| 1.3.2 Ensure filesystem integrity is regularly checked - aide | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 3.080 - The system is configured to prevent background refresh of Group Policy. | DISA Windows Server 2008 DC STIG v6r47 | Windows | CONFIGURATION MANAGEMENT |
| 3.080 - The system will be configured to enable the background refresh of Group Policy. | DISA Windows Server 2008 R2 DC STIG v1r34 | Windows | CONFIGURATION MANAGEMENT |
| 3.112 - Group Policy objects will be reprocessed even if they have not changed. | DISA Windows Server 2008 R2 DC STIG v1r34 | Windows | CONFIGURATION MANAGEMENT |
| GEN000140 - A file integrity baseline must be created and maintained. | DISA STIG Solaris 10 X86 v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN000140 - A file integrity baseline must be created and maintained. | DISA STIG Solaris 10 SPARC v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN000140-2 - A file integrity baseline including cryptographic hashes must be created - '/etc/aide.conf must exist' | DISA STIG for Oracle Linux 5 v2r1 | Unix | CONFIGURATION MANAGEMENT |
| GEN000220 - A file integrity tool must be used at least weekly to check for unauthorized file changes, particularly the addition of unauthorized system libraries or binaries, or for unauthorized modification to authorized system libraries or binaries. | DISA STIG Solaris 10 X86 v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN000220 - A file integrity tool must be used at least weekly to check for unauthorized file changes, particularly the addition of unauthorized system libraries or binaries, or for unauthorized modification to authorized system libraries or binaries. | DISA STIG Solaris 10 SPARC v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN002260 - The system must be checked for extraneous device files at least weekly. | DISA STIG Solaris 10 X86 v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN002260 - The system must be checked for extraneous device files at least weekly. | DISA STIG Solaris 10 SPARC v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN002400 - The system must be checked weekly for unauthorized setuid files, as well as, unauthorized modification to authorized setuid files. | DISA STIG Solaris 10 X86 v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN002400 - The system must be checked weekly for unauthorized setuid files, as well as, unauthorized modification to authorized setuid files. | DISA STIG Solaris 10 SPARC v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN002460 - The system must be checked weekly for unauthorized setgid files, as well as, unauthorized modification to authorized setgid files. | DISA STIG Solaris 10 X86 v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN002460 - The system must be checked weekly for unauthorized setgid files, as well as, unauthorized modification to authorized setgid files. | DISA STIG Solaris 10 SPARC v2r4 | Unix | CONFIGURATION MANAGEMENT |
| Managing Patches | Tenable AWS Best Practice Audit | amazon_aws | CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, RISK ASSESSMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND INFORMATION INTEGRITY |
| OL6-00-000016 - A file integrity tool must be installed. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000302 - A file integrity tool must be used at least weekly to check for unauthorized file changes, particularly the addition of unauthorized system libraries or binaries, or for unauthorized modification to authorized system libraries or binaries. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000303 - The operating system must employ automated mechanisms, per organization defined frequency, to detect the addition of unauthorized components/devices into the operating system. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000304 - The operating system must employ automated mechanisms to detect the presence of unauthorized software on organizational information systems and notify designated organizational officials in accordance with the organization defined frequency. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000305 - The operating system must provide a near real-time alert when any of the organization defined list of compromise or potential compromise indicators occurs. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000306 - The operating system must detect unauthorized changes to software and information. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000307 - The operating system must ensure unauthorized, security-relevant configuration changes detected are tracked. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL07-00-020040 - The Oracle Linux operating system must be configured so that designated personnel are notified if baseline configurations are changed in an unauthorized manner - aide. | DISA Oracle Linux 7 STIG v2r14 | Unix | CONFIGURATION MANAGEMENT |
| OL07-00-020040 - The Oracle Linux operating system must be configured so that designated personnel are notified if baseline configurations are changed in an unauthorized manner - cron. | DISA Oracle Linux 7 STIG v2r14 | Unix | CONFIGURATION MANAGEMENT |
