| 1.17 Ensure Secrets are Not Stored in Cloud Functions Environment Variables by Using Secret Manager | CIS Google Cloud Platform Foundation v4.0.0 L1 | GCP | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.4.3 (L2) Ensure Microsoft Defender for Cloud Apps is enabled and configured | CIS Microsoft 365 Foundations v6.0.1 L2 E5 | microsoft_azure | SYSTEM AND INFORMATION INTEGRITY |
| 4.2.8 Ensure that the --hostname-override argument is not set | CIS Kubernetes v1.20 Benchmark v1.0.1 L1 Worker | Unix | CONFIGURATION MANAGEMENT |
| 4.2.8 Ensure that the --hostname-override argument is not set | CIS Kubernetes v1.23 Benchmark v1.0.1 L1 Worker | Unix | CONFIGURATION MANAGEMENT |
| 18.9.52.1 (L1) Ensure 'Prevent the usage of OneDrive for file storage' is set to 'Enabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | ACCESS CONTROL |
| 18.10.43.5.2 (L2) Ensure 'Join Microsoft MAPS' is set to 'Disabled' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 18.10.43.5.2 (L2) Ensure 'Join Microsoft MAPS' is set to 'Disabled' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L2 BL | Windows | CONFIGURATION MANAGEMENT |
| 18.10.43.5.2 (L2) Ensure 'Join Microsoft MAPS' is set to 'Disabled' | CIS Microsoft Windows Server 2019 Stand-alone v3.0.0 L2 MS | Windows | CONFIGURATION MANAGEMENT |
| 18.10.43.5.2 (L2) Ensure 'Join Microsoft MAPS' is set to 'Disabled' | CIS Microsoft Windows Server 2019 v4.0.0 L2 DC | Windows | CONFIGURATION MANAGEMENT |
| 18.10.43.5.2 (L2) Ensure 'Join Microsoft MAPS' is set to 'Disabled' | CIS Microsoft Windows Server 2019 v4.0.0 L2 MS | Windows | CONFIGURATION MANAGEMENT |
| 18.10.43.5.2 (L2) Ensure 'Join Microsoft MAPS' is set to 'Disabled' | CIS Microsoft Windows Server 2025 Stand-alone v1.0.0 L2 MS | Windows | CONFIGURATION MANAGEMENT |
| 18.10.50.1 Ensure 'Prevent the usage of OneDrive for file storage' is set to 'Enabled' | CIS Microsoft Windows 11 Stand-alone v5.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 18.10.51.1 (L1) Ensure 'Prevent the usage of OneDrive for file storage' is set to 'Enabled' | CIS Microsoft Windows Server 2016 v4.0.0 L1 MS | Windows | CONFIGURATION MANAGEMENT |
| 18.10.51.1 (L1) Ensure 'Prevent the usage of OneDrive for file storage' is set to 'Enabled' | CIS Microsoft Windows Server 2019 Stand-alone v3.0.0 L1 MS | Windows | CONFIGURATION MANAGEMENT |
| 18.10.51.1 (L1) Ensure 'Prevent the usage of OneDrive for file storage' is set to 'Enabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 18.10.51.1 (L1) Ensure 'Prevent the usage of OneDrive for file storage' is set to 'Enabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL | Windows | CONFIGURATION MANAGEMENT |
| 18.10.51.1 (L1) Ensure 'Prevent the usage of OneDrive for file storage' is set to 'Enabled' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 18.10.51.1 (L1) Ensure 'Prevent the usage of OneDrive for file storage' is set to 'Enabled' | CIS Microsoft Windows Server 2019 v4.0.0 L1 MS | Windows | CONFIGURATION MANAGEMENT |
| AIOS-02-080002 - Apple iOS must not allow backup to remote systems (iCloud). | AirWatch - DISA Apple iOS 10 v1r3 | MDM | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| AIOS-12-004200 - Apple iOS must not allow backup to remote systems (iCloud document and data synchronization). | AirWatch - DISA Apple iOS 12 v2r1 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-12-004200 - Apple iOS must not allow backup to remote systems (iCloud document and data synchronization). | MobileIron - DISA Apple iOS 12 v2r1 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-12-011300 - Apple iOS must implement the management setting: Disable Allow Shared Albums. | AirWatch - DISA Apple iOS 12 v2r1 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-13-004200 - Apple iOS/iPadOS must not allow backup to remote systems (iCloud document and data synchronization). | MobileIron - DISA Apple iOS/iPadOS 13 v2r1 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-13-011300 - Apple iOS/iPadOS must implement the management setting: Disable Allow Shared Albums. | AirWatch - DISA Apple iOS/iPadOS 13 v2r1 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-17-003450 - Apple iOS/iPadOS 17 must not allow backup to remote systems (Cloud Photo Library). | MobileIron - DISA Apple iOS/iPadOS 17 v2r2 | MDM | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Android Device Configuration - Google backup | Tenable Best Practices for Microsoft Intune Android v1.0 | microsoft_azure | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| APPL-13-002037 - The macOS system must be configured to disable the Cloud Storage Setup services. | DISA STIG Apple macOS 13 v1r5 | Unix | CONFIGURATION MANAGEMENT |
