| 1.19 OL08-00-010149 | CIS Oracle Linux 8 STIG v1.0.0 CAT II | Unix | ACCESS CONTROL |
| 1.20 OL08-00-010150 | CIS Oracle Linux 8 STIG v1.0.0 CAT I | Unix | ACCESS CONTROL |
| 1.22 OL08-00-010152 | CIS Oracle Linux 8 STIG v1.0.0 CAT II | Unix | ACCESS CONTROL |
| 1.184 WN22-DC-000390 | CIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT II | Windows | ACCESS CONTROL |
| 1.197 WN22-MS-000070 | CIS Microsoft Windows Server 2022 STIG v3.0.0 MS CAT II | Windows | ACCESS CONTROL |
| 1.198 WN22-MS-000080 | CIS Microsoft Windows Server 2022 STIG v3.0.0 MS CAT II | Windows | ACCESS CONTROL |
| 1.256 WN22-UR-000030 | CIS Microsoft Windows Server 2022 STIG v3.0.0 MS CAT II | Windows | ACCESS CONTROL |
| ALMA-09-006180 - AlmaLinux OS 9 must require authentication to access emergency mode. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r6 | Unix | ACCESS CONTROL |
| APPL-26-002006 - The macOS system must disable Unix-to-Unix Copy Protocol (UUCP) service. | DISA Apple macOS 26 Tahoe STIG v1r2 | Unix | ACCESS CONTROL |
| CNTR-K8-000300 - The Kubernetes Scheduler must have secure binding. | DISA STIG Kubernetes v2r5 | Unix | ACCESS CONTROL |
| CNTR-K8-000330 - The Kubernetes Kubelet must have the 'readOnlyPort' flag disabled - readOnlyPort flag disabled. | DISA STIG Kubernetes v2r5 | Unix | ACCESS CONTROL |
| CNTR-K8-000360 - The Kubernetes API server must have anonymous authentication disabled. | DISA STIG Kubernetes v2r5 | Unix | ACCESS CONTROL |
| CNTR-K8-000410 - Kubernetes Worker Nodes must not have the sshd service enabled. | DISA STIG Kubernetes v2r5 | Unix | ACCESS CONTROL |
| EX19-MB-000019 - Exchange servers must use approved DOD certificates. | DISA Microsoft Exchange 2019 Mailbox Server STIG v2r3 | Windows | ACCESS CONTROL |
| F5BI-AP-000240 - The F5 BIG-IP appliance must enforce approved authorizations for logical access to resources by explicitly configuring assigned resources with an authorization list. | DISA F5 BIG-IP Access Policy Manager STIG v2r4 | F5 | ACCESS CONTROL |
| JUEX-NM-000060 - The Juniper EX switch must be configured to assign appropriate user roles or access levels to authenticated users. | DISA Juniper EX Series Network Device Management v2r4 | Juniper | ACCESS CONTROL |
| MADB-10-000300 - MariaDB must enforce approved authorizations for logical access to information and system resources in accordance with applicable access control policies. | DISA MariaDB Enterprise 10.x v2r4 DB | MySQLDB | ACCESS CONTROL |
| MD7X-00-000300 MongoDB must enforce approved authorizations for logical access to information and system resources in accordance with applicable access control policies. | DISA MongoDB Enterprise Advanced 7.x STIG v1r1 | MongoDB | ACCESS CONTROL |
| MYS8-00-005400 - The MySQL Database Server 8.0 must enforce approved authorizations for logical access to information and system resources in accordance with applicable access control policies. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | ACCESS CONTROL |
| OL08-00-010150 - OL 8 operating systems booted with a BIOS must require authentication upon booting into single-user and maintenance modes. | DISA Oracle Linux 8 STIG v2r8 | Unix | ACCESS CONTROL |
| OL08-00-020262 - The OL 8 lastlog command must have a mode of "0750" or less permissive. | DISA Oracle Linux 8 STIG v2r8 | Unix | ACCESS CONTROL |
| RHEL-07-010492 - Red Hat Enterprise Linux operating systems version 7.2 or newer booted with United Extensible Firmware Interface (UEFI) must have a unique name for the grub superusers account when booting into single-user mode and maintenance. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | ACCESS CONTROL |
| RHEL-08-010151 - RHEL 8 operating systems must require authentication upon booting into rescue mode. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | ACCESS CONTROL |
| RHEL-10-400075 - RHEL 10 must be configured so that the "/etc/shadow-" file is group-owned by "root". | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | ACCESS CONTROL |
| RHEL-10-400145 - RHEL 10 must be configured so that all system device files are correctly labeled to prevent unauthorized modification. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | ACCESS CONTROL |
| RHEL-10-400325 - RHEL 10 must define default permissions for all authenticated users in such a way that the user can read and modify only their own files. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | ACCESS CONTROL |
| RHEL-10-400345 - RHEL 10 must enforce "root" group ownership of the "/boot/grub2/grub.cfg" file. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | ACCESS CONTROL |
| RHEL-10-500005 - RHEL 10 must enable auditing of processes that start prior to the audit daemon. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | ACCESS CONTROL |
