| 2.3.10.5 Ensure 'Network access: Do not allow anonymous enumeration of SAM accounts and shares' is set to 'Enabled' (STIG DC & MS only) | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS | Windows | ACCESS CONTROL |
| 18.6.19.2.1 (L2) Disable IPv6 (Ensure TCPIP6 Parameter 'DisabledComponents' is set to '0xff (255)') | CIS Microsoft Windows 10 Enterprise v4.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 18.6.19.2.1 (L2) Disable IPv6 (Ensure TCPIP6 Parameter 'DisabledComponents' is set to '0xff (255)') | CIS Microsoft Windows 10 Enterprise v4.0.0 L2 BL NG | Windows | CONFIGURATION MANAGEMENT |
| 18.6.19.2.1 (L2) Disable IPv6 (Ensure TCPIP6 Parameter 'DisabledComponents' is set to '0xff (255)') | CIS Microsoft Windows 10 Enterprise v4.0.0 L2 NG | Windows | CONFIGURATION MANAGEMENT |
| 18.6.19.2.1 (L2) Disable IPv6 (Ensure TCPIP6 Parameter 'DisabledComponents' is set to '0xff (255)') | CIS Microsoft Windows 11 Enterprise v4.0.0 L2 BitLocker | Windows | CONFIGURATION MANAGEMENT |
| 18.6.19.2.1 (L2) Disable IPv6 (Ensure TCPIP6 Parameter 'DisabledComponents' is set to '0xff (255)') | CIS Microsoft Windows Server 2025 v1.0.0 L2 MS | Windows | CONFIGURATION MANAGEMENT |
| 18.9.100.1 (L1) Ensure 'Turn on PowerShell Script Block Logging' is set to 'Enabled' | CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DC | Windows | AUDIT AND ACCOUNTABILITY |
| 18.9.100.1 (L1) Ensure 'Turn on PowerShell Script Block Logging' is set to 'Enabled' | CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1 | Windows | AUDIT AND ACCOUNTABILITY |
| 18.9.100.1 (L1) Ensure 'Turn on PowerShell Script Block Logging' is set to 'Enabled' | CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1 | Windows | AUDIT AND ACCOUNTABILITY |
| 18.10.86.1 Ensure 'Turn on PowerShell Script Block Logging' is set to 'Enabled' | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC | Windows | AUDIT AND ACCOUNTABILITY |
| 18.10.87.1 (L1) Ensure 'Turn on PowerShell Script Block Logging' is set to 'Enabled' | CIS Windows Server 2012 DC L1 v3.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 18.10.87.1 (L1) Ensure 'Turn on PowerShell Script Block Logging' is set to 'Enabled' | CIS Windows Server 2012 MS L1 v3.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 18.10.87.1 (L2) Ensure 'Turn on PowerShell Script Block Logging' is set to 'Enabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L2 BL NG | Windows | AUDIT AND ACCOUNTABILITY |
| 18.10.87.1 (L2) Ensure 'Turn on PowerShell Script Block Logging' is set to 'Enabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L2 NG | Windows | AUDIT AND ACCOUNTABILITY |
| 18.10.87.1 (L2) Ensure 'Turn on PowerShell Script Block Logging' is set to 'Enabled' | CIS Microsoft Windows Server 2022 v4.0.0 L2 MS | Windows | AUDIT AND ACCOUNTABILITY |
| 18.10.87.1 (L2) Ensure 'Turn on PowerShell Script Block Logging' is set to 'Enabled' | CIS Microsoft Windows 11 Stand-alone v4.0.0 L2 BL | Windows | AUDIT AND ACCOUNTABILITY |
| APPL-14-000031 The macOS system must configure audit log folders to not contain access control lists. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| CIS Control 7 (7.7) Use of DNS Filtering Services | CAS Implementation Group 1 Audit File | Unix | ACCESS CONTROL |
| CIS_Apache_Tomcat_11_v1.0.0_L1.audit from CIS Apache Tomcat 11 Benchmark v1.0.0 | CIS Apache Tomcat 11 v1.0.0 L1 | Unix | |
| CIS_Apple_macOS_10.13_v1.1.0_Level_1.audit from CIS Apple macOS 10.13 Benchmark v1.1.0 | CIS Apple macOS 10.13 L1 v1.1.0 | Unix | |
| CIS_CentOS_6_v3.0.0_Server_L1.audit from CIS CentOS Linux 6 Benchmark v3.0.0 | CIS CentOS 6 Server L1 v3.0.0 | Unix | |
| CIS_IBM_AIX_7_v1.0.0_L2.audit from CIS IBM AIX 7 Benchmark v1.0.0 | CIS IBM AIX 7 v1.0.0 L2 | Unix | |
| CIS_Microsoft_Exchange_Server_2019_v1.0.0_Level_1_MDM.audit from CIS Microsoft Exchange Server 2019 Benchmark v1.0.0 | CIS Microsoft Exchange Server 2019 L1 MDM v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| CIS_Microsoft_Windows_Server_2025_v1.0.0_NG_MS.audit from CIS Microsoft Windows Server 2025 Benchmark v1.0.0 | CIS Microsoft Windows Server 2025 v1.0.0 NG MS | Windows | |
