| 1.1.21 Disable Automounting | CIS Debian 8 Workstation L2 v2.0.2 | Unix | MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 1.1.21 Disable Automounting | CIS Debian 8 Server L1 v2.0.2 | Unix | MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 2.1.4 Ensure Safe Attachments policy is enabled | CIS Microsoft 365 Foundations E5 L2 v3.1.0 | microsoft_azure | SYSTEM AND INFORMATION INTEGRITY |
| 2.1.5 Ensure Safe Attachments for SharePoint, OneDrive, and Microsoft Teams is Enabled | CIS Microsoft 365 Foundations E5 L2 v3.1.0 | microsoft_azure | SYSTEM AND INFORMATION INTEGRITY |
| 2.1.7 Ensure that an anti-phishing policy has been created | CIS Microsoft 365 Foundations E5 L1 v3.1.0 | microsoft_azure | SYSTEM AND INFORMATION INTEGRITY |
| 2.2 Alter the Advertised server.number String | CIS Apache Tomcat 10 L2 v1.1.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 2.4.2 Ensure Priority accounts have 'Strict protection' presets applied | CIS Microsoft 365 Foundations E5 L1 v3.1.0 | microsoft_azure | SYSTEM AND INFORMATION INTEGRITY |
| 2.5.1.5.2 Ensure 'Do not include Internet Calendar integration in Outlook' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 2.6.5 Ensure Gatekeeper Is Enabled | CIS Apple macOS 13.0 Ventura v2.1.0 L1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 3.1.3.3 Ensure that 'Endpoint protection' component status is set to 'On' | CIS Microsoft Azure Foundations v3.0.0 L2 | microsoft_azure | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 3.5 Ensure that SharePoint specific malware (i.e. anti-virus) protection software is integrated and configured - Attempt to clean | CIS Microsoft SharePoint 2019 OS v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY |
| 3.5 Ensure that SharePoint specific malware (i.e. anti-virus) protection software is integrated and configured - Download Scan | CIS Microsoft SharePoint 2019 OS v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY |
| 3.5 Ensure that SharePoint specific malware (i.e. anti-virus) protection software is integrated and configured - Upload Scan | CIS Microsoft SharePoint 2019 OS v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY |
| 5.3 Ensure forwarding of decrypted content to WildFire is enabled | CIS Palo Alto Firewall 11 v1.1.0 L1 | Palo_Alto | SYSTEM AND INFORMATION INTEGRITY |
| 5.3 Ensure forwarding of decrypted content to WildFire is enabled | CIS Palo Alto Firewall 10 v1.2.0 L1 | Palo_Alto | SYSTEM AND INFORMATION INTEGRITY |
| 5.4 Ensure forwarding of decrypted content to WildFire is enabled | CIS Palo Alto Firewall 9 v1.1.0 L1 | Palo_Alto | SYSTEM AND INFORMATION INTEGRITY |
| 5.5 Ensure all WildFire session information settings are enabled | CIS Palo Alto Firewall 8 Benchmark L1 v1.0.0 | Palo_Alto | AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY |
| 5.11 Ensure XProtect Is Running and Updated | CIS Apple macOS 13.0 Ventura v2.1.0 L1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 6.4 Ensure DNS sinkholing is configured on all anti-spyware profiles in use | CIS Palo Alto Firewall 8 Benchmark L1 v1.0.0 | Palo_Alto | AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY |
| 6.5 Ensure passive DNS monitoring is set to enabled on all anti-spyware profiles in use | CIS Palo Alto Firewall 8 Benchmark L1 v1.0.0 | Palo_Alto | AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY |
| 6.8 Ensure a secure Vulnerability Protection Profile is applied to all security rules allowing traffic | CIS Palo Alto Firewall 8 Benchmark L1 v1.0.0 | Palo_Alto | SYSTEM AND INFORMATION INTEGRITY |
| 7.3 Ensure 'Security Policy' denying any/all traffic to/from IP addresses on Trusted Threat Intelligence Sources Exists | CIS Palo Alto Firewall 8 Benchmark L1 v1.0.0 | Palo_Alto | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 18.9.77.3.1 (L1) Ensure 'Configure local setting override for reporting to Microsoft MAPS' is set to 'Disabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 18.9.77.3.1 Ensure 'Configure local setting override for reporting to Microsoft MAPS' is set to 'Disabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 19.7.4.2 (L1) Ensure 'Notify antivirus programs when opening attachments' is set to 'Enabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| Big Sur - Enforce Apple Mobile File Integrity | NIST macOS Big Sur v1.4.0 - 800-53r5 High | Unix | SYSTEM AND INFORMATION INTEGRITY |
