| 1.1.17 Ensure that the --audit-log-maxbackup argument is set to 10 or as appropriate | CIS Kubernetes 1.11 Benchmark v1.3.0 L1 | Unix | AUDIT AND ACCOUNTABILITY |
| 1.14 Audit Docker files and directories - /usr/bin/docker-containerd | CIS Docker 1.12.0 v1.0.0 L1 Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 1.15 Audit Docker files and directories - /usr/bin/docker-runc | CIS Docker 1.11.0 v1.0.0 L1 Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 1.15 Audit Docker files and directories - /usr/bin/docker-runc | CIS Docker 1.12.0 v1.0.0 L1 Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 2.2.17 Ensure '_trace_files_public' Is Set to 'FALSE' | CIS Oracle Server 12c DB Traditional Auditing v3.0.0 | OracleDB | ACCESS CONTROL |
| 3.1.3.5 Ensure that 'File Integrity Monitoring' component status is set to 'On' | CIS Microsoft Azure Foundations v3.0.0 L2 | microsoft_azure | RISK ASSESSMENT |
| 3.1.6 Secure permissions for default database file path | CIS IBM DB2 9 Benchmark v3.0.1 Level 1 OS Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 3.1.6 Secure permissions for default database file path | CIS IBM DB2 9 Benchmark v3.0.1 Level 1 OS Windows | Windows | AUDIT AND ACCOUNTABILITY |
| 3.1.6 Secure permissions for default database file path | CIS IBM DB2 9 Benchmark v3.0.1 Level 2 OS Windows | Windows | AUDIT AND ACCOUNTABILITY |
| 3.1.14 Set maximum connection limits - 'max_coordagents <= 100' | CIS IBM DB2 OS L2 v1.2.0 | Unix | ACCESS CONTROL |
| 3.2.4 Secure permissions for the primary archive log location | CIS IBM DB2 9 Benchmark v3.0.1 Level 1 DB | IBM_DB2DB | |
| 3.2.4 Secure permissions for the primary archive log location - FILE_PERMISSIONS | CIS IBM DB2 9 Benchmark v3.0.1 Level 1 OS Windows | Windows | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| 3.2.5 Secure permissions for the secondary archive log location | CIS IBM DB2 9 Benchmark v3.0.1 Level 1 OS Windows | Windows | AUDIT AND ACCOUNTABILITY |
| 3.2.5 Secure permissions for the secondary archive log location | CIS IBM DB2 9 Benchmark v3.0.1 Level 1 OS Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 3.2.5 Secure permissions for the secondary archive log location - FILE_PERMISSIONS | CIS IBM DB2 9 Benchmark v3.0.1 Level 1 OS Windows | Windows | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| 4.1.12 Set Maximum Number of Applications (MAXAPPLS) | CIS IBM DB2 11 v1.1.0 Linux OS Level 1 | Unix | ACCESS CONTROL |
| 4.1.12 Set Maximum Number of Applications (MAXAPPLS) | CIS IBM DB2 11 v1.1.0 Windows OS Level 1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.3 Do not install unnecessary packages in the container | CIS Docker 1.11.0 v1.0.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| APPL-15-000120 - The macOS system must configure SSHD channel timeout to 900. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| DTAVSEL-106 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must be configured to Clean infected files automatically as first action when a virus or Trojan is detected. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-107 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must be configured to Move infected files to the quarantine directory if first action fails when a virus or Trojan is detected. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-110 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must be configured to Clean infected files automatically as first action when programs and jokes are found. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-111 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must be configured to Move infected files to the quarantine directory if first action fails when programs and jokes are found. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| FFOX-00-000005 - Firefox must be configured to not automatically update installed add-ons and plugins. | DISA STIG Mozilla Firefox Windows v6r5 | Windows | CONFIGURATION MANAGEMENT |
| FFOX-00-000007 - Firefox must be configured to disable form fill assistance. | DISA STIG Mozilla Firefox Windows v6r5 | Windows | CONFIGURATION MANAGEMENT |
| FFOX-00-000013 - Firefox must be configured to disable the installation of extensions. | DISA STIG Mozilla Firefox Linux v6r5 | Unix | CONFIGURATION MANAGEMENT |
