| 1.3.6 Apply Security Context to Your Pods and Containers | CIS Kubernetes 1.7.0 Benchmark v1.1.0 L2 | Unix | |
| 1.3.6 Apply Security Context to Your Pods and Containers | CIS Kubernetes 1.8 Benchmark v1.2.0 L2 | Unix | |
| 1.6.6 Apply Security Context to Your Pods and Containers | CIS Kubernetes 1.7.0 Benchmark v1.1.0 L2 | Unix | |
| 2.12 Ensure 'Hide Instance' option is set to 'Yes' for Production SQL Server instances | CIS SQL Server 2017 Database L1 DB v1.3.0 | MS_SQLDB | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.9 Ensure Windows BUILTIN groups are not SQL Logins | CIS Microsoft SQL Server 2019 v1.5.2 L1 AWS RDS | MS_SQLDB | ACCESS CONTROL, MEDIA PROTECTION |
| 3.9 Ensure Windows BUILTIN groups are not SQL Logins | CIS Microsoft SQL Server 2019 v1.5.2 L1 Database Engine | MS_SQLDB | ACCESS CONTROL, MEDIA PROTECTION |
| 3.9 Ensure Windows BUILTIN groups are not SQL Logins | CIS Microsoft SQL Server 2022 v1.2.1 L1 Database Engine | MS_SQLDB | ACCESS CONTROL, MEDIA PROTECTION |
| 3.9 Ensure Windows BUILTIN groups are not SQL Logins | CIS SQL Server 2014 Database L1 AWS RDS v1.5.0 | MS_SQLDB | ACCESS CONTROL |
| 3.9 Ensure Windows BUILTIN groups are not SQL Logins | CIS SQL Server 2017 Database L1 DB v1.3.0 | MS_SQLDB | ACCESS CONTROL, MEDIA PROTECTION |
| 5.1.1.6 Ensure 'EXECUTE' is revoked from 'PUBLIC' on 'SQL Injection Helper' Packages | CIS Oracle Server 12c DB Traditional Auditing v3.0.0 | OracleDB | ACCESS CONTROL |
| 5.1.2.1 Ensure 'EXECUTE' is not granted to 'PUBLIC' on 'Non-default' Packages | CIS Oracle Server 12c DB Unified Auditing v3.0.0 | OracleDB | ACCESS CONTROL |
| 5.7.3 Apply Security Context to Your Pods and Containers | CIS Red Hat OpenShift Container Platform v1.9.0 L2 OpenShift | OpenShift | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 5.18 Ensure HTTP Header Permissions-Policy is set appropriately | CIS Apache HTTP Server 2.4 v2.3.0 L2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 7.1 Ensure 'Symmetric Key encryption algorithm' is set to 'AES_128' or higher in non-system databases | CIS SQL Server 2012 Database L1 DB v1.6.0 | MS_SQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.1 Ensure 'Symmetric Key encryption algorithm' is set to 'AES_128' or higher in non-system databases | CIS SQL Server 2014 Database L1 DB v1.5.0 | MS_SQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.1 Ensure 'Symmetric Key encryption algorithm' is set to 'AES_128' or higher in non-system databases | CIS Microsoft SQL Server 2022 v1.2.1 L1 Database Engine | MS_SQLDB | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.1 Ensure 'Symmetric Key encryption algorithm' is set to 'AES_128' or higher in non-system databases | CIS SQL Server 2012 Database L1 AWS RDS v1.6.0 | MS_SQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.1 Ensure 'Symmetric Key encryption algorithm' is set to 'AES_128' or higher in non-system databases | CIS Microsoft SQL Server 2019 v1.5.2 L1 AWS RDS | MS_SQLDB | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.1 Ensure 'Symmetric Key encryption algorithm' is set to 'AES_128' or higher in non-system databases | CIS Microsoft SQL Server 2019 v1.5.2 L1 Database Engine | MS_SQLDB | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.1 Ensure 'Symmetric Key encryption algorithm' is set to 'AES_128' or higher in non-system databases | CIS Microsoft SQL Server 2022 v1.2.1 L1 AWS RDS | MS_SQLDB | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 8.1 Ensure 'SQL Server Browser Service' is configured correctly | CIS SQL Server 2012 Database L1 DB v1.6.0 | MS_SQLDB | SYSTEM AND INFORMATION INTEGRITY |
| 8.1 Ensure 'SQL Server Browser Service' is configured correctly | CIS Microsoft SQL Server 2019 v1.5.2 L1 Database Engine | MS_SQLDB | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| SQL2-00-017100 - SQL Server default account sa must be disabled. