| 1.6.5 Apply Security Context to Your Pods and Containers | CIS Kubernetes 1.13 Benchmark v1.4.1 L2 | Unix | |
| 2.6.6.6.2.6 Ensure 'Require that application add-ins are signed by Trusted Publisher' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 18.9.47.5.1.2 Ensure 'Configure Attack Surface Reduction rules: Set the state for each ASR rule' is configured - 92e97fa1-2edf-4476-bdd6-9dd0b4dddc7b | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.47.5.1.2 Ensure 'Configure Attack Surface Reduction rules: Set the state for each ASR rule' is configured - b2b3f03d-6a65-4f7b-a9c7-1c7ef74a9ba4 | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.47.5.1.2 Ensure 'Configure Attack Surface Reduction rules: Set the state for each ASR rule' is configured - b2b3f03d-6a65-4f7b-a9c7-1c7ef74a9ba4 | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.47.5.1.2 Ensure 'Configure Attack Surface Reduction rules: Set the state for each ASR rule' is configured - be9ba2d9-53ea-4cdc-84e5-9b1eeee46550 | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.42.6.1.2 Ensure 'Configure Attack Surface Reduction rules: Set the state for each ASR rule' is configured | CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 Domain Controller | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.42.6.1.2 Ensure 'Configure Attack Surface Reduction rules: Set the state for each ASR rule' is configured | CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Domain Controller | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.43.6.1.2 (L1) Ensure 'Configure Attack Surface Reduction rules: Set the state for each ASR rule' is configured | CIS Windows Server 2012 R2 DC L1 v3.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.43.6.1.2 (L1) Ensure 'Configure Attack Surface Reduction rules: Set the state for each ASR rule' is configured | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.43.6.1.2 (L1) Ensure 'Configure Attack Surface Reduction rules: Set the state for each ASR rule' is configured | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NG | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.43.6.1.2 (L1) Ensure 'Configure Attack Surface Reduction rules: Set the state for each ASR rule' is configured | CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BL | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.43.6.1.2 (L1) Ensure 'Configure Attack Surface Reduction rules: Set the state for each ASR rule' is configured | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.75.2.2 Ensure 'Configure Windows Defender SmartScreen' is set to 'Enabled' (STIG only) | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.75.2.2 Ensure 'Configure Windows Defender SmartScreen' is set to 'Enabled' (STIG only) | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Allow VBA to load typelib references by path from untrusted intranet locations | MSCT Microsoft 365 Apps for Enterprise 2206 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Allow VBA to load typelib references by path from untrusted intranet locations | MSCT M365 Apps for enterprise 2412 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Block macros from running in Office files from the internet - access | MSCT M365 Apps for enterprise 2312 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Block macros from running in Office files from the Internet - blockcontentexecutionfrominternet - access | MSCT Microsoft 365 Apps for Enterprise 2206 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Block macros from running in Office files from the internet - blockcontentexecutionfrominternet - access | Microsoft 365 Apps for Enterprise 2306 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Block macros from running in Office files from the Internet - blockcontentexecutionfrominternet - excel | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Block macros from running in Office files from the Internet - blockcontentexecutionfrominternet - excel | MSCT Microsoft 365 Apps for Enterprise 2206 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Block macros from running in Office files from the Internet - blockcontentexecutionfrominternet - excel | MSCT Office 2016 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Block macros from running in Office files from the Internet - blockcontentexecutionfrominternet - excel | MSCT Office 365 ProPlus 1908 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Block macros from running in Office files from the Internet - blockcontentexecutionfrominternet - powerpoint | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Block macros from running in Office files from the Internet - blockcontentexecutionfrominternet - powerpoint | MSCT Office 2016 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Block macros from running in Office files from the Internet - blockcontentexecutionfrominternet - powerpoint | MSCT Microsoft 365 Apps for Enterprise 2206 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Block macros from running in Office files from the Internet - blockcontentexecutionfrominternet - visio | MSCT Office 2016 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Block macros from running in Office files from the Internet - blockcontentexecutionfrominternet - word | MSCT Office 365 ProPlus 1908 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Block macros from running in Office files from the Internet - blockcontentexecutionfrominternet - word | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Block macros from running in Office files from the internet - excel | MSCT M365 Apps for enterprise 2312 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Block macros from running in Office files from the internet - ms project | MSCT M365 Apps for enterprise 2412 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Block macros from running in Office files from the internet - powerpoint | MSCT M365 Apps for enterprise 2412 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Block macros from running in Office files from the internet - publisher | MSCT M365 Apps for enterprise 2312 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Block macros from running in Office files from the internet - visio | MSCT M365 Apps for enterprise 2412 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Block macros from running in Office files from the internet - word | MSCT M365 Apps for enterprise 2312 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Block macros from running in Office files from the internet - word | MSCT M365 Apps for enterprise 2412 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| CIS VMware ESXi 6.5 v1.0.0 Level 2 | CIS VMware ESXi 6.5 v1.0.0 Level 2 | VMware | |
| DTOO182 - Office System - The Help Improve Proofing Tools feature for Office must be configured. | DISA STIG Office System 2010 v1r13 | Windows | CONFIGURATION MANAGEMENT |
| DTOO188 - Office System - Document metadata for password protected files must be protected. | DISA STIG Office System 2010 v1r13 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO193 - Automation Security to enforce macro level security in Office documents must be configured. | DISA Microsoft Office System 2016 STIG v2r4 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO228 - Plain Text Options for outbound email must be configured - Message Plain Format Mime | DISA STIG Microsoft Outlook 2013 v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO228 - Plain Text Options for outbound email must be configured - PlainWrapLen | DISA STIG Microsoft Outlook 2013 v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| O365-CO-000001 - The Macro Runtime Scan Scope must be enabled for all documents. | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| O365-CO-000006 - Macros in all Office applications that are opened programmatically by another application must be opened based upon macro security level. | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| VBA Macro Notification Settings - vbarequiredigsigwithcodesigningeku - visio | MSCT M365 Apps for enterprise 2312 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| VBA Macro Notification Settings - vbarequirelmtrustedpublisher - powerpoint | MSCT M365 Apps for enterprise 2312 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| VBA Macro Notification Settings - vbarequirelmtrustedpublisher - publisher | MSCT M365 Apps for enterprise 2312 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| VBA Macro Notification Settings - vbawarnings - publisher | MSCT M365 Apps for enterprise 2312 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WNDF-AV-000038 - Microsoft Defender AV must be configured to block Win32 imports from macro code in Office. | DISA STIG Microsoft Defender Antivirus v2r4 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
