| APPL-14-002008 - The macOS system must disable the built-in web server. | DISA Apple macOS 14 (Sonoma) STIG v2r1 | Unix | ACCESS CONTROL |
| APPL-14-005070 - The macOS system must enable Authenticated Root. | DISA Apple macOS 14 (Sonoma) STIG v2r1 | Unix | ACCESS CONTROL |
| APPL-15-000033 - The macOS system must disable FileVault automatic login. | DISA Apple macOS 15 (Sequoia) STIG v1r1 | Unix | ACCESS CONTROL |
| APPL-15-002003 - The macOS system must disable Network File System (NFS) service. | DISA Apple macOS 15 (Sequoia) STIG v1r1 | Unix | ACCESS CONTROL |
| APPL-15-002100 - The macOS system must disable Media Sharing. | DISA Apple macOS 15 (Sequoia) STIG v1r1 | Unix | ACCESS CONTROL |
| CD12-00-000900 - PostgreSQL must enforce approved authorizations for logical access to information and system resources in accordance with applicable access control policies. | DISA STIG Crunchy Data PostgreSQL OS v3r1 | Unix | ACCESS CONTROL |
| CNTR-K8-000300 - The Kubernetes Scheduler must have secure binding. | DISA STIG Kubernetes v2r1 | Unix | ACCESS CONTROL |
| CNTR-K8-000310 - The Kubernetes Controller Manager must have secure binding. | DISA STIG Kubernetes v2r1 | Unix | ACCESS CONTROL |
| CNTR-K8-000320 - The Kubernetes API server must have the insecure port flag disabled. | DISA STIG Kubernetes v2r1 | Unix | ACCESS CONTROL |
| CNTR-K8-000350 - The Kubernetes API server must have the secure port set. | DISA STIG Kubernetes v2r1 | Unix | ACCESS CONTROL |
| CNTR-K8-000370 - The Kubernetes Kubelet must have anonymous authentication disabled. | DISA STIG Kubernetes v2r1 | Unix | ACCESS CONTROL |
| CNTR-K8-000400 - Kubernetes Worker Nodes must not have sshd service running. | DISA STIG Kubernetes v2r1 | Unix | ACCESS CONTROL |
| CNTR-K8-000430 - Kubernetes Kubectl cp command must give expected access and results. | DISA STIG Kubernetes v2r1 | Unix | ACCESS CONTROL |
| CNTR-K8-000440 - The Kubernetes kubelet staticPodPath must not enable static pods. | DISA STIG Kubernetes v2r1 | Unix | ACCESS CONTROL |
| CNTR-K8-000450 - Kubernetes DynamicAuditing must not be enabled - manifest | DISA STIG Kubernetes v2r1 | Unix | ACCESS CONTROL |
| CNTR-K8-000460 - Kubernetes DynamicKubeletConfig must not be enabled - kubelet | DISA STIG Kubernetes v2r1 | Unix | ACCESS CONTROL |
| CNTR-K8-000460 - Kubernetes DynamicKubeletConfig must not be enabled - manifest | DISA STIG Kubernetes v2r1 | Unix | ACCESS CONTROL |
| CNTR-K8-000470 - The Kubernetes API server must have Alpha APIs disabled. | DISA STIG Kubernetes v2r1 | Unix | ACCESS CONTROL |
| EX19-MB-000020 Exchange must have authenticated access set to integrated Windows authentication only. | DISA Microsoft Exchange 2019 Mailbox Server STIG v2r1 | Windows | ACCESS CONTROL |
| JUEX-NM-000060 - The Juniper EX switch must be configured to assign appropriate user roles or access levels to authenticated users. | DISA Juniper EX Series Network Device Management v2r1 | Juniper | ACCESS CONTROL |
| MADB-10-000300 - MariaDB must enforce approved authorizations for logical access to information and system resources in accordance with applicable access control policies. | DISA MariaDB Enterprise 10.x v2r1 DB | MySQLDB | ACCESS CONTROL |
| MYS8-00-005400 - The MySQL Database Server 8.0 must enforce approved authorizations for logical access to information and system resources in accordance with applicable access control policies. | DISA Oracle MySQL 8.0 v2r1 DB | MySQLDB | ACCESS CONTROL |
| OL07-00-010492 - Oracle Linux operating systems version 7.2 or newer booted with United Extensible Firmware Interface (UEFI) must have a unique name for the grub superusers account when booting into single-user mode and maintenance. | DISA Oracle Linux 7 STIG v2r14 | Unix | ACCESS CONTROL |
| OL08-00-010140 - OL 8 operating systems booted with United Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user mode and maintenance. | DISA Oracle Linux 8 STIG v2r1 | Unix | ACCESS CONTROL |
| OL08-00-010149 - OL 8 operating systems booted with a BIOS must have a unique name for the grub superusers account when booting into single-user and maintenance modes. | DISA Oracle Linux 8 STIG v2r1 | Unix | ACCESS CONTROL |
| OL08-00-010150 - OL 8 operating systems booted with a BIOS must require authentication upon booting into single-user and maintenance modes. | DISA Oracle Linux 8 STIG v2r1 | Unix | ACCESS CONTROL |
| OL08-00-010152 - OL 8 operating systems must require authentication upon booting into emergency mode. | DISA Oracle Linux 8 STIG v2r1 | Unix | ACCESS CONTROL |
| PHTN-67-000124 - The Photon operating system must enforce approved authorizations for logical access to information and system resources in accordance with applicable access control policies. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | ACCESS CONTROL |
