| 1.3.1 Ensure AIDE is installed | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 1.3.2 Ensure filesystem integrity is regularly checked - cron | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 1.3.2 Ensure filesystem integrity is regularly checked - mail | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 1.12.3 Registry policy processing (NoGPOListChanges) - Domain Controller | CIS Windows 2008 Enterprise v1.2.0 | Windows | CONFIGURATION MANAGEMENT |
| 3.8 Ensure rotation for customer created CMKs is enabled | CIS Amazon Web Services Foundations L2 1.3.0 | amazon_aws | CONFIGURATION MANAGEMENT |
| 3.080 - The system is configured to prevent background refresh of Group Policy. | DISA Windows Server 2008 MS STIG v6r46 | Windows | CONFIGURATION MANAGEMENT |
| 3.080 - The system will be configured to enable the background refresh of Group Policy. | DISA Windows Server 2008 R2 MS STIG v1r33 | Windows | CONFIGURATION MANAGEMENT |
| 3.112 - Group Policy objects are not reprocessed if they have not changed. | DISA Windows 7 STIG v1r32 | Windows | CONFIGURATION MANAGEMENT |
| 3.112 - Group Policy objects are not reprocessed if they have not changed. | DISA Windows Server 2008 DC STIG v6r47 | Windows | CONFIGURATION MANAGEMENT |
| 3.112 - Group Policy objects are not reprocessed if they have not changed. | DISA Windows Server 2008 MS STIG v6r46 | Windows | CONFIGURATION MANAGEMENT |
| 3.112 - Group Policy objects will be reprocessed even if they have not changed. | DISA Windows Server 2008 R2 MS STIG v1r33 | Windows | CONFIGURATION MANAGEMENT |
| 3.1010 - The rsyslog daemon must not accept log messages from other servers unless the server is being used for log aggregation. | Tenable Fedora Linux Best Practices v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 9.1.4 (L1) Ensure 'Windows Firewall: Domain: Settings: Display a notification' is set to 'No' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT |
| 9.1.4 Ensure 'Windows Firewall: Domain: Settings: Display a notification' is set to 'No' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT |
| 9.2.4 (L1) Ensure 'Windows Firewall: Private: Settings: Display a notification' is set to 'No' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT |
| 9.2.4 Ensure 'Windows Firewall: Private: Settings: Display a notification' is set to 'No' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT |
| 9.3.4 (L1) Ensure 'Windows Firewall: Public: Settings: Display a notification' is set to 'No' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT |
| 9.3.4 Ensure 'Windows Firewall: Public: Settings: Display a notification' is set to 'No' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT |
| 9.3.5 (L1) Ensure 'Windows Firewall: Public: Settings: Apply local firewall rules' is set to 'No' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT |
| 9.3.5 Ensure 'Windows Firewall: Public: Settings: Apply local firewall rules' is set to 'No' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT |
| 9.3.6 (L1) Ensure 'Windows Firewall: Public: Settings: Apply local connection security rules' is set to 'No' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT |
| 9.3.6 Ensure 'Windows Firewall: Public: Settings: Apply local connection security rules' is set to 'No' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT |
| 18.8.21.1 Ensure 'Configure registry policy processing: Do not apply during periodic background processing' is set to 'Enabled: FALSE' | CIS Windows Server 2012 R2 MS L1 v2.4.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.8.21.1 Ensure 'Configure registry policy processing: Do not apply during periodic background processing' is set to 'Enabled: FALSE' | CIS Windows Server 2012 R2 DC L1 v2.4.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.8.21.2 Ensure 'Configure registry policy processing: Do not apply during periodic background processing' is set to 'Enabled: FALSE' | CIS Microsoft Windows 8.1 L1 v2.3.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.8.21.2 Ensure 'Configure registry policy processing: Do not apply during periodic background processing' is set to 'Enabled: FALSE' | CIS Microsoft Windows 8.1 L1 Bitlocker v2.3.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.8.21.2 Ensure 'Configure registry policy processing: Do not apply during periodic background processing' is set to 'Enabled: FALSE' | CIS Windows Server 2012 MS L1 v2.1.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.8.21.2 Ensure 'Configure registry policy processing: Do not apply during periodic background processing' is set to 'Enabled: FALSE' | CIS Windows Server 2012 DC L1 v2.1.