| 2.2.28 (L2) Ensure 'Log on as a batch job' is set to 'Administrators' | CIS Microsoft Windows 11 Enterprise v4.0.0 L2 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.37 (L2) Ensure 'Log on as a batch job' is set to 'Administrators' (DC Only) | CIS Microsoft Windows Server 2022 v4.0.0 L2 DC | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.48 Ensure 'Log on as a batch job' is set to 'Administrators' (DC Only) | CIS Microsoft Windows Server 2019 STIG v3.0.0 L2 DC | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.5.10.8.1.2.1 (L1) Ensure 'Access to published calendars' is set to 'Enabled' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | ACCESS CONTROL, MEDIA PROTECTION |
| AS24-U2-000870 - The Apache web server cookies, such as session cookies, sent to the client using SSL/TLS must not be compressed. | DISA STIG Apache Server 2.4 Unix Site v2r6 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| AS24-W1-000650 - The Apache web server must set an inactive timeout for completing the TLS handshake - RequestReadTimeout | DISA STIG Apache Server 2.4 Windows Server v3r3 | Windows | ACCESS CONTROL |
| AS24-W1-000860 - The Apache web server cookies, such as session cookies, sent to the client using SSL/TLS must not be compressed. | DISA STIG Apache Server 2.4 Windows Server v3r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| AS24-W2-000650 - The Apache web server must set an inactive timeout for completing the TLS handshake - RequestReadTimeout | DISA STIG Apache Server 2.4 Windows Site v2r2 | Windows | ACCESS CONTROL |
| AS24-W2-000860 - The Apache web server cookies, such as session cookies, sent to the client using SSL/TLS must not be compressed. | DISA STIG Apache Server 2.4 Windows Site v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DISA_Oracle_Database_19c_STIG_v1r1.audit from DISA Oracle Database 19c STIG v1r1 | DISA Oracle Database 19c STIG v1r1 Unix | Unix | |
| DISA_STIG_Cisco_ASA_NDM_v2r2.audit from DISA Cisco ASA NDM v2r2 STIG | DISA STIG Cisco ASA NDM v2r2 | Cisco | |
| DISA_STIG_IBM_DB2_v10.5_LUW_v2r1_OS_Linux.audit from DISA IBM DB2 V10.5 LUW v2r1 STIG | DISA STIG IBM DB2 v10.5 LUW v2r1 OS Linux | Unix | |
| DISA_STIG_Microsoft_Defender_Antivirus_v2r4.audit from DISA Microsoft Defender Antivirus v2r4 STIG | DISA STIG Microsoft Defender Antivirus v2r4 | Windows | |
| DISA_STIG_Microsoft_Excel_2013_v1r8.audit from DISA Microsoft Excel 2013 v1r8 STIG | DISA STIG Microsoft Excel 2013 v1r8 | Windows | |
| DISA_STIG_Microsoft_Excel_2016_v2r1.audit from DISA Microsoft Excel 2016 v2r1 STIG | DISA STIG Microsoft Excel 2016 v2r1 | Windows | |
| DISA_STIG_Microsoft_InfoPath_2013_v1r6.audit from DISA Microsoft InfoPath 2013 v1r6 STIG | DISA STIG Microsoft InfoPath 2013 v1r6 | Windows | |
| DISA_STIG_Microsoft_Outlook_2016_v2r3.audit from DISA Microsoft Outlook 2016 v2r3 STIG | DISA STIG Microsoft Outlook 2016 v2r3 | Windows | |
| DISA_STIG_Microsoft_PowerPoint_2010_v1r11.audit from DISA Microsoft PowerPoint 2010 v1r11 STIG | DISA STIG Office 2010 PowerPoint v1r11 | Windows | |
| DISA_STIG_Microsoft_PowerPoint_2013_v1r7.audit from DISA Microsoft PowerPoint 2013 v1r7 STIG | DISA STIG Microsoft PowerPoint 2013 v1r7 | Windows | |
| DISA_STIG_Microsoft_Project_2010_v1r10.audit from DISA Microsoft Project 2010 v1r10 STIG | DISA STIG Office 2010 Project v1r10 | Windows | |
| DISA_STIG_Microsoft_Publisher_2010_v1r12.audit from DISA Microsoft Publisher 2010 v1r12 STIG | DISA STIG Office 2010 Publisher v1r12 | Windows | |
| DISA_STIG_Microsoft_Publisher_2013_v1r6.audit from DISA Microsoft Publisher 2013 v1r6 STIG | DISA STIG Microsoft Publisher 2013 v1r6 | Windows | |
| DISA_STIG_Microsoft_Word_2013_v1r7.audit from DISA Microsoft Word 2013 v1r7 STIG | DISA STIG Microsoft Word 2013 v1r7 | Windows | |
| DISA_STIG_SharePoint_2013_v2r4.audit from DISA Microsoft SharePoint 2013 v2r4 STIG | DISA STIG SharePoint 2013 v2r4 | Windows | |
| DISA_STIG_Solaris_10_SPARC_v2r4.audit from DISA Solaris 10 SPARC v2r4 STIG | DISA STIG Solaris 10 SPARC v2r4 | Unix | |
| DISA_STIG_Solaris_11_SPARC_v3r1.audit from DISA Solaris 11 SPARC v3r1 STIG | DISA STIG Solaris 11 SPARC v3r1 | Unix | |
| DTBI515 - Web sites in less privileged web content zones must be disallowed to navigate into the Internet zone. | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | ACCESS CONTROL |
| DTBI520-IE11 - Websites in less privileged web content zones must be prevented from navigating into the Restricted Sites zone. | DISA STIG IE 11 v2r5 | Windows | ACCESS CONTROL |