| Big Sur - Enforce Apple Mobile File Integrity | NIST macOS Big Sur v1.4.0 - 800-53r5 Low | Unix | SYSTEM AND INFORMATION INTEGRITY |
| Big Sur - Enforce Apple Mobile File Integrity | NIST macOS Big Sur v1.4.0 - All Profiles | Unix | SYSTEM AND INFORMATION INTEGRITY |
| Big Sur - Enforce Apple Mobile File Integrity | NIST macOS Big Sur v1.4.0 - 800-53r5 Moderate | Unix | SYSTEM AND INFORMATION INTEGRITY |
| Big Sur - Enforce Installation of XProtect, MRT, and Gatekeeper Updates Automatically | NIST macOS Big Sur v1.4.0 - 800-53r5 High | Unix | SYSTEM AND INFORMATION INTEGRITY |
| Big Sur - Enforce Installation of XProtect, MRT, and Gatekeeper Updates Automatically | NIST macOS Big Sur v1.4.0 - 800-53r5 Low | Unix | SYSTEM AND INFORMATION INTEGRITY |
| Big Sur - Enforce Installation of XProtect, MRT, and Gatekeeper Updates Automatically | NIST macOS Big Sur v1.4.0 - 800-53r5 Moderate | Unix | SYSTEM AND INFORMATION INTEGRITY |
| Big Sur - Enforce Installation of XProtect, MRT, and Gatekeeper Updates Automatically | NIST macOS Big Sur v1.4.0 - All Profiles | Unix | SYSTEM AND INFORMATION INTEGRITY |
| Catalina - Enforce Apple Mobile File Integrity | NIST macOS Catalina v1.5.0 - 800-53r5 High | Unix | SYSTEM AND INFORMATION INTEGRITY |
| Catalina - Enforce Apple Mobile File Integrity | NIST macOS Catalina v1.5.0 - All Profiles | Unix | SYSTEM AND INFORMATION INTEGRITY |
| Catalina - Enforce Apple Mobile File Integrity | NIST macOS Catalina v1.5.0 - 800-53r5 Moderate | Unix | SYSTEM AND INFORMATION INTEGRITY |
| Catalina - Enforce Apple Mobile File Integrity | NIST macOS Catalina v1.5.0 - 800-53r5 Low | Unix | SYSTEM AND INFORMATION INTEGRITY |
| Catalina - Enforce Gatekeeper 30 Day Automatic Rearm | NIST macOS Catalina v1.5.0 - 800-53r5 Low | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| Catalina - Enforce Installation of XProtect, MRT, and Gatekeeper Updates Automatically | NIST macOS Catalina v1.5.0 - 800-53r5 Low | Unix | SYSTEM AND INFORMATION INTEGRITY |
| Catalina - Enforce Installation of XProtect, MRT, and Gatekeeper Updates Automatically | NIST macOS Catalina v1.5.0 - 800-53r5 High | Unix | SYSTEM AND INFORMATION INTEGRITY |
| Catalina - Enforce Installation of XProtect, MRT, and Gatekeeper Updates Automatically | NIST macOS Catalina v1.5.0 - 800-53r5 Moderate | Unix | SYSTEM AND INFORMATION INTEGRITY |
| Catalina - Enforce Installation of XProtect, MRT, and Gatekeeper Updates Automatically | NIST macOS Catalina v1.5.0 - All Profiles | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTBI465 - MIME sniffing must be disallowed (Internet zone). | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Monterey - Enforce Gatekeeper 30 Day Automatic Rearm | NIST macOS Monterey v1.0.0 - 800-53r5 High | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| Monterey - Enforce Gatekeeper 30 Day Automatic Rearm | NIST macOS Monterey v1.0.0 - CNSSI 1253 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| Monterey - Enforce Installation of XProtect, MRT, and Gatekeeper Updates Automatically | NIST macOS Monterey v1.0.0 - 800-53r5 Low | Unix | SYSTEM AND INFORMATION INTEGRITY |
| Monterey - Enforce Installation of XProtect, MRT, and Gatekeeper Updates Automatically | NIST macOS Monterey v1.0.0 - 800-53r5 High | Unix | SYSTEM AND INFORMATION INTEGRITY |
| Monterey - Enforce Installation of XProtect, MRT, and Gatekeeper Updates Automatically | NIST macOS Monterey v1.0.0 - All Profiles | Unix | SYSTEM AND INFORMATION INTEGRITY |
| Monterey - Enforce Installation of XProtect, MRT, and Gatekeeper Updates Automatically | NIST macOS Monterey v1.0.0 - 800-53r5 Moderate | Unix | SYSTEM AND INFORMATION INTEGRITY |
| WG237 W22 - Remote authors or content providers must have all files scanned for malware before uploading files to the Document Root directory. | DISA STIG Apache Server 2.2 Windows v1r13 | Windows | SYSTEM AND INFORMATION INTEGRITY |
