| 1.1.4.1 exec accounting | CIS Cisco IOS XR 7.x v1.0.1 L1 | Cisco | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.6.1 Ensure BFD Authentication is Set | CIS Juniper OS Benchmark v2.1.0 L2 | Juniper | CONFIGURATION MANAGEMENT |
| 6.2 Ensure that MongoDB uses a non-default port | CIS MongoDB 3.2 L1 Unix Audit v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 6.2 Ensure that MongoDB uses a non-default port | CIS MongoDB L1 Unix Audit v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 6.2 Ensure that MongoDB uses a non-default port | CIS MongoDB 3.4 L1 Unix Audit v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 6.2 Ensure that MongoDB uses a non-default port | CIS MongoDB 3.4 L1 Windows Audit v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 6.2 Ensure that MongoDB uses a non-default port | CIS MongoDB L1 Windows Audit v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 6.2 Ensure that MongoDB uses a non-default port | CIS MongoDB 3.2 L1 Windows Audit v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 6.24 Ensure that 'Inline Cloud Analysis' on Anti-Spyware profiles are enabled if 'Advanced Threat Prevention' is available | CIS Palo Alto Firewall 10 v1.3.0 L1 | Palo_Alto | SYSTEM AND INFORMATION INTEGRITY |
| 6.24 Ensure that 'Inline Cloud Analysis' on Anti-Spyware profiles are enabled if 'Advanced Threat Prevention' is available | CIS Palo Alto Firewall 11 v1.2.0 L1 | Palo_Alto | SYSTEM AND INFORMATION INTEGRITY |
| 8.1.3.4 Ensure that 'Agentless scanning for machines' component status is set to 'On' | CIS Microsoft Azure Foundations v5.0.0 L2 | microsoft_azure | RISK ASSESSMENT |
| 8.1.7.2 Ensure That Microsoft Defender for Open-Source Relational Databases Is Set To 'On' | CIS Microsoft Azure Foundations v5.0.0 L2 | microsoft_azure | RISK ASSESSMENT, SYSTEM AND SERVICES ACQUISITION |
| CIS_Amazon_Linux_2023_v1.0.0_L2_Server.audit from CIS Amazon Linux 2023 Benchmark v1.0.0 | CIS Amazon Linux 2023 v1.0.0 L2 Server | Unix | |
| CIS_Debian_Linux_13_v1.0.0_L1_Server.audit from CIS Debian Linux 13 v1.0.0 | CIS Debian Linux 13 v1.0.0 L1 Server | Unix | |
| CIS_Debian_Linux_13_v1.0.0_L2_Server.audit from CIS Debian Linux 13 v1.0.0 | CIS Debian Linux 13 v1.0.0 L2 Server | Unix | |
| CIS_Debian_Linux_13_v1.0.0_L2_Workstation.audit from CIS Debian Linux 13 v1.0.0 | CIS Debian Linux 13 v1.0.0 L2 Workstation | Unix | |
| CIS_Kubernetes_v1.24_v1.0.0_Level_1_Worker.audit from CIS Kubernetes v1.24 Benchmark v1.0.0 | CIS Kubernetes v1.24 Benchmark v1.0.0 L1 Worker | Unix | CONFIGURATION MANAGEMENT |
| CIS_Kubernetes_v1.24_v1.0.0_Level_2_Master.audit from CIS Kubernetes v1.24 Benchmark v1.0.0 | CIS Kubernetes v1.24 Benchmark v1.0.0 L2 Master | Unix | CONFIGURATION MANAGEMENT |
| CIS_Kubernetes_v1.24_v1.0.0_Level_2_Worker.audit from CIS Kubernetes v1.24 Benchmark v1.0.0 | CIS Kubernetes v1.24 Benchmark v1.0.0 L2 Worker | Unix | CONFIGURATION MANAGEMENT |
| CIS_MariaDB_10.11_v1.0.0_L1_MariaDB_RDBMS_on_Linux_Unix.audit from CIS MariaDB 10.11 v1.0.0 | CIS MariaDB 10.11 v1.0.0 L1 MariaDB RDBMS on Linux Unix | Unix | |
| CIS_MariaDB_10.11_v1.0.0_L1_MariaDB_RDBMS_Unix.audit from CIS MariaDB 10.11 v1.0.0 | CIS MariaDB 10.11 v1.0.0 L1 MariaDB RDBMS Unix | Unix | |
| CIS_MariaDB_10.11_v1.0.0_L2_MariaDB_RDBMS_on_Linux_Unix.audit from CIS MariaDB 10.11 v1.0.0 | CIS MariaDB 10.11 v1.0.0 L2 MariaDB RDBMS on Linux Unix | Unix | |
| CIS_MariaDB_10.11_v1.0.0_L2_MariaDB_RDBMS_Unix.audit from CIS MariaDB 10.11 v1.0.0 | CIS MariaDB 10.11 v1.0.0 L2 MariaDB RDBMS Unix | Unix | |
| CIS_Microsoft_Windows_10_STIG_v1.0.0_CAT_II.audit from CIS Microsoft Windows 10 STIG v1.0.0 | CIS Microsoft Windows 10 STIG v1.0.0 CAT II | Windows | |
| CIS_MongoDB_8_v1.0.0_L1_Unix.audit from CIS MongoDB 8 Benchmark v1.0.0 | CIS MongoDB 8 v1.0.0 L1 Unix | Unix | |
| CIS_MongoDB_8_v1.0.0_L1_Windows.audit from CIS MongoDB 8 Benchmark v1.0.0 | CIS MongoDB 8 v1.0.0 L1 Windows | Windows | |
| CIS_MongoDB_8_v1.0.0_L2_Unix.audit from CIS MongoDB 8 Benchmark v1.0.0 | CIS MongoDB 8 v1.0.0 L2 Unix | Unix | |
| CIS_MongoDB_8_v1.0.0_L2_Windows.audit from CIS MongoDB 8 Benchmark v1.0.0 | CIS MongoDB 8 v1.0.0 L2 Windows | Windows | |
| CIS_MongoDB_Benchmark_Level_2_OS_Windows_v1.0.0.audit from CIS MongoDB Benchmark v1.0.0 | CIS MongoDB L2 Windows Audit v1.0.0 | Windows | |
| CIS_Oracle_Linux_8_STIG_v1.0.0_CAT_III.audit from CIS Oracle Linux 8 STIG v1.0.0 | CIS Oracle Linux 8 STIG v1.0.0 CAT III | Unix | |
