| 2.26 Ensure fewer than 5 users have global administrator assignment | CIS Microsoft Azure Foundations v3.0.0 L1 | microsoft_azure | ACCESS CONTROL |
| 3.1 Ensure 'FAILED_LOGIN_ATTEMPTS' Is Less than or Equal to '5' | CIS Oracle Server 11g R2 DB v2.2.0 | OracleDB | |
| 3.6 Ensure 'PASSWORD_GRACE_TIME' Is Less than or Equal to '5' | CIS Oracle Server 12c DB Traditional Auditing v3.0.0 | OracleDB | ACCESS CONTROL |
| 4.1.17 Ensure kernel module loading and unloading is collected - /sbin/insmod | CIS Debian 8 Server L2 v2.0.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.17 Ensure kernel module loading and unloading is collected - /sbin/modprobe | CIS Debian 8 Server L2 v2.0.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.17 Ensure kernel module loading and unloading is collected - /sbin/rmmod | CIS Debian 8 Workstation L2 v2.0.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.17 Ensure kernel module loading and unloading is collected - auditctl /sbin/modprobe | CIS Debian 8 Server L2 v2.0.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.17 Ensure kernel module loading and unloading is collected - auditctl /sbin/modprobe | CIS Debian 8 Workstation L2 v2.0.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.17 Ensure kernel module loading and unloading is collected - auditctl /sbin/rmmod | CIS Debian 8 Server L2 v2.0.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.17 Ensure kernel module loading and unloading is collected - auditctl /sbin/rmmod | CIS Debian 8 Workstation L2 v2.0.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.17 Ensure kernel module loading and unloading is collected - auditctl init_module | CIS SUSE Linux Enterprise Server 11 L2 v2.1.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.17 Ensure kernel module loading and unloading is collected - auditctl init_module | CIS Debian 8 Server L2 v2.0.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.17 Ensure kernel module loading and unloading is collected - auditctl init_module | CIS Debian 8 Workstation L2 v2.0.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.17 Ensure kernel module loading and unloading is collected - auditctl insmod | CIS SUSE Linux Enterprise Server 11 L2 v2.1.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.17 Ensure kernel module loading and unloading is collected - auditctl modprobe | CIS SUSE Linux Enterprise Workstation 11 L2 v2.1.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.17 Ensure kernel module loading and unloading is collected - auditctl modprobe | CIS SUSE Linux Enterprise Server 11 L2 v2.1.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.17 Ensure kernel module loading and unloading is collected - auditctl rmmod | CIS SUSE Linux Enterprise Server 11 L2 v2.1.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.17 Ensure kernel module loading and unloading is collected - auditctl rmmod | CIS SUSE Linux Enterprise Workstation 11 L2 v2.1.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.17 Ensure kernel module loading and unloading is collected - init_module | CIS SUSE Linux Enterprise Server 11 L2 v2.1.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.17 Ensure kernel module loading and unloading is collected - init_module | CIS Debian 8 Workstation L2 v2.0.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.17 Ensure kernel module loading and unloading is collected - init_module | CIS Debian 8 Server L2 v2.0.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.17 Ensure kernel module loading and unloading is collected - init_module | CIS SUSE Linux Enterprise Workstation 11 L2 v2.1.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.17 Ensure kernel module loading and unloading is collected - insmod | CIS SUSE Linux Enterprise Server 11 L2 v2.1.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.17 Ensure kernel module loading and unloading is collected - insmod | CIS SUSE Linux Enterprise Workstation 11 L2 v2.1.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.17 Ensure kernel module loading and unloading is collected - modprobe | CIS SUSE Linux Enterprise Workstation 11 L2 v2.1.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.17 Ensure kernel module loading and unloading is collected - rmmod | CIS SUSE Linux Enterprise Workstation 11 L2 v2.1.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.8 Ensure Billing Alerts are enabled for increments of X spend | CIS Amazon Web Services Three-tier Web Architecture L1 1.0.0 | amazon_aws | |
