| 3.4 - Login and Password Parameters - Account expiration time | NetApp Security Hardening Guide for ONTAP 9 v1.7.0 | Netapp_API | |
| 3.4 - Login and Password Parameters - Account inactivity time | NetApp Security Hardening Guide for ONTAP 9 v1.7.0 | Netapp_API | |
| 3.26 xsqlconfig.xml - 'Verify and set permissions' | CIS v1.1.0 Oracle 11g OS Windows Level 1 | Windows | |
| 5.2.5 Ensure Complex Password Must Contain Special Character Is Configured | CIS Apple macOS 10.15 Catalina v3.0.0 L2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.2.13 Ensure 'CREATE LIBRARY' Is Revoked from Unauthorized 'GRANTEE' | CIS Oracle Server 18c DB Traditional Auditing v1.1.0 | OracleDB | ACCESS CONTROL |
| 5.2.13 Ensure 'CREATE LIBRARY' Is Revoked from Unauthorized 'GRANTEE' | CIS Oracle Server 19c DB Unified Auditing v1.2.0 | OracleDB | ACCESS CONTROL, MEDIA PROTECTION |
| 5.2.13 Ensure 'CREATE LIBRARY' Is Revoked from Unauthorized 'GRANTEE' | CIS Oracle Server 12c DB Unified Auditing v3.0.0 | OracleDB | ACCESS CONTROL |
| 5.2.13 Ensure 'CREATE LIBRARY' Is Revoked from Unauthorized 'GRANTEE' | CIS Oracle Server 19c DB Traditional Auditing v1.2.0 | OracleDB | ACCESS CONTROL, MEDIA PROTECTION |
| 5.24 Radiuskey - 'Verify and set permissions on radius.key file' | CIS v1.1.0 Oracle 11g OS Windows Level 1 | Windows | |
| 6.7.1 Ensure Custom Java Privileges Are Revoked from Unauthorized 'GRANTEE' | CIS Oracle Database 23ai v1.0.0 L1 RDBMS | OracleDB | ACCESS CONTROL, MEDIA PROTECTION |
| 6.21 Ensure that 'Wildfire Inline ML' on antivirus profiles are set to enable for all file types | CIS Palo Alto Firewall 11 v1.1.0 L1 | Palo_Alto | SYSTEM AND INFORMATION INTEGRITY |
| 6.21 Ensure that 'Wildfire Inline ML' on antivirus profiles are set to enable for all file types | CIS Palo Alto Firewall 10 v1.2.0 L1 | Palo_Alto | SYSTEM AND INFORMATION INTEGRITY |
| 8.3.4 Ensure standard processes are used for VM deployment | CIS VMware ESXi 6.7 v1.3.0 Level 1 | VMware | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 8.4 Disable the HTTP Statistics Server | CIS BIND DNS v3.0.1 Authoritative Name Server | Unix | CONFIGURATION MANAGEMENT |
| 8.4 Disable the HTTP Statistics Server | CIS BIND DNS v3.0.1 Caching Only Name Server | Unix | CONFIGURATION MANAGEMENT |
| 9.4 Disable the HTTP Statistics Server | CIS BIND DNS v1.0.0 L1 Caching Only Name Server | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.5.3 (NG) Ensure 'Turn On Virtualization Based Security: Virtualization Based Protection of Code Integrity' is set to 'Enabled with UEFI lock' | CIS Microsoft Windows Server 2019 Stand-alone v3.0.0 NG MS | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.5.3 (NG) Ensure 'Turn On Virtualization Based Security: Virtualization Based Protection of Code Integrity' is set to 'Enabled with UEFI lock' | CIS Microsoft Windows Server 2019 v4.0.0 NG DC | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.5.3 (NG) Ensure 'Turn On Virtualization Based Security: Virtualization Based Protection of Code Integrity' is set to 'Enabled with UEFI lock' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NG | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.5.3 (NG) Ensure 'Turn On Virtualization Based Security: Virtualization Based Protection of Code Integrity' is set to 'Enabled with UEFI lock' | CIS Microsoft Windows 10 Stand-alone v4.0.0 NG | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.24.5 Ensure 'Default Protections for Recommended Software' is set to 'Enabled' - javaw.exe | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.9.25.5 (L1) Ensure 'Default Protections for Recommended Software' is set to 'Enabled' | CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 24.4 (NG) Ensure 'Require Platform Security Features' is set to 'Turns on VBS with Secure Boot' or higher | CIS Microsoft Intune for Windows 10 v4.0.0 NG | Windows | SYSTEM AND INFORMATION INTEGRITY |
| ALMA-09-003650 - AlmaLinux OS 9 must force a frequent session key renegotiation for SSH connections to the server. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | ACCESS CONTROL |
