| 1.1.2 Ensure NGINX is installed from source | CIS NGINX Benchmark v2.1.0 L2 Proxy | Unix | SYSTEM AND SERVICES ACQUISITION |
| 1.1.2 Ensure separate partition exists for /tmp | CIS Ubuntu Linux 14.04 LTS Workstation L2 v2.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.4.1 Ensure separate partition exists for /var/tmp | CIS CentOS Linux 8 Server L2 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.1.6 Ensure separate partition exists for /var | CIS Distribution Independent Linux Server L2 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.6 Ensure separate partition exists for /var | CIS Aliyun Linux 2 L2 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.10 Ensure separate partition exists for /var | CIS Amazon Linux 2 STIG v2.0.0 L2 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.1.11 Ensure separate partition exists for /var/log | CIS Aliyun Linux 2 L2 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 1.1.12 Ensure separate partition exists for /home | CIS Ubuntu Linux 14.04 LTS Server L2 v2.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.15 Ensure separate partition exists for /var/log | CIS Amazon Linux 2 STIG v2.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 1.1.17 Ensure separate partition exists for /home | CIS Amazon Linux 2 STIG v2.0.0 L2 Server | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 1.3 Ensure Apache Is Installed From the Appropriate Binaries | CIS Apache HTTP Server 2.4 v2.2.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 2.1.3.1 Ensure systemd-timesyncd configured with authorized timeserver | CIS Ubuntu Linux 20.04 LTS Workstation L1 v2.0.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 2.3.2.1 Ensure systemd-timesyncd configured with authorized timeserver | CIS SUSE Linux Enterprise 15 v2.0.1 L1 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 3.2.1.13 Ensure 'Allow users to accept untrusted TLS certificates' is set to 'Disabled' | MobileIron - CIS Apple iPadOS 18 v1.0.0 L2 Institutionally Owned | MDM | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 5.6 Ensure access to the su command is restricted | CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0 | Unix | ACCESS CONTROL |
| 5.6 Ensure access to the su command is restricted - /etc/group | CIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.6 Ensure access to the su command is restricted - pam_wheel.so | CIS Distribution Independent Linux Server L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 5.6 Ensure access to the su command is restricted - pam_wheel.so | CIS Distribution Independent Linux Workstation L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 5.7 Ensure access to the su command is restricted - pam_wheel.so | CIS CentOS 6 Workstation L1 v3.0.0 | Unix | ACCESS CONTROL |
| 5.7 Ensure access to the su command is restricted - pam_wheel.so | CIS Red Hat 6 Server L1 v3.0.0 | Unix | ACCESS CONTROL |
| 5.7 Ensure access to the su command is restricted - wheel group contains root | CIS CentOS 6 Server L1 v3.0.0 | Unix | ACCESS CONTROL |
| 5.7 Ensure access to the su command is restricted - wheel group contains root | CIS Red Hat 6 Server L1 v3.0.0 | Unix | ACCESS CONTROL |
| 5.209 - Device Install - Drivers System Restore Point | DISA Windows Vista STIG v6r41 | Windows | CONFIGURATION MANAGEMENT |
| DTOO104 - Disabling of user name and password syntax from being used in URLs must be enforced in PowerPoint. | DISA STIG Microsoft PowerPoint 2016 v1r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO104 - Disabling of user name and password syntax from being used in URLs must be enforced. | DISA STIG Microsoft Word 2013 v1r7 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO104 - Disabling of user name and password syntax from being used in URLs must be enforced. | DISA STIG Microsoft Excel 2016 v2r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO104 - Disabling of user name and password syntax from being used in URLs must be enforced. | DISA STIG Microsoft Outlook 2016 v2r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO104 - Disabling of user name and password syntax from being used in URLs must be enforced. | DISA STIG Microsoft Visio 2016 v1r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO104 - Disabling of user name and password syntax from being used in URLs must be enforced. | DISA STIG Microsoft Outlook 2013 v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO104 - OneNote - Disabling of user name and password syntax from being used in URLs must be enforced. | DISA STIG Office 2010 OneNote v1r10 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO104 - Publisher - Disabling of user name and password syntax from being used in URLs must be enforced. | DISA STIG Office 2010 Publisher v1r12 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO111 - PowerPoint - Enabling IE Bind to Object functionality must be present. | DISA STIG Office 2010 PowerPoint v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXI-65-000002 - The ESXi host must verify the DCUI.Access list. | DISA STIG VMware vSphere ESXi 6.5 v2r4 | VMware | CONFIGURATION MANAGEMENT |
| ESXI-70-000002 - The ESXi host must verify the DCUI.Access list. | DISA STIG VMware vSphere 7.0 ESXi v1r4 | VMware | CONFIGURATION MANAGEMENT |
| ESXI-80-000189 - The ESXi host DCUI.Access list must be verified. | DISA VMware vSphere 8.0 ESXi STIG v2r3 | VMware | CONFIGURATION MANAGEMENT |
| GOOG-09-001000 - The Google Android Pie must be configured to enforce an application installation policy by specifying an application whitelist that restricts applications by the following characteristics: [selection: list of digital signatures, cryptographic hash values, names, application version]. | MobileIron - DISA Google Android 9.x v2r1 | MDM | CONFIGURATION MANAGEMENT |
| Macro Notification Settings - vbarequiredigsigwithcodesigningeku | MSCT Microsoft 365 Apps for Enterprise 2206 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Macro Notification Settings - vbarequirelmtrustedpublisher | MSCT Microsoft 365 Apps for Enterprise 2206 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Macro Notification Settings - vbarequirelmtrustedpublisher | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Macro Notification Settings - vbawarnings | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Macro Notification Settings - xl4macrowarningfollowvba | MSCT Microsoft 365 Apps for Enterprise 2206 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| MS.EXO.15.1v1 - URL comparison with a block-list SHOULD be enabled. | CISA SCuBA Microsoft 365 Exchange Online v1.5.0 | microsoft_azure | ACCESS CONTROL, SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| OH12-1X-000219 - OHS must be segregated from other services - OHS must be segregated from other services. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000015 - The system package management tool must cryptographically verify the authenticity of all software packages during installation. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| VUM : restrict-vum-db-user | VMWare vSphere 5.X Hardening Guide | VMware | |
| WN12-CC-000004 - Network Bridges must be prohibited in Windows. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN12-CC-000004 - Network Bridges must be prohibited in Windows. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN12-CC-000024 - Device driver searches using Windows Update must be prevented. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN19-SO-000220 - Windows Server 2019 must not allow anonymous enumeration of Security Account Manager (SAM) accounts. | DISA Microsoft Windows Server 2019 STIG v3r4 | Windows | CONFIGURATION MANAGEMENT |
| WN22-SO-000220 - Windows Server 2022 must not allow anonymous enumeration of Security Account Manager (SAM) accounts. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
