| 1.2.8 Ensure prevent hosts from accessing their cloud recordings is set to enabled | CIS Zoom L2 v1.0.0 | Zoom | CONFIGURATION MANAGEMENT |
| 1.139 WN10-CC-000197 | CIS Microsoft Windows 10 STIG v1.0.0 CAT III | Windows | CONFIGURATION MANAGEMENT |
| 2.3.23.2 (L1) Ensure 'Block signing into Office' is set to 'Enabled: Org ID only' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | ACCESS CONTROL |
| 2.4.3 (L2) Ensure Microsoft Defender for Cloud Apps is enabled and configured | CIS Microsoft 365 Foundations v6.0.0 L2 E5 | microsoft_azure | SYSTEM AND INFORMATION INTEGRITY |
| 4.2.7 Ensure that the --hostname-override argument is not set | CIS Kubernetes v1.12.0 L1 Worker Node | Unix | CONFIGURATION MANAGEMENT |
| 4.2.8 Ensure that the --hostname-override argument is not set | CIS Kubernetes v1.24 Benchmark v1.0.0 L1 Worker | Unix | CONFIGURATION MANAGEMENT |
| 4.4.1 Consider external secret storage | CIS Google Kubernetes Engine GKE Autopilot v1.3.0 L2 | GCP | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.4.2 Consider external secret storage | CIS Kubernetes v1.12.0 L2 Master Node | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.4.2 Consider external secret storage | CIS Red Hat OpenShift Container Platform v1.9.0 L2 OpenShift | OpenShift | SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.2.7 Ensure That the 'Log_min_duration_statement' Database Flag for Cloud SQL PostgreSQL Instance Is Set to '-1' (Disabled) | CIS Google Cloud Platform Foundation v4.0.0 L1 | GCP | AUDIT AND ACCOUNTABILITY |
| 18.10.40.1 Ensure 'Allow Message Service Cloud Sync' is set to 'Disabled' | CIS Microsoft Windows 11 Enterprise v5.0.1 L2 BL | Windows | CONFIGURATION MANAGEMENT |
| 18.10.40.1 Ensure 'Allow Message Service Cloud Sync' is set to 'Disabled' | CIS Microsoft Windows 11 Stand-alone v5.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 18.10.40.1 Ensure 'Allow Message Service Cloud Sync' is set to 'Disabled' | CIS Microsoft Windows Server 2025 v2.0.0 L2 DC | Windows | CONFIGURATION MANAGEMENT |
| 18.10.40.1 Ensure 'Allow Message Service Cloud Sync' is set to 'Disabled' | CIS Microsoft Windows 11 Enterprise v5.0.1 L2 | Windows | CONFIGURATION MANAGEMENT |
| 18.10.40.1 Ensure 'Allow Message Service Cloud Sync' is set to 'Disabled' | CIS Microsoft Windows Server 2022 v5.0.0 L2 MS | Windows | CONFIGURATION MANAGEMENT |
| 18.10.40.1 Ensure 'Allow Message Service Cloud Sync' is set to 'Disabled' | CIS Microsoft Windows Server 2025 v2.0.0 L2 MS | Windows | CONFIGURATION MANAGEMENT |
| 18.10.43.5.2 (L2) Ensure 'Join Microsoft MAPS' is set to 'Disabled' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L2 BL NG | Windows | CONFIGURATION MANAGEMENT |
| 18.10.43.5.2 (L2) Ensure 'Join Microsoft MAPS' is set to 'Disabled' | CIS Microsoft Windows Server 2016 v4.0.0 L2 DC | Windows | CONFIGURATION MANAGEMENT |
| 18.10.43.5.2 (L2) Ensure 'Join Microsoft MAPS' is set to 'Disabled' | CIS Microsoft Windows Server 2016 v4.0.0 L2 MS | Windows | CONFIGURATION MANAGEMENT |
| AIOS-15-011100 - Apple iOS/iPadOS 15 must implement the management setting: Disable Allow Shared Albums. | AirWatch - DISA Apple iOS/iPadOS 15 STIG v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-16-011100 - Apple iOS/iPadOS 16 must implement the management setting: Disable Allow Shared Albums. | AirWatch - DISA Apple iOS-iPadOS 16 STIG v2r2 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-17-003450 - Apple iOS/iPadOS 17 must not allow backup to remote systems (Cloud Photo Library). | AirWatch - DISA Apple iOS/iPadOS 17 v2r2 | MDM | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Android Device Configuration - Removable storage | Tenable Best Practices for Microsoft Intune Android v1.0 | microsoft_azure | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| AOSX-14-002049 - The macOS system must disable Cloud Document Sync. | DISA STIG Apple Mac OSX 10.14 v2r6 | Unix | CONFIGURATION MANAGEMENT |
| GOOG-09-003900 - The Google Android Pie must be configured to not allow backup of all applications and configuration data to remote systems. | AirWatch - DISA Google Android 9.x v2r1 | MDM | ACCESS CONTROL |
| GOOG-09-003900 - The Google Android Pie must be configured to not allow backup of all applications and configuration data to remote systems. | MobileIron - DISA Google Android 9.x v2r1 | MDM | ACCESS CONTROL |
| GOOG-11-003900 - Google Android 11 must be configured to not allow backup of all applications and configuration data to remote systems. | MobileIron - DISA Google Android 11 COBO v2r1 | MDM | ACCESS CONTROL |
