| 1.2.4 Ensure that the --kubelet-client-certificate and --kubelet-client-key arguments are set as appropriate | CIS Kubernetes v1.10.0 L1 Master | Unix | SYSTEM AND SERVICES ACQUISITION |
| 1.2.4 Ensure that the --kubelet-client-certificate and --kubelet-client-key arguments are set as appropriate - certificate | CIS Kubernetes v1.23 Benchmark v1.0.1 L1 Master | Unix | SYSTEM AND SERVICES ACQUISITION |
| 1.2.4 Ensure that the --kubelet-client-certificate and --kubelet-client-key arguments are set as appropriate - certificate | CIS Kubernetes v1.20 Benchmark v1.0.1 L1 Master | Unix | SYSTEM AND SERVICES ACQUISITION |
| 1.2.4 Ensure that the --kubelet-client-certificate and --kubelet-client-key arguments are set as appropriate - certificate | CIS Kubernetes v1.24 Benchmark v1.0.0 L1 Master | Unix | SYSTEM AND SERVICES ACQUISITION |
| 1.2.4 Ensure that the --kubelet-client-certificate and --kubelet-client-key arguments are set as appropriate - key | CIS Kubernetes v1.23 Benchmark v1.0.1 L1 Master | Unix | SYSTEM AND SERVICES ACQUISITION |
| 1.2.4 Ensure that the --kubelet-client-certificate and --kubelet-client-key arguments are set as appropriate - key | CIS Kubernetes v1.20 Benchmark v1.0.1 L1 Master | Unix | SYSTEM AND SERVICES ACQUISITION |
| 1.2.4 Ensure that the --kubelet-client-certificate and --kubelet-client-key arguments are set as appropriate - key | CIS Kubernetes v1.24 Benchmark v1.0.0 L1 Master | Unix | SYSTEM AND SERVICES ACQUISITION |
| 1.2.5 Ensure that the --kubelet-certificate-authority argument is set as appropriate | CIS Kubernetes v1.10.0 L1 Master | Unix | SYSTEM AND SERVICES ACQUISITION |
| 1.2.5 Ensure that the --kubelet-certificate-authority argument is set as appropriate | CIS Kubernetes v1.23 Benchmark v1.0.1 L1 Master | Unix | SYSTEM AND SERVICES ACQUISITION |
| 1.2.5 Ensure that the --kubelet-certificate-authority argument is set as appropriate | CIS Kubernetes v1.20 Benchmark v1.0.1 L1 Master | Unix | SYSTEM AND SERVICES ACQUISITION |
| 1.2.5 Ensure that the --kubelet-certificate-authority argument is set as appropriate | CIS Kubernetes v1.24 Benchmark v1.0.0 L1 Master | Unix | SYSTEM AND SERVICES ACQUISITION |
| 1.2.5 Ensure that the kubelet uses certificates to authenticate | CIS RedHat OpenShift Container Platform v1.6.0 L1 | OpenShift | SYSTEM AND SERVICES ACQUISITION |
| 1.2.6 Verify that the kubelet certificate authority is set as appropriate | CIS RedHat OpenShift Container Platform v1.6.0 L1 | OpenShift | SYSTEM AND SERVICES ACQUISITION |
| 1.2.9 Ensure that the admission control plugin EventRateLimit is set | CIS Kubernetes v1.10.0 L1 Master | Unix | SYSTEM AND SERVICES ACQUISITION |
| 1.2.9 Ensure that the admission control plugin EventRateLimit is set | CIS Kubernetes v1.20 Benchmark v1.0.1 L1 Master | Unix | SYSTEM AND SERVICES ACQUISITION |
