| 1.4 Ensure 'application pool identity' is configured for all application pools | CIS IIS 10 v1.2.1 Level 1 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.1 (L1) Ensure 'Access Credential Manager as a trusted caller' is set to 'No One' | CIS Microsoft Windows 10 Enterprise v3.0.0 L1 + BL + NG | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.23 (L1) Ensure 'Generate security audits' is set to 'LOCAL SERVICE, NETWORK SERVICE' | CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.30 (L1) Ensure 'Generate security audits' is set to 'LOCAL SERVICE, NETWORK SERVICE' | CIS Windows Server 2012 R2 MS L1 v3.0.0 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.30 (L1) Ensure 'Generate security audits' is set to 'LOCAL SERVICE, NETWORK SERVICE' | CIS Windows Server 2012 R2 DC L1 v3.0.0 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.21 Ensure that 'Users can create Microsoft 365 groups in Azure portals, API or PowerShell' is set to 'No' | CIS Microsoft Azure Foundations v3.0.0 L2 | microsoft_azure | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.8 Ensure Handler is not granted Write and Script/Execute - Default | CIS IIS 10 v1.2.1 Level 1 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 5.1.3 Minimize wildcard use in Roles and ClusterRoles - clusterroles | CIS Kubernetes v1.20 Benchmark v1.0.1 L1 Worker | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 5.1.4 Minimize access to create pods | CIS Kubernetes v1.23 Benchmark v1.0.1 L1 Master | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 74.1 (L1) Ensure 'Access Credential Manager As Trusted Caller' is set to 'No One' | CIS Microsoft Intune for Windows 11 v3.0.1 L1 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 74.17 (L1) Ensure 'Generate Security Audits' is set to 'LOCAL SERVICE, NETWORK SERVICE' | CIS Microsoft Intune for Windows 10 v3.0.1 L1 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 74.17 (L1) Ensure 'Generate Security Audits' is set to 'LOCAL SERVICE, NETWORK SERVICE' | CIS Microsoft Intune for Windows 11 v3.0.1 L1 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| APPL-11-001017 - The macOS system must be configured with audit log folders set to mode 700 or less permissive. | DISA STIG Apple macOS 11 v1r5 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-11-001017 - The macOS system must be configured with audit log folders set to mode 700 or less permissive. | DISA STIG Apple macOS 11 v1r8 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-12-001017 - The macOS system must be configured with audit log folders set to mode 700 or less permissive. | DISA STIG Apple macOS 12 v1r9 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002680 - System audit logs must be owned by root. | DISA STIG for Oracle Linux 5 v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002700 - System audit logs must have mode 0640 or less permissive. | DISA STIG for Oracle Linux 5 v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002710 - All system audit files must not have extended ACLs. | DISA STIG Solaris 10 SPARC v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002710 - All system audit files must not have extended ACLs. | DISA STIG Solaris 10 X86 v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002715 - System audit tool executables must be owned by root - /usr/sbin/audit | DISA STIG Solaris 10 X86 v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002715 - System audit tool executables must be owned by root - /usr/sbin/auditd | DISA STIG Solaris 10 X86 v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002715 - System audit tool executables must be owned by root - /usr/sbin/bsmrecord | DISA STIG Solaris 10 X86 v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002715 - System audit tool executables must be owned by root - /usr/sbin/bsmrecord | DISA STIG Solaris 10 SPARC v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002715 - System audit tool executables must be owned by root - /usr/sbin/praudit | DISA STIG Solaris 10 SPARC v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002716 - System audit tool executables must be group-owned by root, bin, or sys - /usr/sbin/auditconfig | DISA STIG Solaris 10 X86 v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002716 - System audit tool executables must be group-owned by root, bin, or sys - /usr/sbin/auditconfig | DISA STIG Solaris 10 SPARC v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002716 - System audit tool executables must be group-owned by root, bin, or sys - /usr/sbin/auditd | DISA STIG Solaris 10 X86 v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002717 - System audit tool executables must have mode 0750 or less permissive - /usr/sbin/audit | DISA STIG Solaris 10 X86 v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002717 - System audit tool executables must have mode 0750 or less permissive - /usr/sbin/auditconfig | DISA STIG Solaris 10 SPARC v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002717 - System audit tool executables must have mode 0750 or less permissive - /usr/sbin/auditd | DISA STIG Solaris 10 SPARC v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002717 - System audit tool executables must have mode 0750 or less permissive - /usr/sbin/praudit | DISA STIG Solaris 10 SPARC v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002718 - System audit tool executables must not have extended ACLs - '/sbin/audispd' | DISA STIG for Oracle Linux 5 v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002718 - System audit tool executables must not have extended ACLs - '/sbin/auditd' | DISA STIG for Oracle Linux 5 v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002718 - System audit tool executables must not have extended ACLs - '/sbin/aureport' | DISA STIG for Oracle Linux 5 v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN003180 - The cronlog file must have mode 0600 or less permissive. | DISA STIG Solaris 10 SPARC v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
| MD4X-00-000200 - The audit information produced by MongoDB must be protected from unauthorized access. | DISA STIG MongoDB Enterprise Advanced 4.x v1r4 OS | Unix | AUDIT AND ACCOUNTABILITY |
| OL08-00-030070 - OL 8 audit logs must have a mode of '0600' or less permissive to prevent unauthorized read access. | DISA Oracle Linux 8 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| OL08-00-030110 - The OL 8 audit log directory must be group-owned by root to prevent unauthorized read access. | DISA Oracle Linux 8 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| OL08-00-030630 - OL 8 audit tools must be owned by root. | DISA Oracle Linux 8 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| OL08-00-030640 - OL 8 audit tools must be group-owned by root. | DISA Oracle Linux 8 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| PHTN-40-000026 The Photon operating system must protect audit logs from unauthorized access. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-09-654275 - RHEL 9 audit system must protect auditing rules from unauthorized change. | DISA Red Hat Enterprise Linux 9 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| SLES-15-030600 - The SUSE operating system must protect audit rules from unauthorized modification. | DISA SLES 15 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-22-653050 - Ubuntu 22.04 LTS must be configured to permit only authorized users ownership of the audit log files. | DISA STIG Canonical Ubuntu 22.04 LTS v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| VCLD-67-000011 - VAMI log files must only be accessible by privileged users - access.log | DISA STIG VMware vSphere 6.7 VAMI-lighttpd v1r3 | Unix | AUDIT AND ACCOUNTABILITY |
| VCLD-70-000007 - VAMI log files must only be accessible by privileged users. | DISA STIG VMware vSphere 7.0 VAMI v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| VCLD-80-000019 The vCenter VAMI service log files must only be accessible by privileged users. | DISA VMware vSphere 8.0 vCenter Appliance Management Interface (VAMI) STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| VCLU-80-000025 The vCenter Lookup service logs folder permissions must be set correctly. | DISA VMware vSphere 8.0 vCenter Appliance Lookup Service STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| VCUI-67-000007 - vSphere UI log files must only be accessible by privileged users. | DISA STIG VMware vSphere 6.7 UI Tomcat v1r3 | Unix | AUDIT AND ACCOUNTABILITY |
| VCUI-80-000025 The vCenter UI service must protect logs from unauthorized access. | DISA VMware vSphere 8.0 vCenter Appliance User Interface (UI) STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
