| ADBP-XI-000840 - Adobe Acrobat Pro XI privileged file and folder locations must be disabled. | DISA STIG ADOBE ACROBAT PROFESSIONAL (PRO) XI v1r2 | Windows | CONFIGURATION MANAGEMENT |
| ADBP-XI-001280 - Adobe Acrobat Pro XI Default Handler changes must be disabled. | DISA STIG ADOBE ACROBAT PROFESSIONAL (PRO) XI v1r2 | Windows | CONFIGURATION MANAGEMENT |
| ADBP-XI-001325 - Adobe Acrobat Pro XI privileged site locations must be disabled. | DISA STIG ADOBE ACROBAT PROFESSIONAL (PRO) XI v1r2 | Windows | CONFIGURATION MANAGEMENT |
| ADBP-XI-001330 - Adobe Acrobat Pro XI privileged host locations must be disabled. | DISA STIG ADOBE ACROBAT PROFESSIONAL (PRO) XI v1r2 | Windows | CONFIGURATION MANAGEMENT |
| ADBP-XI-001335 - Adobe Acrobat Pro XI certified document trust must be disabled. | DISA STIG ADOBE ACROBAT PROFESSIONAL (PRO) XI v1r2 | Windows | CONFIGURATION MANAGEMENT |
| APPL-11-002063 - The macOS system must enforce access restrictions. | DISA STIG Apple macOS 11 v1r8 | Unix | CONFIGURATION MANAGEMENT |
| CNTR-K8-000850 - Kubernetes Kubelet must deny hostname override. | DISA STIG Kubernetes v2r2 | Unix | CONFIGURATION MANAGEMENT |
| CNTR-R2-000460 Rancher RKE2 must be built from verified packages. | DISA Rancher Government Solutions RKE2 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| EPAS-00-003400 - Database software, including EDB Postgres Advanced Server configuration files, must be stored in dedicated directories, separate from the host OS and other applications. | EnterpriseDB PostgreSQL Advanced Server OS Linux v2r1 | Unix | CONFIGURATION MANAGEMENT |
| JUEX-NM-000460 - The Juniper EX switch must be configured to enforce access restrictions associated with changes to device configuration. | DISA Juniper EX Series Network Device Management v2r2 | Juniper | CONFIGURATION MANAGEMENT |
| MADB-10-002600 - MariaDB must limit privileges to change software modules, to include stored procedures, functions and triggers, and links to software external to the DBMS. | DISA MariaDB Enterprise 10.x v2r2 DB | MySQLDB | CONFIGURATION MANAGEMENT |
| MADB-10-003000 - The role(s)/group(s) used to modify database structure (including but not necessarily limited to tables, indexes, storage, etc.) and logic modules (stored procedures, functions, triggers, links to software external to the MariaDB, etc.) must be restricted to authorized users. | DISA MariaDB Enterprise 10.x v2r2 DB | MySQLDB | CONFIGURATION MANAGEMENT |
| MADB-10-007900 - MariaDB must enforce access restrictions associated with changes to the configuration of MariaDB or database(s). | DISA MariaDB Enterprise 10.x v2r2 DB | MySQLDB | CONFIGURATION MANAGEMENT |
| MD4X-00-002000 - MongoDB must limit privileges to change software modules, to include stored procedures, functions and triggers, and links to software external to MongoDB. | DISA STIG MongoDB Enterprise Advanced 4.x v1r4 DB | MongoDB | CONFIGURATION MANAGEMENT |
| MD7X-00-002700 MongoDB software installation account must be restricted to authorized users. | DISA MongoDB Enterprise Advanced 7.x STIG v1r1 | Unix | CONFIGURATION MANAGEMENT |
| MD7X-00-003000 The role(s)/group(s) used to modify database structure (including but not limited to tables, indexes, storage, etc.) and logic modules (stored procedures, functions, triggers, links to software external to MongoDB, etc.) must be restricted to authorized users. | DISA MongoDB Enterprise Advanced 7.x STIG v1r1 | MongoDB | CONFIGURATION MANAGEMENT |
| MD7X-00-007800 MongoDB must enforce access restrictions associated with changes to the configuration of MongoDB or database(s). | DISA MongoDB Enterprise Advanced 7.x STIG v1r1 | MongoDB | CONFIGURATION MANAGEMENT |
| Monterey - Configure Gatekeeper to Disallow End User Override | NIST macOS Monterey v1.0.0 - CNSSI 1253 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| Monterey - Configure Gatekeeper to Disallow End User Override | NIST macOS Monterey v1.0.0 - 800-53r5 High | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| Monterey - Configure Sudoers to Authenticate Users on a Per -tty Basis | NIST macOS Monterey v1.0.0 - CNSSI 1253 | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| MYS8-00-008700 - The role(s)/group(s) used to modify database structure (including but not necessarily limited to tables, indexes, storage, etc.) and logic modules (stored procedures, functions, triggers, links to software external to the MySQL Database Server 8.0, etc.) must be restricted to authorized users. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | CONFIGURATION MANAGEMENT |