| Fortigate - Does not use self-signed certificate - 'user' | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | IDENTIFICATION AND AUTHENTICATION |
| Management Access Policy - SSH Access Via Web - Admin State | Tenable Cisco ACI | Cisco_ACI | CONFIGURATION MANAGEMENT |
| OH12-1X-000231 - Remote authors or content providers must have all files scanned for viruses and malicious code before uploading files to the Document Root directory. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | CONFIGURATION MANAGEMENT |
| PANW-AG-000116 - The Palo Alto Networks security platform must continuously monitor outbound communications traffic crossing internal security boundaries. | DISA STIG Palo Alto ALG v3r4 | Palo_Alto | SYSTEM AND INFORMATION INTEGRITY |
| SYMP-NM-000310 - Symantec ProxySG must terminate all network connections associated with a device management session at the end of the session, or the session must be terminated after 10 minutes of inactivity except to fulfill documented and validated mission requirements - cli timeout | DISA Symantec ProxySG Benchmark NDM v1r2 | BlueCoat | SYSTEM AND COMMUNICATIONS PROTECTION |
| SYMP-NM-000310 - Symantec ProxySG must terminate all network connections associated with a device management session at the end of the session, or the session must be terminated after 10 minutes of inactivity except to fulfill documented and validated mission requirements - web timeout | DISA Symantec ProxySG Benchmark NDM v1r2 | BlueCoat | SYSTEM AND COMMUNICATIONS PROTECTION |
| VCWN-06-000031 - Connectivity between Update Manager and public patch repos restricted by use of a separate Update Manager Download Server. | DISA STIG VMware vSphere vCenter 6.x v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VCWN-65-000019 - The vCenter Server for Windows must configure all port groups to VLAN 4095 unless Virtual Guest Tagging (VGT) is required. | DISA STIG VMware vSphere vCenter 6.5 v2r3 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-65-000032 - Unauthorized USB devices must be disconnected on the virtual machine. | DISA STIG VMware vSphere Virtual Machine 6.5 v2r2 | VMware | CONFIGURATION MANAGEMENT |
| WA000-WI070 IIS6 - Indexing Services must only index web content. | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | CONFIGURATION MANAGEMENT |
| WA000-WI6020 IIS6 - The Recycle Worker processes in minutes monitor must be set properly. | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | CONFIGURATION MANAGEMENT |
| WA000-WI6024 IIS6 - The maximum virtual memory monitor must be enabled. | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | CONFIGURATION MANAGEMENT |
| WA000-WI6026 IIS6 - The maximum used memory monitor must be enabled. | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | CONFIGURATION MANAGEMENT |
| WA000-WI6028 IIS6 - The Shutdown worker processes Idle Timeout monitor must be enabled. | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | CONFIGURATION MANAGEMENT |
| WA000-WI6032 IIS6 - The Enable pinging monitor must be enabled. - 'PingingEnabled set to True' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | CONFIGURATION MANAGEMENT |
| WA000-WI6032 IIS6 - The Enable pinging monitor must be enabled. - 'PingInterval set to 30 or more' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | CONFIGURATION MANAGEMENT |
| WA000-WI6034 IIS6 - The Enable rapid-fail protection monitor must be enabled. | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | CONFIGURATION MANAGEMENT |
| WBSP-AS-000080 - WebSphere Application Server groups mapped to WebSphere auditor roles must be configured in accordance with security plan | DISA IBM WebSphere Traditional 9 STIG v1r1 Middleware | Unix | ACCESS CONTROL |
| WBSP-AS-000110 - The WebSphere Application Server audit service provider must be enabled. | DISA IBM WebSphere Traditional 9 STIG v1r1 Middleware | Unix | ACCESS CONTROL |
| WG140 IIS6 - A private web sites authentication mechanism must use client certificates. - 'AccessSSL Enabled' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WG355 IIS6 - A private web site must utilize certificates from a trusted DoD CA. | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | |
| WG460 IIS6 - PERL scripts must use the TAINT option. | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | SYSTEM AND INFORMATION INTEGRITY |
