| 1.006 - Users with Administrative privilege are not documented or do not have separate accounts for administrative duties. | DISA Windows Vista STIG v6r41 | Windows | CONFIGURATION MANAGEMENT |
| 1.12 Ensure host-based intrusion detection tool is used | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.12 Ensure host-based intrusion detection tool is used - mcafeetp package | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 2.2.1.10 Ensure 'Force Apple Watch wrist detection' is set to 'Enabled' | MobileIron - CIS Apple iOS 14 and iPadOS 14 v1.0.0 End User Owned L1 | MDM | ACCESS CONTROL |
| 2.2.1.10 Ensure 'Force Apple Watch wrist detection' is set to 'Enabled' | AirWatch - CIS Apple iOS 12 v1.0.0 End User Owned L1 | MDM | |
| 2.2.1.10 Ensure 'Force Apple Watch wrist detection' is set to 'Enabled' | MobileIron - CIS Apple iOS 12 v1.0.0 End User Owned L1 | MDM | |
| 2.2.1.10 Ensure 'Force Apple Watch wrist detection' is set to 'Enabled' | AirWatch - CIS Apple iOS 10 v2.0.0 End User Owned L1 | MDM | |
| 2.2.1.10 Ensure 'Force Apple Watch wrist detection' is set to 'Enabled' | AirWatch - CIS Apple iOS 11 v1.0.0 End User Owned L1 | MDM | |
| 2.2.1.10 Ensure 'Force Apple Watch wrist detection' is set to 'Enabled' | MobileIron - CIS Apple iOS 10 v2.0.0 End User Owned L1 | MDM | |
| 2.2.1.10 Ensure 'Force Apple Watch wrist detection' is set to 'Enabled' | MobileIron - CIS Apple iOS 11 v1.0.0 End User Owned L1 | MDM | |
| 2.2.1.10 Ensure 'Force Apple Watch wrist detection' is set to 'Enabled' | AirWatch - CIS Apple iOS 13 and iPadOS 13 v1.0.0 End User Owned L1 | MDM | ACCESS CONTROL |
| 2.2.1.10 Ensure 'Force Apple Watch wrist detection' is set to 'Enabled' | MobileIron - CIS Apple iOS 13 and iPadOS 13 v1.0.0 End User Owned L1 | MDM | |
| 2.2.1.13 Ensure 'Force Apple Watch wrist detection' is set to 'Enabled' | MobileIron - CIS Apple iOS 17 v1.1.0 End User Owned L1 | MDM | ACCESS CONTROL, MEDIA PROTECTION |
| 2.2.1.13 Ensure 'Force Apple Watch wrist detection' is set to 'Enabled' | MobileIron - CIS Apple iPadOS 18 v1.0.0 L1 End User Owned | MDM | ACCESS CONTROL, MEDIA PROTECTION |
| 2.2.1.13 Ensure 'Force Apple Watch wrist detection' is set to 'Enabled' | AirWatch - CIS Apple iPadOS 18 v1.0.0 L1 End User Owned | MDM | ACCESS CONTROL, MEDIA PROTECTION |
| 2.3 Ensure Trusted Execution Path is enabled | CIS IBM AIX 7 v1.1.0 L2 | Unix | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| 2.7 Ensure regular scans for unauthorized applications | CIS IBM AIX 7 v1.1.0 L2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 3.2.1.18 Ensure 'Force Apple Watch wrist detection' is set to 'Enabled' | AirWatch - CIS Apple iOS 10 v2.0.0 Institution Owned L1 | MDM | |
| 3.2.1.18 Ensure 'Force Apple Watch wrist detection' is set to 'Enabled' | MobileIron - CIS Apple iOS 10 v2.0.0 Institution Owned L1 | MDM | |
| 3.2.1.19 Ensure 'Force Apple Watch wrist detection' is set to 'Enabled' | MobileIron - CIS Apple iOS 11 v1.0.0 Institution Owned L1 | MDM | |
| 3.2.1.19 Ensure 'Force Apple Watch wrist detection' is set to 'Enabled' | AirWatch - CIS Apple iOS 11 v1.0.0 Institution Owned L1 | MDM | |
| 3.2.1.20 Ensure 'Force Apple Watch wrist detection' is set to 'Enabled' | AirWatch - CIS Apple iOS 12 v1.0.0 Institution Owned L1 | MDM | |
| 3.2.1.20 Ensure 'Force Apple Watch wrist detection' is set to 'Enabled' | MobileIron - CIS Apple iOS 12 v1.0.0 Institution Owned L1 | MDM | |
| 3.2.1.23 Ensure 'Force Apple Watch wrist detection' is set to 'Enabled' | MobileIron - CIS Apple iOS 13 and iPadOS 13 Institution Owned L1 | MDM | ACCESS CONTROL |
| 3.2.1.23 Ensure 'Force Apple Watch wrist detection' is set to 'Enabled' | AirWatch - CIS Apple iOS 13 and iPadOS 13 Institution Owned L1 | MDM | ACCESS CONTROL |
| 3.2.1.24 Ensure 'Force Apple Watch wrist detection' is set to 'Enabled' | AirWatch - CIS Apple iOS 14 and iPadOS 14 Institution Owned L1 | MDM | ACCESS CONTROL |