| FFOX-00-000013 - Firefox must be configured to disable the installation of extensions. | DISA STIG Mozilla Firefox MacOS v6r5 | Unix | CONFIGURATION MANAGEMENT |
| FFOX-00-000014 - Background submission of information to Mozilla must be disabled. | DISA STIG Mozilla Firefox Windows v6r5 | Windows | CONFIGURATION MANAGEMENT |
| FFOX-00-000015 - Firefox development tools must be disabled. | DISA STIG Mozilla Firefox Windows v6r5 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| FFOX-00-000018 - Firefox must prevent the user from quickly deleting data. | DISA STIG Mozilla Firefox MacOS v6r5 | Unix | ACCESS CONTROL |
| FFOX-00-000018 - Firefox must prevent the user from quickly deleting data. | DISA STIG Mozilla Firefox Windows v6r5 | Windows | ACCESS CONTROL |
| FFOX-00-000019 - Firefox private browsing must be disabled. | DISA STIG Mozilla Firefox MacOS v6r5 | Unix | CONFIGURATION MANAGEMENT |
| FFOX-00-000019 - Firefox private browsing must be disabled. | DISA STIG Mozilla Firefox Windows v6r5 | Windows | CONFIGURATION MANAGEMENT |
| FFOX-00-000020 - Firefox search suggestions must be disabled. | DISA STIG Mozilla Firefox Windows v6r5 | Windows | CONFIGURATION MANAGEMENT |
| FFOX-00-000022 - Firefox network prediction must be disabled. | DISA STIG Mozilla Firefox Windows v6r5 | Windows | CONFIGURATION MANAGEMENT |
| FFOX-00-000023 - Firefox fingerprinting protection must be enabled. | DISA STIG Mozilla Firefox Linux v6r5 | Unix | CONFIGURATION MANAGEMENT |
| FFOX-00-000023 - Firefox fingerprinting protection must be enabled. | DISA STIG Mozilla Firefox MacOS v6r5 | Unix | CONFIGURATION MANAGEMENT |
| FFOX-00-000024 - Firefox cryptomining protection must be enabled. | DISA STIG Mozilla Firefox MacOS v6r5 | Unix | CONFIGURATION MANAGEMENT |
| FFOX-00-000024 - Firefox cryptomining protection must be enabled. | DISA STIG Mozilla Firefox Linux v6r5 | Unix | CONFIGURATION MANAGEMENT |
| FFOX-00-000027 - Firefox deprecated ciphers must be disabled. | DISA STIG Mozilla Firefox MacOS v6r5 | Unix | CONFIGURATION MANAGEMENT |
| FFOX-00-000033 - Firefox must be configured so that DNS over HTTPS is disabled. | DISA STIG Mozilla Firefox Linux v6r5 | Unix | CONFIGURATION MANAGEMENT |
| FFOX-00-000033 - Firefox must be configured so that DNS over HTTPS is disabled. | DISA STIG Mozilla Firefox MacOS v6r5 | Unix | CONFIGURATION MANAGEMENT |
| FFOX-00-000036 - Firefox feedback reporting must be disabled. | DISA STIG Mozilla Firefox Windows v6r5 | Windows | CONFIGURATION MANAGEMENT |
| FFOX-00-000039 - Firefox Studies must be disabled. | DISA STIG Mozilla Firefox Windows v6r5 | Windows | CONFIGURATION MANAGEMENT |
| OL6-00-000275 - The operating system must employ cryptographic mechanisms to protect information in storage. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000277 - The operating system must employ cryptographic mechanisms to prevent unauthorized disclosure of data at rest unless otherwise protected by alternative physical measures. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| PGS9-00-007000 - PostgreSQL, when utilizing PKI-based authentication, must validate certificates by performing RFC 5280-compliant certification path validation. | DISA STIG PostgreSQL 9.x on RHEL OS v2r5 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-07-010190 - The Red Hat Enterprise Linux operating system must be configured so that when passwords are changed the number of repeating characters of the same character class must not be more than four characters. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-07-021000 - The Red Hat Enterprise Linux operating system must be configured so that file systems containing user home directories are mounted to prevent files with the setuid and setgid bit set from being executed. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-07-040310 - The Red Hat Enterprise Linux operating system must be configured so that all networked systems use SSH for confidentiality and integrity of transmitted and received information as well as information during preparation for transmission. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
