| 1.4.1 Ensure 'Idle timeout' is less than or equal to 10 minutes for device management | CIS Palo Alto Firewall 10 v1.2.0 L1 | Palo_Alto | ACCESS CONTROL |
| 1.4.2 Ensure 'Failed Attempts' and 'Lockout Time' for Authentication Profile are properly configured | CIS Palo Alto Firewall 10 v1.2.0 L1 | Palo_Alto | ACCESS CONTROL |
| 2.3.4 Set a screen corner to Start Screen Saver | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | ACCESS CONTROL |
| 2.4.2 Disable Internet Sharing | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.4.8 Disable File Sharing - AppleFileServer | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.6 Ensure that the User-ID service account does not have interactive logon rights | CIS Palo Alto Firewall 10 v1.2.0 L1 | Palo_Alto | ACCESS CONTROL |
| 2.9 Pair the remote control infrared receiver if enabled - 'UIDFilter != none' | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | ACCESS CONTROL |
| 3.1 Ensure detailed logging is enabled | CIS NGINX Benchmark v2.1.0 L1 Proxy | Unix | AUDIT AND ACCOUNTABILITY |
| 3.3 Configure Security Auditing Flags - 'audit all failed events across all audit classes' | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.3 Configure Security Auditing Flags - 'audit successful/failed file attribute modification events' | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.3 Configure Security Auditing Flags - 'audit successful/failed login/logout events' | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.3 Ensure 'Passive Link State' and 'Preemptive' are configured appropriately | CIS Palo Alto Firewall 10 v1.2.0 L1 | Palo_Alto | SYSTEM AND INFORMATION INTEGRITY |
| 3.5 Retain install.log for 365 or more days | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2 Enable 'Show Wi-Fi status in menu bar' | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.5 Ensure ftp server is not running | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | CONFIGURATION MANAGEMENT |
| 5.2.1 Configure account lockout threshold | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | ACCESS CONTROL |
| 5.2.5 Complex passwords must contain a Special Character | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.2.6 Complex passwords must contain uppercase and lowercase letters | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | |
| 5.2.8 Password History | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.3 Ensure forwarding of decrypted content to WildFire is enabled | CIS Palo Alto Firewall 10 v1.2.0 L1 | Palo_Alto | SYSTEM AND INFORMATION INTEGRITY |
| 5.7 Do not enable the 'root' account | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | ACCESS CONTROL |
| 6.1.2 Disable 'Show password hints' | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 6.1.4 Disable 'Allow guests to connect to shared folders' - SMB Sharing | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | ACCESS CONTROL |
| 6.5 Ensure a secure anti-spyware profile is applied to all security policies permitting traffic to the Internet | CIS Palo Alto Firewall 10 v1.2.0 L1 | Palo_Alto | SYSTEM AND INFORMATION INTEGRITY |
| 6.6 Ensure a Vulnerability Protection Profile is set to block attacks against critical and high vulnerabilities, and set to default on medium, low, and informational vulnerabilities | CIS Palo Alto Firewall 10 v1.2.0 L1 | Palo_Alto | RISK ASSESSMENT |
| 6.7 Ensure a secure Vulnerability Protection Profile is applied to all security rules allowing traffic | CIS Palo Alto Firewall 10 v1.2.0 L1 | Palo_Alto | RISK ASSESSMENT |
| 6.18 Ensure all zones have Zone Protection Profiles that drop specially crafted packets | CIS Palo Alto Firewall 10 v1.2.0 L1 | Palo_Alto | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.22 Ensure that 'Inline Cloud Analysis' on Vulnerability Protection profiles are enabled if 'Advanced Threat Prevention' is available | CIS Palo Alto Firewall 10 v1.2.0 L1 | Palo_Alto | RISK ASSESSMENT |
