| 1.1.5.1 Ensure calendar and contacts integration is set to disabled | CIS Zoom L1 v1.0.0 | Zoom | CONFIGURATION MANAGEMENT |
| 1.1.37 (L1) Ensure 'Maximum SSL version enabled' is set to 'Enabled: TLS 1.3' | CIS Mozilla Firefox ESR GPO v1.0.0 L1 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.13.2.4 Ensure 'Message Formats' is set to Enabled:S/MIME and Fortezza | CIS Microsoft Office Outlook 2013 v1.1.0 Level 1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.13.2.4 Ensure 'Message Formats' is set to Enabled:S/MIME and Fortezza | CIS Microsoft Office Outlook 2016 v1.1.0 Level 1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.6 Set 'Allow simple passwords' to 'False' | CIS Microsoft Exchange Server 2016 CAS v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.10 Set 'Configure startup mode' to 'TLS' | CIS Microsoft Exchange Server 2013 UM v1.1.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.10 Set 'Configure startup mode' to 'TLS' | CIS Microsoft Exchange Server 2016 UM v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.17 Set 'Support the following message formats:' to 'Enabled:S/MIME and Fortezza' | CIS MS Office Outlook 2010 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.2.1 Restrict Recursive Queries | CIS ISC BIND 9.0/9.5 v2.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.2 Ensure 'Turn on administrator audit logging' is set to '' | CIS Microsoft Exchange Server 2019 L1 Mailbox v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 4.5 Configure Solaris Auditing - active audit policies = argv,cnt,zonename | CIS Solaris 11 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.5 Configure Solaris Auditing - active user flags = cis,ex,aa,ua,as,ss,lo,ft | CIS Solaris 11.1 L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.5 Configure Solaris Auditing - audit condition = auditing | CIS Solaris 11 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.5 Configure Solaris Auditing - audit_binfile (active) | CIS Solaris 11 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.5 Configure Solaris Auditing - configured non-attributable flags = lo | CIS Solaris 11 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1.2.6 Ensure journald log rotation is configured per site policy | CIS Amazon Linux 2023 Server L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1.2.6 Ensure journald log rotation is configured per site policy | CIS Oracle Linux 7 v4.0.0 L1 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.2.5 (L2) Ensure 'Phishing-resistant MFA strength' is required for Administrators | CIS Microsoft 365 Foundations v5.0.0 L2 E3 | microsoft_azure | IDENTIFICATION AND AUTHENTICATION |
| 5.2.2.5 (L2) Ensure 'Phishing-resistant MFA strength' is required for Administrators | CIS Microsoft 365 Foundations v5.0.0 L2 E5 | microsoft_azure | IDENTIFICATION AND AUTHENTICATION |
| 5.007 - An approved, up-to-date, DoD antivirus program must be installed and used. | DISA Windows Vista STIG v6r41 | Windows | CONFIGURATION MANAGEMENT |
| 6.5.2 (L1) Ensure MailTips are enabled for end users | CIS Microsoft 365 Foundations v5.0.0 L1 E3 | microsoft_azure | CONFIGURATION MANAGEMENT |
| 8.2.5 Configure rsyslog to Send Logs to a Remote Log Host | CIS Debian Linux 7 L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 11 - Managing SSHv2 - Ciphers | NetApp Security Hardening Guide for ONTAP 9 v1.7.0 | Netapp_API | |
| 11 - Managing SSHv2 - MAC Algorithms | NetApp Security Hardening Guide for ONTAP 9 v1.7.0 | Netapp_API | |
| 11 - Managing SSHv2 - Max Authentication Retry Count | NetApp Security Hardening Guide for ONTAP 9 v1.7.0 | Netapp_API | |
| 12.58 Data Guard Redo - 'Authenticate Redo Transport Services using SSL Certificates' | CIS v1.1.0 Oracle 11g OS L2 | Unix | |
| 17.2.5 Ensure 'Audit Other Account Management Events' is set to include 'Success' (STIG only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC | Windows | AUDIT AND ACCOUNTABILITY |
| 17.2.5 Ensure 'Audit Other Account Management Events' is set to include 'Success' (STIG only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS | Windows | AUDIT AND ACCOUNTABILITY |
