| 1.1.17 - AirWatch - Disable 'Unknown sources' | AirWatch - CIS Google Android 4 v1.0.0 L1 | MDM | ACCESS CONTROL |
| 1.2.1 Ensure GPG keys are configured | CIS Fedora 19 Family Linux Workstation L1 v1.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.2.2 Ensure GPG keys are configured | CIS Debian Family Workstation L1 v1.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.2.2 Ensure GPG keys are configured | CIS Debian 8 Workstation L1 v2.0.2 | Unix | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 1.2.2 Ensure GPG keys are configured | CIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.3.2 Ensure filesystem integrity is regularly checked | CIS Fedora 28 Family Linux Workstation L1 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 1.3.2 Ensure filesystem integrity is regularly checked | CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 1.3.2 Ensure filesystem integrity is regularly checked | CIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 2.5.1 Ensure Users' Accounts Do Not Have a Password Hint | CIS Apple macOS 15.0 Sequoia Cloud-tailored v1.0.0 L1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 4.2.1.1 Ensure rsyslog is installed | CIS Distribution Independent Linux Workstation L1 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1 (L1) Host firewall must only allow traffic from authorized networks | CIS VMware ESXi 8.0 v1.2.0 L1 | VMware | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.3.2 Ensure filesystem integrity is regularly checked | CIS Oracle Linux 7 v4.0.0 L1 Workstation | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 5.3.2 Ensure filesystem integrity is regularly checked | CIS AlmaLinux OS 8 Server L1 v3.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 5.3.2 Ensure filesystem integrity is regularly checked | CIS Oracle Linux 8 Workstation L1 v3.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 6.1.2 Ensure filesystem integrity is regularly checked | CIS Rocky Linux 9 v2.0.0 L1 Workstation | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 6.1.2 Ensure filesystem integrity is regularly checked | CIS Red Hat Enterprise Linux 9 v2.0.0 L1 Server | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 6.12 Ensure all HTTP Header Logging options are enabled - X-Forwarded-For | CIS Palo Alto Firewall 9 v1.1.0 L1 | Palo_Alto | AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION |
| 8.3.4 Use templates to deploy VMs whenever possible | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | |
| AS24-U1-000270 - The Apache web server must provide install options to exclude the installation of documentation, sample code, example applications, and tutorials - Welcome page | DISA STIG Apache Server 2.4 Unix Server v3r2 Middleware | Unix | CONFIGURATION MANAGEMENT |
| Catalina - Enforce Installation of XProtect, MRT, and Gatekeeper Updates Automatically | NIST macOS Catalina v1.5.0 - 800-53r5 Low | Unix | SYSTEM AND INFORMATION INTEGRITY |
| CISC-RT-000800 - The Cisco multicast switch must be configured to bind a Protocol Independent Multicast (PIM) neighbor filter to interfaces that have PIM enabled. | DISA Cisco NX OS Switch RTR STIG v3r3 | Cisco | ACCESS CONTROL |
| Ensure telnet client is not installed - dpkg | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
| Extreme : Review admin accounts | TNS Extreme ExtremeXOS Best Practice Audit | Extreme_ExtremeXOS | ACCESS CONTROL |
| GEN001610 - Run control scripts lists of preloaded libraries must contain only authorized paths - '/etc/rc.d/rc2.d/*' | DISA STIG for Oracle Linux 5 v2r1 | Unix | CONFIGURATION MANAGEMENT |
| GEN001850 - Global initialization files lists of preloaded libraries must contain only authorized paths - '/etc/csh.login' | DISA STIG for Oracle Linux 5 v2r1 | Unix | CONFIGURATION MANAGEMENT |
| GEN001850 - Global initialization files lists of preloaded libraries must contain only authorized paths - '/etc/environment' | DISA STIG for Oracle Linux 5 v2r1 | Unix | CONFIGURATION MANAGEMENT |
| IBM i : Secure Sockets Layer (SSL) cipher specification list (QSSLCSL) | IBM System i Security Reference for V7R1 and V6R1 | AS/400 | SYSTEM AND COMMUNICATIONS PROTECTION |
| KNOX-07-018400 - The Samsung Android 7 with Knox must implement the management setting: Configure application disable list. | AirWatch - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | CONFIGURATION MANAGEMENT |
| KNOX-07-901500 - The Samsung must be configured to enforce a Container application install policy by specifying an application whitelist. | MobileIron - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | CONFIGURATION MANAGEMENT |
| Monterey - Enforce Installation of XProtect, MRT, and Gatekeeper Updates Automatically | NIST macOS Monterey v1.0.0 - 800-53r5 Low | Unix | SYSTEM AND INFORMATION INTEGRITY |
| Server version information parameters should be turned off - 'ServerTokens Prod' | TNS IBM HTTP Server Best Practice | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Server version information parameters should be turned off - 'ServerTokens Prod' | TNS IBM HTTP Server Best Practice Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| SOL-11.1-010120 - The operating system must generate audit records for the selected list of auditable events as defined in DoD list of events. | DISA STIG Solaris 11 SPARC v3r1 | Unix | AUDIT AND ACCOUNTABILITY |
| Specify use of ActiveX Installer Service for installation of ActiveX controls | MSCT Windows 10 v1507 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Specify use of ActiveX Installer Service for installation of ActiveX controls | MSCT Windows Server 2019 DC v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| SQL2-00-013800 - SQL Server must protect audit information from unauthorized deletion. | DISA STIG SQL Server 2012 Database OS Audit v1r20 | Windows | AUDIT AND ACCOUNTABILITY |
| SSO : no-SSO-self-signed-certs | VMWare vSphere 5.X Hardening Guide | VMware | |
| VBA Macro Notification Settings - powerpoint - vbadigsigtrustedpublishers | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | SYSTEM AND SERVICES ACQUISITION |
| VBA Macro Notification Settings - powerpoint - vbarequiredigsigwithcodesigningeku | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| VBA Macro Notification Settings - publisher - vbadigsigtrustedpublishers | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | SYSTEM AND SERVICES ACQUISITION |
| VBA Macro Notification Settings - publisher - vbarequirelmtrustedpublisher | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| VBA Macro Notification Settings - vbarequiredigsigwithcodesigningeku - publisher | MSCT Microsoft 365 Apps for Enterprise 2206 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| VBA Macro Notification Settings - vbarequirelmtrustedpublisher - visio | MSCT Microsoft 365 Apps for Enterprise 2206 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| VBA Macro Notification Settings - vbawarnings - access | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| VBA Macro Notification Settings - vbawarnings - word | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| VBA Macro Notification Settings - visio - vbadigsigtrustedpublishers | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| VCEM-67-000008 - ESX Agent Manager application files must be verified for their integrity. | DISA STIG VMware vSphere 6.7 EAM Tomcat v1r4 | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| vCenter : no-self-signed-certs | VMWare vSphere 5.X Hardening Guide | VMware | |
| WBLC-03-000127 - Oracle WebLogic must adhere to the principles of least functionality by providing only essential capabilities. | Oracle WebLogic Server 12c Linux v2r2 Middleware | Unix | CONFIGURATION MANAGEMENT |
| WBLC-03-000127 - Oracle WebLogic must adhere to the principles of least functionality by providing only essential capabilities. | Oracle WebLogic Server 12c Linux v2r2 | Unix | CONFIGURATION MANAGEMENT |
