Configuration Audit Policies

Audit policies based on CERT, DISA STIG, NSA, GLBA and HIPAA standards.

DISA STIG and Checklist Configuration Audits

Standard Description
DISA_IIS_7.0_Web_Server_v1r16.audit DISA IIS 7.0 Web Server v1r16 (Audit last updated March 22, 2018)
DISA_STIG_Server_2012_DC_v2r11.audit DISA Windows Server 2012 DC STIG v2r11 (Audit last updated April 09, 2018)
DISA_STIG_Oracle_WebLogic_Server_12c_Linux_V1R4.audit Oracle WebLogic Server 12c v1r4 (Audit last updated March 22, 2018)
DISA_IIS_7.0_Web_Site_v1r16.audit DISA IIS 7.0 Web Site v1r16 (Audit last updated March 22, 2018)
DISA_STIG_Oracle_WebLogic_Server_12c_Windows_V1R4.audit Oracle WebLogic Server 12c v1r4 (Audit last updated March 22, 2018)
DISA_STIG_Mozilla_Firefox_v4r20_Windows.audit DISA STIG Mozilla Firefox Windows v4r20 (Audit last updated April 24, 2018)
DISA_STIG_Microsoft_Internet_Explorer_11_v1r14.audit DISA STIG IE 11 V1R14 (Audit last updated March 09, 2018)
DISA_STIG_Windows_8_8.1_v1r20.audit DISA Windows 8/8.1 STIG v1r20 (Audit last updated March 08, 2018)
DISA_STIG_MS_Windows_7_V1R29.audit DISA Windows 7 STIG v1r29 (Audit last updated March 09, 2018)
DISA_STIG_Server_2008_R2_MS_v1r25.audit DISA Windows Server 2008 R2 MS STIG v1r25 (Audit last updated April 19, 2018)
DISA_STIG_Red_Hat_Enterprise_Linux_7_v1r4.audit DISA Red Hat Enterprise Linux 7 STIG v1r4 (Audit last updated March 09, 2018)
DISA_STIG_Server_2008_R2_DC_v1r25.audit DISA Windows Server 2008 R2 DC STIG v1r25 (Audit last updated April 19, 2018)
DISA_STIG_HPUX_11.31_v1r16.audit DISA STIG HP-UX 11.31 v1r16 (Audit last updated March 27, 2018)
DISA_STIG_McAfee_VirusScan_8.8_Managed_Client_v5r17.audit DISA McAfee VirusScan 8.8 Managed Client STIG v5r17 (Audit last updated March 27, 2018)
DISA_STIG_Arista_NDM_STIG_V1R2.audit DISA STIG Arista MLS DCS-7000 Series NDM V1R2 (Audit last updated September 13, 2017)
DISA_STIG_Server_2012_MS_v2r11.audit DISA Windows Server 2012 MS STIG v2r11 (Audit last updated March 12, 2018)
DISA_STIG_MSSQL_2016_Instance-OS_v1r1.audit DISA STIG SQL Server 2016 Instance OS Audit v1r1 (Audit last updated April 25, 2018)
DISA_STIG_MS_Windows_Privileged_Access_Workstation_v1r1.audit DISA MS Windows Privileged Access Workstation v1r1 (Audit last updated March 28, 2018)
DISA_STIG_Windows_Server_2016_v1r3.audit DISA Windows Server 2016 STIG v1r3 (Audit last updated April 04, 2018)
DISA_STIG_EDB_PostgreSQL_Advanced_Server_v1r4_OS_Linux.audit EDB PostgreSQL Advanced Server OS Linux Audit v1r4 (Audit last updated April 25, 2018)
DISA_STIG_AIX_6.1_v1r12.audit DISA STIG AIX 6.1 v1r12 (Audit last updated March 28, 2018)
DISA_STIG_IBM_DB2_v10.5_LUW_v1r2_OS_Linux.audit DISA STIG IBM DB2 v10.5 LUW v1r2 OS Linux (Audit last updated April 26, 2018)
DISA_STIG_IBM_DB2_v10.5_LUW_v1r2_OS_Windows.audit DISA STIG IBM DB2 v10.5 LUW v1r2 OS Windows (Audit last updated April 26, 2018)