| ALMA-09-008050 - AlmaLinux OS 9 must log username information when unsuccessful logon attempts occur. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| ALMA-09-018830 - AlmaLinux OS 9 firewall must employ a deny-all, allow-by-exception policy for allowing connections to other systems. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-032250 - AlmaLinux OS 9 must require reauthentication when using the "sudo" command. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | ACCESS CONTROL |
| ALMA-09-046550 - AlmaLinux OS 9 must enable Linux audit logging for the USBGuard daemon. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| ALMA-09-052600 - AlmaLinux OS 9 must authenticate the remote logging server for offloading audit logs via rsyslog. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| ALMA-09-056780 - AlmaLinux OS 9 audit system must protect logon UIDs from unauthorized change. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| BIND-9X-001620 - On a BIND 9.x server all root name servers listed in the local root zone file hosted on a BIND 9.x authoritative name server must be valid for that zone. | DISA BIND 9.x STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| DO3539-ORACLE11 - The Oracle REMOTE_OS_ROLES parameter should be set to FALSE - 'remote_os_roles = false' | DISA STIG Oracle 11 Instance v9r1 Database | OracleDB | |
| GOOG-10-003500 - Google Android 10 must be configured to disable USB mass storage mode. | MobileIron - DISA Google Android 10.x v2r1 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-10-003500 - Google Android 10 must be configured to disable USB mass storage mode. | AirWatch - DISA Google Android 10.x v2r1 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-10-009000 - Google Android 10 must have the DoD root and intermediate PKI certificates installed. | AirWatch - DISA Google Android 10.x v2r1 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-10-009000 - Google Android 10 must have the DoD root and intermediate PKI certificates installed. | MobileIron - DISA Google Android 10.x v2r1 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-10-010000 - Google Android 10 Work Profile must be configured to disable the autofill services. | MobileIron - DISA Google Android 10.x v2r1 | MDM | CONFIGURATION MANAGEMENT |
| O112-BP-022000 - The Oracle REMOTE_OS_ROLES parameter must be set to FALSE. | DISA STIG Oracle 11.2g v2r5 Database | OracleDB | CONFIGURATION MANAGEMENT |
| O121-BP-022000 - The Oracle REMOTE_OS_ROLES parameter must be set to FALSE. | DISA STIG Oracle 12c v3r2 Database | OracleDB | CONFIGURATION MANAGEMENT |
| Overview of BIG-IP administrative access controls | Tenable F5 BIG-IP Best Practice Audit | F5 | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| RHEL-09-214035 - RHEL 9 must remove all software components after updated versions have been installed. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| RHEL-09-252025 - RHEL 9 must disable the chrony daemon from acting as a server. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-411075 - RHEL 9 must automatically lock an account when three unsuccessful logon attempts occur. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | ACCESS CONTROL |
| RHEL-09-653120 - RHEL 9 must allocate an audit_backlog_limit of sufficient size to capture processes that start prior to the audit daemon. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
| SonicWALL - Password Policy - Password Uniqueness >= 10 | TNS SonicWALL v5.9 | SonicWALL | IDENTIFICATION AND AUTHENTICATION |
| WN10-CC-000007 - Windows 10 must cover or disable the built-in or attached camera when not in use. | DISA Microsoft Windows 10 STIG v3r4 | Windows | CONFIGURATION MANAGEMENT |
| WN10-SO-000251 - Windows 10 must use multifactor authentication for local and network access to privileged and nonprivileged accounts. | DISA Microsoft Windows 10 STIG v3r4 | Windows | IDENTIFICATION AND AUTHENTICATION |
| ZEBR-10-003500 - Zebra Android 10 must be configured to disable USB mass storage mode. | MobileIron - DISA Zebra Android 10 COBO v1r2 | MDM | CONFIGURATION MANAGEMENT |
| ZEBR-10-003500 - Zebra Android 10 must be configured to disable USB mass storage mode. | AirWatch - DISA Zebra Android 10 COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
| ZEBR-10-010000 - Zebra Android 10 Work Profile must be configured to disable the autofill services. | MobileIron - DISA Zebra Android 10 COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