| OL08-00-010300 - OL 8 system commands must have mode 755 or less permissive. | DISA Oracle Linux 8 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| OL08-00-010350 - OL 8 library files must be group-owned by root. | DISA Oracle Linux 8 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| OL08-00-010351 - OL 8 library directories must be group-owned by root or a system account. | DISA Oracle Linux 8 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-40-000199 The Photon operating system TDNF package management tool must cryptographically verify the authenticity of all software packages during installation for all repos. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-67-000064 - The Photon operating system RPM package management tool must cryptographically verify the authenticity of all software packages during installation. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-010320 - RHEL 8 system commands must be group-owned by root or a system account. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| Settings to Lock Down your BIG-IP - Admin Terminal Access | Tenable F5 BIG-IP Best Practice Audit | F5 | CONFIGURATION MANAGEMENT |
| SLES-12-010871 - The SUSE operating system library files must have mode 0755 or less permissive. | DISA SLES 12 STIG v3r1 | Unix | CONFIGURATION MANAGEMENT |
| SLES-12-010873 - The SUSE operating system library files must be owned by root. | DISA SLES 12 STIG v3r1 | Unix | CONFIGURATION MANAGEMENT |
| SLES-12-010879 - The SUSE operating system must have system commands owned by root. | DISA SLES 12 STIG v3r1 | Unix | CONFIGURATION MANAGEMENT |
| SLES-12-010881 - The SUSE operating system must have directories that contain system commands owned by root. | DISA SLES 12 STIG v3r1 | Unix | CONFIGURATION MANAGEMENT |
| SLES-12-010882 - The SUSE operating system must have system commands group-owned by root or a system account. | DISA SLES 12 STIG v3r1 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-010351 - The SUSE operating system library files must have mode 0755 or less permissive. | DISA SLES 15 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-010359 - The SUSE operating system must have system commands owned by root. | DISA SLES 15 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| SQL2-00-014600 - SQL Server must support the organizational requirement to employ automated mechanisms for enforcing access restrictions. | DISA STIG SQL Server 2012 Database OS Audit v1r20 | Windows | CONFIGURATION MANAGEMENT |
| SQL2-00-015400 - SQL Server software installation account(s) must be restricted to authorized users. | DISA STIG SQL Server 2012 Database OS Audit v1r20 | Windows | CONFIGURATION MANAGEMENT |
| SQL2-00-015500 - Database software directories, including SQL Server configuration files, must be stored in dedicated directories, separate from the host OS and other applications. | DISA STIG SQL Server 2012 Database OS Audit v1r20 | Windows | CONFIGURATION MANAGEMENT |
| SQL2-00-015620 - In a database owned by a login not having administrative privileges at the instance level, the database property TRUSTWORTHY must be OFF unless required and authorized. | DISA STIG SQL Server 2012 Database Audit v1r20 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL2-00-025200 - The OS must limit privileges to the SQL Server data directories and their subordinate directories and files. | DISA STIG SQL Server 2012 Database OS Audit v1r20 | Windows | CONFIGURATION MANAGEMENT |
| UBTU-20-010456 - The Ubuntu operating system must have system commands set to a mode of 0755 or less permissive. | DISA STIG Ubuntu 20.04 LTS v2r1 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-22-232050 - Ubuntu 22.04 LTS must have system commands owned by "root" or a system account. | DISA Canonical Ubuntu 22.04 LTS STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-24-300006 - Ubuntu 24.04 LTS library files must have mode 0755 or less permissive. | DISA Canonical Ubuntu 24.04 LTS STIG v1r1 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-24-300007 - Ubuntu 24.04 LTS library files must be owned by root. | DISA Canonical Ubuntu 24.04 LTS STIG v1r1 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-24-300008 - Ubuntu 24.04 LTS library directories must be owned by root. | DISA Canonical Ubuntu 24.04 LTS STIG v1r1 | Unix | CONFIGURATION MANAGEMENT |
| VCLU-70-000009 - Lookup Service must only run one webapp. | DISA STIG VMware vSphere 7.0 Lookup Service v1r2 | Unix | CONFIGURATION MANAGEMENT |
| VCLU-80-000034 The vCenter Lookup service must limit privileges for creating or modifying hosted application shared files. | DISA VMware vSphere 8.0 vCenter Appliance Lookup Service STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| VCPF-70-000009 - Performance Charts must only run one webapp. | DISA STIG VMware vSphere 7.0 Perfcharts Tomcat v1r1 | Unix | CONFIGURATION MANAGEMENT |
| VCPF-80-000144 The vCenter Perfcharts service files must have permissions in an out-of-the-box state. | DISA VMware vSphere 8.0 vCenter Appliance Perfcharts STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| VCST-67-000009 - The Security Token Service must only run one web app. | DISA STIG VMware vSphere 6.7 STS Tomcat v1r3 | Unix | CONFIGURATION MANAGEMENT |