| 1.2.9 Ensure that the admission control plugin EventRateLimit is set | CIS Kubernetes v1.23 Benchmark v1.0.1 L1 Master | Unix | SYSTEM AND SERVICES ACQUISITION |
| 1.2.9 Ensure that the admission control plugin EventRateLimit is set | CIS Kubernetes v1.24 Benchmark v1.0.0 L1 Master | Unix | SYSTEM AND SERVICES ACQUISITION |
| 1.2.12 Ensure that the admission control plugin SecurityContextDeny is set if PodSecurityPolicy is not used | CIS Kubernetes v1.20 Benchmark v1.0.1 L1 Master | Unix | SYSTEM AND SERVICES ACQUISITION |
| 1.2.12 Ensure that the admission control plugin SecurityContextDeny is set if PodSecurityPolicy is not used | CIS Kubernetes v1.23 Benchmark v1.0.1 L1 Master | Unix | SYSTEM AND SERVICES ACQUISITION |
| 1.2.12 Ensure that the admission control plugin SecurityContextDeny is set if PodSecurityPolicy is not used | CIS Kubernetes v1.24 Benchmark v1.0.0 L1 Master | Unix | SYSTEM AND SERVICES ACQUISITION |
| 1.2.14 Ensure that the admission control plugin SecurityContextConstraint is set | CIS RedHat OpenShift Container Platform v1.6.0 L1 | OpenShift | SYSTEM AND SERVICES ACQUISITION |
| 1.2.15 Ensure that the admission control plugin NodeRestriction is set | CIS RedHat OpenShift Container Platform v1.6.0 L1 | OpenShift | SYSTEM AND SERVICES ACQUISITION |
| 1.2.15 Ensure that the admission control plugin PodSecurityPolicy is set | CIS Kubernetes v1.20 Benchmark v1.0.1 L1 Master | Unix | SYSTEM AND SERVICES ACQUISITION |
| 1.2.16 Ensure that the --insecure-bind-address argument is not set | CIS RedHat OpenShift Container Platform v1.6.0 L1 | OpenShift | SYSTEM AND SERVICES ACQUISITION |
| 1.2.17 Ensure that the --insecure-port argument is set to 0 | CIS RedHat OpenShift Container Platform v1.6.0 L1 | OpenShift | SYSTEM AND SERVICES ACQUISITION |
| 2.1.1.1.3 Set 'modulus' to greater than or equal to 2048 for 'crypto key generate rsa' | CIS Cisco IOS XE 16.x v2.1.0 L1 | Cisco | SYSTEM AND SERVICES ACQUISITION |
| 2.1.1.1.3 Set 'modulus' to greater than or equal to 2048 for 'crypto key generate rsa' | CIS Cisco IOS XE 17.x v2.1.0 L1 | Cisco | SYSTEM AND SERVICES ACQUISITION |
| 2.3.27.12 Ensure 'Encryption mode for Information Rights Management (IRM)' is set to 'Enabled: Cipher Block Chaining (CBC)' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND SERVICES ACQUISITION |
| 2.5.1.2.1 Ensure 'Authentication with Exchange server' is set to 'Enabled: Kerberos Password Authentication' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND SERVICES ACQUISITION |
| 2.7 Ensure AES Encryption Mode for AES_ENCRYPT/AES_DECRYPT is Configured Correctly | CIS MySQL 5.6 Enterprise Database L2 v2.0.0 | MySQLDB | SYSTEM AND SERVICES ACQUISITION |
| 2.7 Ensure AES Encryption Mode for AES_ENCRYPT/AES_DECRYPT is Configured Correctly | CIS MySQL 5.6 Community Database L2 v2.0.0 | MySQLDB | SYSTEM AND SERVICES ACQUISITION |
