| 1.2.16 Ensure that the --profiling argument is set to false | CIS Kubernetes Benchmark v1.8.0 L1 Master | Unix | AUDIT AND ACCOUNTABILITY |
| 1.2.17 Ensure that the --profiling argument is set to false | CIS Kubernetes v1.23 Benchmark v1.0.1 L1 Master | Unix | AUDIT AND ACCOUNTABILITY |
| 1.2.17 Ensure that the --profiling argument is set to false | CIS Kubernetes v1.24 Benchmark v1.0.0 L1 Master | Unix | AUDIT AND ACCOUNTABILITY |
| 1.2.20 Ensure that the --profiling argument is set to false | CIS Kubernetes v1.20 Benchmark v1.0.1 L1 Master | Unix | AUDIT AND ACCOUNTABILITY |
| 1.6.4 Configure NTP Authentication | CIS Cisco NX-OS L2 v1.0.0 | Cisco | AUDIT AND ACCOUNTABILITY |
| 2.1.11 Ensure the spoofed domains report is reviewed weekly | CIS Microsoft 365 Foundations E5 L1 v3.0.0 | microsoft_azure | AUDIT AND ACCOUNTABILITY |
| 2.1.12 Ensure the 'Restricted entities' report is reviewed weekly | CIS Microsoft 365 Foundations E3 L1 v3.0.0 | microsoft_azure | AUDIT AND ACCOUNTABILITY |
| 2.1.13 Ensure all security threats in the Threat protection status report are reviewed at least weekly | CIS Microsoft 365 Foundations E3 L1 v3.0.0 | microsoft_azure | AUDIT AND ACCOUNTABILITY |
| 2.3.1 Ensure the Account Provisioning Activity report is reviewed at least weekly | CIS Microsoft 365 Foundations E3 L1 v3.0.0 | microsoft_azure | AUDIT AND ACCOUNTABILITY |
| 2.3.2 Ensure non-global administrator role group assignments are reviewed at least weekly | CIS Microsoft 365 Foundations E3 L1 v3.0.0 | microsoft_azure | AUDIT AND ACCOUNTABILITY |
| 2.12.8 - Miscellaneous Config - enable sar accounting - 'activity reports are generated every 20 minutes or less on weekday 8a-5p' | CIS AIX 5.3/6.1 L2 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 2.12.8 - Miscellaneous Config - enable sar accounting - 'activity reports are generated hourly on weekday 6p-7a' | CIS AIX 5.3/6.1 L2 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 2.12.8 - Miscellaneous Config - enable sar accounting - 'activity reports are generated hourly on weekends' | CIS AIX 5.3/6.1 L2 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 2.12.8 - Miscellaneous Config - enable sar accounting - 'daily summaries are being prepared' | CIS AIX 5.3/6.1 L2 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.1.2 Ensure user role group changes are reviewed at least weekly | CIS Microsoft 365 Foundations E3 L1 v3.0.0 | microsoft_azure | AUDIT AND ACCOUNTABILITY |
| 3.2 Ensure CloudTrail log file validation is enabled | CIS Amazon Web Services Foundations L2 3.0.0 | amazon_aws | AUDIT AND ACCOUNTABILITY |
| 3.5 Ensure error logs are sent to a remote syslog server | CIS NGINX Benchmark v2.0.1 L2 Proxy | Unix | AUDIT AND ACCOUNTABILITY |
| 3.5 Ensure error logs are sent to a remote syslog server | CIS NGINX Benchmark v2.0.1 L2 Loadbalancer | Unix | AUDIT AND ACCOUNTABILITY |
| 3.6 Ensure access logs are sent to a remote syslog server | CIS NGINX Benchmark v2.0.1 L2 Webserver | Unix | AUDIT AND ACCOUNTABILITY |
| 3.7 Ensure proxies pass source IP information | CIS NGINX Benchmark v2.0.1 L1 Proxy | Unix | AUDIT AND ACCOUNTABILITY |
| 3.7 Ensure proxies pass source IP information | CIS NGINX Benchmark v2.0.1 L1 Loadbalancer | Unix | AUDIT AND ACCOUNTABILITY |
| 3.7 Ensure proxies pass source IP information - X-Real-IP | CIS NGINX Benchmark v2.0.1 L1 Loadbalancer | Unix | AUDIT AND ACCOUNTABILITY |
| 3.7 Ensure proxies pass source IP information - X-Real-IP | CIS NGINX Benchmark v2.0.1 L1 Proxy | Unix | AUDIT AND ACCOUNTABILITY |
| 3.8 Ensure Web Tier Elastic Load Balancer has application layer Health Check Configured | CIS Amazon Web Services Three-tier Web Architecture L1 1.0.0 | amazon_aws | AUDIT AND ACCOUNTABILITY |
| 3.9 Ensure App Tier Elastic Load Balancer has application layer Health Check Configured | CIS Amazon Web Services Three-tier Web Architecture L1 1.0.0 | amazon_aws | AUDIT AND ACCOUNTABILITY |
