| 1.2.1 Ensure GPG keys are configured | CIS Fedora 19 Family Linux Server L1 v1.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.2.1 Ensure GPG keys are configured | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Server | Unix | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 1.2.1 Ensure GPG keys are configured | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Workstation | Unix | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 1.2.2 Ensure GPG keys are configured | CIS Debian 9 Server L1 v1.0.1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.2.2 Ensure GPG keys are configured | CIS Debian 9 Workstation L1 v1.0.1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.2.2 Ensure GPG keys are configured | CIS Debian 8 Server L1 v2.0.2 | Unix | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 1.2.2 Ensure GPG keys are configured | CIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.2.2 Ensure GPG keys are configured | CIS Debian Family Server L1 v1.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.2.2 Ensure GPG keys are configured | CIS Distribution Independent Linux Server L1 v2.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.2.2 Ensure GPG keys are configured | CIS Distribution Independent Linux Workstation L1 v2.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.2.2 Ensure GPG keys are configured | CIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.2.2 Ensure GPG keys are configured | CIS SUSE Linux Enterprise Server 11 L1 v2.1.1 | Unix | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 1.2.2 Ensure GPG keys are configured | CIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.6.2.4 Ensure SETroubleshoot is not installed | CIS Distribution Independent Linux Server L2 v2.0.0 | Unix | ACCESS CONTROL |
| 2.5.1 Ensure Users' Accounts Do Not Have a Password Hint | CIS Apple macOS 13.0 Ventura Cloud-tailored v1.1.0 L1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.2.3.2 (L1) Ensure custom banned passwords lists are used | CIS Microsoft 365 Foundations v5.0.0 L1 E5 | microsoft_azure | IDENTIFICATION AND AUTHENTICATION |
| 6.12 Ensure all HTTP Header Logging options are enabled - Log Container Page | CIS Palo Alto Firewall 9 v1.1.0 L1 | Palo_Alto | AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.12 Ensure all HTTP Header Logging options are enabled - Referer | CIS Palo Alto Firewall 9 v1.1.0 L1 | Palo_Alto | AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.12 Ensure all HTTP Header Logging options are enabled - Referer | CIS Palo Alto Firewall 6 Benchmark L1 v1.0.0 | Palo_Alto | AUDIT AND ACCOUNTABILITY |
| 6.12 Ensure all HTTP Header Logging options are enabled - User-Agent | CIS Palo Alto Firewall 6 Benchmark L1 v1.0.0 | Palo_Alto | AUDIT AND ACCOUNTABILITY |
| 6.12 Ensure all HTTP Header Logging options are enabled - X-Forwarded-For | CIS Palo Alto Firewall 6 Benchmark L1 v1.0.0 | Palo_Alto | AUDIT AND ACCOUNTABILITY |
| 18.7.11 (L1) Ensure 'Point and Print Restrictions: When installing drivers for a new connection' is set to 'Enabled: Show warning and elevation prompt' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NG | Windows | ACCESS CONTROL |
| CASA-FW-000030 - The Cisco ASA must be configured to restrict VPN traffic according to organization-defined filtering rules - VPN Group Policy | DISA STIG Cisco ASA FW v2r1 | Cisco | ACCESS CONTROL |
| CASA-FW-000030 - The Cisco ASA must be configured to restrict VPN traffic according to organization-defined filtering rules - VPN Rules | DISA STIG Cisco ASA FW v2r1 | Cisco | ACCESS CONTROL |
| CISC-RT-000500 - The Cisco BGP router must be configured to reject inbound route advertisements for any prefixes belonging to the local autonomous system (AS). | DISA Cisco IOS XE Router RTR STIG v3r3 | Cisco | ACCESS CONTROL |
| CISC-RT-000530 - The Cisco BGP switch must be configured to reject outbound route advertisements for any prefixes belonging to the IP core. | DISA Cisco NX OS Switch RTR STIG v3r3 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| DISA_Oracle_11g_Installation_v9r1_OS_Linux.audit from DISA Oracle Database 11g Installation STIG v9r1 STIG | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | |
| DISA_Oracle_11g_Installation_v9r1_OS_Windows.audit from DISA Oracle Database 11g Installation STIG v9r1 STIG | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | |
| Ensure NIS Client is not installed - dpkg | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
| Extreme : Review all accounts | TNS Extreme ExtremeXOS Best Practice Audit | Extreme_ExtremeXOS | ACCESS CONTROL |
| GEN001605 - Run control scripts lists of preloaded libraries must contain only authorized paths - /etc/rc* | DISA STIG Solaris 10 X86 v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN001610 - Run control scripts lists of preloaded libraries must contain only authorized paths - '/etc/rc.d/*' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | CONFIGURATION MANAGEMENT |
| GEN001610 - Run control scripts lists of preloaded libraries must contain only authorized paths - '/etc/rc.d/rc2.d/*' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | CONFIGURATION MANAGEMENT |
| GEN001610 - Run control scripts lists of preloaded libraries must contain only authorized paths - '/etc/rc.d/rc3.d/*' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | CONFIGURATION MANAGEMENT |
| GEN001610 - Run control scripts lists of preloaded libraries must contain only authorized paths - '/etc/rc.d/rc5.d/*' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | CONFIGURATION MANAGEMENT |
| GEN001610 - Run control scripts lists of preloaded libraries must contain only authorized paths - /etc/init.d/* | DISA STIG Solaris 10 X86 v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN001610 - Run control scripts lists of preloaded libraries must contain only authorized paths - /etc/rc* | DISA STIG Solaris 10 SPARC v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN001850 - Global initialization files lists of preloaded libraries must contain only authorized paths - /etc/bashrc | DISA STIG Solaris 10 SPARC v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN001850 - Global initialization files lists of preloaded libraries must contain only authorized paths - /etc/csh.cshrc | DISA STIG Solaris 10 SPARC v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN001850 - Global initialization files lists of preloaded libraries must contain only authorized paths - /etc/csh.login | DISA STIG Solaris 10 SPARC v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN001850 - Global initialization files lists of preloaded libraries must contain only authorized paths - /etc/csh.login | DISA STIG Solaris 10 X86 v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN001850 - Global initialization files lists of preloaded libraries must contain only authorized paths - /etc/environment | DISA STIG Solaris 10 SPARC v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN001850 - Global initialization files lists of preloaded libraries must contain only authorized paths - /etc/profile | DISA STIG Solaris 10 X86 v2r4 | Unix | CONFIGURATION MANAGEMENT |
| JUNI-RT-000500 - The Juniper BGP router must be configured to reject inbound route advertisements from a customer edge (CE) Juniper router for prefixes that are not allocated to that customer - CE Juniper router. | DISA STIG Juniper Router RTR v3r2 | Juniper | ACCESS CONTROL |
| JUNI-RT-000790 - The Juniper multicast router must be configured to bind a Protocol Independent Multicast (PIM) neighbor filter to interfaces that have PIM enabled - policy-options prefix | DISA STIG Juniper Router RTR v3r2 | Juniper | ACCESS CONTROL |
| JUNI-RT-000790 - The Juniper multicast router must be configured to bind a Protocol Independent Multicast (PIM) neighbor filter to interfaces that have PIM enabled - policy-options statement | DISA STIG Juniper Router RTR v3r2 | Juniper | ACCESS CONTROL |
| JUNI-RT-000790 - The Juniper multicast router must be configured to bind a Protocol Independent Multicast (PIM) neighbor filter to interfaces that have PIM enabled - protocols pim | DISA STIG Juniper Router RTR v3r2 | Juniper | ACCESS CONTROL |
| SPLK-CL-000390 - Splunk Enterprise must be installed in FIPS mode to implement NIST FIPS-approved cryptography for all cryptographic functions. | DISA STIG Splunk Enterprise 8.x for Linux v2r2 STIG REST API | Splunk | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| uRPF: Unicast Reverse Path Forwarding (uRPF) is Enabled | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | SYSTEM AND COMMUNICATIONS PROTECTION |
| WBLC-03-000127 - Oracle WebLogic must adhere to the principles of least functionality by providing only essential capabilities. | Oracle WebLogic Server 12c Windows v2r2 | Windows | CONFIGURATION MANAGEMENT |
