| 1.12 OL08-00-010100 | CIS Oracle Linux 8 STIG v1.0.0 CAT II | Unix | IDENTIFICATION AND AUTHENTICATION |
| 1.242 WN22-SO-000350 | CIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT II | Windows | IDENTIFICATION AND AUTHENTICATION |
| 1.242 WN22-SO-000350 | CIS Microsoft Windows Server 2022 STIG v3.0.0 MS CAT II | Windows | IDENTIFICATION AND AUTHENTICATION |
| 1.345 RHEL-09-611190 | CIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II | Unix | IDENTIFICATION AND AUTHENTICATION |
| AIX7-00-003004 - AIX SSH private host key files must have mode 0600 or less permissive. | DISA STIG AIX 7.x v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| ALMA-09-038850 - For PKI-based authentication, AlmaLinux OS 9 must enforce authorized access to the corresponding private key. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | IDENTIFICATION AND AUTHENTICATION |
| APPNET0052 - Encryption keys used for the .NET Strong Name Membership Condition must be protected. | DISA Microsoft DotNet Framework 4.0 STIG v2r7 | Windows | IDENTIFICATION AND AUTHENTICATION |
| AZLX-23-001315 - Amazon Linux 2023, for PKI-based authentication, must enforce authorized access to the corresponding private key. | DISA Amazon Linux 2023 STIG v1r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| BIND-9X-001140 - The BIND 9.x server private key corresponding to the zone-signing key (ZSK) pair must be the only DNSSEC key kept on a name server that supports dynamic updates. | DISA BIND 9.x STIG v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| BIND-9X-001150 - The BIND 9.x server signature generation using the key signing key (KSK) must be done offline, using the KSK-private key stored offline. | DISA BIND 9.x STIG v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| BIND-9X-001180 - The read and write access to a TSIG key file used by a BIND 9.x server must be restricted to only the account that runs the name server software. | DISA BIND 9.x STIG v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| BIND-9X-001190 - A unique TSIG key used by a BIND 9.x server must be generated for each pair of communicating hosts. | DISA BIND 9.x STIG v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| BIND-9X-001200 - The TSIG keys used with the BIND 9.x implementation must be owned by a privileged account. | DISA BIND 9.x STIG v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| BIND-9X-001210 - The TSIG keys used with the BIND 9.x implementation must be group owned by a privileged account. | DISA BIND 9.x STIG v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| CD12-00-010200 - PostgreSQL must enforce authorized access to all PKI private keys stored/utilized by PostgreSQL. | DISA STIG Crunchy Data PostgreSQL OS v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| EP11-00-004600 - The EDB Postgres Advanced Server must enforce authorized access to all PKI private keys stored/utilized by the EDB Postgres Advanced Server. | EDB PostgreSQL Advanced Server v11 Windows OS Audit v2r4 | Windows | IDENTIFICATION AND AUTHENTICATION |
| EPAS-00-004600 - The EDB Postgres Advanced Server must enforce authorized access to all PKI private keys stored/used by the EDB Postgres Advanced Server. | EnterpriseDB PostgreSQL Advanced Server OS Linux v2r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| MADB-10-004100 - MariaDB must enforce authorized access to all PKI private keys stored/used by the DBMS. | DISA MariaDB Enterprise 10.x v2r4 DB | MySQLDB | IDENTIFICATION AND AUTHENTICATION |
| MD4X-00-003100 - MongoDB must enforce authorized access to all PKI private keys stored/utilized by MongoDB. | DISA STIG MongoDB Enterprise Advanced 4.x v1r4 OS | Unix | IDENTIFICATION AND AUTHENTICATION |
| MD7X-00-004100 MongoDB must enforce authorized access to all PKI private keys stored/used by MongoDB. | DISA MongoDB Enterprise Advanced 7.x STIG v1r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| Monterey - Set Smartcard Certificate Trust to High | NIST macOS Monterey v1.0.0 - All Profiles | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| Monterey - Set Smartcard Certificate Trust to High | NIST macOS Monterey v1.0.0 - 800-53r4 High | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| Monterey - Set Smartcard Certificate Trust to High | NIST macOS Monterey v1.0.0 - 800-53r5 High | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| MYS8-00-004800 - The MySQL Database Server 8.0 must enforce authorized access to all PKI private keys stored/utilized by the MySQL Database Server 8.0. | DISA Oracle MySQL 8.0 v2r2 OS Linux | Unix | IDENTIFICATION AND AUTHENTICATION |
| MYS8-00-004800 - The MySQL Database Server 8.0 must enforce authorized access to all PKI private keys stored/utilized by the MySQL Database Server 8.0. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | IDENTIFICATION AND AUTHENTICATION |
| O19C-00-015200 - Oracle Database, when using public key infrastructure (PKI)-based authentication, must enforce authorized access to the corresponding private key. | DISA Oracle Database 19c STIG v1r3 Windows | Windows | IDENTIFICATION AND AUTHENTICATION |
