| 1.2.1.4 Ensure 'Bind to Object' is set to Enabled - outlook.exe | CIS Microsoft Office 2016 v1.1.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.2.5.1.2 (L1) Ensure 'Bind to object' is set to 'Enabled' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.1 Configure NTP time synchronization | CIS VMware ESXi 5.5 v1.2.0 Level 1 | VMware | AUDIT AND ACCOUNTABILITY |
| 2.3.1 Ensure 'Managed Safari Web Domains' is 'Configured' | AirWatch - CIS Apple iOS 10 v2.0.0 End User Owned L1 | MDM | |
| 2.3.1 Ensure 'Managed Safari Web Domains' is 'Configured' | MobileIron - CIS Apple iOS 10 v2.0.0 End User Owned L1 | MDM | |
| 2.3.1 Ensure 'Managed Safari Web Domains' is `Configured` | MobileIron - CIS Apple iOS 12 v1.0.0 End User Owned L1 | MDM | |
| 2.6 Ensure transport layer security for 'basic authentication' is configured | CIS IIS 10 v1.2.1 Level 1 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.3.1 Ensure 'Managed Safari Web Domains' is 'Configured' | AirWatch - CIS Apple iOS 10 v2.0.0 Institution Owned L1 | MDM | |
| 3.3.1 Ensure 'Managed Safari Web Domains' is 'Configured' | AirWatch - CIS Apple iOS 11 v1.0.0 Institution Owned L1 | MDM | |
| 3.3.1 Ensure 'Managed Safari Web Domains' is `Configured` | AirWatch - CIS Apple iOS 13 and iPadOS 13 Institution Owned L1 | MDM | ACCESS CONTROL |
| 3.8 Ensure 'MachineKey validation method - .Net 3.5' is configured | CIS IIS 8.0 v1.5.1 Level 2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.9 Ensure 'MachineKey validation method - .Net 4.5' is configured - Applications | CIS IIS 10 v1.2.1 Level 1 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.6 Ensure 'HTTP Trace Method' is disabled - Default | CIS IIS 10 v1.2.1 Level 1 | Windows | SYSTEM AND SERVICES ACQUISITION |
| 4.7 Restrict access to Tomcat web application directory | CIS Apache Tomcat 9 L1 v1.2.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 4.7 Restrict access to Tomcat web application directory | CIS Apache Tomcat 9 L1 v1.2.0 Middleware | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 4.7 Restrict access to Tomcat web application directory | CIS Apache Tomcat 11 v1.0.0 L1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.5 Set 'Prevent ignoring certificate errors' to 'Enabled' | CIS IE 11 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.126 - Web Publishing and online ordering wizards prevented from downloading list of providers. | DISA Windows Vista STIG v6r41 | Windows | CONFIGURATION MANAGEMENT |
| 6.6 Ensure 'AlgorithmSuite' is set to that strong algorithms for signing and encrypting messages with WS-Security policy | CIS IBM WebSphere Liberty v1.0.0 L1 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.2 Ensure SSLv2 is disabled | CIS IIS 8.0 v1.5.1 Level 1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.3 Ensure SSLv3 is Disabled | CIS IIS 10 v1.2.1 Level 1 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.4 Ensure TLS 1.0 is Disabled | CIS IIS 10 v1.2.1 Level 1 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.7 Ensure NULL Cipher Suites is disabled | CIS IIS 8.0 v1.5.1 Level 1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.8 Ensure DES Cipher Suites is Disabled | CIS IIS 10 v1.2.1 Level 1 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.8 Ensure DES Cipher Suites is disabled | CIS IIS 8.0 v1.5.1 Level 1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.9 Ensure RC2 Cipher Suites is disabled | CIS IIS 8.0 v1.5.1 Level 1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.10 Ensure AES 128/128 Cipher Suite is Disabled | CIS IIS 10 v1.2.1 Level 1 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.13 Ensure AES 256/256 Cipher Suite is enabled | CIS IIS 8.0 v1.5.1 Level 1 | Windows | |
