| 1.2.14 Ensure that the admission control plugin NodeRestriction is set | CIS Kubernetes Benchmark v1.9.0 L2 Master | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.2.15 Ensure that the admission control plugin NodeRestriction is set | CIS Kubernetes Benchmark v1.7.1 L1 Master | Unix | |
| 1.2.15 Ensure that the admission control plugin NodeRestriction is set | CIS Kubernetes Benchmark v1.8.0 L2 Master | Unix | |
| 1.2.15 Ensure that the admission control plugin NodeRestriction is set | CIS Kubernetes v1.23 Benchmark v1.0.1 L1 Master | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.2.15 Ensure that the admission control plugin NodeRestriction is set | CIS Kubernetes v1.24 Benchmark v1.0.0 L1 Master | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.2.16 Ensure that the admission control plugin NodeRestriction is set | CIS Kubernetes v1.20 Benchmark v1.0.1 L1 Master | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.10 Ensure 'Choose how to specify proxy server settings' is not set to 'Enabled' with 'Auto detect proxy settings' | CIS Google Chrome L1 v2.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 2.16 Ensure 'Proxy settings' is set to 'Enabled' and does not contain 'ProxyMode': 'auto_detect' | CIS Google Chrome L1 v2.1.0 | Windows | |
| 2.17 Ensure 'Proxy settings' is set to 'Enabled' and does not contain 'ProxyMode': 'auto_detect' | CIS Google Chrome L1 v3.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.2 Ensure 'Applications and Threats Update Schedule' is set to download and install updates at daily or shorter intervals | CIS Palo Alto Firewall 9 Benchmark v1.0.0 L1 | Palo_Alto | |
| 4.2 Ensure 'Applications and Threats Update Schedule' is set to download and install updates at daily or shorter intervals | CIS Palo Alto Firewall 9 Benchmark L2 v1.0.0 | Palo_Alto | |
| 5.2.2 Minimize the admission of containers wishing to share the host process ID namespace | CIS Kubernetes v1.20 Benchmark v1.0.1 L1 Master | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.2.2 Minimize the admission of containers wishing to share the host process ID namespace | CIS Kubernetes v1.20 Benchmark v1.0.0 L1 Master | Unix | CONFIGURATION MANAGEMENT |
| 5.2.3 Minimize the admission of containers wishing to share the host IPC namespace | CIS RedHat OpenShift Container Platform 4 v1.5.0 L1 | OpenShift | |
| 5.2.3 Minimize the admission of containers wishing to share the host IPC namespace | CIS RedHat OpenShift Container Platform 4 v1.2.0 L1 | OpenShift | |
| 5.2.3 Minimize the admission of containers wishing to share the host IPC namespace | CIS RedHat OpenShift Container Platform 4 v1.3.0 L1 | OpenShift | |
| 5.2.3 Minimize the admission of containers wishing to share the host IPC namespace | CIS RedHat OpenShift Container Platform 4 v1.4.0 L1 | OpenShift | |
| 5.2.3 Minimize the admission of containers wishing to share the host IPC namespace | CIS RedHat OpenShift Container Platform v1.6.0 L1 | OpenShift | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.2.3 Minimize the admission of containers wishing to share the host process ID namespace | CIS Kubernetes Benchmark v1.7.1 L1 Master | Unix | |
| 5.2.3 Minimize the admission of containers wishing to share the host process ID namespace | CIS Kubernetes Benchmark v1.8.0 L1 Master | Unix | |
| 5.2.3 Minimize the admission of containers wishing to share the host process ID namespace | CIS Kubernetes v1.24 Benchmark v1.0.0 L1 Master | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.2.3 Minimize the admission of containers wishing to share the host process ID namespace | CIS Kubernetes v1.23 Benchmark v1.0.1 L1 Master | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.2.3 Minimize the admission of containers wishing to share the host process ID namespace | CIS Kubernetes Benchmark v1.9.0 L1 Master | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.3 Ensure forwarding of decrypted content to WildFire is enabled | CIS Palo Alto Firewall 11 v1.0.0 L1 | Palo_Alto | |