DISA_STIG_Windows_10_v1r12.audit DISA Windows 10 STIG v1r12 (Audit last updated April 20, 2018)
DISA_STIG_Apple_OS_X_10.12_v1r2.audit DISA STIG Apple Mac OSX 10.12 v1r2 (Audit last updated March 29, 2018)
DISA_IIS_6.0_Web_Site_V6R16.audit DISA STIG IIS 6.0 Site Checklist v6r16 (Audit last updated March 21, 2018)
DISA_STIG_Server_2008_MS_v6r39.audit DISA Windows Server 2008 MS STIG v6r39 (Audit last updated March 29, 2018)
linux_rh_STIG_v5r1.audit This audit file validates security settings included in DISA Unix STIG Version 5, Release 1 and is designed to focus on Red Hat ES 5. (Last updated November 4, 2010.)
DISA_STIG_JRE_8_Windows_v1r5.audit DISA STIG Oracle JRE 8 Windows v1r5 (Audit last updated March 29, 2018)
DISA_STIG_Windows_Defender_Antivirus_v1r3.audit DISA STIG Windows Defender Antivirus v1r3 (Audit last updated February 23, 2018)
FSOWIN2KMS_Analyze_only_v2.audit This file was created from .inf file FSOWIN2KMS_Analyze_only.inf, included with DISA STIGs Windows 2000 Security Checklist Version 6, Release 1.14. (Last updated July 9, 2010.)
DISA_STIG_RHEL_6_v1r18.audit DISA Red Hat Enterprise Linux 6 STIG v1r18 (Audit last updated February 23, 2018)
DISA_STIG_Server_2008_DC_v6r39.audit DISA Windows Server 2008 DC STIG v6r39 (Audit last updated March 29, 2018)
DISA_STIG_Google_Chrome_Windows_V1R11.audit DISA STIG Google Chrome v1r11 (Audit last updated April 04, 2018)
Java_Runtime_Environment_JRE_6_STIG_Win7.audit DISA STIG Java JRE 6 Windows 7 v1r4 (Audit last updated November 02, 2016)
DISA_STIG_Solaris_10_x86_v1r21.audit DISA STIG Solaris 10 X86 v1r21 (Audit last updated March 19, 2018)
DISA_IIS_8.5_Web_Server_v1r2.audit DISA IIS 8.5 Server V1R2 (Audit last updated March 19, 2018)
DISA_STIG_Juniper_Infrastructure_Router_V8R25.audit DISA STIG Juniper Infrastructure Router V8R25 (Audit last updated April 10, 2018)
DISA_STIG_Solaris_10_SPARC_v1r21.audit DISA STIG Solaris 10 SPARC v1r21 (Audit last updated March 19, 2018)
Java_Runtime_Environment_JRE_6_STIG_UNIX.audit DISA STIG Java JRE 6 v1r4 (Audit last updated November 02, 2016)
DISA_IIS_8.5_Web_Site_v1r2.audit DISA IIS 8.5 Site V1R2 (Audit last updated March 19, 2018)
DISA_STIG_Juniper_Perimeter_Router_V8R28.audit DISA STIG Juniper Perimeter Router V8R28 (Audit last updated April 10, 2018)
DISA_STIG_McAfee_VirusScan_8.8_Local_Client_v5r14.audit DISA McAfee VirusScan 8.8 Local Client STIG v5r14 (Audit last updated March 21, 2018)
DISA_STIG_MacOSX_10.11_v1r6.audit DISA STIG Apple Mac OSX 10.11 v1r6 (Audit last updated March 21, 2018)
DISA_IIS_6.0_Web_Server_V6R16.audit DISA STIG IIS 6.0 Server v6r16 (Audit last updated March 21, 2018)
DISA_STIG_Adobe_Acrobat_Reader_DC_Continuous_Track_v1r3.audit DISA STIG Adobe Acrobat Reader DC Continuous Track v1r3 (Audit last updated April 11, 2018)
