| 17.7.3 Ensure 'Audit Audit Policy Change' is set to include 'Success and Failure' (STIG only) | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC | Windows | AUDIT AND ACCOUNTABILITY |
| 18.9.31.2 (L1) Ensure 'Turn off Data Execution Prevention for Explorer' is set to 'Disabled' | CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MS | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.9.1.3 (BL) Ensure 'Choose how BitLocker-protected fixed drives can be recovered: Allow data recovery agent' is set to 'Enabled: True' | CIS Microsoft Windows 10 Enterprise v3.0.0 L1 + BL | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.10.9.1.3 (BL) Ensure 'Choose how BitLocker-protected fixed drives can be recovered: Allow data recovery agent' is set to 'Enabled: True' | CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.10.9.1.3 (BL) Ensure 'Choose how BitLocker-protected fixed drives can be recovered: Allow data recovery agent' is set to 'Enabled: True' | CIS Microsoft Windows 11 Stand-alone v3.0.0 L1 + BL | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.10.9.1.3 (BL) Ensure 'Choose how BitLocker-protected fixed drives can be recovered: Allow data recovery agent' is set to 'Enabled: True' | CIS Microsoft Windows 10 Enterprise v3.0.0 BL | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.10.9.1.12 (BL) Ensure 'Configure use of smart cards on fixed data drives' is set to 'Enabled' | CIS Microsoft Windows 10 Enterprise v3.0.0 L2 + BL + NG | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.10.9.1.12 (BL) Ensure 'Configure use of smart cards on fixed data drives' is set to 'Enabled' | CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.10.9.1.12 (BL) Ensure 'Configure use of smart cards on fixed data drives' is set to 'Enabled' | CIS Microsoft Windows 10 Stand-alone v3.0.0 L2 BL | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.10.9.1.12 (BL) Ensure 'Configure use of smart cards on fixed data drives' is set to 'Enabled' | CIS Microsoft Windows 10 Enterprise v3.0.0 BL | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.10.9.3.3 (BL) Ensure 'Choose how BitLocker-protected removable drives can be recovered: Allow data recovery agent' is set to 'Enabled: True' | CIS Microsoft Windows 10 Enterprise v3.0.0 BL | Windows | MEDIA PROTECTION |
| 18.10.9.3.3 (BL) Ensure 'Choose how BitLocker-protected removable drives can be recovered: Allow data recovery agent' is set to 'Enabled: True' | CIS Microsoft Windows 10 Enterprise v3.0.0 L2 + BL | Windows | MEDIA PROTECTION |
| 18.10.9.3.3 (BL) Ensure 'Choose how BitLocker-protected removable drives can be recovered: Allow data recovery agent' is set to 'Enabled: True' | CIS Microsoft Windows 10 Enterprise v3.0.0 L2 + BL + NG | Windows | MEDIA PROTECTION |
| 18.10.9.3.11 (BL) Ensure 'Configure use of passwords for removable data drives' is set to 'Disabled' | CIS Microsoft Windows 10 Enterprise v3.0.0 L1 + BL | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.10.9.3.11 (BL) Ensure 'Configure use of passwords for removable data drives' is set to 'Disabled' | CIS Microsoft Windows 10 Enterprise v3.0.0 L2 + BL | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.10.9.3.11 (BL) Ensure 'Configure use of passwords for removable data drives' is set to 'Disabled' | CIS Microsoft Windows 10 Stand-alone v3.0.0 BL | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.10.9.3.11 (BL) Ensure 'Configure use of passwords for removable data drives' is set to 'Disabled' | CIS Microsoft Windows 10 Stand-alone v3.0.0 L2 BL | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.10.9.3.11 (BL) Ensure 'Configure use of passwords for removable data drives' is set to 'Disabled' | CIS Microsoft Windows 11 Stand-alone v3.0.0 BL | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.10.9.3.12 (BL) Ensure 'Configure use of smart cards on removable data drives' is set to 'Enabled' | CIS Microsoft Windows 10 Enterprise v3.0.0 L2 + BL | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.10.9.3.12 (BL) Ensure 'Configure use of smart cards on removable data drives' is set to 'Enabled' | CIS Microsoft Windows 10 Enterprise v3.0.0 BL | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.10.9.3.12 (BL) Ensure 'Configure use of smart cards on removable data drives' is set to 'Enabled' | CIS Microsoft Windows 10 Enterprise v3.0.0 L1 + BL | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.10.10.1.3 (BL) Ensure 'Choose how BitLocker-protected fixed drives can be recovered: Allow data recovery agent' is set to 'Enabled: True' | CIS Microsoft Windows 11 Enterprise