| 4.2 Ensure 'Applications and Threats Update Schedule' is set to download and install updates at daily or shorter intervals | CIS Palo Alto Firewall 9 v1.1.0 L1 | Palo_Alto | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, MEDIA PROTECTION, RISK ASSESSMENT, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 5.1.2 Ensure System Integrity Protection Status (SIP) Is Enabled | CIS Apple macOS 14.0 Sonoma v1.1.0 L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 5.1.2 Ensure System Integrity Protection Status (SIP) Is Enabled | CIS Apple macOS 11.0 Big Sur v4.0.0 L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 5.1.2 Ensure System Integrity Protection Status (SIP) Is Enabled | CIS Apple macOS 12.0 Monterey Cloud-tailored v1.0.0 L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 5.1.2 Ensure System Integrity Protection Status (SIP) Is Enabled | CIS Apple macOS 10.15 Catalina v3.0.0 L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 5.1.2 Ensure System Integrity Protection Status (SIP) Is Enabled | CIS Apple macOS 13.0 Ventura Cloud-tailored v1.0.0 L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 5.1.2 Ensure System Integrity Protection Status (SIP) Is Enabled | CIS Apple macOS 14.0 Sonoma Cloud-tailored v1.0.0 L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 5.1.2 Ensure System Integrity Protection Status (SIP) Is Enabled | CIS Apple macOS 12.0 Monterey v3.1.0 L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 5.1.2 Ensure System Integrity Protection Status (SIP) Is Enabled | CIS Apple macOS 13.0 Ventura v2.1.0 L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 5.1.2 Ensure System Integrity Protection Status (SIPS) Is Enabled | CIS Apple macOS 10.14 v2.0.0 L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| AIX7-00-003096 - AIX must set Stack Execution Disable (SED) system wide mode to all. | DISA STIG AIX 7.x v3r1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| OL07-00-040201 - The Oracle Linux operating system must implement virtual address space randomization. | DISA Oracle Linux 7 STIG v2r14 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| RHEL-09-212050 - RHEL 9 must enable mitigations against processor-based vulnerabilities. | DISA Red Hat Enterprise Linux 9 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| RHEL-09-213025 - RHEL 9 must restrict exposed kernel pointer addresses access. | DISA Red Hat Enterprise Linux 9 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| RHEL-09-213070 - RHEL 9 must implement address space layout randomization (ASLR) to protect its memory from unauthorized code execution. | DISA Red Hat Enterprise Linux 9 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| SLES-12-030320 - The SUSE operating system must implement kptr-restrict to prevent the leaking of internal kernel addresses. | DISA SLES 12 STIG v2r13 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| SLES-12-030330 - Address space layout randomization (ASLR) must be implemented by the SUSE operating system to protect memory from unauthorized code execution. | DISA SLES 12 STIG v2r13 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| UBTU-16-030130 - The Ubuntu operating system must implement non-executable data to protect its memory from unauthorized code execution. | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| UBTU-16-030140 - The Ubuntu operating system must implement address space layout randomization to protect its memory from unauthorized code execution. | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| UBTU-18-010513 - The Ubuntu operating system must implement non-executable data to protect its memory from unauthorized code execution. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| UBTU-18-010514 - The Ubuntu operating system must implement address space layout randomization to protect its memory from unauthorized code execution. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| WN10-00-000145 - Data Execution Prevention (DEP) must be configured to at least OptOut. | DISA Windows 10 STIG v3r2 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| WN10-00-000150 - Structured Exception Handling Overwrite Protection (SEHOP) must be enabled. | DISA Windows 10 STIG v3r2 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| WN10-CC-000215 - Explorer Data Execution Prevention must be enabled. | DISA Windows 10 STIG v3r2 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| WN12-CC-000089 - Explorer Data Execution Prevention must be enabled. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| WN12-CC-000089 - Explorer Data Execution Prevention must be enabled. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| WN16-CC-000340 - Explorer Data Execution Prevention must be enabled. | DISA Windows Server 2016 STIG v2r9 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| WN19-CC-000310 - Windows Server 2019 Explorer Data Execution Prevention must be enabled. | DISA Windows Server 2019 STIG v3r2 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| WN22-UR-000160 - Windows Server 2022 lock pages in memory user right must not be assigned to any groups or accounts. | DISA Windows Server 2022 STIG v2r2 | Windows | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
