| 1.1.18.9 (L2) Ensure 'network.IDN_show_punycode' is set to 'Enabled' | CIS Mozilla Firefox ESR GPO v1.0.0 L2 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 1.1.21 Disable Automounting | CIS Debian 8 Workstation L2 v2.0.2 | Unix | MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 1.1.21 Disable Automounting | CIS Debian 8 Server L1 v2.0.2 | Unix | MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 1.1.22 Disable Automounting | CIS Oracle Linux 6 Server L1 v2.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.1.22 Disable Automounting | CIS Red Hat 6 Server L1 v3.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.1.22 Disable Automounting | CIS Red Hat 6 Workstation L2 v3.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 2.1.4 (L2) Ensure Safe Attachments policy is enabled | CIS Microsoft 365 Foundations v5.0.0 L2 E5 | microsoft_azure | SYSTEM AND INFORMATION INTEGRITY |
| 2.2.29 (L2) Configure 'Log on as a service' | CIS Microsoft Windows 8.1 v2.4.1 L2 | Windows | ACCESS CONTROL |
| 2.9 (L2) Ensure VDS health check is disabled | CIS VMware ESXi 7.0 v1.5.0 L2 | VMware | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.12 (L2) Host must enable volatile key destruction | CIS VMware ESXi 8.0 v1.2.0 L2 | VMware | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 3.21 (L2) Host should enable strict lockdown mode | CIS VMware ESXi 8.0 v1.2.0 L2 | VMware | ACCESS CONTROL |
| 4.11.8.3 (L1) Ensure 'Prevent the use of security questions for local accounts' is set to 'Enabled' | CIS Microsoft Intune for Windows 11 v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 5.1.2.6 (L2) Ensure 'LinkedIn account connections' is disabled | CIS Microsoft 365 Foundations v5.0.0 L2 E3 | microsoft_azure | CONFIGURATION MANAGEMENT |
| 5.6 (L2) Ensure Strict Lockdown mode is enabled | CIS VMware ESXi 7.0 v1.5.0 L2 | VMware | ACCESS CONTROL |
| 7.1 (L2) Virtual machines must enable Secure Boot | CIS VMware ESXi 8.0 v1.2.0 L2 | VMware | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 7.2.4 (L2) Ensure OneDrive content sharing is restricted | CIS Microsoft 365 Foundations v5.0.0 L2 E3 | microsoft_azure | ACCESS CONTROL, MEDIA PROTECTION |
| 7.2.4 (L2) Ensure OneDrive content sharing is restricted | CIS Microsoft 365 Foundations v5.0.0 L2 E5 | microsoft_azure | ACCESS CONTROL, MEDIA PROTECTION |
| 8.4.7 (L2) Ensure Unity Window Contents is disabled | CIS VMware ESXi 7.0 v1.5.0 L2 | VMware | CONFIGURATION MANAGEMENT |
| 8.4.8 (L2) Ensure Unity Push Update is disabled | CIS VMware ESXi 7.0 v1.5.0 L2 | VMware | CONFIGURATION MANAGEMENT |
| 8.4.12 (L2) Ensure Request Disk Topology is disabled | CIS VMware ESXi 7.0 v1.5.0 L2 | VMware | CONFIGURATION MANAGEMENT |
| 8.4.13 (L2) Ensure Trash Folder State is disabled | CIS VMware ESXi 7.0 v1.5.0 L2 | VMware | CONFIGURATION MANAGEMENT |
| 8.5.8 (L2) Ensure external meeting chat is off | CIS Microsoft 365 Foundations v5.0.0 L2 E3 | microsoft_azure | PLANNING, SYSTEM AND SERVICES ACQUISITION |
| 8.5.8 (L2) Ensure external meeting chat is off | CIS Microsoft 365 Foundations v5.0.0 L2 E5 | microsoft_azure | PLANNING, SYSTEM AND SERVICES ACQUISITION |
| 18.6.8.1 (L1) Ensure 'Enable insecure guest logons' is set to 'Disabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG | Windows | CONFIGURATION MANAGEMENT |
| 18.6.8.1 (L1) Ensure 'Enable insecure guest logons' is set to 'Disabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 18.6.8.4 (L1) Ensure 'Enable insecure guest logons' is set to 'Disabled' | CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BL | Windows | CONFIGURATION MANAGEMENT |
| 18.10.15.3 (L1) Ensure 'Prevent the use of security questions for local accounts' is set to 'Enabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 18.10.15.3 (L1) Ensure 'Prevent the use of security questions for local accounts' is set to 'Enabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG | Windows | CONFIGURATION MANAGEMENT |
