| 1.1.18 - AirWatch - Limit the 'number of messages' for 'Text message limit' | AirWatch - CIS Google Android 4 v1.0.0 L2 | MDM | ACCESS CONTROL |
| 1.18 RHEL-09-212045 | CIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II | Unix | SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 1.78 OL08-00-010423 | CIS Oracle Linux 8 STIG v1.0.0 CAT II | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.1 Ensure the Apache Web Server Runs As a Non-Root User - 'apache account is configured' | CIS Apache HTTP Server 2.2 L2 v3.6.0 | Unix | ACCESS CONTROL |
| 3.1 Ensure the Apache Web Server Runs As a Non-Root User - 'apache account is configured' | CIS Apache HTTP Server 2.2 L1 v3.6.0 | Unix | ACCESS CONTROL |
| 3.1 Ensure the Apache Web Server Runs As a Non-Root User - 'apache account is configured' | CIS Apache HTTP Server 2.2 L1 v3.6.0 Middleware | Unix | ACCESS CONTROL |
| 3.1 Ensure the Apache Web Server Runs As a Non-Root User - 'httpd services are running as apache user' | CIS Apache HTTP Server 2.2 L2 v3.6.0 | Unix | ACCESS CONTROL |
| 3.1 Ensure the Apache Web Server Runs As a Non-Root User - 'httpd services are running as apache user' | CIS Apache HTTP Server 2.2 L1 v3.6.0 | Unix | ACCESS CONTROL |
| 3.1 Ensure the Apache Web Server Runs As a Non-Root User - 'httpd.conf Group = apache' | CIS Apache HTTP Server 2.2 L1 v3.6.0 Middleware | Unix | ACCESS CONTROL |
| 3.1 Ensure the Apache Web Server Runs As a Non-Root User - 'httpd.conf Group = apache' | CIS Apache HTTP Server 2.2 L1 v3.6.0 | Unix | ACCESS CONTROL |
| 3.1 Ensure the Apache Web Server Runs As a Non-Root User - 'httpd.conf Group = apache' | CIS Apache HTTP Server 2.2 L2 v3.6.0 | Unix | ACCESS CONTROL |
| 3.1 Ensure the Apache Web Server Runs As a Non-Root User - 'httpd.conf User = apache' | CIS Apache HTTP Server 2.2 L1 v3.6.0 | Unix | ACCESS CONTROL |
| 3.1 Ensure the Apache Web Server Runs As a Non-Root User - 'httpd.conf User = apache' | CIS Apache HTTP Server 2.2 L1 v3.6.0 Middleware | Unix | ACCESS CONTROL |
| 3.1 Ensure the Apache Web Server Runs As a Non-Root User - 'httpd.conf User = apache' | CIS Apache HTTP Server 2.2 L2 v3.6.0 | Unix | ACCESS CONTROL |
| 5.1.4.2 (L1) Ensure the maximum number of devices per user is limited | CIS Microsoft 365 Foundations v6.0.1 L1 E3 | microsoft_azure | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 5.1.4.2 (L1) Ensure the maximum number of devices per user is limited | CIS Microsoft 365 Foundations v6.0.1 L1 E5 | microsoft_azure | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 5.4 Ensure Default HTML Content Is Removed - 'httpd-manual is not installed' | CIS Apache HTTP Server 2.2 L1 v3.6.0 Middleware | Unix | CONFIGURATION MANAGEMENT |
| 5.4 Ensure Default HTML Content Is Removed - 'httpd-manual is not installed' | CIS Apache HTTP Server 2.2 L2 v3.6.0 | Unix | CONFIGURATION MANAGEMENT |
| 5.4 Ensure Default HTML Content Is Removed - 'other handler does not exist' | CIS Apache HTTP Server 2.2 L1 v3.6.0 | Unix | CONFIGURATION MANAGEMENT |
| 5.4 Ensure Default HTML Content Is Removed - 'other handler does not exist' | CIS Apache HTTP Server 2.2 L2 v3.6.0 | Unix | CONFIGURATION MANAGEMENT |
| 5.4 Ensure Default HTML Content Is Removed - 'Server Information handler does not exist' | CIS Apache HTTP Server 2.2 L1 v3.6.0 | Unix | CONFIGURATION MANAGEMENT |
| 5.4 Ensure Default HTML Content Is Removed - 'Server Status handler does not exist' | CIS Apache HTTP Server 2.2 L1 v3.6.0 | Unix | CONFIGURATION MANAGEMENT |
| 5.4 Ensure Default HTML Content Is Removed - 'Server Status handler does not exist' | CIS Apache HTTP Server 2.2 L1 v3.6.0 Middleware | Unix | CONFIGURATION MANAGEMENT |
| 5.29 Ensure that the PIDs cgroup limit is used | CIS Docker v1.8.0 L1 OS Linux | Unix | CONFIGURATION MANAGEMENT |
| CIS_Aliyun_Linux_2_L2_v1.0.0.audit from CIS Aliyun Linux 2 Benchmark v1.0.0 | CIS Aliyun Linux 2 L2 v1.0.0 | Unix | |
| CIS_Amazon_Linux_2_v4.0.0_L1_Server.audit from CIS Amazon Linux 2 4.0.0 | CIS Amazon Linux 2 v4.0.0 L1 Server | Unix | |
| CIS_Amazon_Linux_2_v4.0.0_L2_Server.audit from CIS Amazon Linux 2 4.0.0 | CIS Amazon Linux 2 v4.0.0 L2 Server | Unix | |
| DTAVSEL-100 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x must be configured to run a scheduled On-Demand scan at least once a week. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| ESXi: esxi-8.logs-audit-local-capacity | VMware vSphere Security Configuration and Hardening Guide | VMware | AUDIT AND ACCOUNTABILITY |
