| 1.1.21 Disable Automounting | CIS Debian 8 Workstation L2 v2.0.2 | Unix | MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 1.1.21 Disable Automounting | CIS Debian 8 Server L1 v2.0.2 | Unix | MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 1.1.22 Disable Automounting | CIS Oracle Linux 6 Server L1 v2.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.1.22 Disable Automounting | CIS Red Hat 6 Server L1 v3.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.1.22 Disable Automounting | CIS Red Hat 6 Workstation L2 v3.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.1.27 Disable Automounting | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Workstation | Unix | MEDIA PROTECTION |
| 1.2.6.3 Ensure passcode have at least 1 number is set to enabled | CIS Zoom L1 v1.0.0 | Zoom | CONFIGURATION MANAGEMENT |
| 1.7.7 Ensure GDM disabling automatic mounting of removable media is not overridden | CIS Ubuntu Linux 20.04 LTS v3.0.0 L2 Workstation | Unix | MEDIA PROTECTION |
| 1.246 WN10-UR-000070 | CIS Microsoft Windows 10 STIG v1.0.0 CAT II | Windows | ACCESS CONTROL |
| 2.1.30 Ensure the krb5-server package has not been installed on the system | CIS Red Hat Enterprise Linux 8 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 2.2.4 Ensure CUPS is not enabled | CIS SUSE Linux Enterprise Workstation 11 L2 v2.1.1 | Unix | CONFIGURATION MANAGEMENT |
| 4.6 Ensure That IP Forwarding Is Not Enabled on Instances | CIS Google Cloud Platform Foundation v4.0.0 L1 | GCP | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.11.8.3 (L1) Ensure 'Prevent the use of security questions for local accounts' is set to 'Enabled' | CIS Microsoft Intune for Windows 11 v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 8.4.9 Disable Unity Active | CIS VMware ESXi 5.5 v1.2.0 Level 2 | VMware | CONFIGURATION MANAGEMENT |
| 8.4.10 Disable Unity Window Contents | CIS VMware ESXi 5.5 v1.2.0 Level 2 | VMware | CONFIGURATION MANAGEMENT |
| 8.4.13 Disable Drag and Drop Version Set | CIS VMware ESXi 5.5 v1.2.0 Level 2 | VMware | CONFIGURATION MANAGEMENT |
| 8.4.16 Disable Trash Folder State | CIS VMware ESXi 5.5 v1.2.0 Level 2 | VMware | CONFIGURATION MANAGEMENT |
| 8.4.18 Ensure Unity is disabled | CIS VMware ESXi 6.5 v1.0.0 Level 2 | VMware | SYSTEM AND INFORMATION INTEGRITY |
| 8.4.20 Disable GetCreds | CIS VMware ESXi 5.5 v1.2.0 Level 2 | VMware | CONFIGURATION MANAGEMENT |
| 8.4.22 Disable Guest Host Interaction Launch Menu | CIS VMware ESXi 5.5 v1.2.0 Level 2 | VMware | CONFIGURATION MANAGEMENT |
| 8.4.23 Disable memSchedFakeSampleStats | CIS VMware ESXi 5.5 v1.2.0 Level 2 | VMware | CONFIGURATION MANAGEMENT |
| 18.9.28.1 (L1) Ensure 'Block user from showing account details on sign-in' is set to 'Enabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 18.10.15.3 (L1) Ensure 'Prevent the use of security questions for local accounts' is set to 'Enabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 18.10.15.3 (L1) Ensure 'Prevent the use of security questions for local accounts' is set to 'Enabled' | CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BL | Windows | CONFIGURATION MANAGEMENT |
| 18.10.15.3 (L1) Ensure 'Prevent the use of security questions for local accounts' is set to 'Enabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 18.10.15.3 (L1) Ensure 'Prevent the use of security questions for local accounts' is set to 'Enabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG | Windows | CONFIGURATION MANAGEMENT |
| CASA-VN-000180 - The Cisco ASA must be configured to specify Perfect Forward Secrecy (PFS) for the IPsec Security Association (SA) during IKE Phase 2 negotiation. | DISA STIG Cisco ASA VPN v2r2 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CIS Microsoft IIS 8 Benchmark v1.5.1 Level 2 | CIS IIS 8.0 v1.5.1 Level 2 | Windows | |
| CIS_Aliyun_Linux_2_L2_v1.0.0.audit from CIS Aliyun Linux 2 Benchmark v1.0.0 | CIS Aliyun Linux 2 L2 v1.0.0 | Unix | |