| CIS_MS_IIS_10_v1.2.1_Level_1.audit from CIS Microsoft IIS 10 Benchmark v1.2.1 | CIS IIS 10 v1.2.1 Level 1 | Windows | |
| CIS_MS_Windows_8.1_v2.4.1_Level_2_Bitlocker.audit from CIS Microsoft Windows 8.1 Workstation Benchmark v2.4.1 | CIS Microsoft Windows 8.1 v2.4.1 L2 Bitlocker | Windows | |
| CIS_Oracle_Linux_8_Workstation_L2_v3.0.0.audit from CIS Oracle Linux 8 Benchmark v3.0.0 | CIS Oracle Linux 8 Workstation L2 v3.0.0 | Unix | |
| CIS_Oracle_Solaris_11.4_L2_v1.1.0.audit from CIS Oracle Solaris 11.4 Benchmark v1.1.0 | CIS Oracle Solaris 11.4 L2 v1.1.0 | Unix | |
| CIS_SUSE_Linux_Enterprise_15_v2.0.0_L2_Server.audit from CIS SUSE Linux Enterprise 15 Benchmark v2.0.0 | CIS SUSE Linux Enterprise 15 v2.0.0 L2 Server | Unix | |
| CIS_Ubuntu_18.04_LXD_Host_v1.0.0_L1_LXD.audit from CIS Ubuntu Linux 18.04 LXD Host Benchmark | CIS Ubuntu Linux 18.04 LXD Host L1 LXD v1.0.0 | Unix | |
| CIS_Ubuntu_18.04_LXD_Host_v1.0.0_L1_Server.audit from CIS Ubuntu Linux 18.04 LXD Host Benchmark | CIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0 | Unix | |
| CIS_Ubuntu_Linux_24.04_LTS_v1.0.0_L2_Server.audit from CIS Ubuntu Linux 24.04 LTS Benchmark v1.0.0 | CIS Ubuntu Linux 24.04 LTS v1.0.0 L2 Server | Unix | |
| SLES-12-020650 - The SUSE operating system must generate audit records for all modifications to the tallylog file must generate an audit record. | DISA SLES 12 STIG v3r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SLES-15-030020 - The SUSE operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/shadow. | DISA SLES 15 STIG v2r2 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| SLES-15-030080 - The SUSE operating system must generate audit records for all uses of the gpasswd command. | DISA SLES 15 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SLES-15-030470 - The SUSE operating system must generate audit records for all modifications to the tallylog file must generate an audit record. | DISA SLES 15 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SLES-15-030480 - The SUSE operating system must generate audit records for all modifications to the lastlog file. | DISA SLES 15 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020400 - Successful/unsuccessful uses of the ssh-agent command must generate an audit record. | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020460 - The audit system must be configured to audit any usage of the setxattr system call - root b32 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020530 - Successful/unsuccessful uses of the fchown command must generate an audit record - b64 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020560 - Successful/unsuccessful uses of the chmod command must generate an audit record. | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020590 - Successful/unsuccessful uses of the open command must generate an audit record - EPERM b64 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020610 - Successful/unsuccessful uses of the ftruncate command must generate an audit record - EACCES b32 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020630 - Successful/unsuccessful uses of the openat command must generate an audit record - EACCES b32 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020640 - Successful/unsuccessful uses of the open_by_handle_at command must generate an audit record - EACCES b64 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020710 - Successful/unsuccessful uses of the setfacl command must generate an audit record. | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020770 - Successful/unsuccessful uses of the unix_update command must generate an audit record. | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020790 - Successful/unsuccessful uses of the chage command must generate an audit record. | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020800 - Successful/unsuccessful uses of the usermod command must generate an audit record. | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020830 - Successful/unsuccessful uses of the init_module command must generate an audit record - b64 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