v4.0.0 L2 BitLocker | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.10.10.1.3 (BL) Ensure 'Choose how BitLocker-protected fixed drives can be recovered: Allow data recovery agent' is set to 'Enabled: True' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.10.10.3.12 (BL) Ensure 'Configure use of smart cards on removable data drives' is set to 'Enabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 BitLocker | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.10.28.2 Ensure 'Turn off Data Execution Prevention for Explorer' is set to 'Disabled' | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.28.2 Ensure 'Turn off Data Execution Prevention for Explorer' is set to 'Disabled' | CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 MS | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.29.2 (L1) Ensure 'Turn off Data Execution Prevention for Explorer' is set to 'Disabled' | CIS Windows Server 2012 MS L1 v3.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.29.3 (L1) Ensure 'Turn off Data Execution Prevention for Explorer' is set to 'Disabled' | CIS Microsoft Windows Server 2025 v1.0.0 L1 MS | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.37.1 (L2) Ensure 'Turn off location' is set to 'Enabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L2 BitLocker | Windows | CONFIGURATION MANAGEMENT |
| CIS Control 7 (7.7) Use of DNS Filtering Services | CAS Implementation Group 1 Audit File | Unix | ACCESS CONTROL |
| CIS Docker Community Edition v1.1.0 L1 Linux Host OS | CIS Docker Community Edition v1.1.0 L1 Linux Host OS | Unix | |
| CIS_AlmaLinux_OS_8_Server_L1_v3.0.0.audit from CIS AlmaLinux OS 8 Benchmark v3.0.0 | CIS AlmaLinux OS 8 Server L1 v3.0.0 | Unix | |
| CIS_Apache_Tomcat_11_v1.0.0_L1.audit from CIS Apache Tomcat 11 Benchmark v1.0.0 | CIS Apache Tomcat 11 v1.0.0 L1 | Unix | |
| CIS_Apple_macOS_10.13_v1.1.0_Level_1.audit from CIS Apple macOS 10.13 Benchmark v1.1.0 | CIS Apple macOS 10.13 L1 v1.1.0 | Unix | |
| CIS_CentOS_6_v3.0.0_Server_L1.audit from CIS CentOS Linux 6 Benchmark v3.0.0 | CIS CentOS 6 Server L1 v3.0.0 | Unix | |
| CIS_IBM_AIX_7_v1.0.0_L2.audit from CIS IBM AIX 7 Benchmark v1.0.0 | CIS IBM AIX 7 v1.0.0 L2 | Unix | |
| CIS_Microsoft_Exchange_Server_2019_v1.0.0_Level_1_MDM.audit from CIS Microsoft Exchange Server 2019 Benchmark v1.0.0 | CIS Microsoft Exchange Server 2019 L1 MDM v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| CIS_MS_IIS_10_v1.2.1_Level_1.audit from CIS Microsoft IIS 10 Benchmark v1.2.1 | CIS IIS 10 v1.2.1 Level 1 | Windows | |
| CIS_MySQL_5.7_Enterprise_Benchmark_v2.0.0_Level_1_OS_MS.audit from CIS Oracle MySQL 5.7 Enterprise Edition Benchmark | CIS MySQL 5.7 Enterprise Windows OS L1 v2.0.0 | Windows | |
| CIS_MySQL_8.0_Community_Benchmark_v1.1.0_Level_1_OS_Linux.audit from CIS Oracle MySQL 8.0 Community Edition Benchmark | CIS MySQL 8.0 Community Linux OS L1 v1.1.0 | Unix | |
| CIS_MySQL_8.0_Enterprise_Benchmark_v1.4.0_Level_1_Database.audit from CIS Oracle MySQL 8.0 Enterprise Edition Benchmark | CIS Oracle MySQL Enterprise Edition 8.0 v1.4.0 L1 Database | MySQLDB | |
| CIS_MySQL_8.0_Enterprise_Benchmark_v1.4.0_Level_2_Database.audit from CIS Oracle MySQL 8.0 Enterprise Edition Benchmark | CIS Oracle MySQL Enterprise Edition 8.0 v1.4.0 L2 Database | MySQLDB | |
| CIS_MySQL_8.4_Enterprise_Benchmark_v1.0.0_Level_2_Database.audit from CIS Oracle MySQL 8.4 Enterprise Edition Benchmark | CIS Oracle MySQL Enterprise Edition 8.4 v1.0.0 L2 MySQL RDBMS | MySQLDB | |
| CIS_Oracle_Linux_8_Workstation_L2_v3.0.0.audit from CIS Oracle Linux 8 Benchmark v3.0.0 | CIS Oracle Linux 8 Workstation L2 v3.0.0 | Unix | |
| CIS_Oracle_Solaris_11.4_L2_v1.1.0.audit from CIS Oracle Solaris 11.4 Benchmark v1.1.0 | CIS Oracle Solaris 11.4 L2 v1.1.0 | Unix | |
| CIS_SUSE_Linux_Enterprise_15_v2.0.0_L2_Server.audit from CIS SUSE Linux Enterprise 15 Benchmark v2.0.0 | CIS SUSE Linux Enterprise 15 v2.0.0 L2 Server | Unix | |
| CIS_Ubuntu_18.04_LXD_Host_v1.0.0_L1_LXD.audit from CIS Ubuntu Linux 18.04 LXD Host Benchmark | CIS Ubuntu Linux 18.04 LXD Host L1 LXD v1.0.0 | Unix | |
| CIS_Ubuntu_18.04_LXD_Host_v1.0.0_L1_Server.audit from CIS Ubuntu Linux 18.04 LXD Host Benchmark | CIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0 | Unix | |
| CIS_Ubuntu_Linux_24.04_LTS_v1.0.0_L1_Server.audit from CIS Ubuntu Linux 24.04 LTS Benchmark v1.0.0 | CIS Ubuntu Linux 24.04 LTS v1.0.0 L1 Server | Unix | |
| CIS_Ubuntu_Linux_24.04_LTS_v1.0.0_L2_Server.audit from CIS Ubuntu Linux 24.04 LTS Benchmark v1.0.0 | CIS Ubuntu Linux 24.04 LTS v1.0.0 L2 Server | Unix | |
