| 1.1 Ensure Latest SQL Server Cumulative and Security Updates are Installed | CIS Microsoft SQL Server 2022 v1.2.1 L1 AWS RDS | MS_SQLDB | SYSTEM AND SERVICES ACQUISITION |
| 1.1 Ensure Latest SQL Server Cumulative and Security Updates are Installed | CIS Microsoft SQL Server 2019 v1.5.2 L1 Database Engine | MS_SQLDB | SYSTEM AND SERVICES ACQUISITION |
| 1.1 Ensure Latest SQL Server Cumulative and Security Updates are Installed | CIS SQL Server 2017 Database L1 AWS RDS v1.3.0 | MS_SQLDB | SYSTEM AND SERVICES ACQUISITION |
| 1.1 Ensure Latest SQL Server Cumulative and Security Updates are Installed | CIS SQL Server 2017 Database L1 DB v1.3.0 | MS_SQLDB | SYSTEM AND SERVICES ACQUISITION |
| 1.1 Ensure Latest SQL Server Service Packs and Hotfixes are Installed | CIS SQL Server 2016 Database L1 DB v1.4.0 | MS_SQLDB | SYSTEM AND SERVICES ACQUISITION |
| 1.1 Ensure Latest SQL Server Service Packs and Hotfixes are Installed | CIS SQL Server 2016 Database L1 AWS RDS v1.4.0 | MS_SQLDB | SYSTEM AND SERVICES ACQUISITION |
| 1.1 Ensure That Appropriate Version/Patches For Oracle Software Are Installed | CIS Oracle Database 19c v2.0.0 L1 RDBMS On Host OS OracleDB | OracleDB | SYSTEM AND SERVICES ACQUISITION |
| 1.1.1 Ensure NGINX is installed | CIS NGINX v3.0.0 L1 Webserver | Unix | SYSTEM AND SERVICES ACQUISITION |
| 1.1.1 Ensure NGINX is installed | CIS NGINX v3.0.0 L1 Proxy | Unix | SYSTEM AND SERVICES ACQUISITION |
| 1.2 Ensure the Image Profile VIB acceptance level is configured properly | CIS VMware ESXi 6.7 v1.3.0 Level 1 Bare Metal | Unix | SYSTEM AND SERVICES ACQUISITION |
| 1.2.31 Ensure unsupported configuration overrides are not used | CIS Red Hat OpenShift Container Platform v1.9.0 L1 | OpenShift | SYSTEM AND SERVICES ACQUISITION |
| 1.3 (L1) Ensure no unauthorized kernel modules are loaded on the host | CIS VMware ESXi 7.0 v1.5.0 L1 Bare Metal | Unix | SYSTEM AND SERVICES ACQUISITION |
| 1.133 (L1) Ensure 'Suppress the unsupported OS warning' is set to 'Disabled' | CIS Microsoft Edge v4.0.0 L1 | Windows | SYSTEM AND SERVICES ACQUISITION |
| 2.1 (L1) Host must run software that has not reached End of General Support status | CIS VMware ESXi 8.0 v1.2.0 L1 VMware | VMware | SYSTEM AND SERVICES ACQUISITION |
| 2.4 (L1) Host image profile acceptance level must be PartnerSupported or higher | CIS VMware ESXi 8.0 v1.2.0 L1 Unix | Unix | SYSTEM AND SERVICES ACQUISITION |
| 2.9 Ensure Legacy EFI Is Valid and Updating | CIS Apple macOS 12.0 Monterey v4.0.0 L1 | Unix | SYSTEM AND SERVICES ACQUISITION |
| 2.9 Ensure Legacy EFI Is Valid and Updating - checked regularly | CIS Apple macOS 11.0 Big Sur v4.0.0 L1 | Unix | SYSTEM AND SERVICES ACQUISITION |
| 2.9 Ensure Legacy EFI Is Valid and Updating - valid | CIS Apple macOS 11.0 Big Sur v4.0.0 L1 | Unix | SYSTEM AND SERVICES ACQUISITION |
| 2.9 Ensure Legacy EFI Is Valid and Updating - valid | CIS Apple macOS 10.15 Catalina v3.0.0 L1 | Unix | SYSTEM AND SERVICES ACQUISITION |
| 2.11 Ensure EFI Version Is Valid and Checked Regularly - daemon | CIS Apple macOS 10.14 v2.0.0 L1 | Unix | SYSTEM AND SERVICES ACQUISITION |
| 2.11 Ensure EFI Version Is Valid and Checked Regularly - integrity-check | CIS Apple macOS 10.14 v2.0.0 L1 | Unix | SYSTEM AND SERVICES ACQUISITION |
| 2.80 (L1) Ensure 'Suppress the unsupported OS warning' is set to 'Disabled' | CIS Google Chrome Group Policy v1.0.0 L1 | Windows | SYSTEM AND SERVICES ACQUISITION |
| 4.1 Ensure the Latest Security Patches are Applied | CIS MariaDB 10.11 v1.0.0 L1 MariaDB RDBMS on Linux MySQLDB | MySQLDB | SYSTEM AND SERVICES ACQUISITION |
| 4.1 Ensure the Latest Security Patches are Applied | CIS MySQL 5.6 Enterprise Database L1 v2.0.0 | MySQLDB | SYSTEM AND SERVICES ACQUISITION |
| 4.1 Ensure the Latest Security Patches are Applied | CIS MySQL 5.7 Enterprise Database L1 v2.0.0 | MySQLDB | SYSTEM AND SERVICES ACQUISITION |
| 4.1 Ensure the Latest Security Patches are Applied | CIS Oracle MySQL Community Server 8.4 v1.1.0 L1 MySQL RDBMS on Linux MySQLDB | MySQLDB | SYSTEM AND SERVICES ACQUISITION |