| OL08-00-010358 - OL 8 must be configured to allow sending email notifications of unauthorized configuration changes to designated personnel. | DISA Oracle Linux 8 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-07-020028 - The Red Hat Enterprise Linux operating system must be configured to allow sending email notifications of configuration changes and adverse events to designated personnel. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-07-020030 - The Red Hat Enterprise Linux operating system must be configured so that a file integrity tool verifies the baseline operating system configuration at least weekly. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-07-020040 - The Red Hat Enterprise Linux operating system must be configured so that designated personnel are notified if baseline configurations are changed in an unauthorized manner. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-010358 - RHEL 8 must be configured to allow sending email notifications of unauthorized configuration changes to designated personnel. | DISA Red Hat Enterprise Linux 8 STIG v1r14 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-010360 - The RHEL 8 file integrity tool must notify the system administrator when changes to the baseline configuration or anomalies in the operation of any security functions are discovered within an organizationally defined frequency. | DISA Red Hat Enterprise Linux 8 STIG v1r14 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-215095 - RHEL 9 must have the s-nail package installed. | DISA Red Hat Enterprise Linux 9 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-651010 - RHEL 9 must have the AIDE package installed. | DISA Red Hat Enterprise Linux 9 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| SLES-15-010418 - The SUSE operating system must be configured to allow sending email notifications of unauthorized configuration changes to designated personnel. | DISA SLES 15 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| SOL-11.1-020190 - The operating system must employ automated mechanisms, per organization-defined frequency, to detect the addition of unauthorized components/devices into the operating system. | DISA STIG Solaris 11 X86 v3r1 | Unix | CONFIGURATION MANAGEMENT |
| SOL-11.1-020190 - The operating system must employ automated mechanisms, per organization-defined frequency, to detect the addition of unauthorized components/devices into the operating system. | DISA STIG Solaris 11 SPARC v3r1 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-16-010540 - The file integrity tool must notify the system administrator when changes to the baseline configuration or anomalies in the operation of any security functions are discovered - silentreports | DISA STIG Ubuntu 16.04 LTS v2r1 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-18-010508 - The Ubuntu operating system must notify designated personnel if baseline configurations are changed in an unauthorized manner. The file integrity tool must notify the system administrator when changes to the baseline configuration or anomalies in the operation of any security functions are discovered. | DISA STIG Ubuntu 18.04 LTS v2r2 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-18-010508 - The Ubuntu operating system must notify designated personnel if baseline configurations are changed in an unauthorized manner. The file integrity tool must notify the system administrator when changes to the baseline configuration or anomalies in the operation of any security functions are discovered. | DISA STIG Ubuntu 18.04 LTS v2r4 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-22-651020 - Ubuntu 22.04 LTS must notify designated personnel if baseline configurations are changed in an unauthorized manner. The file integrity tool must notify the system administrator when changes to the baseline configuration or anomalies in the operation of any security functions are discovered. | DISA STIG Canonical Ubuntu 22.04 LTS v2r1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| WINCC-000029 - Group Policies must be refreshed in the background if the user is logged on. | DISA Windows 7 STIG v1r32 | Windows | CONFIGURATION MANAGEMENT |
| WN08-CC-000028 - Group Policy objects must be reprocessed even if they have not changed. | DISA Windows 8/8.1 STIG v1r23 | Windows | CONFIGURATION MANAGEMENT |
| WN08-CC-000029 - Group Policies must be refreshed in the background if the user is logged on. | DISA Windows 8/8.1 STIG v1r23 | Windows | CONFIGURATION MANAGEMENT |
| WN16-00-000240 - System files must be monitored for unauthorized changes. | DISA Windows Server 2016 STIG v2r8 | Windows | CONFIGURATION MANAGEMENT |
| WN16-CC-000150 - Group Policy objects must be reprocessed even if they have not changed. | DISA Windows Server 2016 STIG v2r3 | Windows | CONFIGURATION MANAGEMENT |
| WN16-CC-000150 - Group Policy objects must be reprocessed even if they have not changed. | DISA Windows Server 2016 STIG v2r2 | Windows | CONFIGURATION MANAGEMENT |
| WN19-00-000220 - Windows Server 2019 system files must be monitored for unauthorized changes. | DISA Windows Server 2019 STIG v3r1 | Windows | CONFIGURATION MANAGEMENT |
| WN19-CC-000140 - Windows Server 2019 group policy objects must be reprocessed even if they have not changed. | DISA Windows Server 2019 STIG v2r3 | Windows | CONFIGURATION MANAGEMENT |
| WN19-CC-000140 - Windows Server 2019 group policy objects must be reprocessed even if they have not changed. | DISA Windows Server 2019 STIG v2r2 | Windows | CONFIGURATION MANAGEMENT |
| WN22-00-000220 - Windows Server 2022 system files must be monitored for unauthorized changes. | DISA Windows Server 2022 STIG v2r1 | Windows | CONFIGURATION MANAGEMENT |
