| 1.1.1.1.7 Ensure enhanced weak passcode detection is set to enabled | CIS Zoom L2 v1.0.0 | Zoom | CONFIGURATION MANAGEMENT |
| 1.1.4.2 command accounting | CIS Cisco IOS XR 7.x v1.0.1 L1 | Cisco | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 1.2 Password Security Policy - f) The validity period of an account can be configured | Tenable ZTE ROSNG | ZTE_ROSNG | IDENTIFICATION AND AUTHENTICATION |
| 1.12 Ensure host-based intrusion detection tool is used - mfetpd process | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 2.2.1.10 Ensure 'Force Apple Watch wrist detection' is set to 'Enabled' | AirWatch - CIS Apple iOS 14 and iPadOS 14 v1.0.0 End User Owned L1 | MDM | ACCESS CONTROL |
| 2.2.1.10 Ensure 'Force Apple Watch wrist detection' is set to 'Enabled' | AirWatch - CIS Apple iOS 12 v1.0.0 End User Owned L1 | MDM | |
| 2.2.1.10 Ensure 'Force Apple Watch wrist detection' is set to 'Enabled' | MobileIron - CIS Apple iOS 12 v1.0.0 End User Owned L1 | MDM | |
| 2.2.1.12 Ensure 'Force Apple Watch wrist detection' is set to 'Enabled' | AirWatch - CIS Apple iOS 18 Benchmark v1.1.0 L1 End User Owned | MDM | ACCESS CONTROL, MEDIA PROTECTION |
| 2.2.1.12 Ensure 'Force Apple Watch wrist detection' is set to 'Enabled' | MobileIron - CIS Apple iOS 18 v1.1.0 L1 End User Owned | MDM | ACCESS CONTROL, MEDIA PROTECTION |
| 2.2.1.13 Ensure 'Force Apple Watch wrist detection' is set to 'Enabled' | AirWatch - CIS Apple iPadOS 17 v1.1.0 End User Owned L1 | MDM | ACCESS CONTROL, MEDIA PROTECTION |
| 2.2.1.13 Ensure 'Force Apple Watch wrist detection' is set to 'Enabled' | MobileIron - CIS Apple iPadOS 17 v1.1.0 End User Owned L1 | MDM | ACCESS CONTROL, MEDIA PROTECTION |
| 2.2.1.13 Ensure 'Force Apple Watch wrist detection' is set to 'Enabled' | AirWatch - CIS Apple iPadOS 18 v1.1.0 L1 End User Owned | MDM | ACCESS CONTROL, MEDIA PROTECTION |
| 2.2.1.13 Ensure 'Force Apple Watch wrist detection' is set to 'Enabled' | AirWatch - CIS Apple iOS 17 Benchmark v1.1.0 End User Owned L1 | MDM | ACCESS CONTROL, MEDIA PROTECTION |
| 2.9.2 (L1) Ensure 'Enable leak detection for entered credentials' Is Set to 'Enabled' | CIS Google Chrome Group Policy v1.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 3.2.1.24 Ensure 'Force Apple Watch wrist detection' is set to 'Enabled' | MobileIron - CIS Apple iOS 14 and iPadOS 14 Institution Owned L1 | MDM | ACCESS CONTROL |
| 3.2.1.27 Ensure 'Force Apple Watch wrist detection' is set to 'Enabled' | MobileIron - CIS Apple iPadOS 17 Institutionally Owned L1 | MDM | ACCESS CONTROL, MEDIA PROTECTION |
| 4.2.5 Enable grayware detection on antivirus | CIS Fortigate 7.0.x v1.3.0 L2 | FortiGate | SYSTEM AND INFORMATION INTEGRITY |
| 5.12 Ensure IP Address Based Requests Are Disallowed - 'httpd.conf RewriteRule ^.(.*) - [L,F] exists' | CIS Apache HTTP Server 2.2 L2 v3.6.0 Middleware | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 5.12 Ensure IP Address Based Requests Are Disallowed - 'httpd.conf RewriteRule ^.(.*) - [L,F] exists' | CIS Apache HTTP Server 2.2 L2 v3.6.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 6.19 Ensure that User Credential Submission uses the action of 'block' or 'continue' on the URL categories | CIS Palo Alto Firewall 11 v1.1.0 L1 | Palo_Alto | SYSTEM AND INFORMATION INTEGRITY |
| 6.19 Ensure that User Credential Submission uses the action of 'block' or 'continue' on the URL categories | CIS Palo Alto Firewall 10 v1.2.0 L1 | Palo_Alto | SYSTEM AND INFORMATION INTEGRITY |
| 6.20 Ensure that User Credential Submission uses the action of block or continue on the URL categories | CIS Palo Alto Firewall 8 Benchmark L1 v1.0.0 | Palo_Alto | CONFIGURATION MANAGEMENT |
| Big Sur - Force Password Change at Next Logon | NIST macOS Big Sur v1.4.0 - 800-53r5 High | Unix | IDENTIFICATION AND AUTHENTICATION |
| Catalina - Force Password Change at Next Logon | NIST macOS Catalina v1.5.0 - CNSSI 1253 | Unix | IDENTIFICATION AND AUTHENTICATION |
| CIS_Kubernetes_v1.24_v1.0.0_Level_1_Worker.audit from CIS Kubernetes v1.24 Benchmark v1.0.0 | CIS Kubernetes v1.24 Benchmark v1.0.0 L1 Worker | Unix | CONFIGURATION MANAGEMENT |
| CIS_Kubernetes_v1.24_v1.0.0_Level_2_Master.audit from CIS Kubernetes v1.24 Benchmark v1.0.0 | CIS Kubernetes v1.24 Benchmark v1.0.0 L2 Master | Unix | CONFIGURATION MANAGEMENT |
| CIS_MongoDB_8_v1.0.0_L2_Unix.audit from CIS MongoDB 8 Benchmark v1.0.0 | CIS MongoDB 8 v1.0.0 L2 Unix | Unix | |
| CIS_MongoDB_8_v1.0.0_L2_Windows.audit from CIS MongoDB 8 Benchmark v1.0.0 | CIS MongoDB 8 v1.0.0 L2 Windows | Windows | |
| CIS_MongoDB_Benchmark_Level_1_OS_Windows_v1.0.0.audit from CIS MongoDB Benchmark v1.0.0 | CIS MongoDB L1 Windows Audit v1.0.0 | Windows | |
