| 5.231 - Attachments must be prevented from being downloaded from RSS feeds. | DISA Windows Server 2008 R2 MS STIG v1r33 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.280 - Turn off autoplay for non-volume devices. | DISA Windows 7 STIG v1r32 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.286 - The default autorun behavior must be configured to prevent autorun commands. | DISA Windows 7 STIG v1r32 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.2.1 Ensure Protect Mail Activity in Mail Is Enabled | CIS Apple macOS 14.0 Sonoma v1.1.0 L2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.2.1 Ensure Protect Mail Activity in Mail Is Enabled | CIS Apple macOS 13.0 Ventura v2.1.0 L2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.3.1 Ensure Automatic Opening of Safe Files in Safari Is Disabled | CIS Apple macOS 13.0 Ventura v2.1.0 L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 7.1.1 Ensure Protect Mail Activity in Mail Is Enabled | CIS Apple macOS 10.15 Catalina v3.0.0 L2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.2.1 Ensure Automatic Opening of Safe Files in Safari Is Disabled | CIS Apple macOS 11.0 Big Sur v4.0.0 L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 7.2.4 Ensure Warn When Visiting A Fradulent Website in Safari Is Enabled | CIS Apple macOS 12.0 Monterey v3.1.0 L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.2.6 Audit Hide IP Address in Safari Setting | CIS Apple macOS 12.0 Monterey v3.1.0 L2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| AADC-CL-000280 - Adobe Acrobat Pro DC Classic access to unknown websites must be restricted. | DISA STIG Adobe Acrobat Pro DC Classic Track v1r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| AADC-CL-000285 - Adobe Acrobat Pro DC Classic access to websites must be blocked. | DISA STIG Adobe Acrobat Pro DC Classic Track v1r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| AADC-CL-001010 - Adobe Acrobat Pro DC Classic Protected Mode must be enabled. | DISA STIG Adobe Acrobat Pro DC Classic Track v1r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| AADC-CN-000285 - Adobe Acrobat Pro DC Continuous access to websites must be blocked. | DISA STIG Adobe Acrobat Pro DC Continuous Track v1r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| AADC-CN-000290 - Adobe Acrobat Pro DC Continuous must be configured to block Flash Content. | DISA STIG Adobe Acrobat Pro DC Continuous Track v1r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTBI024-IE11 - The Initialize and script ActiveX controls not marked as safe property must be disallowed (Internet zone). | DISA STIG IE 11 v1r18 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTBI024-IE11 - The Initialize and script ActiveX controls not marked as safe property must be disallowed (Internet zone). | DISA STIG IE 11 v1r19 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTBI112-IE11 - The Download signed ActiveX controls property must be disallowed (Restricted Sites zone). | DISA STIG IE 11 v1r18 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTBI112-IE11 - The Download signed ActiveX controls property must be disallowed (Restricted Sites zone). | DISA STIG IE 11 v1r19 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTBI113-IE11 - The Download unsigned ActiveX controls property must be disallowed (Restricted Sites zone). | DISA STIG IE 11 v1r19 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTBI114-IE11 - The Initialize and script ActiveX controls not marked as safe property must be disallowed (Restricted Sites zone). | DISA STIG IE 11 v1r18 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTBI395-IE11 - Scriptlets must be disallowed (Internet zone). | DISA STIG IE 11 v1r18 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTBI395-IE11 - Scriptlets must be disallowed (Internet zone). | DISA STIG IE 11 v1r19 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTBI670-IE11 - Scripting of Java applets must be disallowed (Restricted Sites zone). | DISA STIG IE 11 v1r19 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTBI800-IE11 - Scripting of Internet Explorer WebBrowser control property must be disallowed (Internet zone). | DISA STIG IE 11 v1r19 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTBI800-IE11 - Scripting of Internet Explorer WebBrowser control property must be disallowed (Internet zone). | DISA STIG IE 11 v1r18 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTBI830-IE11 - ActiveX controls without prompt property must be used in approved domains only (Internet zone). | DISA STIG IE 11 v1r18 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTBI830-IE11 - ActiveX