| 1.16 RHEL-09-212035 | CIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.17 RHEL-09-212040 | CIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.18 RHEL-09-212045 | CIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II | Unix | SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 1.28 OL08-00-010170 | CIS Oracle Linux 8 STIG v1.0.0 CAT II | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.76 OL08-00-010421 | CIS Oracle Linux 8 STIG v1.0.0 CAT II | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.77 OL08-00-010422 | CIS Oracle Linux 8 STIG v1.0.0 CAT II | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.78 OL08-00-010423 | CIS Oracle Linux 8 STIG v1.0.0 CAT II | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.89 UBTU-22-432015 | CIS Ubuntu Linux 22.04 LTS STIG v1.0.0 CAT I | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.105 UBTU-24-600130 | CIS Ubuntu Linux 24.04 LTS STIG v1.0.0 CAT I | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.302 RHEL-09-431025 | CIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.3.4.1 Ensure 'Devices: Allowed to format and eject removable media' is set to 'Administrators and Interactive Users' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | MEDIA PROTECTION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| ALMA-09-041930 - AlmaLinux OS 9 must use a Linux Security Module configured to enforce limits on system services. | DISA CloudLinux AlmaLinux OS 9 STIG v1r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| ALMA-09-042040 - AlmaLinux OS 9 must have the policycoreutils package installed. | DISA CloudLinux AlmaLinux OS 9 STIG v1r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| CD12-00-004000 - PostgreSQL must isolate security functions from non-security functions. | DISA STIG Crunchy Data PostgreSQL OS v3r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| CNTR-K8-001620 - Kubernetes Kubelet must enable kernel protection. | DISA STIG Kubernetes v2r4 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| CNTR-R2-000940 - Rancher RKE2 runtime must isolate security functions from nonsecurity functions. | DISA Rancher Government Solutions RKE2 STIG v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTBI485-IE11 - Protected Mode must be enforced (Internet zone). | DISA STIG IE 11 v2r5 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTBI490-IE11 - Protected Mode must be enforced (Restricted Sites zone). | DISA STIG IE 11 v2r5 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTBI610-IE11 - Internet Explorer Processes for Zone Elevation must be enforced (Reserved). | DISA STIG IE 11 v2r5 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| MYS8-00-006500 - The MySQL Database Server 8.0 must isolate security functions from non-security functions. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| O19C-00-017100 - Oracle Database must isolate security functions from nonsecurity functions by means of separate security domains. | DISA Oracle Database 19c STIG v1r2 OracleDB | OracleDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| OL08-00-010170 - OL 8 must use a Linux Security Module configured to enforce limits on system services. | DISA Oracle Linux 8 STIG v2r5 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OL08-00-010171 - OL 8 must have the "policycoreutils" package installed. | DISA Oracle Linux 8 STIG v2r5 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OL08-00-010421 - OL 8 must clear the page allocator to prevent use-after-free attacks. | DISA Oracle Linux 8 STIG v2r5 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OL08-00-010422 - OL 8 must disable virtual syscalls. | DISA Oracle Linux 8 STIG v2r5 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OL08-00-010423 - OL 8 must clear memory when it is freed to prevent use-after-free attacks. | DISA Oracle Linux 8 STIG v2r5 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OL09-00-000200 - OL 9 must have policycoreutils package installed. | DISA Oracle Linux 9 STIG v1r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OL09-00-002393 - OL 9 must disable virtual system calls. | DISA Oracle Linux 9 STIG v1r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OL09-00-002394 - OL 9 must clear the page allocator to prevent use-after-free attacks. | DISA Oracle Linux 9 STIG v1r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-08-010170 - RHEL 8 must use a Linux Security Module configured to enforce limits on system services. | DISA Red Hat Enterprise Linux 8 STIG v2r4 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-08-010171 - RHEL 8 must have policycoreutils package installed. | DISA Red Hat Enterprise Linux 8 STIG v2r4 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-08-010421 - RHEL 8 must clear the page allocator to prevent use-after-free attacks. | DISA Red Hat Enterprise Linux 8 STIG v2r4 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-08-010422 - RHEL 8 must disable virtual syscalls. | DISA Red Hat Enterprise Linux 8 STIG v2r4 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-08-010423 - RHEL 8 must clear memory when it is freed to prevent use-after-free attacks. | DISA Red Hat Enterprise Linux 8 STIG v2r4 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-09-212040 - RHEL 9 must clear the page allocator to prevent use-after-free attacks. | DISA Red Hat Enterprise Linux 9 STIG v2r5 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-09-431025 - RHEL 9 must have policycoreutils package installed. | DISA Red Hat Enterprise Linux 9 STIG v2r5 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| SQL2-00-021500 - SQL Server must isolate security functions from nonsecurity functions by means of separate security domains. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| UBTU-20-010012 - The Ubuntu operating system must ensure only users who need access to security functions are part of sudo group. | DISA Canonical Ubuntu 20.04 LTS STIG v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| UBTU-22-432015 - Ubuntu 22.04 LTS must ensure only users who need access to security functions are part of sudo group. | DISA Canonical Ubuntu 22.04 LTS STIG v2r5 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| UBTU-24-600130 - Ubuntu 24.04 LTS must ensure only users who need access to security functions are part of sudo group. | DISA Canonical Ubuntu 24.04 LTS STIG v1r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| VCWN-06-100005 - The vCenter Server users must have the correct roles assigned. | DISA STIG VMware vSphere vCenter 6.x v1r4 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN11-CC-000037 - Local administrator accounts must have their privileged token filtered to prevent elevated privileges from being used over the network on domain systems. | DISA Microsoft Windows 11 STIG v2r4 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN11-SO-000250 - User Account Control must prompt administrators for consent on the secure desktop. | DISA Microsoft Windows 11 STIG v2r4 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN11-SO-000260 - User Account Control must be configured to detect application installations and prompt for elevation. | DISA Microsoft Windows 11 STIG v2r4 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN11-SO-000265 - User Account Control must only elevate UIAccess applications that are installed in secure locations. | DISA Microsoft Windows 11 STIG v2r4 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN11-SO-000275 - User Account Control must virtualize file and registry write failures to per-user locations. | DISA Microsoft Windows 11 STIG v2r4 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN22-MS-000020 - Windows Server 2022 local administrator accounts must have their privileged token filtered to prevent elevated privileges from being used over the network on domain-joined member servers. | DISA Microsoft Windows Server 2022 STIG v2r5 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN22-SO-000390 - Windows Server 2022 UIAccess applications must not be allowed to prompt for elevation without using the secure desktop. | DISA Microsoft Windows Server 2022 STIG v2r5 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN22-SO-000400 - Windows Server 2022 User Account Control (UAC) must, at a minimum, prompt administrators for consent on the secure desktop. | DISA Microsoft Windows Server 2022 STIG v2r5 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN22-SO-000450 - Windows Server 2022 User Account Control (UAC) must virtualize file and registry write failures to per-user locations. | DISA Microsoft Windows Server 2022 STIG v2r5 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
