| 1.18 Ensure 'Improve harmful app detection' is set to 'Enabled' | AirWatch - CIS Google Android v1.6.0 L1 | MDM | SYSTEM AND INFORMATION INTEGRITY |
| 1.18 Ensure 'Improve harmful app detection' is set to 'Enabled' | MobileIron - CIS Google Android v1.6.0 L1 | MDM | SYSTEM AND INFORMATION INTEGRITY |
| 6.21 Ensure that 'Wildfire Inline ML' on antivirus profiles are set to enable for all file types | CIS Palo Alto Firewall 10 v1.3.0 L1 | Palo_Alto | SYSTEM AND INFORMATION INTEGRITY |
| 6.21 Ensure that 'Wildfire Inline ML' on antivirus profiles are set to enable for all file types | CIS Palo Alto Firewall 11 v1.2.0 L1 | Palo_Alto | SYSTEM AND INFORMATION INTEGRITY |
| Adtran : Enable firewall syn-flood detection | TNS Adtran AOS Best Practice Audit | Adtran | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-18-015600 - Apple iOS/iPadOS 18 must disable the ability to hide apps. | AirWatch - DISA Apple iOS/iPadOS 18 v2r2 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-015600 - Apple iOS/iPadOS 18 must disable the ability to hide apps. | MobileIron - DISA Apple iOS/iPadOS 18 v2r2 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-26-011800 - Apple iOS/iPadOS 26 must implement the management setting: force Apple Watch wrist detection. | AirWatch - DISA Apple iOS/iPadOS 26 v1r2 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-26-011800 - Apple iOS/iPadOS 26 must implement the management setting: force Apple Watch wrist detection. | MobileIron - DISA Apple iOS/iPadOS 26 v1r2 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-26-015600 - Apple iOS/iPadOS 26 must disable the ability to hide apps. | MobileIron - DISA Apple iOS/iPadOS 26 v1r2 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-26-015600 - Apple iOS/iPadOS 26 must disable the ability to hide apps. | AirWatch - DISA Apple iOS/iPadOS 26 v1r2 | MDM | CONFIGURATION MANAGEMENT |
| ARST-L2-000150 - The Arista MLS layer 2 switch must enable Unidirectional Link Detection (UDLD) to protect against one-way connections. | DISA STIG Arista MLS EOS 4.2x L2S v2r1 | Arista | CONFIGURATION MANAGEMENT |
| CASA-FW-000300 - The Cisco ASA must be configured to generate an alert that can be forwarded to organization-defined personnel and/or the firewall administrator when denial-of-service (DoS) incidents are detected - basic-threat | DISA STIG Cisco ASA FW v2r1 | Cisco | SYSTEM AND INFORMATION INTEGRITY |
| CASA-FW-000300 - The Cisco ASA must be configured to generate an alert that can be forwarded to organization-defined personnel and/or the firewall administrator when denial-of-service (DoS) incidents are detected - From-address | DISA STIG Cisco ASA FW v2r1 | Cisco | SYSTEM AND INFORMATION INTEGRITY |
| CASA-FW-000300 - The Cisco ASA must be configured to generate an alert that can be forwarded to organization-defined personnel and/or the firewall administrator when denial-of-service (DoS) incidents are detected - smtp | DISA STIG Cisco ASA FW v2r1 | Cisco | SYSTEM AND INFORMATION INTEGRITY |
| Configure detection for potentially unwanted applications | MSCT Windows 10 1809 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Configure detection for potentially unwanted applications | MSCT Windows 10 v20H2 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Configure detection for potentially unwanted applications | MSCT Windows 11 v25H2 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Configure detection for potentially unwanted applications | MSCT Windows Server v2004 DC v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Configure detection for potentially unwanted applications | MSCT Windows Server 2025 MS v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Configure detection for potentially unwanted applications | MSCT Windows Server 2022 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Configure detection for potentially unwanted applications | MSCT Windows 10 v22H2 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Configure detection for potentially unwanted applications | MSCT Windows 11 v22H2 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Configure detection for potentially unwanted applications | MSCT Windows 11 v24H2 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Configure detection for potentially unwanted applications | MSCT Windows Server 1903 DC v1.19.9 | Windows | CONFIGURATION MANAGEMENT |
| Configure detection for potentially unwanted applications | MSCT Windows Server 1903 MS v1.19.9 | Windows | CONFIGURATION MANAGEMENT |
| Configure detection for potentially unwanted applications | MSCT Windows Server 2025 DC v2506 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Configure detection for potentially unwanted applications | MSCT Windows Server v20H2 MS v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Configure detection for potentially unwanted applications | MSCT Windows 10 v2004 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Configure detection for potentially unwanted applications | MSCT Windows 11 v23H2 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Configure detection for potentially unwanted applications | MSCT Windows Server 2019 DC v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Configure detection for potentially unwanted applications | MSCT Windows Server 2019 MS v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Configure detection for potentially unwanted applications | MSCT MSCT Windows Server 2022 DC v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Configure detection for potentially unwanted applications | MSCT Windows Server 2025 MS v2506 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Configure detection for potentially unwanted applications | MSCT Windows Server v20H2 DC v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Configure detection for potentially unwanted applications | MSCT Windows 10 1903 v1.19.9 | Windows | CONFIGURATION MANAGEMENT |
| Configure detection for potentially unwanted applications | MSCT Windows 10 1909 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| F5BI-AP-300061 - The F5 BIG-IP appliance providing content filtering must protect against or limit the effects of known and unknown types of denial-of-service (DoS) attacks by employing pattern recognition pre-processors. | DISA F5 BIG-IP TMOS ALG STIG v1r2 | F5 | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUSX-IP-000015 - To protect against unauthorized data mining, the Juniper Networks SRX Series Gateway IDPS must detect code injection attacks launched against application objects, including, at a minimum, application URLs and application code. | DISA Juniper SRX Services Gateway IDPS v2r1 | Juniper | ACCESS CONTROL |
| SonicWALL - Detection Prevention - IP TTL Decrement | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND COMMUNICATIONS PROTECTION |
| SonicWALL - Detection Prevention - Stealth Mode | TNS SonicWALL v5.9 | SonicWALL | |
| SYMP-AG-000600 - Symantec ProxySG providing content filtering must be configured to integrate with a system-wide intrusion detection system. | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | SYSTEM AND INFORMATION INTEGRITY |
| TNS_Salesforce_Best_Practices_v1.2.0.audit from TNS Salesforce Best Practices Audit v1.2.0 | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | |
| Turn off Crash Detection | MSCT Windows 10 1803 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Turn off Crash Detection | MSCT Windows Server v1909 MS v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Turn off Crash Detection | MSCT Windows Server 2019 MS v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Turn off Crash Detection | MSCT Windows Server 2022 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Turn off Crash Detection | MSCT Windows 11 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Turn off Crash Detection | MSCT Windows Server v2004 MS v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Turn off Crash Detection | MSCT Windows Server v20H2 DC v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
