| APPL-11-002063 - The macOS system must enforce access restrictions. | DISA STIG Apple macOS 11 v1r5 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-002064 - The macOS system must have the security assessment policy subsystem enabled. | DISA STIG Apple macOS 11 v1r5 | Unix | CONFIGURATION MANAGEMENT |
| APPL-12-002063 - The macOS system must enforce access restrictions. | DISA STIG Apple macOS 12 v1r9 | Unix | CONFIGURATION MANAGEMENT |
| APPL-15-002064 - The macOS system must enable gatekeeper. | DISA Apple macOS 15 (Sequoia) STIG v1r1 | Unix | CONFIGURATION MANAGEMENT |
| CD12-00-001300 - The role(s)/group(s) used to modify database structure (including but not necessarily limited to tables, indexes, storage, etc.) and logic modules (functions, trigger procedures, links to software external to PostgreSQL, etc.) must be restricted to authorized users. | DISA STIG Crunchy Data PostgreSQL OS v3r1 | Unix | CONFIGURATION MANAGEMENT |
| CNTR-K8-000880 - The Kubernetes KubeletConfiguration file must be owned by root. | DISA STIG Kubernetes v2r2 | Unix | CONFIGURATION MANAGEMENT |
| EPAS-00-003200 - Software, applications, and configuration files that are part of, or related to, the EDB Postgres Advanced Server installation must be monitored to discover unauthorized changes. | EnterpriseDB PostgreSQL Advanced Server OS Linux v2r1 | Unix | CONFIGURATION MANAGEMENT |
| EPAS-00-003500 - Database objects must be owned by database/EDB Postgres Advanced Server principals authorized for ownership. | EnterpriseDB PostgreSQL Advanced Server DB v2r1 | PostgreSQLDB | CONFIGURATION MANAGEMENT |
| EPAS-00-008500 - The EDB Postgres Advanced Server must enforce access restrictions associated with changes to the configuration of the EDB Postgres Advanced Server or database(s). | EnterpriseDB PostgreSQL Advanced Server DB v2r1 | PostgreSQLDB | CONFIGURATION MANAGEMENT |
| EPAS-00-008600 - The EDB Postgres Advanced Server must produce audit records of its enforcement of access restrictions associated with changes to the configuration of the EDB Postgres Advanced Server or database(s). | EnterpriseDB PostgreSQL Advanced Server DB v2r1 | PostgreSQLDB | CONFIGURATION MANAGEMENT |
| EX19-MB-000196 An Exchange software baseline copy must exist. | DISA Microsoft Exchange 2019 Mailbox Server STIG v2r1 | Windows | CONFIGURATION MANAGEMENT |
| FGFW-ND-000150 - The FortiGate device must enforce access restrictions associated with changes to device configuration. | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | CONFIGURATION MANAGEMENT |
| JUEX-NM-000460 - The Juniper EX switch must be configured to enforce access restrictions associated with changes to device configuration. | DISA Juniper EX Series Network Device Management v2r1 | Juniper | CONFIGURATION MANAGEMENT |
| MADB-10-002800 - Database software, including MariaDB configuration files, must be stored in dedicated directories, separate from the host OS and other applications. | DISA MariaDB Enterprise 10.x v2r1 DB | MySQLDB | CONFIGURATION MANAGEMENT |
| MADB-10-003000 - The role(s)/group(s) used to modify database structure (including but not necessarily limited to tables, indexes, storage, etc.) and logic modules (stored procedures, functions, triggers, links to software external to the MariaDB, etc.) must be restricted to authorized users. | DISA MariaDB Enterprise 10.x v2r1 DB | MySQLDB | CONFIGURATION MANAGEMENT |
| MADB-10-008000 - MariaDB must produce audit records of its enforcement of access restrictions associated with changes to the configuration of the DBMS or database(s). | DISA MariaDB Enterprise 10.x v2r1 DB | MySQLDB | CONFIGURATION MANAGEMENT |
| MD4X-00-002300 - Database objects (including but not limited to tables, indexes, storage, stored procedures, functions, triggers, links to software external to MongoDB, etc.) must be owned by database/DBMS principals authorized for ownership. | DISA STIG MongoDB Enterprise Advanced 4.x v1r4 DB | MongoDB | CONFIGURATION MANAGEMENT |
| MD4X-00-002400 - The role(s)/group(s) used to modify database structure (including but not necessarily limited to tables, indexes, storage, etc.) and logic modules (stored procedures, functions, triggers, links to software external to MongoDB, etc.) must be restricted to authorized users. | DISA STIG MongoDB Enterprise Advanced 4.x v1r4 DB | MongoDB | CONFIGURATION MANAGEMENT |
| MD4X-00-005400 - MongoDB must enforce access restrictions associated with changes to the configuration of MongoDB or database(s). | DISA STIG MongoDB Enterprise Advanced 4.x v1r4 DB | MongoDB | CONFIGURATION MANAGEMENT |
| OL08-00-010310 - OL 8 system commands must be owned by root. | DISA Oracle Linux 8 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| Overview of port lockdown behavior | Tenable F5 BIG-IP Best Practice Audit | F5 | CONFIGURATION MANAGEMENT |