| 3.2.1.27 Ensure 'Force Apple Watch wrist detection' is set to 'Enabled' | MobileIron - CIS Apple iOS 17 Institution Owned L1 | MDM | ACCESS CONTROL, MEDIA PROTECTION |
| 3.2.1.27 Ensure 'Force Apple Watch wrist detection' is set to 'Enabled' | AirWatch - CIS Apple iPadOS 17 Institutionally Owned L1 | MDM | ACCESS CONTROL, MEDIA PROTECTION |
| 3.2.1.27 Ensure 'Force Apple Watch wrist detection' is set to 'Enabled' | MobileIron - CIS Apple iOS 18 v1.0.0 L1 Institution Owned | MDM | ACCESS CONTROL, MEDIA PROTECTION |
| 3.2.1.27 Ensure 'Force Apple Watch wrist detection' is set to 'Enabled' | AirWatch - CIS Apple iOS 17 Institution Owned L1 | MDM | ACCESS CONTROL, MEDIA PROTECTION |
| 3.7.1.1 Ensure all directories in root PATH deny write access to all | CIS IBM AIX 7.1 L1 v2.1.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 4.1.2.9 Ensure all directories in root PATH access is configured | CIS IBM AIX 7 v1.1.0 L1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.7 Ensure the OWASP ModSecurity Core Rule Set Is Installed and Enabled - Paranoia Level | CIS Apache HTTP Server 2.2 L2 v3.6.0 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.1.5.1 Ensure That Microsoft Defender for Storage Is Set To 'On' | CIS Microsoft Azure Foundations v4.0.0 L2 | microsoft_azure | RISK ASSESSMENT |
| 9.1.6.1 Ensure That Microsoft Defender for App Services Is Set To 'On' | CIS Microsoft Azure Foundations v4.0.0 L2 | microsoft_azure | RISK ASSESSMENT, SYSTEM AND SERVICES ACQUISITION |
| 9.1.7.2 Ensure That Microsoft Defender for Open-Source Relational Databases Is Set To 'On' | CIS Microsoft Azure Foundations v4.0.0 L2 | microsoft_azure | RISK ASSESSMENT, SYSTEM AND SERVICES ACQUISITION |
| 9.1.8.1 Ensure That Microsoft Defender for Key Vault Is Set To 'On' | CIS Microsoft Azure Foundations v4.0.0 L2 | microsoft_azure | RISK ASSESSMENT |
| 9.6 Set 'Turn off Crash Detection' to 'Enabled' | CIS IE 9 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Disallow unplug detection on the storage network interface | TNS Citrix Hypervisor | Unix | CONFIGURATION MANAGEMENT |
| GEN001160 - All files and directories must have a valid owner. | DISA STIG Solaris 10 X86 v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN001160 - All files and directories must have a valid owner. | DISA STIG for Oracle Linux 5 v2r1 | Unix | CONFIGURATION MANAGEMENT |
| GEN001160 - All files and directories must have a valid owner. | DISA STIG Solaris 10 SPARC v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN001160 - All files and directories must have a valid owner. | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN006480 - The system must have a host-based intrusion detection tool installed. | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | SYSTEM AND INFORMATION INTEGRITY |
| PANW-AG-000060 - The Palo Alto Networks security platform must update malicious code protection mechanisms and signature definitions whenever new releases are available in accordance with organizational configuration management policy and procedures. | DISA STIG Palo Alto ALG v3r4 | Palo_Alto | SYSTEM AND INFORMATION INTEGRITY |
| WG080 A22 - Installation of a compiler on production web server is prohibited. | DISA STIG Apache Server 2.2 Unix v1r11 | Unix | |
| WG080 IIS6 - A compiler must not be installed on a production web server. - 'Lcc-win32.exe search' | DISA STIG IIS 6.0 Server v6r16 | Windows | CONFIGURATION MANAGEMENT |
| WG080 IIS6 - A compiler must not be installed on a production web server. - 'msc.exe search' | DISA STIG IIS 6.0 Server v6r16 | Windows | CONFIGURATION MANAGEMENT |
| WG080 IIS6 - A compiler must not be installed on a production web server. - 'Python.exe search' | DISA STIG IIS 6.0 Server v6r16 | Windows | CONFIGURATION MANAGEMENT |
| WG080 W22 - Installation of a compiler on production web server must be prohibited. | DISA STIG Apache Server 2.2 Windows v1r13 | Windows | |
