| 1.1 Ensure packages are obtained from authorized repositories | CIS PostgreSQL 9.6 OS v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.6.2 Ensure system wide crypto policy disables sha1 hash and signature support | CIS AlmaLinux OS 10 v1.0.0 L1 Server | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.6.2 Ensure system wide crypto policy disables sha1 hash and signature support | CIS AlmaLinux OS 8 v4.0.0 L1 Workstation | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.6.2 Ensure system wide crypto policy disables sha1 hash and signature support | CIS Red Hat Enterprise Linux 10 v1.0.1 L1 Workstation | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.6.2 Ensure system wide crypto policy disables sha1 hash and signature support | CIS Oracle Linux 10 v1.0.0 L1 Workstation | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.6.2 Ensure system wide crypto policy disables sha1 hash and signature support | CIS Oracle Linux 8 v4.0.0 L1 Server | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.6.2 Ensure system wide crypto policy disables sha1 hash and signature support | CIS AlmaLinux OS 8 v4.0.0 L1 Server | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.6.3 Ensure system wide crypto policy disables sha1 hash and signature support | CIS Red Hat Enterprise Linux 9 v2.0.0 L1 Server | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.6.3 Ensure system wide crypto policy disables sha1 hash and signature support | CIS Red Hat Enterprise Linux 8 STIG v2.0.0 L1 Server | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.6.3 Ensure system wide crypto policy disables sha1 hash and signature support | CIS Oracle Linux 9 v2.0.0 L1 Workstation | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.6.3 Ensure system wide crypto policy disables sha1 hash and signature support | CIS Red Hat Enterprise Linux 8 STIG v2.0.0 L1 Workstation | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.6.4 Ensure system wide crypto policy disables sha1 hash and signature support | CIS SUSE Linux Enterprise 15 v2.0.1 L1 Server | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.1.3 Ensure 'Mailbox quotas: Prohibit send and receive at' is set to '' | CIS Microsoft Exchange Server 2019 L1 Mailbox v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.1.4 Ensure 'Mailbox quotas: Prohibit send at' is set to '' | CIS Microsoft Exchange Server 2019 L1 Mailbox v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2.4.7.2.12 (L1) Ensure 'Trust access to Visual Basic Project' is set to 'Disabled' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.4 Password Security - 'security.passwd.rules.minimum.alphabetic = 2' | TNS NetApp Data ONTAP 7G | NetApp | IDENTIFICATION AND AUTHENTICATION |
| 2.6.6.6.2.7 (L1) Ensure 'Trust Access to Visual Basic Project' is set to 'Disabled' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.11.8.7.2.9 (L1) Ensure 'Trust access to Visual Basic Project' is set to 'Disabled' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 3.1.14 Set maximum connection limits - 'max_coordagents <= 100' | CIS IBM DB2 OS L2 v1.2.0 | Unix | ACCESS CONTROL |
| 5.4 CIFS - 'cifs.restrict_anonymous = 2' | TNS NetApp Data ONTAP 7G | NetApp | ACCESS CONTROL |
| 26 - Setup Client-cert Authentication | TNS Best Practice Jetty 9 Linux | Unix | IDENTIFICATION AND AUTHENTICATION |
| ALMA-09-054360 - AlmaLinux OS 9 audit system must make full use of the audit storage space. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r6 | Unix | AUDIT AND ACCOUNTABILITY |
| ARST-RT-000020 - The Arista BGP router must be configured to reject inbound route advertisements for any Bogon prefixes. | DISA Arista MLS EOS 4.X Router STIG v2r2 | Arista | ACCESS CONTROL |
| ARST-RT-000020 - The Arista BGP router must be configured to reject inbound route advertisements for any Bogon prefixes. | DISA STIG Arista MLS EOS 4.2x Router v2r1 | Arista | ACCESS CONTROL |
| ARST-RT-000190 - The out-of-band management (OOBM) Arista gateway router must be configured to have separate IGP instances for the managed network and management network. | DISA STIG Arista MLS EOS 4.2x Router v2r1 | Arista | ACCESS CONTROL |
| ARST-RT-000190 - The out-of-band management (OOBM) Arista gateway router must be configured to have separate IGP instances for the managed network and management network. | DISA Arista MLS EOS 4.X Router STIG v2r2 | Arista | ACCESS CONTROL |
| EDGE-00-000008 - The ability of sites to show pop-ups must be disabled. | DISA STIG Edge v2r3 | Windows | CONFIGURATION MANAGEMENT |
| Huawei: Require SSH version 2 | TNS Huawei VRP Best Practice Audit | Huawei | CONFIGURATION MANAGEMENT |
| Salesforce.com : Email Services - 'AddressInactiveAction != 2' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | CONFIGURATION MANAGEMENT |
| Salesforce.com : Email Services - 'AuthorizationFailureAction != 2' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | CONFIGURATION MANAGEMENT |
| Salesforce.com : Email Services - 'FunctionInactiveAction != 2' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | CONFIGURATION MANAGEMENT |
| Salesforce.com : Email Services - 'OverLimitAction != 2' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | CONFIGURATION MANAGEMENT |
| Select the channel for Microsoft Defender daily security intelligence updates | MSCT Windows Server 2025 DC v2506 v1.0.0 | Windows | |
| Select the channel for Microsoft Defender daily security intelligence updates | MSCT Windows Server 2025 MS v1.0.0 | Windows | |
| Select the channel for Microsoft Defender daily security intelligence updates | MSCT Windows Server 2025 DC v1.0.0 | Windows | |
| Select the channel for Microsoft Defender daily security intelligence updates | MSCT Windows Server 2025 MS v2506 v1.0.0 | Windows | |
| Select the channel for Microsoft Defender monthly engine updates | MSCT Windows Server 2025 DC v2506 v1.0.0 | Windows | |
| Select the channel for Microsoft Defender monthly engine updates | MSCT Windows Server 2025 MS v2506 v1.0.0 | Windows | |
| Select the channel for Microsoft Defender monthly engine updates | MSCT Windows Server 2025 DC v1.0.0 | Windows | |
| Select the channel for Microsoft Defender monthly engine updates | MSCT Windows Server 2025 MS v1.0.0 | Windows | |
| Select the channel for Microsoft Defender monthly platform updates | MSCT Windows Server 2025 DC v2506 v1.0.0 | Windows | |
| Select the channel for Microsoft Defender monthly platform updates | MSCT Windows Server 2025 DC v1.0.0 | Windows | |
| Select the channel for Microsoft Defender monthly platform updates | MSCT Windows Server 2025 MS v1.0.0 | Windows | |
| Select the channel for Microsoft Defender monthly platform updates | MSCT Windows Server 2025 MS v2506 v1.0.0 | Windows | |
| Specifies whether the display-capture permissions-policy is checked or skipped | MSCT Edge v98 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Specifies whether the display-capture permissions-policy is checked or skipped | MSCT edge v96 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Specifies whether the display-capture permissions-policy is checked or skipped | MSCT Edge v107 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| VCPG-67-000001 - VMware Postgres must limit the number of connections. | DISA STIG VMware vSphere 6.7 PostgreSQL v1r2 | Unix | ACCESS CONTROL |
| VCPG-70-000001 - VMware Postgres must limit the number of connections. | DISA STIG VMware vSphere 7.0 PostgreSQL v1r2 | Unix | ACCESS CONTROL |
| VCST-70-000019 - The Security Token Service must limit the number of allowed connections. | DISA STIG VMware vSphere 7.0 STS Tomcat v1r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
