| 1.1.17 - AirWatch - Disable 'Unknown sources' | AirWatch - CIS Google Android 4 v1.0.0 L1 | MDM | ACCESS CONTROL |
| 1.2.1 Ensure GPG keys are configured | CIS Fedora 19 Family Linux Workstation L1 v1.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.2.2 Ensure GPG keys are configured | CIS Debian Family Workstation L1 v1.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.2.2 Ensure GPG keys are configured | CIS Debian 8 Workstation L1 v2.0.2 | Unix | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 1.2.2 Ensure GPG keys are configured | CIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.3.2 Ensure filesystem integrity is regularly checked | CIS Fedora 28 Family Linux Workstation L1 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 1.3.2 Ensure filesystem integrity is regularly checked | CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 1.3.2 Ensure filesystem integrity is regularly checked | CIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 1.6.2.5 Ensure the MCS Translation Service (mcstrans) is not installed | CIS Distribution Independent Linux Server L2 v2.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.6.2.5 Ensure the MCS Translation Service (mcstrans) is not installed | CIS Distribution Independent Linux Workstation L2 v2.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 2.5.1 Ensure Users' Accounts Do Not Have a Password Hint | CIS Apple macOS 15.0 Sequoia Cloud-tailored v1.0.0 L1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 4.2.1.1 Ensure rsyslog is installed | CIS Distribution Independent Linux Workstation L1 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1 (L1) Host firewall must only allow traffic from authorized networks | CIS VMware ESXi 8.0 v1.2.0 L1 | VMware | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.3.2 Ensure filesystem integrity is regularly checked | CIS Oracle Linux 7 v4.0.0 L1 Workstation | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 5.3.2 Ensure filesystem integrity is regularly checked | CIS AlmaLinux OS 8 Server L1 v3.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 5.3.2 Ensure filesystem integrity is regularly checked | CIS Oracle Linux 8 Workstation L1 v3.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 6.1.2 Ensure filesystem integrity is regularly checked | CIS Rocky Linux 9 v2.0.0 L1 Workstation | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 6.1.2 Ensure filesystem integrity is regularly checked | CIS Red Hat Enterprise Linux 9 v2.0.0 L1 Server | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 6.11 Ensure all HTTP Header Logging options are enabled | CIS Palo Alto Firewall 10 v1.2.0 L1 | Palo_Alto | AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.11 Ensure all HTTP Header Logging options are enabled | CIS Palo Alto Firewall 11 v1.1.0 L1 | Palo_Alto | AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.12 Ensure all HTTP Header Logging options are enabled - User-Agent | CIS Palo Alto Firewall 9 v1.1.0 L1 | Palo_Alto | AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.12 Ensure all HTTP Header Logging options are enabled - X-Forwarded-For | CIS Palo Alto Firewall 9 v1.1.0 L1 | Palo_Alto | AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION |
| 8.3.4 Use templates to deploy VMs whenever possible | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | |
| 9.7 Set 'Turn off the Security Settings Check feature' to 'Disabled' | CIS IE 9 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| AS24-U1-000270 - The Apache web server must provide install options to exclude the installation of documentation, sample code, example applications, and tutorials - Welcome page | DISA STIG Apache Server 2.4 Unix Server v3r2 Middleware | Unix | CONFIGURATION MANAGEMENT |
| CISC-RT-000800 - The Cisco multicast switch must be configured to bind a Protocol Independent Multicast (PIM) neighbor filter to interfaces that have PIM enabled. | DISA Cisco NX OS Switch RTR STIG v3r3 | Cisco | ACCESS CONTROL |
| DB2X-00-008100 - DB2 and the operating system must enforce access restrictions associated with changes to the configuration of DB2 or database(s) | DISA STIG IBM DB2 v10.5 LUW v2r1 OS Linux | Unix | CONFIGURATION MANAGEMENT |
| Ensure prelink is disabled - dpkg | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
| Ensure TCP Wrappers is installed - zypper | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXI-06-000002 - The system must verify the DCUI.Access list. | DISA STIG VMware vSphere 6.x ESXi v1r5 | VMware | CONFIGURATION MANAGEMENT |
| Extreme : Review admin accounts | TNS Extreme ExtremeXOS Best Practice Audit | Extreme_ExtremeXOS | ACCESS CONTROL |
| GEN001610 - Run control scripts lists of preloaded libraries must contain only authorized paths - '/etc/rc.d/rc2.d/*' | DISA STIG for Oracle Linux 5 v2r1 | Unix | CONFIGURATION MANAGEMENT |
| GEN001850 - Global initialization files lists of preloaded libraries must contain only authorized paths - '/etc/csh.login' | DISA STIG for Oracle Linux 5 v2r1 | Unix | CONFIGURATION MANAGEMENT |
| GEN001850 - Global initialization files lists of preloaded libraries must contain only authorized paths - '/etc/environment' | DISA STIG for Oracle Linux 5 v2r1 | Unix | CONFIGURATION MANAGEMENT |
| IBM i : Secure Sockets Layer (SSL) cipher specification list (QSSLCSL) | IBM System i Security Reference for V7R1 and V6R1 | AS/400 | SYSTEM AND COMMUNICATIONS PROTECTION |
| KNOX-07-018400 - The Samsung Android 7 with Knox must implement the management setting: Configure application disable list. | AirWatch - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | CONFIGURATION MANAGEMENT |
| KNOX-07-901500 - The Samsung must be configured to enforce a Container application install policy by specifying an application whitelist. | MobileIron - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | CONFIGURATION MANAGEMENT |
| RHEL-06-000527 - The login user list must be disabled. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| Server version information parameters should be turned off - 'ServerTokens Prod' | TNS IBM HTTP Server Best Practice | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| SOL-11.1-010120 - The operating system must generate audit records for the selected list of auditable events as defined in DoD list of events. | DISA STIG Solaris 11 SPARC v3r1 | Unix | AUDIT AND ACCOUNTABILITY |
| Specify use of ActiveX Installer Service for installation of ActiveX controls | MSCT Windows Server v20H2 MS v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Specify use of ActiveX Installer Service for installation of ActiveX controls | MSCT Windows 10 v21H1 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Specify use of ActiveX Installer Service for installation of ActiveX controls | MSCT Windows Server 1903 MS v1.19.9 | Windows | CONFIGURATION MANAGEMENT |
| Specify use of ActiveX Installer Service for installation of ActiveX controls | MSCT Windows Server v1909 DC v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Specify use of ActiveX Installer Service for installation of ActiveX controls | MSCT Windows Server v2004 MS v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Specify use of ActiveX Installer Service for installation of ActiveX controls | MSCT Windows Server 2016 DC v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Specify use of ActiveX Installer Service for installation of ActiveX controls | MSCT Windows Server 2025 DC v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Specify use of ActiveX Installer Service for installation of ActiveX controls | MSCT Windows Server 2025 MS v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| SQL2-00-013800 - SQL Server must protect audit information from unauthorized deletion. | DISA STIG SQL Server 2012 Database OS Audit v1r20 | Windows | AUDIT AND ACCOUNTABILITY |
| WBLC-03-000127 - Oracle WebLogic must adhere to the principles of least functionality by providing only essential capabilities. | Oracle WebLogic Server 12c Linux v2r2 Middleware | Unix | CONFIGURATION MANAGEMENT |