| Do not suggest third-party content in Windows spotlight | MSCT Windows 10 1809 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Do not suggest third-party content in Windows spotlight | MSCT Windows 11 v23H2 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Do not suggest third-party content in Windows spotlight | MSCT Windows 10 1903 v1.19.9 | Windows | CONFIGURATION MANAGEMENT |
| Do not suggest third-party content in Windows spotlight | MSCT Windows 10 v21H2 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Do not suggest third-party content in Windows spotlight | MSCT Windows 10 v22H2 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| GOOG-10-003900 - Google Android 10 must be configured to not allow backup of all applications and configuration data to remote systems. | AirWatch - DISA Google Android 10.x v2r1 | MDM | ACCESS CONTROL |
| GOOG-10-003900 - Google Android 10 must be configured to not allow backup of all applications and configuration data to remote systems. | MobileIron - DISA Google Android 10.x v2r1 | MDM | ACCESS CONTROL |
| GOOG-11-003900 - Google Android 11 must be configured to not allow backup of all applications and configuration data to remote systems. | AirWatch - DISA Google Android 11 COPE v2r1 | MDM | ACCESS CONTROL |
| GOOG-11-003900 - Google Android 11 must be configured to not allow backup of all applications and configuration data to remote systems. | AirWatch - DISA Google Android 11 COBO v2r1 | MDM | ACCESS CONTROL |
| GOOG-12-008600 - Google Android 12 must be configured to not allow backup of [all applications, configuration data] to remote systems. | AirWatch - DISA Google Android 12 COBO v1r2 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| GOOG-14-008600 - Google Android 14 must be configured to not allow backup of [all applications, configuration data] to remote systems. | MobileIron - DISA Google Android 14 COPE STIG v2r3 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| GOOG-15-008600 - Google Android 15 must be configured to not allow backup of [all applications, configuration data] to remote systems. | AirWatch - DISA Google Android 15 COPE STIG v1r3 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| GOOG-15-008600 - Google Android 15 must be configured to not allow backup of [all applications, configuration data] to remote systems. | MobileIron - DISA Google Android 15 COBO STIG v1r3 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| GOOG-16-008600 - Google Android 16 must be configured to not allow backup of [all applications, configuration data] to remote systems. | MobileIron - DISA Google Android 16 COPE STIG v1r1 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| GOOG-16-008600 - Google Android 16 must be configured to not allow backup of [all applications, configuration data] to remote systems. | AirWatch - DISA Google Android 16 COPE STIG v1r1 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| HONW-09-003900 - The Honeywell Mobility Edge Android Pie device must be configured to not allow backup of all applications and configuration data to remote systems. | AirWatch - DISA Honeywell Android 9.x COPE v1r2 | MDM | ACCESS CONTROL |
| HONW-13-008600 - Honeywell Android 13 must be configured to not allow backup of [all applications, configuration data] to remote systems. | AirWatch - DISA Honeywell Android 13 COBO STIG v1r1 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| HONW-13-008600 - Honeywell Android 13 must be configured to not allow backup of [all applications, configuration data] to remote systems. | MobileIron - DISA Honeywell Android 13 COPE STIG v1r1 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| MOTO-09-003900 - The Motorola Android Pie must be configured to not allow backup of all applications and configuration data to remote systems. | MobileIron - DISA Motorola Android Pie.x COBO v1r2 | MDM | ACCESS CONTROL |
| MOTO-09-003900 - The Motorola Android Pie must be configured to not allow backup of all applications and configuration data to remote systems. | AirWatch - DISA Motorola Android Pie.x COPE v1r2 | MDM | ACCESS CONTROL |
| MOTS-11-003900 - Motorola Solutions Android 11 must be configured to not allow backup of all applications and configuration data to remote systems. | MobileIron - DISA Motorola Solutions Android 11 COBO v1r3 | MDM | ACCESS CONTROL |
| MSFT-11-003900 - Microsoft Android 11 must be configured to not allow backup of all applications and configuration data to remote systems. | MobileIron - DISA Microsoft Android 11 COBO v1r2 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| MSFT-11-003900 - Microsoft Android 11 must be configured to not allow backup of all applications and configuration data to remote systems. | AirWatch - DISA Microsoft Android 11 COPE v1r2 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
