| 2.3.7.10 Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or 'Force Logoff' (STIG DC & MS only) | CIS Microsoft Windows Server 2022 STIG v1.0.0 STIG MS | Windows | ACCESS CONTROL |
| 2.3.7.10 Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or 'Force Logoff' (STIG DC & MS only) | CIS Microsoft Windows Server 2022 STIG v1.0.0 STIG DC | Windows | ACCESS CONTROL |
| 2.3.7.10 Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or 'Force Logoff' (STIG DC & MS only) | CIS Microsoft Windows Server 2019 STIG v2.0.0 STIG DC | Windows | ACCESS CONTROL |
| 2.3.7.10 Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or 'Force Logoff' (STIG DC & MS only) | CIS Microsoft Windows Server 2019 STIG v2.0.0 STIG MS | Windows | ACCESS CONTROL |
| 2.3.7.10 Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or 'Force Logoff' (STIG only) | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC | Windows | ACCESS CONTROL |
| 3.2.1 Restrict Recursive Queries | CIS ISC BIND 9.0/9.5 v2.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.4 Enable Auditing of Process and Privilege Events - AUE_FCHROOT : cis | CIS Solaris 11.1 L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.4 Enable Auditing of Process and Privilege Events - AUE_FCHROOT : cis | CIS Solaris 11.2 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.4 Enable Auditing of Process and Privilege Events - AUE_PFEXEC : cis | CIS Solaris 11.1 L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.4 Enable Auditing of Process and Privilege Events - AUE_PRIOCNTLSYS : cis | CIS Solaris 11.2 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.4 Enable Auditing of Process and Privilege Events - AUE_PRIOCNTLSYS : cis | CIS Solaris 11 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.4 Enable Auditing of Process and Privilege Events - AUE_SETEGID : cis | CIS Solaris 11.1 L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.4 Enable Auditing of Process and Privilege Events - AUE_SETEUID : cis | CIS Solaris 11.2 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.4 Enable Auditing of Process and Privilege Events - AUE_SETGID : cis | CIS Solaris 11.1 L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.4 Enable Auditing of Process and Privilege Events - AUE_SETGID : cis | CIS Solaris 11 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.4 Enable Auditing of Process and Privilege Events - AUE_SETPGID : cis | CIS Solaris 11 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.4 Enable Auditing of Process and Privilege Events - AUE_SETPPRIV : cis | CIS Solaris 11.2 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.4 Enable Auditing of Process and Privilege Events - AUE_SETPPRIV : cis | CIS Solaris 11 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.4 Enable Auditing of Process and Privilege Events - AUE_SETREGID : cis | CIS Solaris 11.2 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.4 Enable Auditing of Process and Privilege Events - AUE_SETREUID : cis | CIS Solaris 11 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 6.4 Avoid image sprawl | CIS Docker 1.12.0 v1.0.0 L1 Linux | Unix | CONFIGURATION MANAGEMENT |
| Check if this is a Docker Vessel/Host | CIS Kubernetes 1.8 Benchmark v1.2.0 L2 | Unix | |
| Check if this is a Docker Vessel/Host | CIS Kubernetes v1.20 Benchmark v1.0.1 L2 Master | Unix | |
| Check if this is a Docker Vessel/Host | CIS Kubernetes v1.23 Benchmark v1.0.1 L1 Worker | Unix | |
| Check if this is a Docker Vessel/Host | CIS Docker 1.11.0 v1.0.0 L1 Linux | Unix | |
| Check if this is a Docker Vessel/Host | CIS Docker 1.12.0 v1.0.0 L1 Linux | Unix | |
| Check if this is a Docker Vessel/Host | CIS Kubernetes 1.7.0 Benchmark v1.1.0 L2 | Unix | |
| Check if this is a Docker Vessel/Host | CIS Kubernetes v1.20 Benchmark v1.0.1 L1 Worker | Unix | |
| Check if this is a Docker Vessel/Host | CIS Kubernetes v1.20 Benchmark v1.0.1 L2 Worker | Unix | |
| Check if this is a Docker Vessel/Host | CIS Kubernetes v1.24 Benchmark v1.0.0 L1 Worker | Unix | |
| Check if this is a Docker Vessel/Host | CIS Kubernetes 1.11 Benchmark v1.3.0 L1 | Unix | |
| Check if this is a Docker Vessel/Host | CIS Docker 1.13.0 v1.0.0 L1 Linux | Unix | |
| Check if this is a Docker Vessel/Host | CIS Docker Community Edition v1.1.0 L1 Linux Host OS | Unix | |
| Check if this is a Docker Vessel/Host | CIS Kubernetes 1.7.0 Benchmark v1.1.0 L1 | Unix | |
| Check if this is a Docker Vessel/Host | CIS Kubernetes 1.8 Benchmark v1.2.0 L1 | Unix | |
| Check if this is a Docker Vessel/Host | CIS Kubernetes v1.20 Benchmark v1.0.1 L1 Master | Unix | |
| Check if this is a Docker Vessel/Host | CIS Kubernetes v1.23 Benchmark v1.0.1 L2 Master | Unix | |
| Check if this is a Docker Vessel/Host | CIS Kubernetes v1.24 Benchmark v1.0.0 L2 Worker | Unix | |
| Check if this is a Docker Vessel/Host | CIS Kubernetes 1.13 Benchmark v1.4.1 L2 | Unix | |
| Check if this is a Docker Vessel/Host | CIS Docker 1.6 v1.0.0 L1 Linux | Unix | |
| Check if this is a Docker Vessel/Host | CIS Kubernetes v1.23 Benchmark v1.0.1 L1 Master | Unix | |
| Check if this is a Docker Vessel/Host | CIS Kubernetes v1.23 Benchmark v1.0.1 L2 Worker | Unix | |
| Check if this is a Docker Vessel/Host | CIS Kubernetes v1.24 Benchmark v1.0.0 L1 Master | Unix | |
| CIS_Palo_Alto_Firewall_8_Benchmark_L1_v1.0.0.audit from CIS Palo Alto Firewall 8 Benchmark v1.0.0 | CIS Palo Alto Firewall 8 Benchmark L1 v1.0.0 | Palo_Alto | |
| DKER-EE-001050 - TCP socket binding for all Docker Engine - Enterprise nodes in a Universal Control Plane (UCP) cluster must be disabled. | DISA STIG Docker Enterprise 2.x Linux/Unix v2r2 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| DKER-EE-001170 - A policy set using the built-in role-based access control (RBAC) capabilities in the Universal Control Plane (UCP) component of Docker Enterprise must be configured. | DISA STIG Docker Enterprise 2.x Linux/Unix UCP v2r2 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| DKER-EE-002040 - Docker Enterprise host devices must not be directly exposed to containers. | DISA STIG Docker Enterprise 2.x Linux/Unix v2r2 | Unix | CONFIGURATION MANAGEMENT |
| DKER-EE-002050 - Mount propagation mode must not set to shared in Docker Enterprise. | DISA STIG Docker Enterprise 2.x Linux/Unix v2r2 | Unix | CONFIGURATION MANAGEMENT |
| DKER-EE-005330 - Docker Enterprise daemon.json file ownership must be set to root:root. | DISA STIG Docker Enterprise 2.x Linux/Unix v2r2 | Unix | CONFIGURATION MANAGEMENT |
| DKER-EE-005340 - Docker Enterprise daemon.json file permissions must be set to 644 or more restrictive. | DISA STIG Docker Enterprise 2.x Linux/Unix v2r2 | Unix | CONFIGURATION MANAGEMENT |