controls without prompt property must be used in approved domains only (Internet zone). | DISA STIG IE 11 v1r19 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTBI850-IE11 - Scripting of Internet Explorer WebBrowser Control must be disallowed (Restricted Sites zone). | DISA STIG IE 11 v1r19 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTBI850-IE11 - Scripting of Internet Explorer WebBrowser Control must be disallowed (Restricted Sites zone). | DISA STIG IE 11 v1r18 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTBI880-IE11 - ActiveX controls without prompt property must be used in approved domains only (Restricted Sites zone). | DISA STIG IE 11 v1r18 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTBI1105-IE11 - Run once selection for running outdated ActiveX controls must be disabled. | DISA STIG IE 11 v1r19 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTBI1110-IE11 - Enabling outdated ActiveX controls for Internet Explorer must be blocked. | DISA STIG IE 11 v1r18 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTBI1115-IE11 - Use of the Tabular Data Control (TDC) ActiveX control must be disabled for the Internet Zone. | DISA STIG IE 11 v1r18 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTBI1115-IE11 - Use of the Tabular Data Control (TDC) ActiveX control must be disabled for the Internet Zone. | DISA STIG IE 11 v1r19 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTBI1125-IE11 - VBScript must not be allowed to run in Internet Explorer (Internet zone) - Internet zone | DISA STIG IE 11 v1r18 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTBI1130-IE11 - VBScript must not be allowed to run in Internet Explorer (Restricted Sites zone) - Restricted Sites zone | DISA STIG IE 11 v1r19 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| IISW-SV-000158 - Unspecified file extensions on a production IIS 8.5 web server must be removed - CGI | DISA IIS 8.5 Server v1r9 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| IISW-SV-000158 - Unspecified file extensions on a production IIS 8.5 web server must be removed - ISAPI | DISA IIS 8.5 Server v1r9 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| JRE8-UX-000090 - Oracle JRE 8 must lock the dialog enabling users to grant permissions - deployment.security.askgrantdialog.show | DISA STIG Oracle JRE 8 Unix v1r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| JRE8-UX-000090 - Oracle JRE 8 must lock the dialog enabling users to grant permissions - deployment.security.askgrantdialog.show.locked | DISA STIG Oracle JRE 8 Unix v1r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| JRE8-UX-000110 - Oracle JRE 8 must prevent the download of prohibited mobile code - deployment.security.blacklist.check | DISA STIG Oracle JRE 8 Unix v1r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| JRE8-WN-000110 - Oracle JRE 8 must prevent the download of prohibited mobile code - deployment.security.blacklist.check.locked | DISA STIG Oracle JRE 8 Windows v1r5 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| JRE8-WN-000170 - Oracle JRE 8 must prompt the user for action prior to executing mobile code - deployment.insecure.jres.locked | DISA STIG Oracle JRE 8 Windows v1r5 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| SHPT-00-000683 - SharePoint-specific malware (i.e., anti-virus) software must be integrated and configured - 'Scan Documents on Download is enabled' | DISA STIG SharePoint 2010 v1r9 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| SHPT-00-000683 - SharePoint-specific malware (i.e., anti-virus) software must be integrated and configured - 'Scan Documents on Upload is enabled' | DISA STIG SharePoint 2010 v1r9 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| SP13-00-000140 - SharePoint must prevent non-privileged users from circumventing malicious code protection capabilities. | DISA STIG SharePoint 2013 v1r8 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WNDF-AV-000031 - Windows Defender AV must be configured for automatic remediation action to be taken for threat alert level Severe - Enabled | DISA STIG Windows Defender Antivirus v1r9 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WNDF-AV-000041 - Windows Defender AV must be configured for automatic remediation action to be taken for threat alert level Medium - Enabled | DISA STIG Windows Defender Antivirus v1r9 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WNDF-AV-000042 - Windows Defender AV must be configured for automatic remediation action to be taken for threat alert level Low - Enabled | DISA STIG Windows Defender Antivirus v1r9 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
