| 1.1 Ensure single sign-on (SSO) is configured for your account / organization | CIS Snowflake Foundations v1.0.0 L1 | Snowflake | ACCESS CONTROL |
| 1.1.5.4 Ensure enforce OAuth 2.0 for Office 365 calendar integration is set to enabled | CIS Zoom L2 v1.0.0 | Zoom | CONFIGURATION MANAGEMENT |
| 2.0 Install & Config - 'Disable FTP' | TNS NetApp Data ONTAP 7G | NetApp | CONFIGURATION MANAGEMENT |
| 2.0 Install & Config - 'Disable FTPS' | TNS NetApp Data ONTAP 7G | NetApp | CONFIGURATION MANAGEMENT |
| 2.0 Install & Config - 'Disable NDMP' | TNS NetApp Data ONTAP 7G | NetApp | CONFIGURATION MANAGEMENT |
| 2.0 Install & Config - 'Disable RIPv1' | TNS NetApp Data ONTAP 7G | NetApp | |
| 2.0 Install & Config - 'Disable RSH' | TNS NetApp Data ONTAP 7G | NetApp | CONFIGURATION MANAGEMENT |
| 2.0 Install & Config - 'Disable SFTP' | TNS NetApp Data ONTAP 7G | NetApp | CONFIGURATION MANAGEMENT |
| 2.0 Install & Config - 'Disable WebDav' | TNS NetApp Data ONTAP 7G | NetApp | CONFIGURATION MANAGEMENT |
| 2.0 Install & Config - 'Enable SSH' | TNS NetApp Data ONTAP 7G | NetApp | ACCESS CONTROL |
| 2.0 Install & Config - 'Enable SSL' | TNS NetApp Data ONTAP 7G | NetApp | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.0 Install & Config - 'Enable SSLv3' | TNS NetApp Data ONTAP 7G | NetApp | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.0 Install & Config - 'Enable TLSv1' | TNS NetApp Data ONTAP 7G | NetApp | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.2.13 Ensure SSH AllowTcpForwarding is disabled | CIS Amazon Linux 2023 Server L2 v1.0.0 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 4.3 Ensure that 'Enable key rotation reminders' is enabled for each Storage Account | CIS Microsoft Azure Foundations v3.0.0 L1 | microsoft_azure | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND INFORMATION INTEGRITY |
| 4.3 Set Security TLS Version Minimum | CIS Mozilla Firefox 38 ESR Windows L1 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.3 Set Security TLS Version Minimum | CIS Mozilla Firefox 38 ESR Linux L1 v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.4 Ensure that Storage Account Access Keys are Periodically Regenerated | CIS Microsoft Azure Foundations v3.0.0 L1 | microsoft_azure | ACCESS CONTROL, CONFIGURATION MANAGEMENT, MAINTENANCE |
| 5.1 Set 'Turn off Encryption Support' to 'Use TLS 1.1 and TLS 1.2' | CIS IE 10 v1.1.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.4 CIFS - 'cifs.smb2.client.enable = on' | TNS NetApp Data ONTAP 7G | NetApp | SYSTEM AND INFORMATION INTEGRITY |
| 5.4 CIFS - 'cifs.smb2.signing.required = on' | TNS NetApp Data ONTAP 7G | NetApp | SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.10 Ensure Weak SSL/TLS Ciphers Are Disabled | CIS PostgreSQL 13 OS v1.2.0 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.10 Ensure Weak SSL/TLS Ciphers Are Disabled | CIS PostgreSQL 14 OS v 1.2.0 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.5 Ensure TLS 1.0 is disabled | CIS IIS 7 L1 v1.8.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.10 Ensure that 'HTTP20enabled' is set to 'true' (if in use) | CIS Microsoft Azure Foundations v3.0.0 L1 | microsoft_azure | SYSTEM AND SERVICES ACQUISITION |
| 20.71 Ensure 'Windows PowerShell 2.0' is 'not installed' | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC | Windows | CONFIGURATION MANAGEMENT |
| 20.71 Ensure 'Windows PowerShell 2.0' is 'not installed' | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS | Windows | CONFIGURATION MANAGEMENT |
| 20.71 Ensure 'Windows PowerShell 2.0' is 'not installed' | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC | Windows | CONFIGURATION MANAGEMENT |
| 20.71 Ensure 'Windows PowerShell 2.0' is 'not installed' | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS | Windows | CONFIGURATION MANAGEMENT |
| 20.71 Ensure 'Windows PowerShell 2.0' is 'not installed' (STIG only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC | Windows | CONFIGURATION MANAGEMENT |
| 20.71 Ensure 'Windows PowerShell 2.0' is 'not installed' (STIG only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS | Windows | CONFIGURATION MANAGEMENT |
| Disable new DMA devices when this computer is locked | MSCT Windows 10 v2004 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Disable new DMA devices when this computer is locked | MSCT Windows 10 v20H2 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Disable new DMA devices when this computer is locked | MSCT Windows 10 v21H2 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Disable new DMA devices when this computer is locked | MSCT Windows 10 v22H2 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Disable new DMA devices when this computer is locked | MSCT Windows 11 v22H2 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Disable new DMA devices when this computer is locked | MSCT Windows 11 v23H2 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| F5BI-AP-000211 - The BIG-IP APM module must conform to FICAM-issued profiles. | DISA F5 BIG-IP Access Policy Manager STIG v2r3 | F5 | IDENTIFICATION AND AUTHENTICATION |
| F5BI-LT-000211 - The BIG-IP Core implementation must be able to conform to FICAM-issued profiles when providing authentication to virtual servers. | DISA F5 BIG-IP Local Traffic Manager STIG v2r3 | F5 | IDENTIFICATION AND AUTHENTICATION |
| FFOX-00-000002 - Firefox must be configured to allow only TLS 1.2 or above. | DISA STIG Mozilla Firefox MacOS v6r5 | Unix | ACCESS CONTROL |
| FFOX-00-000002 - Firefox must be configured to allow only TLS 1.2 or above. | DISA STIG Mozilla Firefox Windows v6r5 | Windows | ACCESS CONTROL |
| FFOX-00-000002 - Firefox must be configured to allow only TLS 1.2 or above. | DISA STIG Mozilla Firefox Linux v6r5 | Unix | ACCESS CONTROL |
| SYMP-AG-000430 - Symantec ProxySG providing user authentication intermediary services must conform to Federal Identity, Credential, and Access Management (FICAM)-issued profiles. | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | IDENTIFICATION AND AUTHENTICATION |
| VM : verify-PCI-Passthrough | VMWare vSphere 6.5 Hardening Guide | VMware | CONFIGURATION MANAGEMENT |
| VM : verify-PCI-Passthrough | VMWare vSphere 6.0 Hardening Guide | VMware | CONFIGURATION MANAGEMENT |
| WN12-00-000220 - Windows PowerShell 2.0 must not be installed on Windows 2012/2012 R2. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN12-00-000220 - Windows PowerShell 2.0 must not be installed on Windows 2012/2012 R2. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN16-00-000420 - Windows PowerShell 2.0 must not be installed. | DISA Windows Server 2016 STIG v2r9 | Windows | CONFIGURATION MANAGEMENT |
| WN19-00-000410 - Windows Server 2019 must not have Windows PowerShell 2.0 installed. | DISA Microsoft Windows Server 2019 STIG v3r3 | Windows | CONFIGURATION MANAGEMENT |
| WN22-00-000410 - Windows Server 2022 must not have Windows PowerShell 2.0 installed. | DISA Microsoft Windows Server 2022 STIG v2r3 | Windows | CONFIGURATION MANAGEMENT |
