | CONFIGURATION MANAGEMENT |
| WDNS-SC-000010 - The Name Resolution Policy Table (NRPT) must be configured in Group Policy to enforce clients to request DNSSEC validation for a domain. | DISA Microsoft Windows 2012 Server DNS STIG v2r7 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
