| 1.6.3 Create network segmentation using Network Policies | CIS Kubernetes 1.13 Benchmark v1.4.0 L2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.6.3 Create network segmentation using Network Policies | CIS Kubernetes 1.13 Benchmark v1.4.1 L2 | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 2.3.10.6 (L1) Ensure 'Network access: Named Pipes that can be accessed anonymously' is set to 'None' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 2.3.10.6 Configure 'Network access: Named Pipes that can be accessed anonymously' (DC only) | CIS Windows Server 2012 DC L1 v2.2.0 | Windows | |
| 2.3.10.6 Configure 'Network access: Named Pipes that can be accessed anonymously' (DC only) | CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.0 | Windows | |
| 2.3.10.6 Configure 'Network access: Named Pipes that can be accessed anonymously' (DC only) | CIS Microsoft Windows Server 2016 DC L1 v1.3.0 | Windows | |
| 2.3.10.6 Configure 'Network access: Named Pipes that can be accessed anonymously' (DC only) | CIS Windows Server 2012 R2 DC L1 v2.4.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3.10.6 Configure 'Network access: Named Pipes that can be accessed anonymously' (DC only) | CIS Microsoft Windows Server 2016 DC L1 v1.2.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3.10.6 Ensure 'Network access: Named Pipes that can be accessed anonymously' is set to 'None' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 2.3.10.7 Configure 'Network access: Named Pipes that can be accessed anonymously' (MS only) | CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.2.0 | Windows | |
| 2.3.10.7 Configure 'Network access: Named Pipes that can be accessed anonymously' (MS only) | CIS Microsoft Windows Server 2016 MS L1 v1.3.0 | Windows | |
| 2.3.10.7 Configure 'Network access: Named Pipes that can be accessed anonymously' (MS only) | CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.0 | Windows | |
| 2.3.10.7 Configure 'Network access: Named Pipes that can be accessed anonymously' (MS only) | CIS Windows Server 2012 R2 MS L1 v2.4.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3.10.7 Configure 'Network access: Named Pipes that can be accessed anonymously' (MS only) | CIS Microsoft Windows Server 2016 MS L1 v1.2.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 3.10 Ensure Private Endpoints are used to access Storage Accounts | CIS Microsoft Azure Foundations v2.1.0 L1 | microsoft_azure | CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.3.2 Ensure that all Namespaces have Network Policies defined | CIS Google Kubernetes Engine (GKE) v1.5.0 L2 | GCP | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.5.1 Ensure That 'Firewalls & Networks' Is Limited to Use Selected Networks Instead of All Networks | CIS Microsoft Azure Foundations v2.1.0 L2 | microsoft_azure | SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.5.2 Ensure That Private Endpoints Are Used Where Possible | CIS Microsoft Azure Foundations v2.1.0 L2 | microsoft_azure | CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.2.4 Minimize the admission of containers wishing to share the host network namespace | CIS Kubernetes v1.20 Benchmark v1.0.0 L1 Master | Unix | CONFIGURATION MANAGEMENT |
| 5.3.2 Ensure that all Namespaces have Network Policies defined | CIS Kubernetes Benchmark v1.5.1 L2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.6.2 Ensure use of VPC-native clusters | CIS Google Kubernetes Engine (GKE) v1.5.0 L1 | GCP | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.21 Ensure that the host's UTS namespace is not shared | CIS Docker v1.6.0 L1 Docker Linux | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.3 Ensure storage area network (SAN) resources are segregated properly | CIS VMware ESXi 6.7 v1.3.0 Level 1 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.3 Ensure storage area network (SAN) resources are segregated properly | CIS VMware ESXi 6.5 v1.0.0 Level 1 | VMware | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 7.9 Ensure that management plane traffic is separated from data plane traffic | CIS Docker v1.6.0 L1 Docker Swarm | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 8.7 Ensure that Private Endpoints are Used for Azure Key Vault | CIS Microsoft Azure Foundations v2.1.0 L2 | microsoft_azure | CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.9.35.1 (L1) Ensure 'Prevent the computer from joining a homegroup' is set to 'Enabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 18.9.35.1 Ensure 'Prevent the computer from joining a homegroup' is set to 'Enabled' | CIS Microsoft Windows 10 Enterprise (Release 1909) v1.8.1 L1 | Windows | |
| 18.9.35.1 Ensure 'Prevent the computer from joining a homegroup' is set to 'Enabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
