| 2.1 Ensure That Cloud Audit Logging Is Configured Properly | CIS Google Cloud Platform v3.0.0 L1 | GCP | AUDIT AND ACCOUNTABILITY |
| 2.12 Ensure That Cloud DNS Logging Is Enabled for All VPC Networks | CIS Google Cloud Platform v3.0.0 L1 | GCP | AUDIT AND ACCOUNTABILITY |
| 4.1 Ensure unauthorized API calls are monitored | CIS Amazon Web Services Foundations v4.0.1 L2 | amazon_aws | AUDIT AND ACCOUNTABILITY |
| 4.2 Ensure management console sign-in without MFA is monitored | CIS Amazon Web Services Foundations v4.0.1 L1 | amazon_aws | AUDIT AND ACCOUNTABILITY |
| 4.3 Ensure usage of the 'root' account is monitored | CIS Amazon Web Services Foundations v4.0.1 L1 | amazon_aws | AUDIT AND ACCOUNTABILITY |
| 4.4 Ensure IAM policy changes are monitored | CIS Amazon Web Services Foundations v4.0.1 L1 | amazon_aws | AUDIT AND ACCOUNTABILITY |
| 4.5 Ensure CloudTrail configuration changes are monitored | CIS Amazon Web Services Foundations v4.0.1 L1 | amazon_aws | AUDIT AND ACCOUNTABILITY |
| 4.6 Ensure AWS Management Console authentication failures are monitored | CIS Amazon Web Services Foundations v4.0.1 L2 | amazon_aws | AUDIT AND ACCOUNTABILITY |
| 4.7 Ensure disabling or scheduled deletion of customer created CMKs is monitored | CIS Amazon Web Services Foundations v4.0.1 L2 | amazon_aws | AUDIT AND ACCOUNTABILITY |
| 4.8 Ensure S3 bucket policy changes are monitored | CIS Amazon Web Services Foundations v4.0.1 L1 | amazon_aws | AUDIT AND ACCOUNTABILITY |
| 4.9 Ensure AWS Config configuration changes are monitored | CIS Amazon Web Services Foundations v4.0.1 L2 | amazon_aws | AUDIT AND ACCOUNTABILITY |
| 4.10 Ensure security group changes are monitored | CIS Amazon Web Services Foundations v4.0.1 L2 | amazon_aws | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MEDIA PROTECTION |
| 4.11 Ensure Network Access Control List (NACL) changes are monitored | CIS Amazon Web Services Foundations v4.0.1 L2 | amazon_aws | AUDIT AND ACCOUNTABILITY |
| 4.12 Ensure changes to network gateways are monitored | CIS Amazon Web Services Foundations v4.0.1 L1 | amazon_aws | AUDIT AND ACCOUNTABILITY |
| 4.13 Ensure route table changes are monitored | CIS Amazon Web Services Foundations v4.0.1 L1 | amazon_aws | AUDIT AND ACCOUNTABILITY |
| 4.14 Ensure VPC changes are monitored | CIS Amazon Web Services Foundations v4.0.1 L1 | amazon_aws | AUDIT AND ACCOUNTABILITY |
| 4.15 Ensure AWS Organizations changes are monitored | CIS Amazon Web Services Foundations v4.0.1 L1 | amazon_aws | AUDIT AND ACCOUNTABILITY |
| AIX7-00-002011 - AIX must provide the function to filter audit records for events of interest based upon all audit fields within audit records, support on-demand reporting requirements, and an audit reduction function that supports on-demand audit review and analysis and after-the-fact investigations of security incidents. | DISA STIG AIX 7.x v3r1 | Unix | AUDIT AND ACCOUNTABILITY |
| AOSX-14-005001 - The macOS system must enable System Integrity Protection. | DISA STIG Apple Mac OSX 10.14 v2r6 | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| APPL-11-005001 - The macOS system must enable System Integrity Protection. | DISA STIG Apple macOS 11 v1r8 | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| APPL-11-005001 - The macOS system must enable System Integrity Protection. | DISA STIG Apple macOS 11 v1r5 | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| APPL-12-005001 - The macOS system must enable System Integrity Protection. | DISA STIG Apple macOS 12 v1r9 | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| APPL-13-005001 - The macOS system must enable System Integrity Protection. | DISA STIG Apple macOS 13 v1r5 | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| APPL-14-005001 The macOS system must ensure System Integrity Protection is enabled. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| SLES-12-020010 - SUSE operating system audit records must contain information to establish what type of events occurred, the source of events, where events occurred, and the outcome of events. | DISA SLES 12 STIG v3r1 | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| SLES-15-030050 - SUSE operating system audit records must contain information to establish what type of events occurred, the source of events, where events occurred, and the outcome of events. | DISA SLES 15 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SOL-11.1-010080 - The operating system must provide the capability to automatically process audit records for events of interest based upon selectable, event criteria. | DISA STIG Solaris 11 SPARC v3r1 | Unix | AUDIT AND ACCOUNTABILITY |
| SOL-11.1-010080 - The operating system must provide the capability to automatically process audit records for events of interest based upon selectable, event criteria. | DISA STIG Solaris 11 X86 v3r1 | Unix | AUDIT AND ACCOUNTABILITY |
| SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 14' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 15' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 18' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 20' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 102' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 103' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 104' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 106' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 107' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 108' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 112' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 115' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 117' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 129' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 132' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 133' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 134' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 152' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 153' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 175' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 176' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 178' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
