| 1.1.1 Ensure NGINX is installed | CIS NGINX Benchmark v2.1.0 L1 Webserver | Unix | SYSTEM AND SERVICES ACQUISITION |
| 1.1.1 Ensure NGINX is installed | CIS NGINX Benchmark v2.1.0 L1 Loadbalancer | Unix | SYSTEM AND SERVICES ACQUISITION |
| 1.1.1 Ensure NGINX is installed | CIS NGINX Benchmark v2.1.0 L1 Proxy | Unix | SYSTEM AND SERVICES ACQUISITION |
| 1.6.2 Create Pod Security Policies for your cluster | CIS Kubernetes 1.7.0 Benchmark v1.1.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 1.6.2 Create Pod Security Policies for your cluster | CIS Kubernetes 1.8 Benchmark v1.2.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 2.3.3 Verify Display Sleep is set to a value larger than the Screen Saver | CIS Apple OSX 10.11 El Capitan L1 v1.1.0 | Unix | ACCESS CONTROL |
| 2.3.3 Verify Display Sleep is set to a value larger than the Screen Saver | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | ACCESS CONTROL |
| 2.3.22.2 Ensure 'Block signing into Office' is set to 'Enabled: Org ID only' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | ACCESS CONTROL |
| 2.4 Ensure 'Protect RE' Firewall Filter includes explicit terms for all Protocols | CIS Juniper OS Benchmark v2.1.0 L2 | Juniper | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.2.1 Restrict Recursive Queries | CIS ISC BIND 9.0/9.5 v2.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.3.2 Include TSIG key in named.conf 'TSIG key 1 permissions' | CIS ISC BIND 9.0/9.5 v2.0.0 | Unix | |
| 3.3.2 Include TSIG key in named.conf 'TSIG key 2 permissions' | CIS ISC BIND 9.0/9.5 v2.0.0 | Unix | |
| 4.3.2.9 Ensure mrouted is not in use | CIS IBM AIX 7 v1.0.0 L2 | Unix | CONFIGURATION MANAGEMENT |
| 4.5 Configure Solaris Auditing - active audit policies | CIS Solaris 11.2 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.5 Configure Solaris Auditing - active audit policies = argv,cnt,zonename | CIS Solaris 11 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.5 Configure Solaris Auditing - active non-attributable audit flags | CIS Solaris 11.2 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.5 Configure Solaris Auditing - active user default audit flags | CIS Solaris 11.2 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.5 Configure Solaris Auditing - active user flags = cis,ex,aa,ua,as,ss,lo,ft | CIS Solaris 11.1 L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.5 Configure Solaris Auditing - audit condition = auditing | CIS Solaris 11 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.5 Configure Solaris Auditing - audit condition=auditing | CIS Solaris 11.2 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.5 Configure Solaris Auditing - audit_binfile (active) | CIS Solaris 11 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.5 Configure Solaris Auditing - configured audit policies | CIS Solaris 11.2 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.5 Configure Solaris Auditing - configured non-attributable audit flags | CIS Solaris 11.2 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.5 Configure Solaris Auditing - configured non-attributable flags = lo | CIS Solaris 11 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.5 Configure Solaris Auditing - configured user default audit flags | CIS Solaris 11.2 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.5 Configure Solaris Auditing - not_terminated | CIS Solaris 11.2 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.5 Configure Solaris Auditing - p_minfree | CIS Solaris 11.2 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.5 Configure Solaris Auditing - Plugin | CIS Solaris 11.2 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.5 Configure Solaris Auditing - userattr audit_flags root | CIS Solaris 11.2 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 17.2.5 Ensure 'Audit Other Account Management Events' is set to include 'Success' (STIG only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC | Windows | AUDIT AND ACCOUNTABILITY |