| CIS_PostgreSQL_10_v1.0.0_L1_DB.audit from CIS PostgreSQL 12 Benchmark v1.0.0 | CIS PostgreSQL 10 DB v1.0.0 | PostgreSQLDB | |
| CIS_PostgreSQL_11_v1.0.0_L1_DB.audit from CIS PostgreSQL 12 Benchmark v1.0.0 | CIS PostgreSQL 11 DB v1.0.0 | PostgreSQLDB | |
| CIS_PostgreSQL_17_v1.0.0_L1_Database.audit from CIS PostgreSQL 17 Benchmark v1.0.0 | CIS PostgreSQL 17 v1.0.0 L1 PostgreSQL | PostgreSQLDB | |
| CIS_PostgreSQL_17_v1.0.0_L1_OS_Linux.audit from CIS PostgreSQL 17 Benchmark v1.0.0 | CIS PostgreSQL 17 v1.0.0 L1 PostgreSQL | Unix | |
| Disallow unplug detection on the storage network interface | TNS Citrix Hypervisor | Unix | CONFIGURATION MANAGEMENT |
| DTAM154 - McAfee VirusScan On-Demand scan must be configured to scan memory for rootkits. | DISA McAfee VirusScan 8.8 Local Client STIG v6r1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| DTAM154 - McAfee VirusScan On-Demand scan must be configured to scan memory for rootkits. | DISA McAfee VirusScan 8.8 Managed Client STIG v6r1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| DTAM165 - McAfee VirusScan On-Access Scanner All Processes settings must be configured to detect unwanted programs. | DISA McAfee VirusScan 8.8 Local Client STIG v6r1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| F5BI-AP-300065 - The F5 BIG-IP appliance providing content filtering must automatically update malicious code protection mechanisms. | DISA F5 BIG-IP TMOS ALG STIG v1r2 | F5 | SYSTEM AND INFORMATION INTEGRITY |
| F5BI-AS-000119 - The BIG-IP ASM module must be configured to automatically update malicious code protection mechanisms when providing content filtering to virtual servers. | DISA F5 BIG-IP Application Security Manager STIG v2r2 | F5 | SYSTEM AND INFORMATION INTEGRITY |
| JUSX-IP-000014 - To protect against unauthorized data mining, the Juniper Networks SRX Series Gateway IDPS must detect code injection attacks launched against data storage objects, including, at a minimum, databases, database records, queries, and fields. | DISA Juniper SRX Services Gateway IDPS v2r1 | Juniper | ACCESS CONTROL |
| JUSX-IP-000015 - To protect against unauthorized data mining, the Juniper Networks SRX Series Gateway IDPS must detect code injection attacks launched against application objects, including, at a minimum, application URLs and application code. | DISA Juniper SRX Services Gateway IDPS v2r1 | Juniper | ACCESS CONTROL |
| JUSX-IP-000016 - To protect against unauthorized data mining, the Juniper Networks SRX Series Gateway IDPS must detect SQL injection attacks launched against data storage objects, including, at a minimum, databases, database records, and database fields. | DISA Juniper SRX Services Gateway IDPS v2r1 | Juniper | ACCESS CONTROL |
| JUSX-IP-000019 - The Juniper Networks SRX Series Gateway IDPS must protect against or limit the effects of known types of Denial of Service (DoS) attacks by employing signatures. | DISA Juniper SRX Services Gateway IDPS v2r1 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUSX-IP-000024 - The Juniper Networks SRX Series Gateway IDPS must generate an alert to, at a minimum, the ISSO and ISSM when root-level intrusion events that provide unauthorized privileged access are detected. | DISA Juniper SRX Services Gateway IDPS v2r1 | Juniper | SYSTEM AND INFORMATION INTEGRITY |
| MS.EXO.11.3v1 - The phishing protection solution SHOULD include an AI-based phishing detection tool comparable to EOP Mailbox Intelligence. | CISA SCuBA Microsoft 365 Exchange Online v1.5.0 | microsoft_azure | ACCESS CONTROL, SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| NIST_macOS_Monterey_All_Profiles_v1.0.0.audit from NIST macOS Monterey v1.0.0 | NIST macOS Monterey v1.0.0 - All Profiles | Unix | |
| SYMP-AG-000670 - Symantec ProxySG providing content filtering must generate an alert to, at a minimum, the ISSO and ISSM when denial-of-service (DoS) incidents are detected - Client limits | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | SYSTEM AND INFORMATION INTEGRITY |
| SYMP-AG-000670 - Symantec ProxySG providing content filtering must generate an alert to, at a minimum, the ISSO and ISSM when denial-of-service (DoS) incidents are detected - DoS incidents are detected. Rules | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | SYSTEM AND INFORMATION INTEGRITY |
| XenServer - Disallow unplug detection on the storage network interface | TNS Citrix XenServer | Unix | |
