| 1.3.1 Ensure that the --terminated-pod-gc-threshold argument is set as appropriate | CIS Kubernetes v1.20 Benchmark v1.0.1 L1 Master | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.4.1 Ensure address space layout randomization (ASLR) is enabled | CIS CentOS Linux 7 v4.0.0 L1 Server | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.5.2 Ensure XD/NX support is enabled | CIS Debian 8 Server L1 v2.0.2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.5.2 Ensure XD/NX support is enabled | CIS Debian 8 Workstation L1 v2.0.2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.5.8 Ensure kernel.randomize_va_space is configured | CIS Oracle Linux 10 v1.0.0 L1 Server | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.5.8 Ensure kernel.randomize_va_space is configured | CIS Red Hat Enterprise Linux 10 v1.0.1 L1 Server | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.5.8 Ensure kernel.randomize_va_space is configured | CIS AlmaLinux OS 10 v1.0.0 L1 Workstation | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.6.1.2 Ensure 'Configure Attack Surface Reduction rules: Set the state for each ASR rule' is set to '56a863a9-875e-4185-98a7-b882c64b5ce5:1' | CIS Microsoft Defender Antivirus v1.0.0 L1 Workstation | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 1.6.1.4 Ensure 'Configure Attack Surface Reduction rules: Set the state for each ASR rule' is set to 'd4f940ab-401b-4efc-aadc-ad5f3c50688a:2' or higher | CIS Microsoft Defender Antivirus v1.0.0 L1 Server | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 1.6.1.7 Ensure 'Configure Attack Surface Reduction rules: Set the state for each ASR rule' is set to '01443614-cd74-433a-b99e-2ecdc07bfc25:2' or higher | CIS Microsoft Defender Antivirus v1.0.0 L1 Server | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 1.6.1.10 Ensure 'Configure Attack Surface Reduction rules: Set the state for each ASR rule' is set to '3b576869-a4ec-4529-8536-b80a7769e899:1' | CIS Microsoft Defender Antivirus v1.0.0 L1 Workstation | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 1.6.1.14 Ensure 'Configure Attack Surface Reduction rules: Set the state for each ASR rule' is set to '33ddedf1-c6e0-47cb-833e-de6133960387:1' | CIS Microsoft Defender Antivirus v1.0.0 L1 Server | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 1.6.1.16 Ensure 'Configure Attack Surface Reduction rules: Set the state for each ASR rule' is set to '92e97fa1-2edf-4476-bdd6-9dd0b4dddc7b:1' | CIS Microsoft Defender Antivirus v1.0.0 L1 Workstation | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 1.31.1 (L1) Ensure 'Configure Microsoft Defender SmartScreen' is set to 'Enabled' | CIS Microsoft Edge v4.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 1.31.2 (L1) Ensure 'Configure Microsoft Defender SmartScreen to block potentially unwanted apps' is set to 'Enabled' | CIS Microsoft Intune for Edge v1.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 1.31.6 (L1) Ensure 'Prevent bypassing of Microsoft Defender SmartScreen warnings about downloads' is set to 'Enabled' | CIS Microsoft Intune for Edge v1.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 1.33 (L1) Ensure 'Ads setting for sites with intrusive ads' is set to 'Enabled: Block ads on sites with intrusive ads.' | CIS Microsoft Intune for Edge v1.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 1.34 (L1) Ensure 'Allow download restrictions' is set to 'Enabled: Block malicious downloads' | CIS Microsoft Intune for Edge v1.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 1.58 (L1) Ensure 'Allow Web Authentication requests on sites with broken TLS certificates' is set to 'Disabled' | CIS Microsoft Intune for Edge v1.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 1.92 (L1) Ensure 'Enable browser legacy extension point blocking' is set to 'Enabled' | CIS Microsoft Intune for Edge v1.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 1.112 (L1) Ensure 'Enables DALL-E themes generation' is set to 'Disabled' | CIS Microsoft Edge v4.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 1.115 (L1) Ensure 'Enhance the security state in Microsoft Edge' is set to 'Enabled: Balanced mode' or higher | CIS Microsoft Edge v4.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.15 (L1) Ensure 'Ads setting for sites with intrusive ads' is set to 'Enabled: Do not allow ads on sites with intrusive ads' | CIS Google Chrome Group Policy v1.