| 2.15 Ensure That 'Guest users access restrictions' is set to 'Guest user access is restricted to properties and memberships of their own directory objects' | CIS Microsoft Azure Foundations v3.0.0 L1 | microsoft_azure | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MEDIA PROTECTION |
| 2.17 Ensure That 'Restrict access to Microsoft Entra admin center' is Set to 'Yes' | CIS Microsoft Azure Foundations v3.0.0 L1 | microsoft_azure | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.23 Ensure That No Custom Subscription Administrator Roles Exist | CIS Microsoft Azure Foundations v3.0.0 L1 | microsoft_azure | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.24 Ensure a Custom Role is Assigned Permissions for Administering Resource Locks | CIS Microsoft Azure Foundations v3.0.0 L2 | microsoft_azure | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MEDIA PROTECTION |
| 3.3.6 Enable Role Based Access Control for Azure Key Vault | CIS Microsoft Azure Foundations v3.0.0 L2 | microsoft_azure | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MEDIA PROTECTION |
| 11.1 Ensure SELinux Is Enabled in Enforcing Mode - config | CIS Apache HTTP Server 2.4 L2 v2.1.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MEDIA PROTECTION |
| 11.1 Ensure SELinux Is Enabled in Enforcing Mode - config | CIS Apache HTTP Server 2.4 L2 v2.1.0 Middleware | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MEDIA PROTECTION |
| 11.1 Ensure SELinux Is Enabled in Enforcing Mode - current | CIS Apache HTTP Server 2.4 L2 v2.1.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MEDIA PROTECTION |
| 11.1 Ensure SELinux Is Enabled in Enforcing Mode - current | CIS Apache HTTP Server 2.4 L2 v2.1.0 Middleware | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MEDIA PROTECTION |
| AIX7-00-002015 - Audit logs on the AIX system must be set to 660 or less permissive. | DISA STIG AIX 7.x v3r1 | Unix | AUDIT AND ACCOUNTABILITY |
| AOSX-14-000030 - The macOS system must be configured so that log files must not contain access control lists (ACLs). | DISA STIG Apple Mac OSX 10.14 v2r6 | Unix | AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY |
| AOSX-15-000030 - The macOS system must be configured so that log files must not contain access control lists (ACLs). | DISA STIG Apple Mac OSX 10.15 v1r10 | Unix | AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY |
| APPL-14-000030 - The macOS system must configure audit log files to not contain access control lists. | DISA Apple macOS 14 (Sonoma) STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-14-000031 - The macOS system must configure audit log folders to not contain access control lists. | DISA Apple macOS 14 (Sonoma) STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-14-001012 - The macOS system must configure audit log files to be owned by root. | DISA Apple macOS 14 (Sonoma) STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-14-001013 - The macOS system must configure audit log folders to be owned by root. | DISA Apple macOS 14 (Sonoma) STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-14-001014 - The macOS system must configure audit log files group to wheel. | DISA Apple macOS 14 (Sonoma) STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-14-001015 - The macOS system must configure audit log folders group to wheel. | DISA Apple macOS 14 (Sonoma) STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-14-001016 - The macOS system must configure audit log files to mode 440 or less permissive. | DISA Apple macOS 14 (Sonoma) STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-14-001017 - The macOS system must configure audit log folders to mode 700 or less permissive. | DISA Apple macOS 14 (Sonoma) STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-15-000030 - The macOS system must configure audit log files to not contain access control lists (ACLs). | DISA Apple macOS 15 (Sequoia) STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-15-000031 - The macOS system must configure the audit log folder to not contain access control lists (ACLs). | DISA Apple macOS 15 (Sequoia) STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-15-001012 - The macOS system must configure audit log files to be owned by root. | DISA Apple macOS 15 (Sequoia) STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-15-001013 - The macOS system must configure audit log folders to be owned by root. | DISA Apple macOS 15 (Sequoia) STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-15-001014 - The macOS system must configure the audit log files group to wheel. | DISA Apple macOS 15 (Sequoia) STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-15-001015 - The macOS system must configure the audit log folders group to wheel. | DISA Apple macOS 15 (Sequoia) STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-15-001016 - The macOS system must configure audit log files to mode 440 or less permissive. | DISA Apple macOS 15 (Sequoia) STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-15-001017 - The macOS system must configure audit log folders to mode 700 or less permissive. | DISA Apple macOS 15 (Sequoia) STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