| PHTN-40-000130 The Photon operating system TDNF package management tool must cryptographically verify the authenticity of all software packages during installation. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-67-000062 - The Photon operating system RPM package management tool must cryptographically verify the authenticity of all software packages during installation. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-010330 - RHEL 8 library files must have mode 755 or less permissive. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-010341 - RHEL 8 library directories must be owned by root. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-232010 - RHEL 9 system commands must have mode 755 or less permissive. | DISA Red Hat Enterprise Linux 9 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| SLES-12-010874 - The SUSE operating system library directories must be owned by root. | DISA SLES 12 STIG v2r13 | Unix | CONFIGURATION MANAGEMENT |
| SLES-12-010879 - The SUSE operating system must have system commands owned by root. | DISA SLES 12 STIG v2r13 | Unix | CONFIGURATION MANAGEMENT |
| SLES-12-010882 - The SUSE operating system must have system commands group-owned by root or a system account. | DISA SLES 12 STIG v2r13 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-010354 - The SUSE operating system library directories must be owned by root. | DISA SLES 15 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-010355 - The SUSE operating system library files must be group-owned by root. | DISA SLES 15 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-010357 - The SUSE operating system must have system commands set to a mode of 0755 or less permissive. | DISA SLES 15 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-010358 - The SUSE operating system must have directories that contain system commands set to a mode of 0755 or less permissive. | DISA SLES 15 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| SQL2-00-004400 - SQL Server must not grant users direct access to the View Any Database permission. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL2-00-014700 - SQL Server must support the employment of automated mechanisms supporting the auditing of the enforcement actions. | DISA STIG SQL Server 2012 Database OS Audit v1r20 | Windows | CONFIGURATION MANAGEMENT |
| SQL2-00-015200 - SQL Server must be monitored to discover unauthorized changes to stored procedures. | DISA STIG SQL Server 2012 Database Audit v1r20 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL2-00-015300 - SQL Server must monitor for security-relevant configuration settings to discover unauthorized changes. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL2-00-015600 - Database objects must be owned by accounts authorized for ownership. | DISA STIG SQL Server 2012 Database Audit v1r20 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL2-00-015700 - Vendor-supported software and patches must be evaluated and patched against newly found vulnerabilities. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL2-00-025100 - The OS must limit privileges to the SQL Server Data Root directory and its subordinate directories and files. | DISA STIG SQL Server 2012 Database OS Audit v1r20 | Windows | CONFIGURATION MANAGEMENT |
| SQL2-00-025300 - The OS must limit privileges to the SQL Server backup directories and files. | DISA STIG SQL Server 2012 Database OS Audit v1r20 | Windows | CONFIGURATION MANAGEMENT |
| UBTU-20-010429 - The Ubuntu operating system library directories must be owned by root. | DISA STIG Ubuntu 20.04 LTS v2r1 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-20-010457 - The Ubuntu operating system must have system commands owned by root or a system account. | DISA STIG Ubuntu 20.04 LTS v2r1 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-22-232060 - Ubuntu 22.04 LTS library directories must be owned by 'root'. | DISA STIG Canonical Ubuntu 22.04 LTS v2r2 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-22-232075 - Ubuntu 22.04 LTS library files must be group-owned by 'root'. | DISA STIG Canonical Ubuntu 22.04 LTS v2r2 | Unix | CONFIGURATION MANAGEMENT |
| VCEM-67-000028 - ESX Agent Manager must set the secure flag for cookies. | DISA STIG VMware vSphere 6.7 EAM Tomcat v1r4 | Unix | CONFIGURATION MANAGEMENT |
| VCPF-80-000034 The vCenter Perfcharts service must limit privileges for creating or modifying hosted application shared files. | DISA VMware vSphere 8.0 vCenter Appliance Perfcharts STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| VCST-80-000034 The vCenter STS service must limit privileges for creating or modifying hosted application shared files. | DISA VMware vSphere 8.0 vCenter Appliance Secure Token Service (STS) STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| VCST-80-000144 The vCenter STS service files must have permissions in an out-of-the-box state. | DISA VMware vSphere 8.0 vCenter Appliance Secure Token Service (STS) STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| VCUI-70-000008 - vSphere UI application files must be verified for their integrity. | DISA STIG VMware vSphere 7.0 vCA UI v1r2 | Unix | CONFIGURATION MANAGEMENT |
