| 1.1.1 (L1) Ensure 'Enforce password history' is set to '24 or more password(s)' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | IDENTIFICATION AND AUTHENTICATION |
| 1.1.1 Ensure 'Enforce password history' is set to '24 or more password(s)' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 1.1.2 (L1) Ensure 'Maximum password age' is set to '60 or fewer days, but not 0' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 1.1.2 Ensure 'Maximum password age' is set to '60 or fewer days, but not 0' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 1.1.3 (L1) Ensure 'Minimum password age' is set to '1 or more day(s)' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 1.1.3 Ensure 'Minimum password age' is set to '1 or more day(s)' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 1.1.4 (L1) Ensure 'Minimum password length' is set to '14 or more character(s)' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | IDENTIFICATION AND AUTHENTICATION |
| 1.1.4 Ensure 'Minimum password length' is set to '14 or more character(s)' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 1.1.5 (L1) Ensure 'Password must meet complexity requirements' is set to 'Enabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | IDENTIFICATION AND AUTHENTICATION |
| 1.1.5 Ensure 'Password must meet complexity requirements' is set to 'Enabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 1.1.6 (L1) Ensure 'Store passwords using reversible encryption' is set to 'Disabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | IDENTIFICATION AND AUTHENTICATION |
| 1.1.6 Ensure 'Store passwords using reversible encryption' is set to 'Disabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 1.2 Ensure Snowflake SCIM integration is configured to automatically provision and deprovision users and groups (i.e. roles) | CIS Snowflake Foundations v1.0.0 L2 | Snowflake | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 1.2.1 (L1) Ensure 'Account lockout duration' is set to '15 or more minute(s)' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 1.2.1 Ensure 'Account lockout duration' is set to '15 or more minute(s)' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 1.5.1.3 RadSec Server Configuration | CIS HPE Aruba Networking CX Switch v1.0.1 Optional Security Recommendations | ArubaOS | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.3.7.1 Ensure 'Interactive logon: Do not display last user name' is set to 'Enabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| 2.3.7.2 Ensure 'Interactive logon: Do not require CTRL+ALT+DEL' is set to 'Disabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| 2.3.7.3 (BL) Ensure 'Interactive logon: Machine account lockout threshold' is set to '10 or fewer invalid logon attempts, but not 0' | CIS Microsoft Windows 8.1 v2.4.1 L2 Bitlocker | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 2.3.7.3 (BL) Ensure 'Interactive logon: Machine account lockout threshold' is set to '10 or fewer invalid logon attempts, but not 0' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 2.3.7.5 Configure 'Interactive logon: Message text for users attempting to log on' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| 2.3.7.6 Configure 'Interactive logon: Message title for users attempting to log on' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| 2.3.7.8 (L1) Ensure 'Interactive logon: Prompt user to change password before expiration' is set to 'between 5 and 14 days' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| 2.3.7.8 Ensure 'Interactive logon: Prompt user to change password before expiration' is set to 'between 5 and 14 days' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| 2.3.10.11 (L1) Ensure 'Network access: Sharing and security model for local accounts' is set to 'Classic - local users authenticate as themselves' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| 2.3.10.11 Ensure 'Network access: Sharing and security model for local accounts' is set to 'Classic - local users authenticate as themselves' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| 2.3.11.1 (L1) Ensure 'Network security: Allow Local System to use computer identity for NTLM' is set to 'Enabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| 2.3.11.1 Ensure 'Network security: Allow Local System to use computer identity for NTLM' is set to 'Enabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| 3.1.1 Client certificate authentication should not be used for users | CIS Red Hat OpenShift Container Platform v1.9.0 L2 OpenShift | OpenShift | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 5.5.1 Manage Kubernetes RBAC users with Google Groups for GKE | CIS Google Kubernetes Engine GKE Autopilot v1.3.0 L2 | GCP | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 5.8.2 Manage Kubernetes RBAC users for GKE with groups in Google Workspace | CIS Google Kubernetes Engine GKE v1.9.0 L2 GCP | GCP | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 6.2.2 Ensure no legacy '+' entries exist in /etc/passwd | CIS Debian 8 Server L1 v2.0.2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 6.2.2 Ensure no legacy '+' entries exist in /etc/passwd | CIS Debian 8 Workstation L1 v2.0.2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 6.2.3 Ensure no legacy '+' entries exist in /etc/shadow | CIS Debian 8 Server L1 v2.0.2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 6.2.4 Ensure no legacy '+' entries exist in /etc/group | CIS Debian 8 Workstation L1 v2.0.2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 6.8.4 Ensure MS-CHAPv2 RADIUS Authentication | CIS Juniper OS Benchmark v2.1.0 L1 | Juniper | IDENTIFICATION AND AUTHENTICATION |
| 6.9.3 Ensure SSH Key Authentication is not set for Root Login | CIS Juniper OS Benchmark v2.1.0 L1 | Juniper | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 6.10.1.13 Ensure SSH Key Authentication is Disabled | CIS Juniper OS Benchmark v2.1.0 L2 | Juniper | IDENTIFICATION AND AUTHENTICATION |
| 18.2.1 (L1) Ensure LAPS AdmPwd GPO Extension / CSE is installed | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.2.1 (L1) Ensure LAPS AdmPwd GPO Extension / CSE is installed (MS only) | CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 18.2.1 (L1) Ensure LAPS AdmPwd GPO Extension / CSE is installed (MS only) | CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 18.2.3 (L1) Ensure 'Enable Local Admin Password Management' is set to 'Enabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.2.3 (L1) Ensure 'Enable Local Admin Password Management' is set to 'Enabled' (MS only) | CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 18.2.3 (L1) Ensure 'Enable Local Admin Password Management' is set to 'Enabled' (MS only) | CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 18.3.1 (L1) Ensure LAPS AdmPwd GPO Extension / CSE is installed (MS only) | CIS Windows Server 2012 MS L1 v3.0.0 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 18.3.1 (L1) Ensure LAPS AdmPwd GPO Extension / CSE is installed (MS only) | CIS Microsoft Windows Server 2016 v4.0.0 L1 MS | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 18.3.1 (L1) Ensure LAPS AdmPwd GPO Extension / CSE is installed (MS only) | CIS Windows Server 2012 R2 MS L1 v3.0.0 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 18.3.3 (L1) Ensure 'Enable Local Admin Password Management' is set to 'Enabled' (MS only) | CIS Windows Server 2012 MS L1 v3.0.0 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 18.3.3 (L1) Ensure 'Enable Local Admin Password Management' is set to 'Enabled' (MS only) | CIS Windows Server 2012 R2 MS L1 v3.0.0 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 18.3.3 (L1) Ensure 'Enable Local Admin Password Management' is set to 'Enabled' (MS only) | CIS Microsoft Windows Server 2016 v4.0.0 L1 MS | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