DISA_STIG_Adobe_Acrobat_Reader_DC_Classic_Track_v1r2.audit DISA STIG Adobe Acrobat Reader DC Classic Track V1R2 (Audit last updated April 11, 2018)
DISA_STIG_PostgreSQL_9-x_on_RHEL_v1r2_OS.audit DISA STIG PostgreSQL 9.x on RHEL DB v1r2 (Audit last updated April 20, 2018)
DISA_STIG_AIX_5.3_v1r2.audit DISA STIG AIX 5.3 v1r2 (Audit last updated March 27, 2018)
Java_Runtime_Environment_JRE_6_STIG_WinXP.audit DISA STIG Java JRE 6 for Windows XP v1r4 (Audit last updated November 02, 2016)
DISA_STIG_Microsoft_PowerPoint_2016_V1R1.audit DISA STIG Microsoft PowerPoint 2016 v1r1 (Audit last updated May 04, 2017)
DISA_STIG_Microsoft_OneDrive_Business_2016_v1r2.audit DISA STIG Microsoft OneDrive for Business 2016 v1r2 (Audit last updated June 08, 2017)
DISA_STIG_RHEL_5_v1r18.audit This audit file validates a majority of the security settings included in DISA Red Hat 5 STIG v1r18. (Last updated July 13, 2017.)
DISA_STIG_Solaris_11_v1r13.audit DISA STIG Solaris 11 X86 v1r13 (Audit last updated March 19, 2018)
DISA_STIG_Microsoft_Dot_Net_Framework_4.0_v1r4.audit DISA STIG for Microsoft Dot Net Framework 4.0 v1r4 (Audit last updated August 28, 2017)
DISA_STIG_IE10_V1R15.audit DISA STIG IE 10 V1R15 (Audit last updated May 19, 2017)
Java_Runtime_Environment_JRE_7_STIG_WinXP.audit DISA STIG Java JRE 7 for Windows XP v1r4 (Audit last updated November 02, 2016)
DISA_STIG_Microsoft_Office_Access_2016_V1R1.audit DISA STIG Microsoft Office Access 2016 v1r1 (Audit last updated May 09, 2017)
Java_Runtime_Environment_JRE_7_STIG_Win7.audit DISA STIG Java JRE 7 for Windows 7 v1r4 (Audit last updated November 02, 2016)
Java_Runtime_Environment_JRE_7_STIG_UNIX.audit DISA STIG Java JRE 7 v1r4 (Audit last updated February 13, 2017)
DISA_STIG_Arista_L2S_STIG_V1R2.audit DISA STIG Arista MLS DCS-7000 Series L2S V1R2 (Audit last updated September 06, 2017)
DISA_STIG_Arista_RTR_STIG_V1R2.audit DISA STIG Arista MLS DCS-7000 Series RTR V1R2 (Audit last updated September 06, 2017)
DISA_STIG_McAfee_VSEL_1.9.x_2.0.x_Managed_Client_v1r3.audit McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r3 (Audit last updated January 16, 2018)
DISA_STIG_MS_Office_Project_2010.audit DISA STIG Office 2010 Project v1r5 (Audit last updated November 16, 2017)
DISA_STIG_Word_2007_v4r9.audit This audit file validates the recommendations provided by the DISA MS Office 2007 Security Technical Implementation Guide. (Last updated August 6, 2013.)
DISA_STIG_MS_Office_Infopath_2003_v4r3.audit DISA STIG Office 2003 InfoPath v4r3 (Audit last updated November 16, 2017)
DISA_STIG_Excel_2007_v4r9.audit This audit file validates the recommendations provided by the DISA MS Office 2007 Security Technical Implementation Guide. (Last updated March 24, 2014.)