| CIS_MongoDB_Benchmark_Level_2_OS_Unix_v1.0.0.audit from CIS MongoDB Benchmark v1.0.0 | CIS MongoDB L2 Unix Audit v1.0.0 | Unix | |
| CISC-L2-000190 - The Cisco switch must enable Unidirectional Link Detection (UDLD) to protect against one-way connections. | DISA Cisco IOS XE Switch L2S STIG v3r2 | Cisco | CONFIGURATION MANAGEMENT |
| DG0102-ORACLE11 - DBMS processes or services should run under custom, dedicated OS accounts - 'tns services are using correct service account' | DISA STIG Oracle 11 Instance v9r1 OS Unix | Unix | ACCESS CONTROL |
| GEN006480 - The system must have a host-based intrusion detection tool installed. | DISA STIG for Oracle Linux 5 v2r1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| NIST_macOS_Monterey_All_Profiles_v1.0.0.audit from NIST macOS Monterey v1.0.0 | NIST macOS Monterey v1.0.0 - All Profiles | Unix | |
| SOL-11.1-090120 - The operating system must prevent non-privileged users from circumventing malicious code protection capabilities. | DISA Solaris 11 X86 STIG v3r3 | Unix | ACCESS CONTROL |
| SOL-11.1-090120 - The operating system must prevent non-privileged users from circumventing malicious code protection capabilities. | DISA Solaris 11 SPARC STIG v3r3 | Unix | ACCESS CONTROL |
| SOL-11.1-090130 - The operating system must employ malicious code protection mechanisms at workstations, servers, or mobile computing devices on the network to detect and eradicate malicious code transported by electronic mail, electronic mail attachments, web accesses, removable media, or other common means. | DISA Solaris 11 SPARC STIG v3r3 | Unix | CONFIGURATION MANAGEMENT |
| SOL-11.1-090130 - The operating system must employ malicious code protection mechanisms at workstations, servers, or mobile computing devices on the network to detect and eradicate malicious code transported by electronic mail, electronic mail attachments, web accesses, removable media, or other common means. | DISA Solaris 11 X86 STIG v3r3 | Unix | CONFIGURATION MANAGEMENT |
| WN12-GE-000022 - Servers must have a host-based Intrusion Detection System. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WNDF-AV-000008 - Microsoft Defender AV must be configured to disable local setting override for reporting to Microsoft MAPS. | DISA Microsoft Defender Antivirus STIG v2r6 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WNDF-AV-000009 - Microsoft Defender AV must be configured to check in real time with MAPS before content is run or accessed. | DISA Microsoft Defender Antivirus STIG v2r6 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| WNDF-AV-000013 - Microsoft Defender AV must be configured to not allow local override of monitoring for file and program activity. | DISA Microsoft Defender Antivirus STIG v2r6 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WNDF-AV-000014 - Microsoft Defender AV must be configured to not allow override of monitoring for incoming and outgoing file activity. | DISA Microsoft Defender Antivirus STIG v2r6 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WNDF-AV-000015 - Microsoft Defender AV must be configured to not allow override of scanning for downloaded files and attachments. | DISA Microsoft Defender Antivirus STIG v2r6 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WNDF-AV-000031 - Microsoft Defender AV must be configured for automatic remediation action to be taken for threat alert level Severe. | DISA Microsoft Defender Antivirus STIG v2r6 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WNDF-AV-000040 - Microsoft Defender AV must be configured for automatic remediation action to be taken for threat alert level High. | DISA Microsoft Defender Antivirus STIG v2r6 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WNDF-AV-000041 - Microsoft Defender AV must be configured for automatic remediation action to be taken for threat alert level Medium. | DISA Microsoft Defender Antivirus STIG v2r6 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WNDF-AV-000042 - Microsoft Defender AV must be configured for automatic remediation action to be taken for threat alert level Low. | DISA Microsoft Defender Antivirus STIG v2r6 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WNDF-AV-000049 - Microsoft Defender AV must block executable files from running unless they meet a prevalence, age, or trusted list criterion. | DISA Microsoft Defender Antivirus STIG v2r6 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WNDF-AV-000068 - Microsoft Defender AV must enable network protection to be configured into block or audit mode on Windows Server. | DISA Microsoft Defender Antivirus STIG v2r6 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