| Big Sur - Configure System to Audit All Failed Write Actions on the System | NIST macOS Big Sur v1.4.0 - 800-171 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Big Sur - Configure System to Audit All Failed Write Actions on the System | NIST macOS Big Sur v1.4.0 - 800-53r4 Moderate | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Big Sur - Configure System to Audit All Failed Write Actions on the System | NIST macOS Big Sur v1.4.0 - 800-53r4 Low | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Big Sur - Configure System to Audit All Failed Write Actions on the System | NIST macOS Big Sur v1.4.0 - 800-53r5 High | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Big Sur - Configure System to Audit All Failed Write Actions on the System | NIST macOS Big Sur v1.4.0 - 800-53r5 Low | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Big Sur - Configure System to Audit All Failed Write Actions on the System | NIST macOS Big Sur v1.4.0 - All Profiles | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| ESXI-80-000085 The ESXi host must implement Secure Boot enforcement. | DISA VMware vSphere 8.0 ESXi STIG OS v2r1 | Unix | AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY |
| F5BI-DM-000073 - The BIG-IP appliance must be configured to protect audit information from any type of unauthorized read access. | DISA F5 BIG-IP Device Management STIG v2r3 | F5 | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| F5BI-DM-000087 - The BIG-IP appliance must be configured to use NIAP evaluated cryptographic mechanisms to protect the integrity of audit information at rest. | DISA F5 BIG-IP Device Management STIG v2r3 | F5 | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| SPLK-CL-000190 - Splunk Enterprise installation directories must be secured. | DISA STIG Splunk Enterprise 8.x for Linux v2r1 STIG OS | Unix | AUDIT AND ACCOUNTABILITY |
| SQL2-00-015350 - Software, applications, and configuration files that are part of, or related to, the SQL Server 2012 installation must be monitored to discover unauthorized changes. | DISA STIG SQL Server 2012 Database OS Audit v1r20 | Windows | AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY |
| TCAT-AS-000370 - Files in the $CATALINA_BASE/conf/ folder must have their permissions set to 640. | DISA STIG Apache Tomcat Application Server 9 v3r1 Middleware | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| TCAT-AS-000371 - $CATALINA_BASE/conf folder permissions must be set to 750. | DISA STIG Apache Tomcat Application Server 9 v3r1 Middleware | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| UBTU-16-020140 - Audit log directory must be group-owned by root to prevent unauthorized read access. | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-16-020180 - Audit tools must have a mode of 0755 or less permissive - auditctl | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-16-020190 - Audit tools must be owned by root - auditctl | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-16-020190 - Audit tools must be owned by root - augenrules | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| VCLU-70-000028 - Lookup Service log files must be offloaded to a central log server in real time. | DISA STIG VMware vSphere 7.0 Lookup Service v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| VCPF-67-000006 - Performance Charts must generate log records for system startup and shutdown. | DISA STIG VMware vSphere 6.7 Perfcharts Tomcat v1r3 | Unix | AUDIT AND ACCOUNTABILITY |
| VCUI-67-000027 - vSphere UI log files must be moved to a permanent repository in accordance with site policy - access | DISA STIG VMware vSphere 6.7 UI Tomcat v1r3 | Unix | AUDIT AND ACCOUNTABILITY |
| VCUI-67-000027 - vSphere UI log files must be moved to a permanent repository in accordance with site policy - runtime | DISA STIG VMware vSphere 6.7 UI Tomcat v1r3 | Unix | AUDIT AND ACCOUNTABILITY |
| VCUI-70-000029 - vSphere UI log files must be moved to a permanent repository in accordance with site policy. | DISA STIG VMware vSphere 7.0 vCA UI v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