FSOWIN2k3MS_Analyze_only_v2.audit This audit file validates security settings included in DISA STIG Windows Server 2003 MS STIG, Version 6, Release 1.32. (Last updated May 30, 2014.)
DISA_STIG_MS_Office_Word_2010.audit DISA STIG Office 2010 Word v1r5 (Audit last updated November 16, 2017)
DISA_STIG_MacOSX_10.9_v1r2.audit DISA STIG Apple Mac OSX 10.9 v1r2 (Audit last updated August 03, 2017)
DISA_STIG_Apache_Site-2.2_Windows_v1r12.audit DISA STIG Apache Site 2.2 Windows v1r12 (Audit last updated December 08, 2017)
DISA_STIG_IE9_v1r5.audit DISA STIG IE 9 v1r5 (Audit last updated November 02, 2016)
DISA_STIG_MS_Office_Access_2003_v4r3.audit DISA STIG Office 2003 Access v4r3 (Audit last updated November 16, 2017)
DISA_STIG_MacOSX_10.5_v1r2.audit DISA STIG Apple Mac OSX 10.5 v1r2 (Audit last updated August 03, 2017)
DISA_STIG_MS_Office_Outlook_2003_v4r3.audit DISA STIG Office 2003 Outlook v4r3 (Audit last updated November 16, 2017)
DISA_STIG_MS_Office_PowerPoint_2003_v4r3.audit DISA STIG Office 2003 PowerPoint v4r3 (Audit last updated November 16, 2017)
DISA_STIG_MS_Office_Word_2003_v4r3.audit DISA STIG Office 2003 Word v4r3 (Audit last updated November 16, 2017)
FSOIE8_All_Profiles_v1r4.audit This audit file validates security settings included in DISA Internet Explorer 8 STIG Version 1, Release 4. (Last updated March 25, 2011.)
DISA_STIG_MS_Office_Access_2010.audit DISA STIG Office 2010 Access v1r5 (Audit last updated November 16, 2017)
DISA_STIG_MS_Office_Publisher_2010.audit DISA STIG Office 2010 Publisher v1r5 (Audit last updated November 16, 2017)
DISA_STIG_OfficeSystem_2007_v4r9.audit DISA STIG OfficeSystem 2007 v4r9 (Audit last updated November 16, 2017)
DISA_STIG_MS_Office_OneNote_2010.audit DISA STIG Office 2010 OneNote v1r5 (Audit last updated November 16, 2017)
DISA_STIG_Outlook_2007_v4r9.audit This audit file validates the recommendations provided by the DISA MS Office 2007 Security Technical Implementation Guide. (Last updated August 6, 2013.)
DISA_STIG_MacOSX_10.10_v1r5.audit DISA STIG Apple Mac OSX 10.10 v1r5 (Audit last updated August 03, 2017)
DISA_STIG_Apache_Server-2.2_Windows_v1r12.audit DISA STIG Apache Server 2.2 Windows v1r12 (Audit last updated December 08, 2017)
DISA_STIG_Access_2007_v4r9.audit This audit file validates the recommendations provided by the DISA MS Office 2007 Security Technical Implementation Guide. (Last updated August 6, 2013.)
DISA_STIG_MS_Office_Outlook_2010.audit DISA STIG Office 2010 Outlook v1r5 (Audit last updated November 16, 2017)
DISA_STIG_InfoPath_2007_v4r9.audit This audit file validates the recommendations provided by the DISA MS Office 2007 Security Technical Implementation Guide. (Last updated August 6, 2013.)
DISA_STIG_PowerPoint_2007_v4r9.audit This audit file validates the recommendations provided by the DISA MS Office 2007 Security Technical Implementation Guide. (Last updated August 6, 2013.)
