| 1.7 Audit docker daemon | CIS Docker 1.11.0 v1.0.0 L1 Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 2.6 Configure TLS authentication for Docker daemon - tlscacert | CIS Docker 1.11.0 v1.0.0 L1 Docker | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.6 Configure TLS authentication for Docker daemon - tlscacert | CIS Docker 1.12.0 v1.0.0 L1 Docker | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.6 Configure TLS authentication for Docker daemon - tlskey | CIS Docker 1.11.0 v1.0.0 L1 Docker | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.3 Ensure that MongoDB is run using a non-privileged, dedicated service account | CIS MongoDB 8 v1.0.0 L1 Windows | Windows | ACCESS CONTROL |
| 9.2.6 Ensure root PATH Integrity | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 9.9 Check Permissions on User Home Directories | CIS Oracle Solaris 11.4 L1 v1.1.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 9.11 Check Groups in passwd(4) | CIS Solaris 11 L1 v1.1.0 | Unix | ACCESS CONTROL |
| 9.11 Check Groups in passwd(4) | CIS Solaris 11.1 L1 v1.0.0 | Unix | ACCESS CONTROL |
| 9.21 Find World Writable Files | CIS Solaris 11.2 L1 v1.1.0 | Unix | ACCESS CONTROL |
| 9.22 Find World Writable Files | CIS Solaris 11 L1 v1.1.0 | Unix | ACCESS CONTROL |
| AZLX-23-002260 - Amazon Linux 2023 must produce audit records containing information to establish the identity of any individual or process associated with the event. | DISA Amazon Linux 2023 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| Configuring a pre-login or post-login message banner for the BIG-IP or Enterprise Manager system - Banner Enabled | Tenable F5 BIG-IP Best Practice Audit | F5 | ACCESS CONTROL |
| Configuring a pre-login or post-login message banner for the BIG-IP or Enterprise Manager system - Banner Text | Tenable F5 BIG-IP Best Practice Audit | F5 | ACCESS CONTROL |
| Configuring a secure password policy for the BIG-IP system - Expiration Warning | Tenable F5 BIG-IP Best Practice Audit | F5 | IDENTIFICATION AND AUTHENTICATION |
| Configuring a secure password policy for the BIG-IP system - Maximum Duration | Tenable F5 BIG-IP Best Practice Audit | F5 | IDENTIFICATION AND AUTHENTICATION |
| Configuring a secure password policy for the BIG-IP system - Maximum Login Failures | Tenable F5 BIG-IP Best Practice Audit | F5 | ACCESS CONTROL |
| Configuring a secure password policy for the BIG-IP system - Minimum Duration | Tenable F5 BIG-IP Best Practice Audit | F5 | IDENTIFICATION AND AUTHENTICATION |
| Configuring a secure password policy for the BIG-IP system - Password Memory | Tenable F5 BIG-IP Best Practice Audit | F5 | IDENTIFICATION AND AUTHENTICATION |
| Configuring a secure password policy for the BIG-IP system - Required Lowercase Characters | Tenable F5 BIG-IP Best Practice Audit | F5 | IDENTIFICATION AND AUTHENTICATION |
| Configuring a secure password policy for the BIG-IP system - Required Numeric Characters | Tenable F5 BIG-IP Best Practice Audit | F5 | IDENTIFICATION AND AUTHENTICATION |
| Configuring an automatic logout for idle sessions - Configuration utility | Tenable F5 BIG-IP Best Practice Audit | F5 | ACCESS CONTROL |
| Configuring an automatic logout for idle sessions - Console Sessions | Tenable F5 BIG-IP Best Practice Audit | F5 | ACCESS CONTROL |
| Configuring an automatic logout for idle sessions - SSH | Tenable F5 BIG-IP Best Practice Audit | F5 | ACCESS CONTROL |
| Configuring an automatic logout for idle sessions - TMSH | Tenable F5 BIG-IP Best Practice Audit | F5 | ACCESS CONTROL |
| Configuring CIDR Network Addresses for the BIG-IP packet filter - Always accept ARP | Tenable F5 BIG-IP Best Practice Audit | F5 | ACCESS CONTROL |
| Configuring CIDR Network Addresses for the BIG-IP packet filter - Always accept important ICMP | Tenable F5 BIG-IP Best Practice Audit | F5 | ACCESS CONTROL |