| 18.9.24.1 (L1) Ensure 'EMET 5.52' or higher is installed | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 18.9.24.1 Ensure 'EMET 5.52' or higher is installed | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 20.12 (L1) Ensure 'Unnecessary websites are blocked' | CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Android Work Profile Device Configuration - Camera | Tenable Best Practices for Microsoft Intune Android v1.0 | microsoft_azure | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| CISC-ND-000140 - The Cisco router must be configured to enforce approved authorizations for controlling the flow of management information within the device based on control policies. | DISA Cisco IOS Router NDM STIG v3r4 | Cisco | ACCESS CONTROL |
| CISC-ND-000140 - The Cisco switch must be configured to enforce approved authorizations for controlling the flow of management information within the device based on control policies. | DISA STIG Cisco IOS Switch NDM v3r2 | Cisco | ACCESS CONTROL |
| CISC-ND-000140 - The Cisco switch must be configured to enforce approved authorizations for controlling the flow of management information within the device based on control policies. | DISA STIG Cisco IOS XE Switch NDM v3r2 | Cisco | ACCESS CONTROL |
| CNTR-R2-000060 - Rancher RKE2 components must be configured in accordance with the security configuration settings based on DOD security configuration or implementation guidance, including SRGs, STIGs, NSA configuration guides, CTOs, and DTMs. | DISA Rancher Government Solutions RKE2 STIG v2r3 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| EDGE-00-000008 - The ability of sites to show pop-ups must be disabled. | DISA STIG Edge v2r2 | Windows | CONFIGURATION MANAGEMENT |
| EX13-CA-000120 - Exchange software baseline copy must exist. | DISA Microsoft Exchange 2013 Client Access Server STIG v2r2 | Windows | CONFIGURATION MANAGEMENT |
| EX13-MB-000160 - Exchange Mail Quota settings must not restrict receiving mail. | DISA Microsoft Exchange 2013 Mailbox Server STIG v2r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX13-MB-000280 - The Exchange Public Store storage quota must be limited. | DISA Microsoft Exchange 2013 Mailbox Server STIG v2r3 | Windows | AUDIT AND ACCOUNTABILITY |
| EX16-MB-000200 - Exchange Mailbox databases must reside on a dedicated partition. | DISA Microsoft Exchange 2016 Mailbox Server STIG v2r6 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX16-MB-000580 - An Exchange software baseline copy must exist. | DISA Microsoft Exchange 2016 Mailbox Server STIG v2r6 | Windows | CONFIGURATION MANAGEMENT |
| EX19-MB-000196 - An Exchange software baseline copy must exist. | DISA Microsoft Exchange 2019 Mailbox Server STIG v2r2 | Windows | CONFIGURATION MANAGEMENT |
| JUSX-VN-000013 - The Juniper SRX Services Gateway VPN must specify Perfect Forward Secrecy (PFS). | DISA Juniper SRX Services Gateway VPN v3r1 | Juniper | CONFIGURATION MANAGEMENT |
| MS.EXO.8.1v2 - A DLP solution SHALL be used. | CISA SCuBA Microsoft 365 Exchange Online v1.5.0 | microsoft_azure | ACCESS CONTROL, SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, RISK ASSESSMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| O365-EX-000004 - Dynamic Data Exchange (DDE) server lookup in Excel must be blocked. | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| OL08-00-040023 - OL 8 must not have the stream control transmission protocol (SCTP) kernel module installed if not required for operational support. | DISA Oracle Linux 8 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| WBLC-08-000236 - Oracle WebLogic must protect against or limit the effects of HTTP types of Denial of Service (DoS) attacks. | Oracle WebLogic Server 12c Linux v2r2 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| WBLC-08-000236 - Oracle WebLogic must protect against or limit the effects of HTTP types of Denial of Service (DoS) attacks. | Oracle WebLogic Server 12c Windows v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WBLC-08-000236 - Oracle WebLogic must protect against or limit the effects of HTTP types of Denial of Service (DoS) attacks. | Oracle WebLogic Server 12c Linux v2r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