| 18.10.15.3 (L1) Ensure 'Prevent the use of security questions for local accounts' is set to 'Enabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 18.10.15.3 (L1) Ensure 'Prevent the use of security questions for local accounts' is set to 'Enabled' | CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BL | Windows | CONFIGURATION MANAGEMENT |
| CASA-VN-000180 - The Cisco ASA must be configured to specify Perfect Forward Secrecy (PFS) for the IPsec Security Association (SA) during IKE Phase 2 negotiation. | DISA STIG Cisco ASA VPN v2r2 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CIS_Amazon_Linux_2_STIG_v2.0.0_L2_Server.audit from CIS Amazon Linux 2 STIG Benchmark v2.0.0 | CIS Amazon Linux 2 STIG v2.0.0 L2 Server | Unix | |
| Display Level 1 attachments | MSCT M365 Apps for enterprise 2312 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Display Level 1 attachments | MSCT Office 2016 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Display Level 1 attachments | MSCT Microsoft 365 Apps for Enterprise 2206 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO240 - The ability to display level 1 attachments must be disallowed. | DISA STIG Microsoft Outlook 2016 v2r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXI5-VM-000019 - The unexposed feature keyword isolation.tools.ghi.protocolhandler.info.disable must be initialized to decrease the VMs potential attack vectors. | DISA STIG VMWare ESXi 5 Virtual Machine STIG v2r1 | VMware | CONFIGURATION MANAGEMENT |
| ESXI5-VM-000026 - The unexposed feature keyword isolation.tools.unity.push.update.disable must be initialized to decrease the VMs potential attack vectors. | DISA STIG VMWare ESXi 5 Virtual Machine STIG v2r1 | VMware | CONFIGURATION MANAGEMENT |
| ESXI5-VM-000031 - The unexposed feature keyword isolation.tools.guestDnDVersionSet.disable must be initialized to decrease the VMs potential attack vectors. | DISA STIG VMWare ESXi 5 Virtual Machine STIG v2r1 | VMware | CONFIGURATION MANAGEMENT |
| GEN005505 - The SSH daemon must be configured to only use FIPS 140-2 approved ciphers. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN005510 - The SSH client must be configured to only use FIPS 140-2 approved ciphers. | DISA STIG Solaris 10 SPARC v2r4 | Unix | ACCESS CONTROL |
| GEN006575 - The file integrity tool must use FIPS 140-2 approved cryptographic hashes for validating file contents - config | DISA STIG Solaris 10 X86 v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN006575 - The file integrity tool must use FIPS 140-2 approved cryptographic hashes for validating file contents - config | DISA STIG Solaris 10 SPARC v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
| MADB-10-004400 - MariaDB must use NIST FIPS 140-2 validated cryptographic modules for cryptographic operations. | DISA MariaDB Enterprise 10.x v2r3 DB | MySQLDB | IDENTIFICATION AND AUTHENTICATION |
| SRG-OS-000158-ESXI5 - The SSH client must be configured to only use Message Authentication Codes (MACs) employing FIPS 140-2 approved cryptographic hash algorithms - MACs with FIPS 140-2 approved crypto | DISA STIG VMWare ESXi Server 5 STIG v2r1 | VMware | CONFIGURATION MANAGEMENT |
| VM : disable-hgfs | VMWare vSphere 6.5 Hardening Guide | VMware | CONFIGURATION MANAGEMENT |
| WBSP-AS-000212 - The WebSphere Application Server Java 2 security must not be bypassed. | DISA IBM WebSphere Traditional 9 STIG v1r1 Middleware | Unix | ACCESS CONTROL |
| WBSP-AS-000212 - The WebSphere Application Server Java 2 security must not be bypassed. | DISA IBM WebSphere Traditional 9 STIG v1r1 | Unix | ACCESS CONTROL |
| WN10-CC-000345 - The Windows Remote Management (WinRM) service must not use Basic authentication. | DISA Microsoft Windows 10 STIG v3r4 | Windows | MAINTENANCE |
| WN10-UR-000070 - The Deny access to this computer from the network user right on workstations must be configured to prevent access from highly privileged domain accounts and local accounts on domain systems and unauthenticated access on all systems. | DISA Microsoft Windows 10 STIG v3r4 | Windows | ACCESS CONTROL |
