| 1.4 Secure the sa account | CIS Sybase 15.0 L1 DB v1.1.0 | SybaseDB | |
| 1.9 Ensure Web Tier ELB have SSL/TLS Certificate attached | CIS Amazon Web Services Three-tier Web Architecture L1 1.0.0 | amazon_aws | |
| 1.12 Ensure App Tier ELB have SSL\TLS Certificate attached | CIS Amazon Web Services Three-tier Web Architecture L2 1.0.0 | amazon_aws | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.5 Ensure External Users' has access to needed Partitions only | CIS F5 Networks v1.0.0 L1 | F5 | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.6 Ensure 'Remote Access' Server Configuration Option is set to '0' | CIS SQL Server 2022 Database L1 DB v1.1.0 | MS_SQLDB | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.6 Ensure 'Remote Access' Server Configuration Option is set to '0' | CIS SQL Server 2017 Database L1 AWS RDS v1.3.0 | MS_SQLDB | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.6 Ensure 'Remote Access' Server Configuration Option is set to '0' | CIS SQL Server 2017 Database L1 DB v1.3.0 | MS_SQLDB | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.6 Ensure 'Remote Access' Server Configuration Option is set to '0' | CIS SQL Server 2022 Database L1 AWS RDS v1.1.0 | MS_SQLDB | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.2 Configure Security Auditing Flags per local organizational requirements - 'audit all failed events across all audit classes' | CIS Apple macOS 10.13 L2 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.2 Configure Security Auditing Flags per local organizational requirements - 'audit successful/failed administrative events' | CIS Apple macOS 10.13 L2 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.2 Configure Security Auditing Flags per local organizational requirements - 'audit successful/failed file attribute modification events' | CIS Apple macOS 10.13 L2 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.2 Configure Security Auditing Flags per local organizational requirements - 'audit successful/failed file deletion events' | CIS Apple macOS 10.13 L2 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.2 Configure Security Auditing Flags per local organizational requirements - 'audit successful/failed login/logout events' | CIS Apple macOS 10.13 L2 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.2 Ensure CONNECT permissions on the 'guest' user is Revoked within all SQL Server databases | CIS SQL Server 2022 Database L1 DB v1.1.0 | MS_SQLDB | ACCESS CONTROL, MEDIA PROTECTION |
| 3.8 Ensure Web Tier Elastic Load Balancer has application layer Health Check Configured | CIS Amazon Web Services Three-tier Web Architecture L1 1.0.0 | amazon_aws | AUDIT AND ACCOUNTABILITY |
| 3.9 Ensure App Tier Elastic Load Balancer has application layer Health Check Configured | CIS Amazon Web Services Three-tier Web Architecture L1 1.0.0 | amazon_aws | AUDIT AND ACCOUNTABILITY |
| 4.1 Ensure that a user for the container has been created | CIS Docker v1.7.0 L1 Docker - Linux | Unix | ACCESS CONTROL |
| 4.3 Ensure 'CHECK_POLICY' Option is set to 'ON' for All SQL Authenticated Logins | CIS SQL Server 2014 Database L1 DB v1.5.0 | MS_SQLDB | IDENTIFICATION AND AUTHENTICATION |
| 4.3 Ensure 'CHECK_POLICY' Option is set to 'ON' for All SQL Authenticated Logins | CIS SQL Server 2014 Database L1 AWS RDS v1.5.0 | MS_SQLDB | IDENTIFICATION AND AUTHENTICATION |
| 5.1.2 Ensure CIFS access is restricted to trusted networks to prevent unauthorized access | CIS Amazon Web Services Foundations v5.0.0 L1 | amazon_aws | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.4 Ensure 'SQL Server Audit' is set to capture both 'failed' and 'successful logins' | CIS SQL Server 2017 Database L1 AWS RDS v1.3.0 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| 5.4 Ensure 'SQL Server Audit' is set to capture both 'failed' and 'successful logins' | CIS SQL Server 2016 Database L1 DB v1.4.0 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| 5.4 Ensure 'SQL Server Audit' is set to capture both 'failed' and 'successful logins' | CIS SQL Server 2016 Database L1 AWS RDS v1.4.0 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| 5.4 Ensure 'SQL Server Audit' is set to capture both 'failed' and 'successful logins' | CIS SQL Server 2017 Database L1 DB v1.3.0 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| 5.4 Ensure 'SQL Server Audit' is set to capture both 'failed' and 'successful logins' | CIS SQL Server 2022 Database L1 DB v1.1.0 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| 5.5 Ensure the default security group of every VPC restricts all traffic | CIS Amazon Web Services Foundations v5.0.0 L2 | amazon_aws | ACCESS CONTROL, MEDIA PROTECTION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.1 Ensure 'Attack Vectors' Runtime Parameters are Configured | CIS PostgreSQL 9.6 DB v1.0.0 | PostgreSQLDB | CONFIGURATION MANAGEMENT |