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-017100 - The SQL Server default account [sa] must be disabled. | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-036500 - SQL Server must generate Trace or Audit records when unsuccessful attempts to modify locally-defined security objects occur - Event ID 164 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036500 - SQL Server must generate Trace or Audit records when unsuccessful attempts to modify locally-defined security objects occur - SCHEMA_OBJECT_CHANGE... | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036900 - SQL Server must generate Trace or Audit records when privileges/permissions are deleted - DATABASE_OBJECT_OWNERSHIP_CHANGE_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036900 - SQL Server must generate Trace or Audit records when privileges/permissions are deleted - DATABASE_OWNERSHIP_CHANGE_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036900 - SQL Server must generate Trace or Audit records when privileges/permissions are deleted - DATABASE_ROLE_MEMBER_CHANGE_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036900 - SQL Server must generate Trace or Audit records when privileges/permissions are deleted - Event ID 42 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036900 - SQL Server must generate Trace or Audit records when privileges/permissions are deleted - Event ID 43 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036900 - SQL Server must generate Trace or Audit records when privileges/permissions are deleted - Event ID 83 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036900 - SQL Server must generate Trace or Audit records when privileges/permissions are deleted - Event ID 84 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036900 - SQL Server must generate Trace or Audit records when privileges/permissions are deleted - Event ID 88 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036900 - SQL Server must generate Trace or Audit records when privileges/permissions are deleted - Event ID 103 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036900 - SQL Server must generate Trace or Audit records when privileges/permissions are deleted - Event ID 104 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036900 - SQL Server must generate Trace or Audit records when privileges/permissions are deleted - Event ID 105 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036900 - SQL Server must generate Trace or Audit records when privileges/permissions are deleted - Event ID 108 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036900 - SQL Server must generate Trace or Audit records when privileges/permissions are deleted - Event ID 111 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036900 - SQL Server must generate Trace or Audit records when privileges/permissions are deleted - Event ID 172 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036900 - SQL Server must generate Trace or Audit records when privileges/permissions are deleted - Event ID 177 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036900 - SQL Server must generate Trace or Audit records when privileges/permissions are deleted - SCHEMA_OBJECT_ACCESS_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036900 - SQL Server must generate Trace or Audit records when privileges/permissions are deleted - SCHEMA_OBJECT_OWNERSHIP_CHANGE_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036900 - SQL Server must generate Trace or Audit records when privileges/permissions are deleted - SCHEMA_OBJECT_PERMISSION_CHANGE_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036900 - SQL Server must generate Trace or Audit records when privileges/permissions are deleted - SERVER_OBJECT_PERMISSION_CHANGE_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036900 - SQL Server must generate Trace or Audit records when privileges/permissions are deleted - SERVER_ROLE_MEMBER_CHANGE_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037200 - SQL Server must generate Trace or Audit records when unsuccessful attempts to drop locally-defined security objects occur - Event ID 46 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037200 - SQL Server must generate Trace or Audit records when unsuccessful attempts to drop locally-defined security objects occur - Event ID 47 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037200 - SQL Server must generate Trace or Audit records when unsuccessful attempts to drop locally-defined security objects occur. | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL6-D0-016200 - The SQL Server default account [sa] must be disabled. | DISA MS SQL Server 2016 Instance STIG v3r6 MS_SQLDB | MS_SQLDB | ACCESS CONTROL |