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.8.21.2 Ensure 'Configure registry policy processing: Do not apply during periodic background processing' is set to 'Enabled: FALSE' | CIS Microsoft Windows Server 2016 MS L1 v1.2.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.8.21.2 Ensure 'Configure registry policy processing: Do not apply during periodic background processing' is set to 'Enabled: FALSE' | CIS Microsoft Windows Server 2016 DC L1 v1.2.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.8.21.2 Ensure 'Configure registry policy processing: Process even if the Group Policy objects have not changed' is set to 'Enabled: TRUE' | CIS Windows Server 2012 R2 DC L1 v2.4.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.8.21.2 Ensure 'Configure registry policy processing: Process even if the Group Policy objects have not changed' is set to 'Enabled: TRUE' | CIS Windows Server 2012 R2 MS L1 v2.4.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.8.21.3 Ensure 'Configure registry policy processing: Process even if the Group Policy objects have not changed' is set to 'Enabled: TRUE' | CIS Microsoft Windows 8.1 L1 Bitlocker v2.3.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.8.21.3 Ensure 'Configure registry policy processing: Process even if the Group Policy objects have not changed' is set to 'Enabled: TRUE' | CIS Microsoft Windows 8.1 L1 v2.3.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.8.21.3 Ensure 'Configure registry policy processing: Process even if the Group Policy objects have not changed' is set to 'Enabled: TRUE' | CIS Windows Server 2012 MS L1 v2.1.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.8.21.3 Ensure 'Configure registry policy processing: Process even if the Group Policy objects have not changed' is set to 'Enabled: TRUE' | CIS Windows Server 2012 DC L1 v2.1.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.8.21.3 Ensure 'Configure registry policy processing: Process even if the Group Policy objects have not changed' is set to 'Enabled: TRUE' | CIS Microsoft Windows Server 2016 MS L1 v1.2.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.8.21.3 Ensure 'Configure registry policy processing: Process even if the Group Policy objects have not changed' is set to 'Enabled: TRUE' | CIS Microsoft Windows Server 2016 DC L1 v1.2.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.8.21.3 Ensure 'Turn off background refresh of Group Policy' is set to 'Disabled' | CIS Windows Server 2012 R2 MS L1 v2.4.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.8.21.3 Ensure 'Turn off background refresh of Group Policy' is set to 'Disabled' | CIS Windows Server 2012 R2 DC L1 v2.4.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.8.21.4 Ensure 'Turn off background refresh of Group Policy' is set to 'Disabled' | CIS Windows Server 2012 R2 DC L1 v2.5.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.8.21.4 Ensure 'Turn off background refresh of Group Policy' is set to 'Disabled' | CIS Microsoft Windows 8.1 L1 Bitlocker v2.3.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.8.21.5 Ensure 'Turn off background refresh of Group Policy' is set to 'Disabled' | CIS Microsoft Windows Server 2016 DC L1 v1.2.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.8.21.5 Ensure 'Turn off background refresh of Group Policy' is set to 'Disabled' | CIS Microsoft Windows Server 2016 MS L1 v1.2.0 | Windows | CONFIGURATION MANAGEMENT |
| Big Sur - Configure the System to Notify upon Baseline Configuration Changes | NIST macOS Big Sur v1.4.0 - All Profiles | Unix | CONFIGURATION MANAGEMENT |
| Catalina - Configure the System to Notify upon Baseline Configuration Changes | NIST macOS Catalina v1.5.0 - All Profiles | Unix | CONFIGURATION MANAGEMENT |
| KMS: customer created CMKs - 'key rotation is enabled' | Tenable AWS Best Practice Audit | amazon_aws | CONFIGURATION MANAGEMENT |
| Monterey - Configure the System to Notify upon Baseline Configuration Changes | NIST macOS Monterey v1.0.0 - All Profiles | Unix | CONFIGURATION MANAGEMENT |
| OL07-00-020028 - The Oracle Linux operating system must be configured to allow sending email notifications of unauthorized configuration changes to designated personnel. | DISA Oracle Linux 7 STIG v2r14 | Unix | CONFIGURATION MANAGEMENT |
| SLES-12-010498 - The SUSE operating system must be configured to allow sending email notifications of unauthorized configuration changes to designated personnel. | DISA SLES 12 STIG v2r13 | Unix | CONFIGURATION MANAGEMENT |