| FNFG-FW-000090 - The FortiGate firewall must fail to a secure state if the firewall filtering functions fail unexpectedly. | DISA Fortigate Firewall STIG v1r4 | FortiGate | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUEX-NM-000420 - The Juniper EX switch must be configured to generate an immediate real-time alert of all audit failure events requiring real-time alerts. | DISA Juniper EX Series Network Device Management v2r4 | Juniper | AUDIT AND ACCOUNTABILITY |
| MaxKeepAliveRequests parameter value should be appropriately configured. | TNS IBM HTTP Server Best Practice | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| MaxKeepAliveRequests parameter value should be appropriately configured. | TNS IBM HTTP Server Best Practice Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OL6-00-000009 - The Red Hat Network Service (rhnsd) service must not be running, unless it is being used to query the Oracle Unbreakable Linux Network for updates and information - CHKCONFIG | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000009 - The Red Hat Network Service (rhnsd) service must not be running, unless it is being used to query the Oracle Unbreakable Linux Network for updates and information - PROCESS_CHECK | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-07-010220 - The Red Hat Enterprise Linux operating system must be configured so that user and group account administration utilities are configured to store only encrypted representations of passwords. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-07-010430 - The Red Hat Enterprise Linux operating system must be configured so that the delay between logon prompts following a failed console logon attempt is at least four seconds. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-07-010491 - Red Hat Enterprise Linux operating systems version 7.2 or newer using Unified Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user and maintenance modes. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | ACCESS CONTROL |
| RHEL-07-020650 - The Red Hat Enterprise Linux operating system must be configured so that all local interactive user home directories are group-owned by the home directory owners primary group. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-07-020660 - The Red Hat Enterprise Linux operating system must be configured so that all files and directories contained in local interactive user home directories have a valid owner. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-07-020690 - The Red Hat Enterprise Linux operating system must be configured so that all local initialization files for interactive users are owned by the home directory user or root. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-07-021030 - The Red Hat Enterprise Linux operating system must be configured so that all world-writable directories are group-owned by root, sys, bin, or an application group. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-07-021031 - The Red Hat Enterprise Linux operating system must be configured so that all world-writable directories are owned by root, sys, bin, or an application user. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-07-030310 - The Red Hat Enterprise Linux operating system must encrypt the transfer of audit records off-loaded onto a different system or media from the system being audited. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-07-040170 - The Red Hat Enterprise Linux operating system must display the Standard Mandatory DoD Notice and Consent Banner immediately prior to, or as part of, remote access logon prompts. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | ACCESS CONTROL |
| RHEL-07-040320 - The Red Hat Enterprise Linux operating system must be configured so that all network connections associated with SSH traffic are terminated after 10 minutes of becoming unresponsive. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-07-040430 - The Red Hat Enterprise Linux operating system must be configured so that the SSH daemon does not permit Generic Security Service Application Program Interface (GSSAPI) authentication unless needed. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-07-040630 - The Red Hat Enterprise Linux operating system must not respond to Internet Protocol version 4 (IPv4) Internet Control Message Protocol (ICMP) echoes sent to a broadcast address. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-07-040650 - The Red Hat Enterprise Linux operating system must not allow interfaces to perform Internet Protocol version 4 (IPv4) Internet Control Message Protocol (ICMP) redirects by default. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | CONFIGURATION MANAGEMENT |
| WG110 A22 - The number of allowed simultaneous requests must be set. | DISA STIG Apache Site 2.2 Unix v1r11 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