| 3.9 Review and Log Implied Rules | CIS Check Point Firewall L2 v1.1.0 | CheckPoint | AUDIT AND ACCOUNTABILITY |
| 4.2.2.1 Ensure journald is configured to send logs to rsyslog | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.2.1 Ensure journald is configured to send logs to rsyslog | CIS SUSE Linux Enterprise 15 Workstation L1 v1.1.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.2.1 Ensure journald is configured to send logs to rsyslog | CIS SUSE Linux Enterprise 15 Server L1 v1.1.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.4 Ensure IAM policy changes are monitored | CIS Amazon Web Services Foundations L1 3.0.0 | amazon_aws | AUDIT AND ACCOUNTABILITY |
| 4.5 Ensure CloudTrail configuration changes are monitored | CIS Amazon Web Services Foundations L1 3.0.0 | amazon_aws | AUDIT AND ACCOUNTABILITY |
| 4.11 Ensure Network Access Control Lists (NACL) changes are monitored | CIS Amazon Web Services Foundations L2 3.0.0 | amazon_aws | AUDIT AND ACCOUNTABILITY |
| 4.15 Ensure AWS Organizations changes are monitored | CIS Amazon Web Services Foundations L1 3.0.0 | amazon_aws | AUDIT AND ACCOUNTABILITY |
| 5.1.5.1 Ensure the Application Usage report is reviewed at least weekly | CIS Microsoft 365 Foundations E3 L1 v3.0.0 | microsoft_azure | AUDIT AND ACCOUNTABILITY |
| 5.2.4.2 Ensure the self-service password reset activity report is reviewed at least weekly | CIS Microsoft 365 Foundations E3 L1 v3.0.0 | microsoft_azure | AUDIT AND ACCOUNTABILITY |
| 5.2.6.1 Ensure the Azure AD 'Risky sign-ins' report is reviewed at least weekly | CIS Microsoft 365 Foundations E5 L1 v3.0.0 | microsoft_azure | AUDIT AND ACCOUNTABILITY |
| 6.1.2 Configuring syslog - remote logging - *.info;auth.none in /etc/syslog.conf | CIS IBM AIX 7.1 L2 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 6.1.3 Configuring syslog - remote messages - remote messages | CIS IBM AIX 7.1 L2 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 6.4.1 Ensure mail forwarding rules are reviewed at least weekly | CIS Microsoft 365 Foundations E3 L1 v3.0.0 | microsoft_azure | AUDIT AND ACCOUNTABILITY |
| 7.16 Unified logging | CIS Apple macOS 10.12 L1 v1.2.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 8.1.18 Make the Audit Configuration Immutable | CIS Debian Linux 7 L2 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 20.13 Ensure 'Audit records must be backed up to a different system or media than the system being audited' | CIS Microsoft Windows Server 2016 STIG DC STIG v1.1.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 20.13 Ensure 'Audit records must be backed up to a different system or media than the system being audited' | CIS Microsoft Windows Server 2019 STIG DC STIG v1.0.1 | Windows | AUDIT AND ACCOUNTABILITY |
| 20.38 Ensure 'Off-load of audit records of interconnected systems in real time and off-load standalone systems weekly' | CIS Microsoft Windows Server 2019 STIG DC STIG v1.0.1 | Windows | AUDIT AND ACCOUNTABILITY |
| 20.39 Ensure 'Off-load of audit records of interconnected systems in real time and off-load standalone systems weekly' | CIS Microsoft Windows Server 2016 STIG DC STIG v1.1.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 20.39 Ensure 'Off-load of audit records of interconnected systems in real time and off-load standalone systems weekly' | CIS Microsoft Windows Server 2016 STIG MS STIG v1.1.0 | Windows | AUDIT AND ACCOUNTABILITY |
| FireEye - Greylist URL list | TNS FireEye | FireEye | AUDIT AND ACCOUNTABILITY |
| FireEye - Reports are run on a schedule | TNS FireEye | FireEye | AUDIT AND ACCOUNTABILITY |
| FireEye - Web-analysis incident list | TNS FireEye | FireEye | AUDIT AND ACCOUNTABILITY |
| FireEye - Workorder stats | TNS FireEye | FireEye | AUDIT AND ACCOUNTABILITY |