| 6.23 Ensure that 'Cloud Inline Categorization' on URL Filtering profiles are enabled if 'Advanced Threat Prevention' is available | CIS Palo Alto Firewall 10 v1.2.0 L1 | Palo_Alto | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.1 Ensure application security policies exist when allowing traffic from an untrusted zone to a more trusted zone | CIS Palo Alto Firewall 10 v1.2.0 L1 | Palo_Alto | ACCESS CONTROL, MEDIA PROTECTION |
| 7.3 Ensure 'Security Policy' denying any/all traffic to/from IP addresses on Trusted Threat Intelligence Sources Exists | CIS Palo Alto Firewall 10 v1.2.0 L1 | Palo_Alto | ACCESS CONTROL, MEDIA PROTECTION |
| 7.4 Ensure that logging is enabled on built-in default security policies | CIS Palo Alto Firewall 10 v1.2.0 L1 | Palo_Alto | SYSTEM AND INFORMATION INTEGRITY |
| 8.2 Ensure 'SSL Inbound Inspection' is required for all untrusted traffic destined for servers using SSL or TLS | CIS Palo Alto Firewall 10 v1.2.0 L1 | Palo_Alto | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| CIS_Apache_Tomcat_10.1_v1.1.0_L1.audit from CIS Apache Tomcat 10.1 Benchmark v1.1.0 | CIS Apache Tomcat 10.1 v1.1.0 L1 | Unix | |
| CIS_Apache_Tomcat_10.1_v1.1.0_L2.audit from CIS Apache Tomcat 10.1 Benchmark v1.1.0 | CIS Apache Tomcat 10.1 v1.1.0 L2 | Unix | |
| CIS_Apple_macOS_10.14_v2.0.0_L1.audit from CIS Apple macOS 10.14 Benchmark v2.0.0 | CIS Apple macOS 10.14 v2.0.0 L1 | Unix | |
| CIS_CentOS_6_v3.0.0_Workstation_L1.audit from CIS CentOS Linux 6 Benchmark v3.0.0 | CIS CentOS 6 Workstation L1 v3.0.0 | Unix | |
| CIS_IBM_WebSphere_Liberty_v1.0.0_L2.audit from CIS IBM WebSphere Liberty Benchmark v1.0.0 | CIS IBM WebSphere Liberty v1.0.0 L2 | Unix | |
| CIS_Microsoft_Exchange_Server_2019_v1.0.0_Level_1_Edge.audit from CIS Microsoft Exchange Server 2019 Benchmark v1.0.0 | CIS Microsoft Exchange Server 2019 L1 Edge v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| CIS_MS_IIS_10_v1.2.1_Level_2.audit from CIS Microsoft IIS 10 Benchmark v1.2.1 | CIS IIS 10 v1.2.1 Level 2 | Windows | |
| CIS_MySQL_5.6_Community_Benchmark_v2.0.0_LEVEL_1_DB.audit from CIS Oracle MySQL 5.6 Community Edition Benchmark | CIS MySQL 5.6 Community Database L1 v2.0.0 | MySQLDB | |
| CIS_MySQL_5.6_Enterprise_Benchmark_v2.0.0_LEVEL_2_DB.audit from CIS Oracle MySQL 5.6 Enterprise Edition Benchmark | CIS MySQL 5.6 Enterprise Database L2 v2.0.0 | MySQLDB | |
| CIS_MySQL_5.7_Community_Benchmark_v2.0.0_Level_2_DB.audit from CIS Oracle MySQL 5.7 Community Edition Benchmark | CIS MySQL 5.7 Community Database L2 v2.0.0 | MySQLDB | |
| CIS_MySQL_5.7_Enterprise_Benchmark_v2.0.0_Level_1_DB.audit from CIS Oracle MySQL 5.7 Enterprise Edition Benchmark | CIS MySQL 5.7 Enterprise Database L1 v2.0.0 | MySQLDB | |
| CIS_MySQL_8.0_Enterprise_Benchmark_v1.4.0_Level_2_OS_Linux.audit from CIS Oracle MySQL 8.0 Enterprise Edition Benchmark | CIS MySQL 8.0 Enterprise Linux OS L2 v1.4.0 | Unix | |
| CIS_PostgreSQL_14_v 1.2.0_L1_DB.audit from CIS PostgreSQL 14 Benchmark v 1.2.0 | CIS PostgreSQL 14 DB v 1.2.0 | PostgreSQLDB | |
| CIS_PostgreSQL_14_v 1.2.0_L1_OS_Linux.audit from CIS PostgreSQL 14 Benchmark v 1.2.0 | CIS PostgreSQL 14 OS v 1.2.0 | Unix | |
| CIS_SUSE_Linux_Enterprise_Server_11_v2.1.1_L1.audit from CIS SUSE Linux Enterprise 11 Benchmark | CIS SUSE Linux Enterprise Server 11 L1 v2.1.1 | Unix | |
| CIS_SUSE_Linux_Enterprise_Server_11_v2.1.1_L2.audit from CIS SUSE Linux Enterprise 11 Benchmark | CIS SUSE Linux Enterprise Server 11 L2 v2.1.1 | Unix | |
| CIS_SUSE_Linux_Enterprise_Workstation_11_v2.1.1_L1.audit from CIS SUSE Linux Enterprise 11 Benchmark | CIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1 | Unix | |