| 10.2 Restrict access to the web administration application | CIS Apache Tomcat 10.1 v1.1.0 L1 | Unix | ACCESS CONTROL |
| 10.2 Restrict access to the web administration application | CIS Apache Tomcat 8 L2 v1.1.0 | Unix | ACCESS CONTROL |
| 10.2 Restrict access to the web administration application | CIS Apache Tomcat 10 L1 v1.1.0 | Unix | ACCESS CONTROL |
| 10.2 Restrict access to the web administration application | CIS Apache Tomcat 10 L1 v1.1.0 Middleware | Unix | ACCESS CONTROL |
| 10.4 Force SSL when accessing the manager application via HTTP | CIS Apache Tomcat 10.1 v1.1.0 L1 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.8.22.1.6 Ensure 'Turn off Internet download for Web publishing and online ordering wizards' is set to 'Enabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | ACCESS CONTROL |
| AOSX-14-002008 - The macOS system must be configured to disable Web Sharing. | DISA STIG Apple Mac OSX 10.14 v2r6 | Unix | CONFIGURATION MANAGEMENT |
| CIS_MS_IIS_10_v1.2.1_Level_1.audit from CIS Microsoft IIS 10 Benchmark v1.2.1 | CIS IIS 10 v1.2.1 Level 1 | Windows | |
| DTBI770-IE11 - Deleting websites that the user has visited must be disallowed. | DISA STIG IE 11 v2r5 | Windows | AUDIT AND ACCOUNTABILITY |
| DTOO180 - Office System - Vector markup Language (VML) for displaying graphics in browsers must be disallowed. | DISA STIG Office System 2010 v1r13 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXi : audit-exception-users | VMWare vSphere 6.5 Hardening Guide | VMware | ACCESS CONTROL |
| ESXI-65-000072 - The ESXi host must have all security patches and updates installed. | DISA STIG VMware vSphere ESXi 6.5 v2r4 | VMware | CONFIGURATION MANAGEMENT |
| Fabric Security - Policy - FIPS Mode | Tenable Cisco ACI | Cisco_ACI | SYSTEM AND COMMUNICATIONS PROTECTION |
| Store passwords using reversible encryption | MSCT Windows Server 2019 DC v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| VCWN-06-000003 - The system must enforce a 60-day maximum password lifetime restriction. | DISA STIG VMware vSphere vCenter 6.x v1r4 | VMware | IDENTIFICATION AND AUTHENTICATION |
| VCWN-06-000043 - Passwords must contain at least one special character. | DISA STIG VMware vSphere vCenter 6.x v1r4 | VMware | IDENTIFICATION AND AUTHENTICATION |
| VCWN-65-000041 - The vCenter Server for Windows passwords must contain at least one lowercase character. | DISA STIG VMware vSphere vCenter 6.5 v2r3 | VMware | IDENTIFICATION AND AUTHENTICATION |
| VCWN-65-000042 - The vCenter Server for Windows passwords must contain at least one numeric character. | DISA STIG VMware vSphere vCenter 6.5 v2r3 | VMware | IDENTIFICATION AND AUTHENTICATION |
| VCWN-65-000043 - The vCenter Server for Windows passwords must contain at least one special character. | DISA STIG VMware vSphere vCenter 6.5 v2r3 | VMware | IDENTIFICATION AND AUTHENTICATION |
| WA000-WWA030 A22 - The httpd.conf MaxSpareServers directive must be set properly. | DISA STIG Apache Server 2.2 Unix v1r11 Middleware | Unix | |
| WatchGuard : IPS Logging Threat Level Critical - Enabled | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | AUDIT AND ACCOUNTABILITY |
| WatchGuard : SNMP Configuration - community string - 'private' | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | IDENTIFICATION AND AUTHENTICATION |