DISA_STIG_MS_Office_PowerPoint_2010.audit DISA STIG Office PowerPoint 2010 v1r5 (Audit last updated November 16, 2017)
FSOWIN2KDC_Analyze_only_v2.audit This file was created from .inf file FSOWIN2KDC_Analyze_only.inf, included with DISA STIGs Windows 2000 Security Checklist Version 6, Release 1.14. (Last updated July 9, 2010.)
FSOWIN2k3DC_Analyze_only_v2.audit This audit file validates security settings included in DISA STIG Windows Server 2003 DC STIG, Version 6, Release 1.32. (Last updated May 30, 2014.)
DISA_STIG_Microsoft_Access_2013_v1r5.audit DISA STIG Microsoft Access 2013 v1r5 (Audit last updated May 09, 2017)
FSOWINXPPro_Analyze_only_v2.audit This audit file validates security settings included in DISA STIG Windows XP STIG, Version 6, Release 1.32. (Last updated May 30, 2014.)
DISA_STIG_Microsoft_Excel_2013_v1r6.audit DISA STIG Microsoft Excel 2013 v1r6 (Audit last updated May 09, 2017)
DISA_STIG_Microsoft_Office_System_2016_V1R1.audit DISA STIG Microsoft Office System 2016 v1r1 (Audit last updated May 09, 2017)
DISA_STIG_Microsoft_PowerPoint_2013_V1R5.audit DISA STIG Microsoft PowerPoint 2013 v1r5 (Audit last updated May 04, 2017)
DISA_STIG_Microsoft_Publisher_2016_v1r2.audit DISA STIG Microsoft Publisher 2016 v1r1 (Audit last updated May 09, 2017)
DISA_STIG_Microsoft_Visio_2013_v1r3.audit DISA STIG Microsoft Visio 2013 v1r3 (Audit last updated May 09, 2017)
DISA_STIG_Microsoft_Publisher_2013_v1r4.audit DISA STIG Microsoft Publisher 2013 v1r4 (Audit last updated May 09, 2017)
DISA_STIG_Oracle_Linux_5_v1r11.audit DISA STIG for Oracle Linux 5 v1r11 Audit (Audit last updated September 21, 2017)
DISA_STIG_SharePoint_2010_v1r7.audit DISA STIG SharePoint 2010 v1r7 (Audit last updated October 24, 2017)
DISA_STIG_Microsoft_Project_2016_v1r1.audit DISA STIG Microsoft Project 2016 v1r1 (Audit last updated May 19, 2017)
DISA_STIG_MacOSX_10.6_v1r3.audit DISA STIG Apple Mac OSX 10.6 v1r3 (Audit last updated August 03, 2017)
DISA_STIG_MS_Office_InfoPath_2010.audit DISA STIG Office 2010 InfoPath v1r5 (Audit last updated November 16, 2017)
DISA_STIG_MS_Office_Excel_2010.audit DISA STIG Office Excel 2010 v1r5 (Audit last updated November 16, 2017)
FSOWIN2Kwks_Analyze_only_v2.audit This file was created from .inf file FSOWIN2Kwks_Analyze_only.inf, included with DISA STIGs Windows 2000 Security Checklist Version 6, Release 1.14. (Last updated July 9, 2010.)
DISA_STIG_MS_Office_Excel_2003_v4r3.audit DISA STIG Office Excel 2003 v4r3 (Audit last updated November 16, 2017)
DISA_STIG_MS_Office_System_2010.audit DISA STIG Office System 2010 v1r5 (Audit last updated November 16, 2017)
DISA_STIG_RHEL_5_v1r17.audit DISA STIG for Red Hat Enterprise Linux 5 v1r17 Audit (Audit last updated August 08, 2017)
DISA_STIG_Microsoft_Outlook_2013_v1r11.audit DISA STIG Microsoft Outlook 2013 v1r11 (Audit last updated December 01, 2017)
