| 1.2.1 Ensure dm-verity is enabled | CIS Google Container-Optimized OS v1.2.0 L1 Server | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 1.3.1 Ensure AIDE is installed | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 1.3.2 Ensure filesystem integrity is regularly checked | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Server | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 1.3.2 Ensure filesystem integrity is regularly checked | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Workstation | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 1.3.2 Ensure filesystem integrity is regularly checked - aide | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 1.3.2 Ensure filesystem integrity is regularly checked - cron | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 1.3.2 Ensure filesystem integrity is regularly checked - mail | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 1.6.4 Ensure prelink is disabled | CIS SUSE Linux Enterprise 12 v3.2.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 3.2 Ensure Security Auditing Flags Are Configured Per Local Organizational Requirements - 'audit all authorization and authentication events' | CIS Apple macOS 10.14 v2.0.0 L2 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 3.2 Ensure Security Auditing Flags Are Configured Per Local Organizational Requirements - 'audit all failed write actions where enforcement stopped a file write' | CIS Apple macOS 10.14 v2.0.0 L2 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 3.2 Ensure Security Auditing Flags Are Configured Per Local Organizational Requirements - 'audit failed program execution' | CIS Apple macOS 10.14 v2.0.0 L2 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 3.2 Ensure Security Auditing Flags Are Configured Per Local Organizational Requirements - 'audit successful/failed administrative events' | CIS Apple macOS 10.14 v2.0.0 L2 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 3.2 Ensure Security Auditing Flags Are Configured Per Local Organizational Requirements - 'audit successful/failed file attribute modification events' | CIS Apple macOS 10.14 v2.0.0 L2 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 3.2 Ensure Security Auditing Flags Are Configured Per Local Organizational Requirements - 'audit successful/failed login/logout events' | CIS Apple macOS 10.14 v2.0.0 L2 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 3.2 Ensure Security Auditing Flags For User-Attributable Events Are Configured Per Local Organizational Requirements | CIS Apple macOS 10.15 Catalina v3.0.0 L2 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 3.2 Ensure Security Auditing Flags For User-Attributable Events Are Configured Per Local Organizational Requirements | CIS Apple macOS 13.0 Ventura Cloud-tailored v1.1.0 L2 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 3.2 Ensure Security Auditing Flags For User-Attributable Events Are Configured Per Local Organizational Requirements | CIS Apple macOS 12.0 Monterey Cloud-tailored v1.0.0 L2 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 3.2 Ensure Security Auditing Flags For User-Attributable Events Are Configured Per Local Organizational Requirements | CIS Apple macOS 13.0 Ventura v3.0.0 L2 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 3.2 Ensure Security Auditing Flags For User-Attributable Events Are Configured Per Local Organizational Requirements | CIS Apple macOS 14.0 Sonoma v2.0.0 L2 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 3.2 Ensure Security Auditing Flags For User-Attributable Events Are Configured Per Local Organizational Requirements | CIS Apple macOS 15.0 Sequoia v1.0.0 L2 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 3.2 Ensure Security Auditing Flags For User-Attributable Events Are Configured Per Local Organizational Requirements | CIS Apple macOS 11.0 Big Sur v4.0.0 L2 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 3.2 Ensure Security Auditing Flags For User-Attributable Events Are Configured Per Local Organizational Requirements | CIS Apple macOS 14.0 Sonoma Cloud-tailored v1.0.0 L2 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 3.2 Ensure Security Auditing Flags For User-Attributable Events Are Configured Per Local Organizational Requirements | CIS Apple macOS 12.0 Monterey v3.1.0 L2 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 3.4 Ensure S3 bucket access logging is enabled on the CloudTrail S3 bucket | CIS Amazon Web Services Foundations L1 3.0.0 | amazon_aws | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.11 Ensure unsuccessful unauthorized file access attempts are collected - auditctl EACCES | CIS Debian 8 Workstation L2 v2.0.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.11 Ensure unsuccessful unauthorized file access attempts are collected - auditctl EACCES | CIS Debian 8 Server L2 v2.0.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.11 Ensure unsuccessful unauthorized file access attempts are collected - auditctl EACCES x64 | CIS Debian 8 Workstation L2 v2.0.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.11 Ensure unsuccessful unauthorized file access attempts are collected - auditctl EACCES x64 | CIS Debian 8 Server L2 v2.0.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.11 Ensure unsuccessful unauthorized file access attempts are collected - auditctl EPERM | CIS Debian 8 Workstation L2 v2.0.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.11 Ensure unsuccessful unauthorized file access attempts are collected - auditctl EPERM | CIS Debian 8 Server L2 v2.0.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.11 Ensure unsuccessful unauthorized file access attempts are collected - auditctl EPERM x64 | CIS Debian 8 Workstation L2 v2.0.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.11 Ensure unsuccessful unauthorized file access attempts are collected - auditctl EPERM x64 | CIS Debian 8 Server L2 v2.0.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.11 Ensure unsuccessful unauthorized file access attempts are collected - EACCES | CIS Debian 8 Workstation L2 v2.0.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.11 Ensure unsuccessful unauthorized file access attempts are collected - EACCES | CIS Debian 8 Server L2 v2.0.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.11 Ensure unsuccessful unauthorized file access attempts are collected - EACCES x64 | CIS Debian 8 Server L2 v2.0.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.11 Ensure unsuccessful unauthorized file access attempts are collected - EACCES x64 | CIS Debian 8 Workstation L2 v2.0.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.11 Ensure unsuccessful unauthorized file access attempts are collected - EPERM | CIS Debian 8 Server L2 v2.0.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.11 Ensure unsuccessful unauthorized file access attempts are collected - EPERM | CIS Debian 8 Workstation L2 v2.0.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.11 Ensure unsuccessful unauthorized file access attempts are collected - EPERM x64 | CIS Debian 8 Workstation L2 v2.0.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.11 Ensure unsuccessful unauthorized file access attempts are collected - EPERM x64 | CIS Debian 8 Server L2 v2.0.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.5 (L1) Host must deactivate log filtering | CIS VMware ESXi 8.0 v1.1.0 L1 | VMware | AUDIT AND ACCOUNTABILITY |
| 5.2.3.7 Ensure unsuccessful file access attempts are collected | CIS Oracle Linux 8 Workstation L2 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.3.7 Ensure unsuccessful file access attempts are collected | CIS AlmaLinux OS 8 Server L2 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 6.2.3.7 Ensure unsuccessful file access attempts are collected | CIS Ubuntu Linux 24.04 LTS v1.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.2.3.7 Ensure unsuccessful file access attempts are collected | CIS Ubuntu Linux 24.04 LTS v1.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 6.3.3.7 Ensure unsuccessful file access attempts are collected | CIS Oracle Linux 9 v2.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.3.3.7 Ensure unsuccessful file access attempts are collected | CIS Oracle Linux 9 v2.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 17.7.3 (L1) Ensure 'Audit Authorization Policy Change' is set to include 'Success' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| 17.7.3 Ensure 'Audit Authorization Policy Change' is set to include 'Success' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| 17.7.5 Ensure 'Audit Other Policy Change Events' is set to include 'Failure' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