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 4.2.5 Ensure that the --streaming-connection-idle-timeout argument is not set to 0 | CIS Kubernetes v1.23 Benchmark v1.0.1 L1 Worker | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 18.3.5 (L1) Ensure 'Enable Structured Exception Handling Overwrite Protection (SEHOP)' is set to 'Enabled' | CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.4.4 (L1) Ensure 'Enable Structured Exception Handling Overwrite Protection (SEHOP)' is set to 'Enabled' | CIS Windows Server 2012 R2 MS L1 v3.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.5.8 (L1) Ensure 'MSS: (SafeDllSearchMode) Enable Safe DLL search mode (recommended)' is set to 'Enabled' | CIS Windows Server 2012 R2 DC L1 v3.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.4.1 Ensure 'Encryption Oracle Remediation' is set to 'Enabled: Force Updated Clients' | CIS Microsoft Windows Server 2022 v5.0.0 L1 MS | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.5.2 Ensure 'Turn On Virtualization Based Security: Select Platform Security Level' is set to 'Secure Boot' or higher | CIS Microsoft Windows Server 2022 v5.0.0 NG DC | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.5.2 Ensure 'Turn On Virtualization Based Security: Select Platform Security Level' is set to 'Secure Boot' or higher | CIS Microsoft Windows Server 2022 v5.0.0 NG MS | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.5.4 Ensure 'Turn On Virtualization Based Security: Require UEFI Memory Attributes Table' is set to 'True (checked)' | CIS Microsoft Windows Server 2022 v5.0.0 NG MS | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.7.1.3 Ensure 'Prevent installation of devices using drivers that match these device setup classes: Also apply to matching devices that are already installed.' is set to 'True' (checked) | CIS Microsoft Windows 11 Enterprise v5.0.1 BL | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.25.1 (L1) Ensure 'EMET 5.52' or higher is installed | CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.25.3 (L1) Ensure 'Default Protections for Internet Explorer' is set to 'Enabled' | CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.25.6 (L1) Ensure 'System ASLR' is set to 'Enabled: Application Opt-In' | CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.25.6 (L1) Ensure 'System ASLR' is set to 'Enabled: Application Opt-In' | CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.25.6 (L1) Ensure 'System ASLR' is set to 'Enabled: Application Opt-In' | CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.25.7 (L1) Ensure 'System DEP' is set to 'Enabled: Application Opt-Out' | CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.25.8 (L1) Ensure 'System SEHOP' is set to 'Enabled: Application Opt-Out' | CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.25.8 (L1) Ensure 'System SEHOP' is set to 'Enabled: Application Opt-Out' | CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.25.8 (L1) Ensure 'System SEHOP' is set to 'Enabled: Application Opt-Out' | CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.24.1 (L1) Ensure 'EMET 5.52' or higher is installed | CIS Windows Server 2012 R2 DC L1 v3.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.24.1 (L1) Ensure 'EMET 5.52' or higher is installed | CIS Windows Server 2012 MS L1 v3.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.24.3 (L1) Ensure 'Default Protections for Internet Explorer' is set to 'Enabled' | CIS Windows Server 2012 R2 MS L1 v3.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.24.5 (L1) Ensure 'Default Protections for Recommended Software' is set to 'Enabled' | CIS Windows Server 2012 DC L1 v3.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.24.6 (L1) Ensure 'System ASLR' is set to 'Enabled: Application Opt-In' | CIS Windows Server 2012 R2 DC L1 v3.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.24.6 (L1) Ensure 'System ASLR' is set to 'Enabled: Application Opt-In' | CIS Windows Server 2012 MS L1 v3.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.24.7 (L1) Ensure 'System DEP' is set to 'Enabled: Application Opt-Out' | CIS Windows Server 2012 R2 DC L1 v3.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.24.7 (L1) Ensure 'System DEP' is set to 'Enabled: Application Opt-Out' | CIS Windows Server 2012 MS L1 v3.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.24.8 (L1) Ensure 'System SEHOP' is set to 'Enabled: Application Opt-Out' | CIS Windows Server 2012 R2 MS L1 v3.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