DISA_STIG_Solaris_11_SPARC_v1r13.audit DISA STIG Solaris 11 SPARC v1r13 (Audit last updated March 19, 2018)
DISA_STIG_Windows_Firewall_V1R6.audit DISA Microsoft Windows Firewall v1.6.0 (Audit last updated June 16, 2017)
DISA_STIG_Apache_Site-2.2_Unix_v1r9.audit DISA STIG Apache Site 2.2 Unix v1r9 (Audit last updated December 01, 2017)
DISA_STIG_Oracle_Linux_6_v1r11.audit DISA STIG Oracle Linux 6 V1R11 (Audit last updated November 21, 2017)
DISA_STIG_Apache_Server-2.2_Unix_v1r9.audit DISA STIG Apache Server 2.2 Unix v1r9 (Audit last updated December 01, 2017)
DISA_STIG_Microsoft_Groove_2013_v1r2.audit DISA STIG Microsoft Groove 2013 v1r2 (Audit last updated August 03, 2017)
DISA_STIG_JRE_8_Unix_v1r3.audit DISA STIG Oracle JRE 8 Unix v1r3 (Audit last updated November 16, 2017)
DISA_STIG_Microsoft_Skype_Business_2016_v1r1.audit DISA STIG Microsoft Skype for Business 2016 v1r1 (Audit last updated May 31, 2017)
DISA_STIG_Microsoft_Excel_2016_v1r2.audit DISA STIG Microsoft Excel 2016 v1r2 (Audit last updated December 01, 2017)
DISA_STIG_Microsoft_Office_System_2013_V1R5.audit DISA STIG Microsoft Office System 2013 v1r5 (Audit last updated August 23, 2017)
DISA_STIG_Microsoft_Outlook_2016_v1r2.audit DISA STIG Microsoft Outlook 2016 v1r2 (Audit last updated August 17, 2017)
DISA_STIG_Microsoft_Visio_2016_v1r1.audit DISA STIG Microsoft Visio 2016 v1r1 (Audit last updated May 19, 2017)
DISA_STIG_Microsoft_Project_2013_v1r3.audit DISA STIG Microsoft Project 2013 v1r3 (Audit last updated August 08, 2017)
DISA_STIG_Microsoft_OneNote_2013_v1r2.audit DISA STIG Microsoft OneNote 2013 v1r2 (Audit last updated August 09, 2017)
DISA_STIG_Microsoft_OneNote_2016_v1r2.audit DISA STIG Microsoft OneNote 2016 v1r2 (Audit last updated May 19, 2017)
DISA_STIG_SharePoint_2013_v1r3.audit DISA STIG SharePoint 2013 v1r3 (Audit last updated October 24, 2017)
DISA_STIG_Microsoft_Word_2013_v1r5.audit DISA STIG Microsoft Word 2013 v1r5 (Audit last updated May 09, 2017)
DISA_STIG_RedHat_JBoss_EAP_6.3_v1r2.audit DISA RedHat JBoss EAP 6.3 STIG V1R2 (Audit last updated December 13, 2017)
DISA_STIG_Microsoft_Lync_2013_v1r3.audit DISA STIG Microsoft Lync 2013 v1r3 (Audit last updated August 03, 2017)
DISA_STIG_Microsoft_InfoPath_2013_v1r4.audit DISA STIG Microsoft InfoPath 2013 v1r4 (Audit last updated August 28, 2017)
DISA_STIG_Microsoft_Word_2016_v1r1.audit DISA STIG Microsoft Word 2016 v1r1 (Audit last updated May 09, 2017)
DISA_STIG_McAfee_VSEL_1.9.x_2.0.x_Local_Client_v1r2.audit McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r2 (Audit last updated December 18, 2017)
DISA_STIG_MS_Windows_Vista_V6R41_STIG.audit DISA Windows Vista STIG v6r41 (Audit last updated March 01, 2018)
DISA_STIG_Mozilla_Firefox_v4r19_Linux.audit DISA STIG Mozilla Firefox Linux v4r19 (Audit last updated January 03, 2018)