| 2.9 Ensure AES Encryption Mode for AES_ENCRYPT/AES_DECRYPT is Configured Correctly | CIS MySQL 5.7 Community Database L2 v2.0.0 | MySQLDB | SYSTEM AND SERVICES ACQUISITION |
| 2.9 Ensure AES Encryption Mode for AES_ENCRYPT/AES_DECRYPT is Configured Correctly | CIS MySQL 5.7 Enterprise Database L2 v2.0.0 | MySQLDB | SYSTEM AND SERVICES ACQUISITION |
| 2.10 Ensure Only Approved Ciphers are Used | CIS MySQL 5.6 Enterprise Database L2 v2.0.0 | MySQLDB | SYSTEM AND SERVICES ACQUISITION |
| 2.10 Ensure Only Approved Ciphers are Used | CIS MySQL 5.6 Community Database L2 v2.0.0 | MySQLDB | SYSTEM AND SERVICES ACQUISITION |
| 2.12 Ensure AES Encryption Mode for AES_ENCRYPT/AES_DECRYPT is Configured Correctly | CIS MySQL 8.0 Community Database L2 v1.0.0 | MySQLDB | SYSTEM AND SERVICES ACQUISITION |
| 2.12 Ensure AES Encryption Mode for AES_ENCRYPT/AES_DECRYPT is Configured Correctly | CIS MySQL 8.0 Enterprise Database L2 v1.3.0 | MySQLDB | SYSTEM AND SERVICES ACQUISITION |
| 2.12 Ensure Only Approved Ciphers are Used | CIS MariaDB 10.6 Database L2 v1.1.0 | MySQLDB | SYSTEM AND SERVICES ACQUISITION |
| 2.12 Ensure Only Approved Ciphers are Used | CIS MariaDB 10.6 on Linux L2 v1.1.0 | Unix | SYSTEM AND SERVICES ACQUISITION |
| 2.14 Ensure Only Approved Ciphers are Used - ssl_cipher | CIS MySQL 5.7 Community Database L2 v2.0.0 | MySQLDB | SYSTEM AND SERVICES ACQUISITION |
| 2.14 Ensure Only Approved Ciphers are Used - ssl_cipher | CIS MySQL 5.7 Enterprise Database L2 v2.0.0 | MySQLDB | SYSTEM AND SERVICES ACQUISITION |
| 2.14 Ensure Only Approved Ciphers are Used - tls_ciphersuites | CIS MySQL 5.7 Community Database L2 v2.0.0 | MySQLDB | SYSTEM AND SERVICES ACQUISITION |
| 2.17 Ensure Only Approved Ciphers are Used | CIS MySQL 8.0 Community Database L2 v1.0.0 | MySQLDB | SYSTEM AND SERVICES ACQUISITION |
| 2.17 Ensure Only Approved Ciphers are Used | CIS MySQL 8.0 Enterprise Database L2 v1.3.0 | MySQLDB | SYSTEM AND SERVICES ACQUISITION |
| 3.1.7.3 Ensure That Microsoft Defender for (Managed Instance) Azure SQL Databases Is Set To 'On' | CIS Microsoft Azure Foundations v3.0.0 L2 | microsoft_azure | RISK ASSESSMENT, SYSTEM AND SERVICES ACQUISITION |
| 3.1.7.4 Ensure That Microsoft Defender for SQL Servers on Machines Is Set To 'On' | CIS Microsoft Azure Foundations v3.0.0 L2 | microsoft_azure | RISK ASSESSMENT, SYSTEM AND SERVICES ACQUISITION |
| 4.6 Ensure that HEALTHCHECK instructions have been added to container images | CIS Docker v1.6.0 L1 Docker Linux | Unix | SYSTEM AND SERVICES ACQUISITION |
| 8.2.2 Do Not Use Encryption Algorithms that are Not Secure | CIS IBM DB2 11 v1.1.0 Database Level 2 | IBM_DB2DB | SYSTEM AND SERVICES ACQUISITION |
| 9.4 Ensure only approved ciphers are used for Replication | CIS MariaDB 10.6 Database L2 v1.1.0 | MySQLDB | SYSTEM AND SERVICES ACQUISITION |
| 9.4 Ensure only approved ciphers are used for Replication | CIS MariaDB 10.6 on Linux L2 v1.1.0 | Unix | SYSTEM AND SERVICES ACQUISITION |
