| 2.2.17 Ensure '_trace_files_public' Is Set to 'FALSE' | CIS Oracle Server 12c DB Traditional Auditing v3.0.0 | OracleDB | ACCESS CONTROL |
| 2.2.17 Ensure '_trace_files_public' Is Set to 'FALSE' | CIS Oracle Server 12c DB Unified Auditing v3.0.0 | OracleDB | ACCESS CONTROL |
| 2.5 Ensure aufs storage driver is not used | CIS Docker Community Edition v1.1.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 3.2.4 Secure permissions for the primary archive log location | CIS IBM DB2 9 Benchmark v3.0.1 Level 1 DB | IBM_DB2DB | |
| 3.2.4 Secure permissions for the primary archive log location | CIS IBM DB2 9 Benchmark v3.0.1 Level 1 OS Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 3.2.4 Secure permissions for the primary archive log location | CIS IBM DB2 9 Benchmark v3.0.1 Level 1 OS Windows | Windows | AUDIT AND ACCOUNTABILITY |
| 3.2.4 Secure permissions for the primary archive log location - FILE_PERMISSIONS | CIS IBM DB2 9 Benchmark v3.0.1 Level 1 OS Windows | Windows | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| 3.2.5 Secure permissions for the secondary archive log location | CIS IBM DB2 9 Benchmark v3.0.1 Level 1 DB | IBM_DB2DB | |
| 3.2.5 Secure permissions for the secondary archive log location | CIS IBM DB2 9 Benchmark v3.0.1 Level 1 OS Windows | Windows | AUDIT AND ACCOUNTABILITY |
| 3.2.5 Secure permissions for the secondary archive log location | CIS IBM DB2 9 Benchmark v3.0.1 Level 1 OS Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 3.2.5 Secure permissions for the secondary archive log location - FILE_PERMISSIONS | CIS IBM DB2 9 Benchmark v3.0.1 Level 1 OS Windows | Windows | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| 3.8 Ensure the Lock File Is Secured | CIS Apache HTTP Server 2.4 v2.3.0 L1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 4.1.11 Set Maximum Number of Applications (MAXAPPLS) | CIS IBM DB2 12.1 v1.0.0 Windows OS Level 1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.10 (L1) Ensure 'LxssManager (LxssManager)' is set to 'Disabled' or 'Not Installed' | CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 5.11 (L1) Ensure 'LxssManager (LxssManager)' is set to 'Disabled' or 'Not Installed' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL | Windows | CONFIGURATION MANAGEMENT |
| 5.11 (L1) Ensure 'LxssManager (LxssManager)' is set to 'Disabled' or 'Not Installed' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NG | Windows | CONFIGURATION MANAGEMENT |
| 5.11 (L1) Ensure 'LxssManager (LxssManager)' is set to 'Disabled' or 'Not Installed' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 5.11 (L1) Ensure 'LxssManager (LxssManager)' is set to 'Disabled' or 'Not Installed' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG | Windows | CONFIGURATION MANAGEMENT |
| 81.10 (L1) Ensure 'LxssManager (LxssManager)' is set to 'Disabled' or 'Not Installed' | CIS Microsoft Intune for Windows 11 v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 100. OpenStack Compute - Policy.json - 'compute_extension:admin_actions:migrate' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 100. OpenStack Identity - Policy.json - 'identity:list_policies' | TNS OpenStack Keystone/Identity Security Guide | Unix | ACCESS CONTROL |
| 100. OpenStack Networking - Policy.json - 'get_subnet' | TNS OpenStack Neutron/Networking Security Guide | Unix | ACCESS CONTROL |
| APPL-14-000130 - The macOS system must configure SSHD unused connection timeout to 900. | DISA Apple macOS 14 Sonoma STIG v2r4 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-26-000024 - The macOS system must enforce SSH to display a policy banner. | DISA Apple macOS 26 Tahoe STIG v1r2 | Unix | ACCESS CONTROL |
| AZLX-23-001270 - Amazon Linux 2023 must implement a FIPS 140-2/140-3 compliant systemwide cryptographic policy. | DISA Amazon Linux 2023 STIG v1r2 | Unix | IDENTIFICATION AND AUTHENTICATION, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION |
| AZLX-23-002515 - Amazon Linux 2023 must enable auditing of processes that start prior to the audit daemon. | DISA Amazon Linux 2023 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| CISC-RT-000680 - The Cisco PE router providing Virtual Private LAN Services (VPLS) must be configured to have all attachment circuits defined to the virtual forwarding instance (VFI) with the globally unique VPN ID assigned for each customer VLAN. | DISA Cisco IOS XE Router RTR STIG v3r5 | Cisco | CONFIGURATION MANAGEMENT |