| 4.1 Ensure the Latest Security Patches are Applied | CIS Oracle MySQL Enterprise Edition 8.0 v1.5.0 L1 MySQL RDBMS on Linux MySQLDB | MySQLDB | SYSTEM AND SERVICES ACQUISITION |
| 4.1 Ensure the Latest Security Patches are Applied | CIS MariaDB 10.11 v1.0.0 L2 MariaDB RDBMS on Linux MySQLDB | MySQLDB | SYSTEM AND SERVICES ACQUISITION |
| 4.1 Ensure the Latest Security Patches are Applied | CIS MariaDB 10.6 on Linux L1 v1.1.0 | Unix | SYSTEM AND SERVICES ACQUISITION |
| 4.1 Ensure the Latest Security Patches are Applied | CIS MySQL 5.7 Community Database L1 v2.0.0 | MySQLDB | SYSTEM AND SERVICES ACQUISITION |
| 4.2 Ensure device is not obviously jailbroken or compromised | AirWatch - CIS Apple iOS 17 Benchmark v1.1.0 End User Owned L1 | MDM | SYSTEM AND SERVICES ACQUISITION |
| 4.2 Ensure device is not obviously jailbroken or compromised | AirWatch - CIS Apple iPadOS 17 Institutionally Owned L1 | MDM | SYSTEM AND SERVICES ACQUISITION |
| 4.2 Ensure device is not obviously jailbroken or compromised | MobileIron - CIS Apple iPadOS 17 Institutionally Owned L1 | MDM | SYSTEM AND SERVICES ACQUISITION |
| 4.2 Ensure device is not obviously jailbroken or compromised | AirWatch - CIS Apple iPadOS 18 v2.0.0 L1 Institutionally Owned | MDM | SYSTEM AND SERVICES ACQUISITION |
| 4.2 Ensure device is not obviously jailbroken or compromised | MobileIron - CIS Apple iPadOS 26 v1.0.0 L1 Institutionally Owned | MDM | SYSTEM AND SERVICES ACQUISITION |
| 4.2 Ensure device is not obviously jailbroken or compromised | AirWatch - CIS Apple iPadOS 18 v2.0.0 L1 End User Owned | MDM | SYSTEM AND SERVICES ACQUISITION |
| 4.2 Ensure device is not obviously jailbroken or compromised | MobileIron - CIS Apple iPadOS 26 v1.0.0 L1 End User Owned | MDM | SYSTEM AND SERVICES ACQUISITION |
| 4.2 Ensure device is not obviously jailbroken or compromised | AirWatch - CIS Apple iOS 18 Benchmark v2.0.0 L1 End User Owned | MDM | SYSTEM AND SERVICES ACQUISITION |
| 4.2 Ensure device is not obviously jailbroken or compromised | MobileIron - CIS Apple iOS 26 v1.0.0 L1 End User Owned | MDM | SYSTEM AND SERVICES ACQUISITION |
| 4.2 Ensure device is not obviously jailbroken or compromised | AirWatch - CIS Apple iPadOS 17 v1.1.0 End User Owned L1 | MDM | SYSTEM AND SERVICES ACQUISITION |
| 4.2 Ensure device is not obviously jailbroken or compromised | AirWatch - CIS Apple iOS 17 Institution Owned L1 | MDM | SYSTEM AND SERVICES ACQUISITION |
| 4.2 Ensure device is not obviously jailbroken or compromised | MobileIron - CIS Apple iOS 18 v2.0.0 L1 End User Owned | MDM | SYSTEM AND SERVICES ACQUISITION |
| 4.2 Ensure device is not obviously jailbroken or compromised | AirWatch - CIS Apple iOS 26 Benchmark v1.0.0 L1 End User Owned | MDM | SYSTEM AND SERVICES ACQUISITION |
| 4.2 Ensure device is not obviously jailbroken or compromised | MobileIron - CIS Apple iOS 18 v2.0.0 L1 Institution Owned | MDM | SYSTEM AND SERVICES ACQUISITION |
| 4.2 Ensure device is not obviously jailbroken or compromised | AirWatch - CIS Apple iOS 26 v1.0.0 L1 Institution Owned | MDM | SYSTEM AND SERVICES ACQUISITION |
| 4.2 Ensure device is not obviously jailbroken or compromised | MobileIron - CIS Apple iPadOS 18 v2.0.0 L1 Institution Owned | MDM | SYSTEM AND SERVICES ACQUISITION |
| 4.2 Ensure device is not obviously jailbroken or compromised | AirWatch - CIS Apple iPadOS 26 v1.0.0 L1 End User Owned | MDM | SYSTEM AND SERVICES ACQUISITION |
| 4.12 Ensure the Latest Operating System Updates Are Installed On Your Virtual Machines in All Projects | CIS Google Cloud Platform Foundation v4.0.0 L2 | GCP | SYSTEM AND SERVICES ACQUISITION |
| 5.9 Ensure Legacy EFI Is Valid and Updating | CIS Apple macOS 13.0 Ventura v4.0.0 L1 | Unix | SYSTEM AND SERVICES ACQUISITION |
| 7.13 Ensure 'HTTP2' is set to 'Enabled' on Azure Application Gateway | CIS Microsoft Azure Foundations v5.0.0 L1 | microsoft_azure | SYSTEM AND SERVICES ACQUISITION |