| O19C-00-015200 - Oracle Database, when using public key infrastructure (PKI)-based authentication, must enforce authorized access to the corresponding private key. | DISA Oracle Database 19c STIG v1r3 Unix | Unix | IDENTIFICATION AND AUTHENTICATION |
| O121-C1-015400 - The DBMS, when using PKI-based authentication, must enforce authorized access to the corresponding private key. | DISA Oracle Database 12c STIG v3r5 Windows | Windows | IDENTIFICATION AND AUTHENTICATION |
| OL08-00-010100 - OL 8, for certificate-based authentication, must enforce authorized access to the corresponding private key. | DISA Oracle Linux 8 STIG v2r7 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL09-00-000905 - OL 9, for PKI-based authentication, must enforce authorized access to the corresponding private key. | DISA Oracle Linux 9 STIG v1r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| PGS9-00-010200 - PostgreSQL must enforce authorized access to all PKI private keys stored/utilized by PostgreSQL. | DISA STIG PostgreSQL 9.x on RHEL OS v2r5 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-08-010100 - RHEL 8, for certificate-based authentication, must enforce authorized access to the corresponding private key. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-09-611190 - RHEL 9, for PKI-based authentication, must enforce authorized access to the corresponding private key. | DISA Red Hat Enterprise Linux 9 STIG v2r8 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-10-701240 - RHEL 10 must, for PKI-based authentication, enforce authorized access to the corresponding private key. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| SLEM-05-255085 - SLEM 5, for PKI-based authentication, must enforce authorized access to the corresponding private key. | DISA SUSE Linux Enterprise Micro SLEM 5 STIG v1r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| VCFL-67-000018 - vSphere Client must ensure appropriate permissions are set on the keystore. | DISA STIG VMware vSphere 6.7 Virgo Client v1r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| VCLD-67-000025 - VAMI must protect the keystore from unauthorized access. | DISA STIG VMware vSphere 6.7 VAMI-lighttpd v1r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| VCLD-70-000017 - VAMI must protect the keystore from unauthorized access - MIME that invoke OS shell programs disabled. | DISA STIG VMware vSphere 7.0 VAMI v1r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| VCLD-80-000040 The vCenter VAMI service must restrict access to the web server's private key. | DISA VMware vSphere 8.0 vCenter Appliance Management Interface (VAMI) STIG v2r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| VCPG-67-000014 - VMware Postgres must enforce authorized access to all PKI private keys. | DISA STIG VMware vSphere 6.7 PostgreSQL v1r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| VCPG-70-000012 - VMware Postgres must enforce authorized access to all public key infrastructure (PKI) private keys. | DISA STIG VMware vSphere 7.0 PostgreSQL v1r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| VCRP-67-000007 - The rhttpproxy private key file must be protected from unauthorized access. | DISA STIG VMware vSphere 6.7 RhttpProxy v1r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| VCRP-70-000005 - The Envoy private key file must be protected from unauthorized access. | DISA STIG VMware vSphere 7.0 RhttpProxy v1r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| WBSP-AS-001230 - The WebSphere Application Server default keystore passwords must be changed. | DISA IBM WebSphere Traditional 9 STIG v1r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| WBSP-AS-001230 - The WebSphere Application Server default keystore passwords must be changed. | DISA IBM WebSphere Traditional 9 Windows STIG v1r1 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WBSP-AS-001230 - The WebSphere Application Server default keystore passwords must be changed. | DISA IBM WebSphere Traditional 9 STIG v1r1 Middleware | Unix | IDENTIFICATION AND AUTHENTICATION |
| WDNS-IA-000007 - The Windows 2012 DNS Server key file must be owned by the account under which the Windows 2012 DNS Server service is run. | DISA Microsoft Windows 2012 Server Domain Name System STIG v2r7 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN12-SO-000092 - Users must be required to enter a password to access private keys stored on the computer. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN22-SO-000350 - Windows Server 2022 users must be required to enter a password to access private keys stored on the computer. | DISA Microsoft Windows Server 2022 STIG v2r8 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN25-SO-000350 - Windows Server 2025 users must be required to enter a password to access private keys stored on the computer. | DISA Microsoft Windows Server 2025 STIG v1r1 | Windows | IDENTIFICATION AND AUTHENTICATION |
