| APPL-11-002063 - The macOS system must enforce access restrictions. | DISA STIG Apple macOS 11 v1r8 | Unix | CONFIGURATION MANAGEMENT |
| APPL-15-002063 - The macOS system must disable the guest account. | DISA Apple macOS 15 (Sequoia) STIG v1r1 | Unix | CONFIGURATION MANAGEMENT |
| CD12-00-000700 - Privileges to change PostgreSQL software modules must be limited. | DISA STIG Crunchy Data PostgreSQL OS v3r1 | Unix | CONFIGURATION MANAGEMENT |
| CD12-00-000710 - PostgreSQL must limit privileges to change functions and triggers, and links to software external to PostgreSQL. | DISA STIG Crunchy Data PostgreSQL OS v3r1 | Unix | CONFIGURATION MANAGEMENT |
| CD12-00-003100 - Database objects (including but not limited to tables, indexes, storage, trigger procedures, functions, links to software external to PostgreSQL, etc.) must be owned by database/DBMS principals authorized for ownership. | DISA STIG Crunchy Data PostgreSQL OS v3r1 | Unix | CONFIGURATION MANAGEMENT |
| CNTR-K8-000850 - Kubernetes Kubelet must deny hostname override. | DISA STIG Kubernetes v2r2 | Unix | CONFIGURATION MANAGEMENT |
| CNTR-R2-000460 Rancher RKE2 must be built from verified packages. | DISA Rancher Government Solutions RKE2 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| EPAS-00-003210 - EDB Postgres Advanced Server software modules, to include stored procedures, functions, and triggers must be monitored to discover unauthorized changes. | EnterpriseDB PostgreSQL Advanced Server DB v2r1 | PostgreSQLDB | CONFIGURATION MANAGEMENT |
| EPAS-00-003600 - The role(s)/group(s) used to modify database structure and logic modules must be restricted to authorized users. | EnterpriseDB PostgreSQL Advanced Server OS Linux v2r1 | Unix | CONFIGURATION MANAGEMENT |
| MYS8-00-008700 - The role(s)/group(s) used to modify database structure (including but not necessarily limited to tables, indexes, storage, etc.) and logic modules (stored procedures, functions, triggers, links to software external to the MySQL Database Server 8.0, etc.) must be restricted to authorized users. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | CONFIGURATION MANAGEMENT |
| OL08-00-010300 - OL 8 system commands must have mode 755 or less permissive. | DISA Oracle Linux 8 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| OL08-00-010350 - OL 8 library files must be group-owned by root. | DISA Oracle Linux 8 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| OL08-00-010351 - OL 8 library directories must be group-owned by root or a system account. | DISA Oracle Linux 8 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-30-000059 - The Photon operating system RPM package management tool must cryptographically verify the authenticity of all software packages during installation. | DISA STIG VMware vSphere 7.0 Photon OS v1r3 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-30-000060 - The Photon operating system RPM package management tool must cryptographically verify the authenticity of all software packages during installation. | DISA STIG VMware vSphere 7.0 Photon OS v1r3 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-30-000061 - The Photon operating system YUM repository must cryptographically verify the authenticity of all software packages during installation. | DISA STIG VMware vSphere 7.0 Photon OS v1r3 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-40-000199 The Photon operating system TDNF package management tool must cryptographically verify the authenticity of all software packages during installation for all repos. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-67-000063 - The Photon operating system RPM package management tool must cryptographically verify the authenticity of all software packages during installation. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-67-000064 - The Photon operating system RPM package management tool must cryptographically verify the authenticity of all software packages during installation. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-010300 - RHEL 8 system commands must have mode 755 or less permissive. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-010320 - RHEL 8 system commands must be group-owned by root or a system account. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-010331 - RHEL 8 library directories must have mode 755 or less permissive. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-232015 - RHEL 9 library directories must have mode 755 or less permissive. | DISA Red Hat Enterprise Linux 9 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-232020 - RHEL 9 library files must have mode 755 or less permissive. | DISA Red Hat Enterprise Linux 9 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-232190 - RHEL 9 system commands must be owned by root. | DISA Red Hat Enterprise Linux 9 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-232195 - RHEL 9 system commands must be group-owned by root or a system account. | DISA Red Hat Enterprise Linux 9 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-232205 - RHEL 9 library files must be group-owned by root or a system account. | DISA Red Hat Enterprise Linux 9 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| Settings to Lock Down your BIG-IP - Admin Terminal Access | Tenable F5 BIG-IP Best Practice Audit | F5 | CONFIGURATION MANAGEMENT |
| SLES-12-010872 - The SUSE operating system library directories must have mode 0755 or less permissive. | DISA SLES 12 STIG v2r13 | Unix | CONFIGURATION MANAGEMENT |
| SLES-12-010873 - The SUSE operating system library files must be owned by root. | DISA SLES 12 STIG v2r13 | Unix | CONFIGURATION MANAGEMENT |
| SLES-12-010876 - The SUSE operating system library directories must be group-owned by root. | DISA SLES 12 STIG v2r13 | Unix | CONFIGURATION MANAGEMENT |
| SLES-12-010877 - The SUSE operating system must have system commands set to a mode of 755 or less permissive. | DISA SLES 12 STIG v2r13 | Unix | CONFIGURATION MANAGEMENT |
| SLES-12-010878 - The SUSE operating system must have directories that contain system commands set to a mode of 0755 or less permissive. | DISA SLES 12 STIG v2r13 | Unix | CONFIGURATION MANAGEMENT |
| SLES-12-010881 - The SUSE operating system must have directories that contain system commands owned by root. | DISA SLES 12 STIG v2r13 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-010351 - The SUSE operating system library files must have mode 0755 or less permissive. | DISA SLES 15 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-010359 - The SUSE operating system must have system commands owned by root. | DISA SLES 15 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-20-010456 - The Ubuntu operating system must have system commands set to a mode of 0755 or less permissive. | DISA STIG Ubuntu 20.04 LTS v2r1 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-22-232015 - Ubuntu 22.04 LTS must have system commands set to a mode of '755' or less permissive. | DISA STIG Canonical Ubuntu 22.04 LTS v2r2 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-22-232055 - Ubuntu 22.04 LTS must have system commands group-owned by 'root' or a system account. | DISA STIG Canonical Ubuntu 22.04 LTS v2r2 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-22-232065 - Ubuntu 22.04 LTS library directories must be group-owned by 'root'. | DISA STIG Canonical Ubuntu 22.04 LTS v2r2 | Unix | CONFIGURATION MANAGEMENT |
| VCEM-70-000030 - ESX Agent Manager must set the secure flag for cookies. | DISA STIG VMware vSphere 7.0 EAM Tomcat v1r2 | Unix | CONFIGURATION MANAGEMENT |
| VCLD-67-000015 - VAMI server binaries and libraries must be verified for their integrity. | DISA STIG VMware vSphere 6.7 VAMI-lighttpd v1r3 | Unix | CONFIGURATION MANAGEMENT |
| VCLD-67-000032 - VAMI configuration files must be protected from unauthorized access - opt | DISA STIG VMware vSphere 6.7 VAMI-lighttpd v1r3 | Unix | CONFIGURATION MANAGEMENT |
| VCLU-70-000009 - Lookup Service must only run one webapp. | DISA STIG VMware vSphere 7.0 Lookup Service v1r2 | Unix | CONFIGURATION MANAGEMENT |
| VCLU-80-000034 The vCenter Lookup service must limit privileges for creating or modifying hosted application shared files. | DISA VMware vSphere 8.0 vCenter Appliance Lookup Service STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| VCPF-70-000009 - Performance Charts must only run one webapp. | DISA STIG VMware vSphere 7.0 Perfcharts Tomcat v1r1 | Unix | CONFIGURATION MANAGEMENT |
| VCPF-80-000144 The vCenter Perfcharts service files must have permissions in an out-of-the-box state. | DISA VMware vSphere 8.0 vCenter Appliance Perfcharts STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| VCPG-67-000009 - VMware Postgres must limit modify privileges to authorized accounts. | DISA STIG VMware vSphere 6.7 PostgreSQL v1r2 | Unix | CONFIGURATION MANAGEMENT |
| VCST-67-000009 - The Security Token Service must only run one web app. | DISA STIG VMware vSphere 6.7 STS Tomcat v1r3 | Unix | CONFIGURATION MANAGEMENT |
| VCUI-67-000009 - vSphere UI plugins must be authorized before use. | DISA STIG VMware vSphere 6.7 UI Tomcat v1r3 | Unix | CONFIGURATION MANAGEMENT |