| 4.8.3 Ensure loginretries is configured | CIS IBM AIX 7 v1.0.0 L1 | Unix | ACCESS CONTROL |
| 5.1.1 Secure Home Folders | CIS Apple macOS 10.13 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 5.2.1 Configure account lockout threshold | CIS Apple macOS 10.13 L1 v1.1.0 | Unix | ACCESS CONTROL |
| 5.3.12 Ensure password prohibited reuse is at a minumum '5' | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| CISC-RT-000280 - The Cisco perimeter router must be configured to protect an enclave connected to an alternate gateway by using an inbound filter that only permits packets with destination addresses within the sites address space. | DISA STIG Cisco IOS Router RTR v3r2 | Cisco | ACCESS CONTROL |
| CISC-RT-000280 - The Cisco perimeter router must be configured to protect an enclave connected to an alternate gateway by using an inbound filter that only permits packets with destination addresses within the sites address space. | DISA STIG Cisco IOS XE Router RTR v3r2 | Cisco | ACCESS CONTROL |
| Console inactivity timer | ArubaOS Switch 16.x Hardening Guide v1.0.0 | ArubaOS | ACCESS CONTROL |
| DEFAULT Profile 'PASSWORD_REUSE_MAX' Is Greater than or Equal to '5' | DISA STIG Oracle 11.2g v2r5 Database | OracleDB | |
| DISA_MongoDB_Enterprise_Advanced_7.x_STIG_v1r1_Unix.audit from DISA MongoDB Enterprise Advanced 7.x STIG v1r1 | DISA MongoDB Enterprise Advanced 7.x STIG v1r1 | Unix | |
| DISA_STIG_AIX_7.x_v3r1.audit from DISA IBM AIX 7.x v3r1 STIG | DISA STIG AIX 7.x v3r1 | Unix | |
| DISA_STIG_Apple_OS_X_10.14_v2r6.audit from DISA Apple OS X 10.14 (Mojave) v2r6 STIG | DISA STIG Apple Mac OSX 10.14 v2r6 | Unix | |
| DTAVSEL-008 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to scan files when being written to disk. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-008 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to scan files when being written to disk. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-011 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner maximum scan time must not be less than 45 seconds - default.scanMaxTmo | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-011 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner maximum scan time must not be less than 45 seconds - default.scanMaxTmo | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-011 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner maximum scan time must not be less than 45 seconds - scanMaxTmo | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-017 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to deny access to the file if scanning fails. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| KNOX-07-012100 - The Samsung Android 7 with Knox must implement the management setting: Enable CC mode. | MobileIron - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | CONFIGURATION MANAGEMENT |
| OL6-00-000290 - X Windows must not be enabled unless required. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| VCEM-70-000012 - ESX Agent Manager must have Multipurpose Internet Mail Extensions (MIMEs) that invoke operating system shell programs disabled. | DISA STIG VMware vSphere 7.0 EAM Tomcat v1r2 | Unix | CONFIGURATION MANAGEMENT |
| VCPF-70-000012 - Performance Charts must have Multipurpose Internet Mail Extensions (MIMEs) that invoke operating system shell programs disabled. | DISA STIG VMware vSphere 7.0 Perfcharts Tomcat v1r1 | Unix | CONFIGURATION MANAGEMENT |
| VCST-70-000012 - The Security Token Service must have Multipurpose Internet Mail Extensions (MIME) that invoke operating system shell programs disabled. | DISA STIG VMware vSphere 7.0 STS Tomcat v1r2 | Unix | CONFIGURATION MANAGEMENT |
| VCUI-70-000012 - vSphere UI must have Multipurpose Internet Mail Extensions (MIME) that invoke operating system shell programs disabled. | DISA STIG VMware vSphere 7.0 vCA UI v1r2 | Unix | CONFIGURATION MANAGEMENT |