Tenable Configuration Audits

Standard Description
TNS_IBM_WebSphere_Application_Server_9_Windows.audit TNS IBM WebSphere Application Server 9 Windows Best Practices (Audit last updated February 14, 2018)
TNS_IBM_WebSphere_Application_Server_9_Linux.audit TNS IBM WebSphere Application Server 9 Linux Best Practices (Audit last updated February 14, 2018)
AIX_best_practice.audit Consists of a list of best practices checks for an AIX host. Some of the checks in this document have been set to predetermined values and might not reflect the actual values of the system being tested. It may be required to manually edit some checks. Additionally, this audit was tested against AIX 5.3L and some checks may need to be modified for later versions of AIX. (Last updated November 4, 2010.)
IBM_Tivoli_Enterprise_Server_OS.audit This .audit file verifies most of the standard configuration parameters for a TEM Server as recommended in the IBM TEM Administrator's Guide and the IBM DeveloperWorks TEM wiki. (Last updated January 23, 2013.)
Tenable_PostgreSQL_9.1_Best_Practices_Unix_OS.audit TNS PostgreSQL 9.1 Best Practices Unix OS (Audit last updated November 17, 2017)
tenable_unix_compliance_template.audit This .audit policy demonstrates the wide range of checks that can be performed using the Unix compliance module. It consists of many of the implemented built-in checks along with examples of all the other Customizable checks. (Last updated November 4, 2010.)
apache_best_practice.audit Consists of a list of best practices checks for a host running Apache web server. Some of the checks in this document have been set to predetermined values and hence might not reflect the actual values on the system being tested. It is therefore required to manually edit some checks. (Last updated November 4, 2010.)
OWASP_PHP_Best_Practice_guide.audit OWASP PHP Best Practice (Audit last updated November 02, 2016)
IBM_Tivoli_Enterprise_Client-Windows.audit This .audit file verifies most of the standard configuration parameters for a TEM Client on Windows as recommended in the IBM TEM Administrator's Guide and the IBM DeveloperWorks TEM wiki. (Last updated January 23, 2013.)
IBM_Tivoli_Enterprise_Relay.audit This audit file verifies most of the standard configuration parameters for a TEM Relay as recommended in the IBM TEM Administrator's Guide and the IBM DeveloperWorks TEM wiki. (Last updated January 23, 2013.)
IBM_Tivoli_Enterprise_Server_DB.audit This .audit file verifies most of the standard configuration parameters for a TEM Server as recommended in the IBM TEM Administrator's Guide and the IBM DeveloperWorks TEM wiki. (Last updated January 23, 2013.)
linux_process_accounting.audit Performs multiple tests to ensure that a Linux system has had Process Accounting enabled. (Last updated November 4, 2010.)
linux_secure_login.audit Tests running processes and the xinetd configuration to ensure that Secure Shell is the only login configuration enabled and that Telnet and Rlogin have not been enabled. (Last updated November 4, 2010.)
RedHat_JBoss_EAP_5.x.audit Redhat JBoss EAP 5.x (Audit last updated November 29, 2016)
redhat_best_practice.audit Consists of a list of best practices checks for a typical Red Hat Linux system. (Last updated November 4, 2010.)
selinux_configured.audit Performs multiple tests to ensure that a Linux system has had SELinux enabled. It does not audit the settings for SELinux, but does ensure that it has been enabled. (Last updated February 1, 2016.)
Tomcat_linux_1_0_0.audit This policy examines common configuration items in Apache Tomcat and is based on the CIS Apache Tomcat Benchmark v1.0.0. (Last updated November 4, 2010.)
unix_approved_software_pkg.audit This audit provides samples of checks against a Solaris system for installed software packages. (Last updated February 17, 2011.)
unix_deny_userlist.audit This audit provides samples of checks against Unix system password files for unauthorized users. (Last updated February 17, 2011.)
Windows_Firewall_Enabled_v2.audit This policy tests to see if the Windows Firewall is enabled in either the local policy or the domain policy. (Last updated February 4, 2008.)
NetApp_Data_ONTAP_Best_Practices.audit TNS NetApp Data ONTAP 7G Best Practices (Audit last updated November 02, 2016)
TNS_Best_Practice_RedHat_JBoss_v7_Linux.audit TNS Best Practice JBoss 7 Linux (Audit last updated October 25, 2017)
TNS_Best_Practice_RedHat_JBoss_v6_Linux.audit TNS Best Practice JBoss 6 Linux (Audit last updated February 13, 2017)
TNS_IBM_HTTP_Server_Linux_Best_Practice.audit TNS IBM HTTP Server Best Practice (Audit last updated November 16, 2017)
TNS_Oracle_WebLogic_10_Security_Guide_Linux.audit TNS Oracle WebLogic Server 10 Linux Best Practices (Audit last updated January 16, 2018)
TNS_Oracle_WebLogic_11_Security_Guide_Linux.audit TNS Oracle WebLogic Server 11 Linux Best Practices (Audit last updated January 16, 2018)
TNS_Best_Practices_Jetty_9_v1.0.0.audit TNS Best Practice Jetty 9 Linux (Audit last updated February 13, 2017)
TNS_IBM_HTTP_Server_Best_Practice.audit TNS IBM HTTP Server Best Practice (Audit last updated November 16, 2017)
Tenable_PostgreSQL_9.1_Best_Practices_Windows_OS.audit TNS PostgreSQL 9.1 Best Practices Windows OS (Audit last updated November 17, 2017)
TNS_Oracle_WebLogic_10_Security_Guide_Windows.audit TNS Oracle WebLogic Server 10 Windows Best Practices (Audit last updated January 16, 2018)
TNS_Oracle_WebLogic_11_Security_Guide_Windows.audit TNS Oracle WebLogic Server 11 Windows Best Practices (Audit last updated January 16, 2018)
IBM_Tivoli_Enterprise_Client-Linux.audit TNS IBM Tivoli Enterprise Client Linux Best Practices (Audit last updated January 11, 2018)