| Configuring CIDR Network Addresses for the BIG-IP packet filter - enabled | Tenable F5 BIG-IP Best Practice Audit | F5 | ACCESS CONTROL |
| Configuring CIDR Network Addresses for the BIG-IP packet filter - Filter established connections | Tenable F5 BIG-IP Best Practice Audit | F5 | ACCESS CONTROL |
| Configuring CIDR Network Addresses for the BIG-IP packet filter - Review Packet-Filter Rules | Tenable F5 BIG-IP Best Practice Audit | F5 | ACCESS CONTROL |
| Configuring CIDR Network Addresses for the BIG-IP packet filter - Send ICMP error on packet reject | Tenable F5 BIG-IP Best Practice Audit | F5 | ACCESS CONTROL |
| Configuring CIDR Network Addresses for the BIG-IP packet filter - Unhandled Packet Action | Tenable F5 BIG-IP Best Practice Audit | F5 | ACCESS CONTROL |
| Configuring cookie encryption within the HTTP profile | Tenable F5 BIG-IP Best Practice Audit | F5 | SYSTEM AND COMMUNICATIONS PROTECTION |
| Configuring LDAP remote authentication for Active Directory - Scope | Tenable F5 BIG-IP Best Practice Audit | F5 | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Configuring LDAP remote authentication for Active Directory - SSL | Tenable F5 BIG-IP Best Practice Audit | F5 | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Configuring LDAP remote authentication for Active Directory - SSL Check Peer | Tenable F5 BIG-IP Best Practice Audit | F5 | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Configuring LDAP remote authentication for Active Directory - SSL Client Cert | Tenable F5 BIG-IP Best Practice Audit | F5 | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Configuring LDAP remote authentication for Active Directory - SSL Client Key | Tenable F5 BIG-IP Best Practice Audit | F5 | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Configuring the BIG-IP system to enforce the use of strict passwords | Tenable F5 BIG-IP Best Practice Audit | F5 | ACCESS CONTROL |
| Configuring the BIG-IP system to exclude inode information from Etags | Tenable F5 BIG-IP Best Practice Audit | F5 | ACCESS CONTROL |
| JBOS-AS-000045 - Silent Authentication must be removed from the Default Application Security Realm. | DISA JBoss Enterprise Application Platform 6.3 STIG v2r6 | Unix | ACCESS CONTROL |
| MD3X-00-000440 - MongoDB must protect the confidentiality and integrity of all information at rest. | DISA STIG MongoDB Enterprise Advanced 3.x v2r3 OS | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| MD4X-00-002600 - Unused database components that are integrated in MongoDB and cannot be uninstalled must be disabled. | DISA STIG MongoDB Enterprise Advanced 4.x v1r4 OS | Unix | CONFIGURATION MANAGEMENT |
| MD4X-00-002950 - If passwords are used for authentication, MongoDB must implement LDAP or Kerberos for authentication to enforce the DoD standards for password complexity and lifetime. | DISA STIG MongoDB Enterprise Advanced 4.x v1r4 OS | Unix | IDENTIFICATION AND AUTHENTICATION |
| Mitigating an attack using TCP profiles | Tenable F5 BIG-IP Best Practice Audit | F5 | SYSTEM AND COMMUNICATIONS PROTECTION |
| Overview of Appliance mode | Tenable F5 BIG-IP Best Practice Audit | F5 | ACCESS CONTROL |
| Overview of port lockdown behavior | Tenable F5 BIG-IP Best Practice Audit | F5 | CONFIGURATION MANAGEMENT |
| Restricting access to the Configuration utility by source IP address | Tenable F5 BIG-IP Best Practice Audit | F5 | SYSTEM AND COMMUNICATIONS PROTECTION |
| TCAT-AS-001591 - Changes to $CATALINA_BASE/conf/ folder must be logged. | DISA STIG Apache Tomcat Application Server 9 v3r3 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| Unable to limit Configuration utility access to clients using only TLSv1.1 or TLSv1.2 | Tenable F5 BIG-IP Best Practice Audit | F5 | ACCESS CONTROL |