| RHEL-10-600010 - RHEL 10 must require a unique superusers name upon booting into single-user and maintenance modes. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | ACCESS CONTROL |
| RHEL-10-600450 - RHEL 10 must not have unauthorized accounts. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | ACCESS CONTROL |
| RHEL-10-700010 - RHEL 10 must display the Standard Mandatory DOD Notice and Consent Banner before granting local or remote access to the system via a Secure Shell (SSH) login. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | ACCESS CONTROL |
| RHEL-10-700100 - RHEL 10 must prevent special devices on file systems that are imported via Network File System (NFS). | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | ACCESS CONTROL |
| RHEL-10-700110 - RHEL 10 must prevent files with the "setuid" and "setgid" bit set from being executed on file systems that are imported via Network File System (NFS). | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | ACCESS CONTROL |
| RHEL-10-700115 - RHEL 10 must be configured so that the Network File System (NFS) is configured to use RPCSEC_GSS. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | ACCESS CONTROL |
| RHEL-10-700130 - RHEL 10 must prevent files with the "setuid" and "setgid" bit set from being executed on the "/boot/efi" directory. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | ACCESS CONTROL |
| RHEL-10-700800 - RHEL 10 must ensure effective dconf policy matches the policy keyfiles. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | ACCESS CONTROL |
| RHEL-10-800070 - RHEL 10 must not have unauthorized IP tunnels configured. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | ACCESS CONTROL |
| SLEM-05-212010 - SLEM 5 with a basic input/output system (BIOS) must require authentication upon booting into single-user and maintenance modes. | DISA SUSE Linux Enterprise Micro SLEM 5 STIG v1r4 | Unix | ACCESS CONTROL |
| SYMP-NM-000020 - Symantec ProxySG must be configured to enforce user authorization to implement least privilege. | DISA Symantec ProxySG Benchmark NDM v1r2 | BlueCoat | ACCESS CONTROL |
| UBTU-20-010009 - Ubuntu operating systems when booted must require authentication upon booting into single-user and maintenance modes. | DISA Canonical Ubuntu 20.04 LTS STIG v2r4 | Unix | ACCESS CONTROL |
| VCLU-80-000005 The vCenter Lookup service cookies must have secure flag set. | DISA VMware vSphere 8.0 vCenter Appliance Lookup Service STIG v2r1 | Unix | ACCESS CONTROL |
| VCLU-80-000129 The vCenter Lookup service cookies must have 'http-only' flag set. | DISA VMware vSphere 8.0 vCenter Appliance Lookup Service STIG v2r1 | Unix | ACCESS CONTROL |
| WN11-UR-000085 - The 'Deny log on locally' user right on workstations must be configured to prevent access from highly privileged domain accounts on domain systems and unauthenticated access on all systems. | DISA Microsoft Windows 11 STIG v2r7 | Windows | ACCESS CONTROL |
| WN16-DC-000401 - Windows Server 2016 must be configured for name-based strong mappings for certificates. | DISA Microsoft Windows Server 2016 STIG v2r10 | Windows | ACCESS CONTROL |
| WN22-DC-000360 - Windows Server 2022 Allow log on through Remote Desktop Services user right must only be assigned to the Administrators group on domain controllers. | DISA Microsoft Windows Server 2022 STIG v2r8 | Windows | ACCESS CONTROL |
| WN22-DC-000400 - Windows Server 2022 Deny log on locally user right on domain controllers must be configured to prevent unauthenticated access. | DISA Microsoft Windows Server 2022 STIG v2r8 | Windows | ACCESS CONTROL |
| WN25-DC-000340 - The Windows Server 2025 'Access this computer from the network' user right must only be assigned to the Administrators, Authenticated Users, and Enterprise Domain Controllers groups on domain controllers. | DISA Microsoft Windows Server 2025 STIG v1r1 | Windows | ACCESS CONTROL |
| WN25-MS-000070 - Windows Server 2025 'Access this computer from the network' user right must only be assigned to the Administrators and Authenticated Users groups on domain-joined member servers and stand-alone or nondomain-joined systems. | DISA Microsoft Windows Server 2025 STIG v1r1 | Windows | ACCESS CONTROL |
| WN25-MS-000090 - Windows Server 2025 Deny log on as a batch job user right on domain-joined member servers must be configured to prevent access from highly privileged domain accounts and from unauthenticated access on all systems. | DISA Microsoft Windows Server 2025 STIG v1r1 | Windows | ACCESS CONTROL |
| WN25-UR-000030 - The Windows Server 2025 'Allow log on locally' user right must only be assigned to the Administrators group. | DISA Microsoft Windows Server 2025 STIG v1r1 | Windows | ACCESS CONTROL |