| CISC-RT-000720 - The Cisco PE switch must be configured to limit the number of MAC addresses it can learn for each Virtual Private LAN Services (VPLS) bridge domain. | DISA Cisco NX OS Switch RTR STIG v3r4 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTAVSEL-106 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must be configured to Clean infected files automatically as first action when a virus or Trojan is detected. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-111 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must be configured to Move infected files to the quarantine directory if first action fails when programs and jokes are found. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| FFOX-00-000005 - Firefox must be configured to not automatically update installed add-ons and plugins. | DISA STIG Mozilla Firefox Windows v6r7 | Windows | CONFIGURATION MANAGEMENT |
| FFOX-00-000007 - Firefox must be configured to disable form fill assistance. | DISA STIG Mozilla Firefox MacOS v6r7 | Unix | CONFIGURATION MANAGEMENT |
| FFOX-00-000007 - Firefox must be configured to disable form fill assistance. | DISA STIG Mozilla Firefox Windows v6r7 | Windows | CONFIGURATION MANAGEMENT |
| FFOX-00-000008 - Firefox must be configured to not use a password store with or without a master password. | DISA STIG Mozilla Firefox Windows v6r7 | Windows | CONFIGURATION MANAGEMENT |
| FFOX-00-000014 - Background submission of information to Mozilla must be disabled. | DISA STIG Mozilla Firefox Windows v6r7 | Windows | CONFIGURATION MANAGEMENT |
| FFOX-00-000015 - Firefox development tools must be disabled. | DISA STIG Mozilla Firefox MacOS v6r7 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| FFOX-00-000018 - Firefox must prevent the user from quickly deleting data. | DISA STIG Mozilla Firefox MacOS v6r7 | Unix | AUDIT AND ACCOUNTABILITY |
| FFOX-00-000018 - Firefox must prevent the user from quickly deleting data. | DISA STIG Mozilla Firefox Windows v6r7 | Windows | AUDIT AND ACCOUNTABILITY |
| FFOX-00-000019 - Firefox private browsing must be disabled. | DISA STIG Mozilla Firefox Linux v6r7 | Unix | CONFIGURATION MANAGEMENT |
| FFOX-00-000020 - Firefox search suggestions must be disabled. | DISA STIG Mozilla Firefox Windows v6r7 | Windows | CONFIGURATION MANAGEMENT |
| FFOX-00-000022 - Firefox network prediction must be disabled. | DISA STIG Mozilla Firefox Windows v6r7 | Windows | CONFIGURATION MANAGEMENT |
| FFOX-00-000033 - Firefox must be configured so that DNS over HTTPS is disabled. | DISA STIG Mozilla Firefox Linux v6r7 | Unix | CONFIGURATION MANAGEMENT |
| FFOX-00-000039 - Firefox Studies must be disabled. | DISA STIG Mozilla Firefox Windows v6r7 | Windows | CONFIGURATION MANAGEMENT |
| MADB-10-004400 - MariaDB must use NIST FIPS 140-2/140-3 validated cryptographic modules for cryptographic operations. | DISA MariaDB Enterprise 10.x v2r4 DB | MySQLDB | IDENTIFICATION AND AUTHENTICATION |
| OL07-00-010483 - Oracle Linux operating systems version 7.2 or newer booted with a BIOS must have a unique name for the grub superusers account when booting into single-user and maintenance modes. | DISA Oracle Linux 7 STIG v3r5 | Unix | ACCESS CONTROL |
| OL07-00-010492 - Oracle Linux operating systems version 7.2 or newer booted with United Extensible Firmware Interface (UEFI) must have a unique name for the grub superusers account when booting into single-user mode and maintenance. | DISA Oracle Linux 7 STIG v3r5 | Unix | ACCESS CONTROL |
| PANW-NM-000144 - The Palo Alto Networks security platform must generate an audit log record when the Data Plane CPU utilization is 100%. | DISA Palo Alto Networks NDM STIG v3r3 | Palo_Alto | CONFIGURATION MANAGEMENT |
| RHEL-07-010492 - Red Hat Enterprise Linux operating systems version 7.2 or newer booted with United Extensible Firmware Interface (UEFI) must have a unique name for the grub superusers account when booting into single-user mode and maintenance. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | ACCESS CONTROL |
| RHEL-08-040010 - RHEL 8 must not install packages from the Extra Packages for Enterprise Linux (EPEL) repository. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-215035 - RHEL 9 must not install packages from the Extra Packages for Enterprise Linux (EPEL) repository. | DISA Red Hat Enterprise Linux 9 STIG v2r8 | Unix | CONFIGURATION MANAGEMENT |