CERT Configuration Audits

Standard Description
cert_unix_checklist.audit Contains many of the checks listed in CERT's UNIX Security Checklist v2.0 guide. (Last updated November 4, 2010.)

Code of Connection (CoCo) Configuration Audits

Standard Description
CoCo_MS_v4.1.audit Provides coverage for GCSX Code of Connection v4.1 (CoCo) recommendations applicable to a system running Microsoft Windows operating system. Note: The guideline itself is not available publicly. (Last updated May 25, 2011.)
CoCo_Linux_v4.1.audit Provides coverage for GCSX Code of Connection v4.1 (CoCo) recommendations applicable to a system running Red Hat 5. Note: The guideline itself is not available publicly. (Last updated August 1, 2011.)

IBM iSeries Configuration Audits

Standard Description
IBM_v5_r4_iseries_security_reference.audit IBM iSeries Security Reference v5r4 (Audit last updated November 02, 2016)
IBM_v7_r1_iseries_security_reference.audit IBM System i Security Reference for V7R1 and V6R1 (Audit last updated November 02, 2016)
IBM_v7_r2_iseries_security_reference.audit IBM System i Security Reference for V7R2 (Audit last updated November 10, 2017)
IBM_v7_r3_iseries_security_reference.audit IBM System i Security Reference for V7R3 (Audit last updated November 10, 2017)

HIPAA Configuration Audits

Standard Description
HIPAA_MS_OS.audit HIPAA Windows Audit (Audit last updated February 07, 2017)

GLBA Configuration Audits

Standard Description
financial2_solaris_best_practice.audit This audit policy checks for basic password policy settings, has an example of using an MD5 checksum to see if a proper banner has been configured, checks that SSH is running and if an FTP service is found, it also checks if ftpusers has been set. (Last updated February 11, 2011.)
financial_microsoft_windows_os_audit_guideline_v2.audit This audit policy tests for password policies, system permissions, required auditing and system settings that are common in financial networks. (Last updated October 7, 2008.)
financial_microsoft_windows_user_audit_guideline_v2.audit This audit policy tests for user auditing settings, such as their password complexity and logging access failures and logons that are common in financial networks. (Last updated October 7, 2008.)

NSA Configuration Audits

Standard Description
NSA_MacOSX_10_5_hardening_tips.audit Consists of a list of checks recommended by the NSA Hardening guide for Mac OS X 10.5. (Last updated May 19, 2011.)
NSA_MacOSX_10_6_hardening_tips.audit Consists of a list of checks recommended by the NSA Hardening guide for Mac OS X 10.6. (Last updated June 3, 2011.)
NSA_RH_5_hardening_tips.audit Consists of a list of checks recommended by the NSA Hardening guide for Red Hat Enterprise Linux 5. (Last updated May 26, 2011.)

BSI Audits

Standard Description
BSI_100_2_Windows_v1.0.audit BSI-100-2 Windows 2005 (Audit last updated January 02, 2018)
BSI_100_2_Redhat_v1.0.audit BSI-100-2 Red Hat Linux 2005 (Audit last updated January 02, 2018)