| RHEL-08-010141 - RHEL 8 operating systems booted with United Extensible Firmware Interface (UEFI) must require a unique superusers name upon booting into single-user mode and maintenance. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | ACCESS CONTROL |
| RHEL-08-010150 - RHEL 8 operating systems booted with a BIOS must require authentication upon booting into single-user and maintenance modes. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | ACCESS CONTROL |
| RHEL-08-010151 - RHEL 8 operating systems must require authentication upon booting into rescue mode. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | ACCESS CONTROL |
| RHEL-08-010152 - RHEL 8 operating systems must require authentication upon booting into emergency mode. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | ACCESS CONTROL |
| RHEL-09-611195 - RHEL 9 must require authentication to access emergency mode. | DISA Red Hat Enterprise Linux 9 STIG v2r2 | Unix | ACCESS CONTROL |
| SLES-15-010200 - SUSE operating systems with Unified Extensible Firmware Interface (UEFI) implemented must require authentication upon booting into single-user mode and maintenance. | DISA SLES 15 STIG v2r1 | Unix | ACCESS CONTROL |
| VCLU-80-000005 The vCenter Lookup service cookies must have secure flag set. | DISA VMware vSphere 8.0 vCenter Appliance Lookup Service STIG v2r1 | Unix | ACCESS CONTROL |
| VCLU-80-000129 The vCenter Lookup service cookies must have 'http-only' flag set. | DISA VMware vSphere 8.0 vCenter Appliance Lookup Service STIG v2r1 | Unix | ACCESS CONTROL |
| VCPF-80-000005 The vCenter Perfcharts service cookies must have secure flag set. | DISA VMware vSphere 8.0 vCenter Appliance Perfcharts STIG v2r1 | Unix | ACCESS CONTROL |
| VCPF-80-000130 The vCenter Perfcharts service DefaultServlet must be set to 'readonly' for 'PUT' and 'DELETE' commands. | DISA VMware vSphere 8.0 vCenter Appliance Perfcharts STIG v2r1 | Unix | ACCESS CONTROL |
| VCUI-80-000005 The vCenter UI service cookies must have secure flag set. | DISA VMware vSphere 8.0 vCenter Appliance User Interface (UI) STIG v2r1 | Unix | ACCESS CONTROL |
| WBSP-AS-000212 - The WebSphere Application Server Java 2 security must not be bypassed. | DISA IBM WebSphere Traditional 9 STIG v1r1 | Unix | ACCESS CONTROL |
| WN11-UR-000010 - The 'Access this computer from the network' user right must only be assigned to the Administrators and Remote Desktop Users groups. | DISA Windows 11 STIG v2r2 | Windows | ACCESS CONTROL |
| WN11-UR-000070 - The 'Deny access to this computer from the network' user right on workstations must be configured to prevent access from highly privileged domain accounts and local accounts on domain systems and unauthenticated access on all systems. | DISA Windows 11 STIG v2r2 | Windows | ACCESS CONTROL |
| WN11-UR-000075 - The 'Deny log on as a batch job' user right on domain-joined workstations must be configured to prevent access from highly privileged domain accounts. | DISA Windows 11 STIG v2r2 | Windows | ACCESS CONTROL |
| WN11-UR-000085 - The 'Deny log on locally' user right on workstations must be configured to prevent access from highly privileged domain accounts on domain systems and unauthenticated access on all systems. | DISA Windows 11 STIG v2r2 | Windows | ACCESS CONTROL |
| WN22-00-000180 - Windows Server 2022 nonadministrative accounts or groups must only have print permissions on printer shares. | DISA Windows Server 2022 STIG v2r2 | Windows | ACCESS CONTROL |
| WN22-DC-000360 - Windows Server 2022 Allow log on through Remote Desktop Services user right must only be assigned to the Administrators group on domain controllers. | DISA Windows Server 2022 STIG v2r2 | Windows | ACCESS CONTROL |
| WN22-DC-000370 - Windows Server 2022 Deny access to this computer from the network user right on domain controllers must be configured to prevent unauthenticated access. | DISA Windows Server 2022 STIG v2r2 | Windows | ACCESS CONTROL |
| WN22-DC-000380 - Windows Server 2022 Deny log on as a batch job user right on domain controllers must be configured to prevent unauthenticated access. | DISA Windows Server 2022 STIG v2r2 | Windows | ACCESS CONTROL |
| WN22-DC-000390 - Windows Server 2022 Deny log on as a service user right must be configured to include no accounts or groups (blank) on domain controllers. | DISA Windows Server 2022 STIG v2r2 | Windows | ACCESS CONTROL |
| WN22-MS-000100 - Windows Server 2022 Deny log on as a service user right on domain-joined member servers must be configured to prevent access from highly privileged domain accounts. No other groups or accounts must be assigned this right. | DISA Windows Server 2022 STIG v2r2 | Windows | ACCESS CONTROL |
