| 1.2.15 Ensure that the admission control plugin NodeRestriction is set | CIS Kubernetes Benchmark v1.8.0 L2 Master | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.2.15 Ensure that the admission control plugin NodeRestriction is set | CIS Kubernetes v1.24 Benchmark v1.0.0 L1 Master | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.2.15 Ensure that the admission control plugin NodeRestriction is set | CIS Kubernetes v1.23 Benchmark v1.0.1 L1 Master | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.2.16 Ensure that the admission control plugin NodeRestriction is set | CIS Kubernetes v1.20 Benchmark v1.0.1 L1 Master | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.3.10 Ensure 'Password Profiles' do not exist | CIS Palo Alto Firewall 10 v1.1.0 L1 | Palo_Alto | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, IDENTIFICATION AND AUTHENTICATION, MEDIA PROTECTION, PLANNING, PROGRAM MANAGEMENT, RISK ASSESSMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 2.17 Ensure 'Proxy settings' is set to 'Enabled' and does not contain 'ProxyMode': 'auto_detect' | CIS Google Chrome L1 v3.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.2 Ensure 'Applications and Threats Update Schedule' is set to download and install updates at daily or shorter intervals | CIS Palo Alto Firewall 9 v1.1.0 L1 | Palo_Alto | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, MEDIA PROTECTION, RISK ASSESSMENT, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 4.2 Ensure 'Applications and Threats Update Schedule' is set to download and install updates at daily or shorter intervals | CIS Palo Alto Firewall 10 v1.1.0 L1 | Palo_Alto | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, MEDIA PROTECTION, RISK ASSESSMENT, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 5.2.2 Minimize the admission of containers wishing to share the host process ID namespace | CIS Kubernetes v1.20 Benchmark v1.0.1 L1 Master | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.2.3 Minimize the admission of containers wishing to share the host IPC namespace | CIS RedHat OpenShift Container Platform 4 v1.5.0 L1 | OpenShift | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.2.3 Minimize the admission of containers wishing to share the host process ID namespace | CIS Kubernetes v1.24 Benchmark v1.0.0 L1 Master | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.2.3 Minimize the admission of containers wishing to share the host process ID namespace | CIS Kubernetes v1.23 Benchmark v1.0.1 L1 Master | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.2.3 Minimize the admission of containers wishing to share the host process ID namespace | CIS Kubernetes Benchmark v1.8.0 L1 Master | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.3 Ensure forwarding of decrypted content to WildFire is enabled | CIS Palo Alto Firewall 11 v1.0.0 L1 | Palo_Alto | SYSTEM AND INFORMATION INTEGRITY |
| 5.4 Ensure forwarding of decrypted content to WildFire is enabled | CIS Palo Alto Firewall 10 v1.1.0 L1 | Palo_Alto | SYSTEM AND INFORMATION INTEGRITY |
| 5.4 Ensure forwarding of decrypted content to WildFire is enabled | CIS Palo Alto Firewall 8 Benchmark L1 v1.0.0 | Palo_Alto | SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 5.4 Ensure forwarding of decrypted content to WildFire is enabled | CIS Palo Alto Firewall 9 v1.1.0 L1 | Palo_Alto | SYSTEM AND INFORMATION INTEGRITY |
| 8.1 Ensure 'SSL Forward Proxy Policy' for traffic destined to the Internet is configured | CIS Palo Alto Firewall 11 v1.0.0 L1 | Palo_Alto | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 8.1 Ensure 'SSL Forward Proxy Policy' for traffic destined to the Internet is configured - Invalid Categories | CIS Palo Alto Firewall 8 Benchmark L1 v1.0.0 | Palo_Alto | SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 8.1 Ensure 'SSL Forward Proxy Policy' for traffic destined to the Internet is configured - Invalid Categories | CIS Palo Alto Firewall 9 v1.1.0 L1 | Palo_Alto | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 8.1 Ensure 'SSL Forward Proxy Policy' for traffic destined to the Internet is configured - Invalid Categories | CIS Palo Alto Firewall 10 v1.1.0 L1 | Palo_Alto | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 8.1 Ensure 'SSL Forward Proxy Policy' for traffic destined to the Internet is configured - Policies | CIS Palo Alto Firewall 8 Benchmark L1 v1.0.0 | Palo_Alto | SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 8.1 Ensure 'SSL Forward Proxy Policy' for traffic destined to the Internet is configured - Policies | CIS Palo Alto Firewall 10 v1.1.0 L1 | Palo_Alto | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 8.1 Ensure 'SSL Forward Proxy Policy' for traffic destined to the Internet is configured - Policies | CIS Palo Alto Firewall 9 v1.1.0 L1 | Palo_Alto | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 8.2 Ensure 'SSL Inbound Inspection' is required for all untrusted traffic destined for servers using SSL or TLS | CIS Palo Alto Firewall 8 Benchmark L1 v1.0.0 | Palo_Alto | SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 8.2 Ensure 'SSL Inbound Inspection' is required for all untrusted traffic destined for servers using SSL or TLS | CIS Palo Alto Firewall 9 v1.1.0 L1 | Palo_Alto | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 8.2 Ensure 'SSL Inbound Inspection' is required for all untrusted traffic destined for servers using SSL or TLS | CIS Palo Alto Firewall 10 v1.1.0 L1 | Palo_Alto | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 8.2 Ensure 'SSL Inbound Inspection' is required for all untrusted traffic destined for servers using SSL or TLS | CIS Palo Alto Firewall 11 v1.0.0 L1 | Palo_Alto | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 8.3 Ensure that the Certificate used for Decryption is Trusted | CIS Palo Alto Firewall 8 Benchmark L1 v1.0.0 | Palo_Alto | SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 8.3 Ensure that the Certificate used for Decryption is Trusted | CIS Palo Alto Firewall 8 Benchmark L2 v1.0.0 | Palo_Alto | SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 8.3 Ensure that the Certificate used for Decryption is Trusted | CIS Palo Alto Firewall 11 v1.0.0 L1 | Palo_Alto | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| 8.3 Ensure that the Certificate used for Decryption is Trusted | CIS Palo Alto Firewall 9 v1.1.0 L2 | Palo_Alto | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| 8.3 Ensure that the Certificate used for Decryption is Trusted | CIS Palo Alto Firewall 9 v1.1.0 L1 | Palo_Alto | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| 8.3 Ensure that the Certificate used for Decryption is Trusted | CIS Palo Alto Firewall 11 v1.0.0 L2 | Palo_Alto | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| 8.3 Ensure that the Certificate used for Decryption is Trusted | CIS Palo Alto Firewall 10 v1.1.0 L2 | Palo_Alto | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| 8.3 Ensure that the Certificate used for Decryption is Trusted | CIS Palo Alto Firewall 10 v1.1.0 L1 | Palo_Alto | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