| CIS_Amazon_Linux_2_STIG_v2.0.0_L1_Server.audit from CIS Amazon Linux 2 STIG v2.0.0 | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | |
| CIS_Amazon_Linux_2_STIG_v2.0.0_STIG.audit from CIS Amazon Linux 2 STIG v2.0.0 | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | |
| Display Level 1 attachments | MSCT M365 Apps for enterprise 2312 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Display Level 1 attachments | MSCT Office 2016 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Display Level 1 attachments | MSCT Microsoft 365 Apps for Enterprise 2206 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO241 - Action to demote an EMail Level 1 attachment to Level 2 must be configured. | DISA STIG Microsoft Outlook 2013 v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXi: esxi-8.ssh-fips | VMware vSphere Security Configuration and Hardening Guide 8.0 - Bare Metal Host | Unix | ACCESS CONTROL |
| ESXI5-VM-000019 - The unexposed feature keyword isolation.tools.ghi.protocolhandler.info.disable must be initialized to decrease the VMs potential attack vectors. | DISA STIG VMWare ESXi 5 Virtual Machine STIG v2r1 | VMware | CONFIGURATION MANAGEMENT |
| ESXI5-VM-000026 - The unexposed feature keyword isolation.tools.unity.push.update.disable must be initialized to decrease the VMs potential attack vectors. | DISA STIG VMWare ESXi 5 Virtual Machine STIG v2r1 | VMware | CONFIGURATION MANAGEMENT |
| ESXI5-VM-000031 - The unexposed feature keyword isolation.tools.guestDnDVersionSet.disable must be initialized to decrease the VMs potential attack vectors. | DISA STIG VMWare ESXi 5 Virtual Machine STIG v2r1 | VMware | CONFIGURATION MANAGEMENT |
| GEN005507 - The SSH daemon must be configured to only use Message Authentication Codes (MACs) employing FIPS 140-2 approved cryptographic hash algorithms - MACs that employ FIPS 140-2 cryptographic hash algorithms. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL |
| GEN005512 - The SSH client must be configured to only use Message Authentication Codes (MACs) employing FIPS 140-2 approved cryptographic hash algorithms - MACs that employ FIPS 140-2 cryptographic hash algorithms. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL |
| GEN006575 - The file integrity tool must use FIPS 140-2 approved cryptographic hashes for validating file contents - config | DISA STIG Solaris 10 X86 v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN006575 - The file integrity tool must use FIPS 140-2 approved cryptographic hashes for validating file contents - config | DISA STIG Solaris 10 SPARC v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
| JUSX-VN-000013 - The Juniper SRX Services Gateway VPN must specify Perfect Forward Secrecy (PFS). | DISA Juniper SRX Services Gateway VPN v3r2 | Juniper | CONFIGURATION MANAGEMENT |
| MADB-10-004400 - MariaDB must use NIST FIPS 140-2 validated cryptographic modules for cryptographic operations. | DISA MariaDB Enterprise 10.x v2r3 DB | MySQLDB | IDENTIFICATION AND AUTHENTICATION |
| RHEL-08-010163 - The krb5-server package must not be installed on RHEL 8. | DISA Red Hat Enterprise Linux 8 STIG v2r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| SPLK-CL-000010 - Splunk Enterprise must be installed with FIPS mode enabled, to implement NIST FIPS 140-2 approved ciphers for all cryptographic functions. | DISA STIG Splunk Enterprise 7.x for Windows v3r1 REST API | Splunk | SYSTEM AND COMMUNICATIONS PROTECTION |
| VM : disable-hgfs | VMWare vSphere 6.5 Hardening Guide | VMware | CONFIGURATION MANAGEMENT |
| WBSP-AS-000212 - The WebSphere Application Server Java 2 security must not be bypassed. | DISA IBM WebSphere Traditional 9 Windows STIG v1r1 | Windows | ACCESS CONTROL |
| WN10-UR-000070 - The Deny access to this computer from the network user right on workstations must be configured to prevent access from highly privileged domain accounts and local accounts on domain systems and unauthenticated access on all systems. | DISA Microsoft Windows 10 STIG v3r4 | Windows | ACCESS CONTROL |
