| 1 - Application specific logging | TNS Best Practice Jetty 9 Linux | Unix | |
| 1.1.2 Ensure separate partition exists for /tmp | CIS SUSE Linux Enterprise Server 11 L2 v2.1.1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.1.6 Ensure separate partition exists for /var | CIS Ubuntu Linux 18.04 LXD Host L2 Server v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.6 Ensure separate partition exists for /var | CIS Oracle Linux 6 Server L2 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.6 Ensure separate partition exists for /var | CIS Red Hat 6 Server L2 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.10 Ensure separate partition exists for /var | CIS Ubuntu Linux 16.04 LTS Server L2 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.13 Ensure separate partition exists for /home | CIS Ubuntu Linux 18.04 LXD Host L2 Server v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.13 Ensure separate partition exists for /home | CIS Ubuntu Linux 18.04 LXD Host L2 Workstation v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.2.1 - Configuring SSH - installation - 'openssl is installed' | CIS AIX 5.3/6.1 L2 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.2.1 - Configuring SSH - installation - 'openssl.base is installed' | CIS AIX 5.3/6.1 L2 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.2.1 - Configuring SSH - installation - 'openssl.man.en_US is installed' | CIS AIX 5.3/6.1 L2 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.3.5 Ensure LDAP client is not installed | CIS Debian 9 Server L1 v1.0.1 | Unix | CONFIGURATION MANAGEMENT |
| 2.8 Create Separate Partition for /var/log/audit | CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 3 - Configure log file size limit - org.eclipse.jetty.server.handler.RequestLogHandler | TNS Best Practice Jetty 9 Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 6.3 (L2) Ensure 'Block pop-up windows' is 'Enabled' (Scored) | CIS MacOS Safari v2.0.0 L2 | Unix | CONFIGURATION MANAGEMENT |
| 8 - Secure Datasources | TNS Best Practice JBoss 7 Linux | Unix | CONFIGURATION MANAGEMENT |
| 10 - Enable SSL Connector | TNS Best Practice JBoss 7 Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 11 - Access Control - JAAS | TNS Best Practice Jetty 9 Linux | Unix | |
| 12 - Remove and mask informational headers - Server Property Override | TNS Best Practice JBoss 7 Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 13 - Disable stacktrace in response body | TNS Best Practice JBoss 7 Linux | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 13 - Restrict access to temp directory - owner | TNS Best Practice Jetty 9 Linux | Unix | ACCESS CONTROL |
| 14 - SSL Encryption - WSDL Secure Port | TNS Best Practice JBoss 7 Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 16 - ORB Subsystem - Security-Domain Set | TNS Best Practice JBoss 7 Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 16 - Restrict access to JETTY.policy - owner | TNS Best Practice Jetty 9 Linux | Unix | ACCESS CONTROL |
| 21 - Restrict access to users.xml - owner | TNS Best Practice Jetty 9 Linux | Unix | ACCESS CONTROL |
| 28 - Ensure scheme is set accurately | TNS Best Practice Jetty 9 Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Adtran : Disable Telnet | TNS Adtran AOS Best Practice Audit | Adtran | CONFIGURATION MANAGEMENT |
| Adtran : Enable aaa | TNS Adtran AOS Best Practice Audit | Adtran | IDENTIFICATION AND AUTHENTICATION |
| Adtran : Enable security mode on virtual access point (VAP) | TNS Adtran AOS Best Practice Audit | Adtran | ACCESS CONTROL |
| Adtran : Ensure a trusted, primary DNS server is set | TNS Adtran AOS Best Practice Audit | Adtran | SYSTEM AND COMMUNICATIONS PROTECTION |
| Adtran : Ensure a trusted, secondary DNS server is set | TNS Adtran AOS Best Practice Audit | Adtran | SYSTEM AND COMMUNICATIONS PROTECTION |
| Ensure separate partition exists for /var | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
| Salesforce.com : AuthConfig - 'Auth Providers = Facebook is not configured' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | CONFIGURATION MANAGEMENT |
| Salesforce.com : AuthConfig - 'Auth Providers = MicrosoftACS Consumer Secret' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | |
| Salesforce.com : AuthConfig - 'Auth Providers = MicrosoftACS is not configured' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | CONFIGURATION MANAGEMENT |
| Salesforce.com : AuthConfig - 'Auth Providers = MicrosoftACS Token Endpoint URL' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | |
| Salesforce.com : AuthConfig - 'Auth Providers in use' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | |
| Salesforce.com : Data Access Control - 'Enable CSRF protection on GET requests on non-setup pages = true' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | SYSTEM AND COMMUNICATIONS PROTECTION |
| Salesforce.com : Email Services - 'IsErrorRoutingEnabled = True' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | SYSTEM AND INFORMATION INTEGRITY |
| Salesforce.com : Object Permissions - 'DefaultLeadAccess should not be Public Read/Write or Public Read/Write/Transfer' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | ACCESS CONTROL |
| Salesforce.com : Object Permissions - 'DefaultOpportunityAccess should not be Public Read/Write or Public Read/Write/Transfer' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | ACCESS CONTROL |
| Salesforce.com : Setting Password Policies - 'lockout period >= 30 minutes' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | ACCESS CONTROL |
| Salesforce.com : Setting Session Security - 'Enable clickjack protection for non-setup customer Visualforce pages = true' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | SYSTEM AND COMMUNICATIONS PROTECTION |
| Salesforce.com : Setting Session Security - 'Lock session to IP = true' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | ACCESS CONTROL |
| Salesforce.com : Setting Session Security - 'Review Salesforce console User' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | |
| Salesforce.com : Setting Session Security - 'Review Salesforce CRM Content User' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | |
| Salesforce.com : Setting Session Security - 'Review user types' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | |
| Salesforce.com : Setting Session Security - 'Review Work.com User' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | |
| Salesforce.com : Setting Session Security - 'Use POST requests for cross-domain sessions = true' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | CONFIGURATION MANAGEMENT |
| WN12-CC-000021 - A system restore point must be created when a new device driver is installed. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