| 17.2.5 Ensure 'Audit Other Account Management Events' is set to include 'Success' (STIG only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS | Windows | AUDIT AND ACCOUNTABILITY |
| CIS FreeBSD Benchmark v1.0.5 | CIS FreeBSD v1.0.5 | Unix | |
| CIS_Aliyun_Linux_2_L2_v1.0.0.audit from CIS Aliyun Linux 2 Benchmark v1.0.0 | CIS Aliyun Linux 2 L2 v1.0.0 | Unix | |
| CIS_Palo_Alto_Firewall_8_Benchmark_L2_v1.0.0.audit from CIS Palo Alto Firewall 8 Benchmark v1.0.0 | CIS Palo Alto Firewall 8 Benchmark L2 v1.0.0 | Palo_Alto | |
| CIS_Palo_Alto_Firewall_9_Benchmark_v1.1.0_L1.audit from CIS Palo Alto Firewall 9 Benchmark v1.1.0 | CIS Palo Alto Firewall 9 v1.1.0 L1 | Palo_Alto | |
| CIS_Palo_Alto_Firewall_9_Benchmark_v1.1.0_L2.audit from CIS Palo Alto Firewall 9 Benchmark v1.1.0 | CIS Palo Alto Firewall 9 v1.1.0 L2 | Palo_Alto | |
| CIS_Palo_Alto_Firewall_10_Benchmark_v1.2.0_L1.audit from CIS Palo Alto Firewall 10 Benchmark v1.2.0 | CIS Palo Alto Firewall 10 v1.2.0 L1 | Palo_Alto | |
| CIS_Palo_Alto_Firewall_10_Benchmark_v1.2.0_L2.audit from CIS Palo Alto Firewall 10 Benchmark v1.2.0 | CIS Palo Alto Firewall 10 v1.2.0 L2 | Palo_Alto | |
| CIS_Palo_Alto_Firewall_11_Benchmark_v1.1.0_L1.audit from CIS Palo Alto Firewall 11 Benchmark v1.1.0 | CIS Palo Alto Firewall 11 v1.1.0 L1 | Palo_Alto | |
| CIS_Palo_Alto_Firewall_11_Benchmark_v1.1.0_L2.audit from CIS Palo Alto Firewall 11 Benchmark v1.1.0 | CIS Palo Alto Firewall 11 v1.1.0 L2 | Palo_Alto | |
| CNTR-R2-000060 - Rancher RKE2 components must be configured in accordance with the security configuration settings based on DOD security configuration or implementation guidance, including SRGs, STIGs, NSA configuration guides, CTOs, and DTMs. | DISA Rancher Government Solutions RKE2 STIG v2r3 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| JRE8-UX-000080 - Oracle JRE 8 must disable the dialog enabling users to grant permissions - deployment.security.askgrantdialog.notinca | DISA STIG Oracle JRE 8 Unix v1r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| JRE8-UX-000120 - Oracle JRE 8 must enable the option to use an accepted sites list. | DISA STIG Oracle JRE 8 Unix v1r3 | Unix | CONFIGURATION MANAGEMENT |
| JRE8-UX-000150 - Oracle JRE 8 must enable the dialog to enable users to check for revocation - deployment.security.validation.crl | DISA STIG Oracle JRE 8 Unix v1r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| JRE8-UX-000150 - Oracle JRE 8 must enable the dialog to enable users to check for revocation - deployment.security.validation.crl.locked | DISA STIG Oracle JRE 8 Unix v1r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| JRE8-UX-000160 - Oracle JRE 8 must lock the option to enable users to check for revocation - deployment.security.revocation.check | DISA STIG Oracle JRE 8 Unix v1r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| JRE8-UX-000160 - Oracle JRE 8 must lock the option to enable users to check for revocation - deployment.security.revocation.check.locked | DISA STIG Oracle JRE 8 Unix v1r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| JRE8-UX-000170 - Oracle JRE 8 must prompt the user for action prior to executing mobile code - deployment.insecure.jres | DISA STIG Oracle JRE 8 Unix v1r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| JRE8-UX-000170 - Oracle JRE 8 must prompt the user for action prior to executing mobile code - deployment.insecure.jres.locked | DISA STIG Oracle JRE 8 Unix v1r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| JRE8-UX-000180 - The version of Oracle JRE 8 running on the system must be the most current available. | DISA STIG Oracle JRE 8 Unix v1r3 | Unix | SYSTEM AND INFORMATION INTEGRITY |