| GOOG-12-008600 - Google Android 12 must be configured to not allow backup of [all applications, configuration data] to remote systems. | MobileIron - DISA Google Android 12 COBO v1r2 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| GOOG-13-008600 - Google Android 13 must be configured to not allow backup of [all applications, configuration data] to remote systems. | AirWatch - DISA Google Android 13 COBO STIG v2r3 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| GOOG-13-008600 - Google Android 13 must be configured to not allow backup of [all applications, configuration data] to remote systems. | MobileIron - DISA Google Android 13 COBO STIG v2r3 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| GOOG-13-008600 - Google Android 13 must be configured to not allow backup of [all applications, configuration data] to remote systems. | MobileIron - DISA Google Android 13 COPE STIG v2r3 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| GOOG-13-708600 - Google Android 13 must be configured to not allow backup of all work profile applications to remote systems. | MobileIron - DISA Google Android 13 BYOAD v1r3 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| GOOG-14-008600 - Google Android 14 must be configured to not allow backup of [all applications, configuration data] to remote systems. | AirWatch - DISA Google Android 14 COBO STIG v2r3 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| GOOG-14-008600 - Google Android 14 must be configured to not allow backup of [all applications, configuration data] to remote systems. | AirWatch - DISA Google Android 14 COPE STIG v2r3 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| GOOG-14-708600 - Google Android 14 must be configured to not allow backup of all work profile applications to remote systems. | MobileIron - DISA Google Android 14 BYOAD v1r2 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| GOOG-14-708600 - Google Android 14 must be configured to not allow backup of all work profile applications to remote systems. | AirWatch - DISA Google Android 14 BYOAD v1r2 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| GOOG-15-008600 - Google Android 15 must be configured to not allow backup of [all applications, configuration data] to remote systems. | AirWatch - DISA Google Android 15 COBO STIG v1r3 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| GOOG-15-008600 - Google Android 15 must be configured to not allow backup of [all applications, configuration data] to remote systems. | MobileIron - DISA Google Android 15 COPE STIG v1r3 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| GOOG-16-008600 - Google Android 16 must be configured to not allow backup of [all applications, configuration data] to remote systems. | AirWatch - DISA Google Android 16 COBO STIG v1r1 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| GOOG-16-008600 - Google Android 16 must be configured to not allow backup of [all applications, configuration data] to remote systems. | MobileIron - DISA Google Android 16 COBO STIG v1r1 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| HONW-09-003900 - The Honeywell Mobility Edge Android Pie device must be configured to not allow backup of all applications and configuration data to remote systems. | MobileIron - DISA Honeywell Android 9.x COBO v1r2 | MDM | ACCESS CONTROL |
| HONW-13-008600 - Honeywell Android 13 must be configured to not allow backup of [all applications, configuration data] to remote systems. | AirWatch - DISA Honeywell Android 13 COPE STIG v1r1 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| iOS Device Management - Encrypted backup | Tenable Best Practices for Microsoft Intune iOS v1.0 | microsoft_azure | ACCESS CONTROL |
| iOS Device Management - Handoff | Tenable Best Practices for Microsoft Intune iOS v1.0 | microsoft_azure | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| iOS Device Management - Shared photo stream | Tenable Best Practices for Microsoft Intune iOS v1.0 | microsoft_azure | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| OpenStack Identity - Disable admin token in /etc/keystone/keystone-paste.ini | TNS OpenStack Keystone/Identity Security Guide | Unix | ACCESS CONTROL |
| WN11-CC-000197 - Microsoft consumer experiences must be turned off. | DISA Microsoft Windows 11 STIG v2r6 | Windows | CONFIGURATION MANAGEMENT |
| WNDF-AV-000046 - Microsoft Defender AV must use advanced protection against ransomware. | DISA Microsoft Defender Antivirus STIG v2r7 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| ZEBR-10-003900 - Zebra Android 10 must be configured to not allow backup of all applications and configuration data to remote systems. | AirWatch - DISA Zebra Android 10 COBO v1r2 | MDM | ACCESS CONTROL |
| ZEBR-10-003900 - Zebra Android 10 must be configured to not allow backup of all applications and configuration data to remote systems. | AirWatch - DISA Zebra Android 10 COPE v1r2 | MDM | ACCESS CONTROL |