| 6.1 Ensure 'Attack Vectors' Runtime Parameters are Configured | CIS PostgreSQL 10 DB v1.0.0 | PostgreSQLDB | CONFIGURATION MANAGEMENT |
| 6.1 Ensure 'Attack Vectors' Runtime Parameters are Configured | CIS PostgreSQL 9.5 OS v1.1.0 | Unix | |
| 6.1 Understanding attack vectors and runtime parameters | CIS PostgreSQL 17 v1.0.0 L1 PostgreSQL | PostgreSQLDB | CONFIGURATION MANAGEMENT |
| 18.10.12.1 (L1) Ensure 'Turn off cloud consumer account state content' is set to 'Enabled' | CIS Microsoft Windows Server 2016 v3.0.0 L1 MS | Windows | ACCESS CONTROL |
| 18.10.12.1 (L1) Ensure 'Turn off cloud consumer account state content' is set to 'Enabled' | CIS Microsoft Windows Server 2019 Stand-alone v2.0.0 L1 MS | Windows | ACCESS CONTROL |
| 18.10.12.1 Ensure 'Turn off cloud consumer account state content' is set to 'Enabled' | CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Member Server | Windows | ACCESS CONTROL |
| 18.10.12.1 Ensure 'Turn off cloud consumer account state content' is set to 'Enabled' | CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 DC | Windows | ACCESS CONTROL |
| 18.10.13.1 (L1) Ensure 'Turn off cloud consumer account state content' is set to 'Enabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker | Windows | ACCESS CONTROL |
| 18.10.13.1 (L1) Ensure 'Turn off cloud consumer account state content' is set to 'Enabled' | CIS Microsoft Windows Server 2022 v4.0.0 L1 DC | Windows | ACCESS CONTROL |
| 18.10.13.1 (L1) Ensure 'Turn off cloud consumer account state content' is set to 'Enabled' | CIS Microsoft Windows Server 2022 v4.0.0 L1 MS | Windows | ACCESS CONTROL |
| 18.10.13.1 (L1) Ensure 'Turn off cloud consumer account state content' is set to 'Enabled' | CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 | Windows | ACCESS CONTROL |
| AIX7-00-001137 - AIX must be able to control the ability of remote login for users. | DISA STIG AIX 7.x v3r1 | Unix | ACCESS CONTROL |
| ALMA-09-032470 - AlmaLinux OS 9 must restrict the use of the "su" command. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | ACCESS CONTROL |
| DG0068-ORACLE11 - DBMS tools or applications that echo or require a password entry in clear text should be protected from password display. | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | |
| DG0068-ORACLE11 - DBMS tools or applications that echo or require a password entry in clear text should be protected from password display. | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | |
| EX19-ED-000159 - Exchange must limit the Receive connector timeout. | DISA Microsoft Exchange 2019 Edge Server STIG v2r2 | Windows | ACCESS CONTROL |
| Routing Protocol Security - Ensure routing protocols are only configured on required interfaces | Juniper Hardening JunOS 12 Devices Checklist | Juniper | CONFIGURATION MANAGEMENT |
| Routing Protocol Security - Use strong authentication keys that meet your organization's password complexity policy | Juniper Hardening JunOS 12 Devices Checklist | Juniper | IDENTIFICATION AND AUTHENTICATION |
| SOL-11.1-070070 - Users must have a valid home directory assignment. | DISA STIG Solaris 11 SPARC v3r1 | Unix | CONFIGURATION MANAGEMENT |
| SonicWALL - SSL Control - Detect SSLv2 | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND INFORMATION INTEGRITY |
| SQL2-00-025200 - The OS must limit privileges to the SQL Server data directories and their subordinate directories and files. | DISA STIG SQL Server 2012 Database OS Audit v1r20 | Windows | CONFIGURATION MANAGEMENT |
| UBTU-20-010433 - The Ubuntu operating system must have an application firewall installed in order to control remote access methods. | DISA Canonical Ubuntu 20.04 LTS STIG v2r2 | Unix | ACCESS CONTROL |
| UBTU-24-100300 - Ubuntu 24.04 LTS must have an application firewall installed in order to control remote access methods. | DISA Canonical Ubuntu 24.04 LTS STIG v1r1 | Unix | ACCESS CONTROL |