| 5.3 Ensure forwarding of decrypted content to WildFire is enabled | CIS Palo Alto Firewall 11 v1.1.0 L1 | Palo_Alto | SYSTEM AND INFORMATION INTEGRITY |
| 5.4 Ensure forwarding of decrypted content to WildFire is enabled | CIS Palo Alto Firewall 10 v1.0.0 L1 | Palo_Alto | |
| 5.4 Ensure forwarding of decrypted content to WildFire is enabled | CIS Palo Alto Firewall 9 v1.0.1 L1 | Palo_Alto | |
| 5.4 Ensure forwarding of decrypted content to WildFire is enabled | CIS Palo Alto Firewall 9 Benchmark v1.0.0 L1 | Palo_Alto | |
| 5.4 Ensure forwarding of decrypted content to WildFire is enabled | CIS Palo Alto Firewall 9 v1.1.0 L1 | Palo_Alto | SYSTEM AND INFORMATION INTEGRITY |
| 8.1 Ensure 'SSL Forward Proxy Policy' for traffic destined to the Internet is configured | CIS Palo Alto Firewall 11 v1.0.0 L1 | Palo_Alto | |
| 8.1 Ensure 'SSL Forward Proxy Policy' for traffic destined to the Internet is configured - Invalid Categories | CIS Palo Alto Firewall 9 v1.0.1 L1 | Palo_Alto | |
| 8.1 Ensure 'SSL Forward Proxy Policy' for traffic destined to the Internet is configured - Invalid Categories | CIS Palo Alto Firewall 10 v1.0.0 L1 | Palo_Alto | |
| 8.1 Ensure 'SSL Forward Proxy Policy' for traffic destined to the Internet is configured - Invalid Categories | CIS Palo Alto Firewall 9 Benchmark v1.0.0 L1 | Palo_Alto | |
| 8.1 Ensure 'SSL Forward Proxy Policy' for traffic destined to the Internet is configured - Policies | CIS Palo Alto Firewall 10 v1.0.0 L1 | Palo_Alto | |
| 8.1 Ensure 'SSL Forward Proxy Policy' for traffic destined to the Internet is configured - Policies | CIS Palo Alto Firewall 9 v1.0.1 L1 | Palo_Alto | |
| 8.1 Ensure 'SSL Forward Proxy Policy' for traffic destined to the Internet is configured - Policies | CIS Palo Alto Firewall 9 Benchmark v1.0.0 L1 | Palo_Alto | |
| 8.2 Ensure 'SSL Inbound Inspection' is required for all untrusted traffic destined for servers using SSL or TLS | CIS Palo Alto Firewall 9 v1.0.1 L1 | Palo_Alto | |
| 8.2 Ensure 'SSL Inbound Inspection' is required for all untrusted traffic destined for servers using SSL or TLS | CIS Palo Alto Firewall 10 v1.0.0 L1 | Palo_Alto | |
| 8.2 Ensure 'SSL Inbound Inspection' is required for all untrusted traffic destined for servers using SSL or TLS | CIS Palo Alto Firewall 11 v1.0.0 L1 | Palo_Alto | |
| 8.2 Ensure 'SSL Inbound Inspection' is required for all untrusted traffic destined for servers using SSL or TLS | CIS Palo Alto Firewall 9 Benchmark v1.0.0 L1 | Palo_Alto | |
| 8.3 Ensure that the Certificate used for Decryption is Trusted | CIS Palo Alto Firewall 10 v1.0.0 L1 | Palo_Alto | |
| 8.3 Ensure that the Certificate used for Decryption is Trusted | CIS Palo Alto Firewall 11 v1.0.0 L2 | Palo_Alto | |
| 8.3 Ensure that the Certificate used for Decryption is Trusted | CIS Palo Alto Firewall 11 v1.0.0 L1 | Palo_Alto | |
| 8.3 Ensure that the Certificate used for Decryption is Trusted | CIS Palo Alto Firewall 9 v1.0.1 L1 | Palo_Alto | |
| 8.3 Ensure that the Certificate used for Decryption is Trusted | CIS Palo Alto Firewall 9 v1.0.1 L2 | Palo_Alto | |
| 8.3 Ensure that the Certificate used for Decryption is Trusted | CIS Palo Alto Firewall 10 v1.0.0 L2 | Palo_Alto | |
| 8.3 Ensure that the Certificate used for Decryption is Trusted | CIS Palo Alto Firewall 9 Benchmark L2 v1.0.0 | Palo_Alto | |
| 8.3 Ensure that the Certificate used for Decryption is Trusted | CIS Palo Alto Firewall 9 Benchmark v1.0.0 L1 | Palo_Alto | |
| 8.3 Ensure that the Certificate used for Decryption is Trusted | CIS Palo Alto Firewall 11 v1.1.0 L1 | Palo_Alto | CONFIGURATION MANAGEMENT |
| 8.3 Ensure that the Certificate used for Decryption is Trusted | CIS Palo Alto Firewall 11 v1.1.0 L2 | Palo_Alto | CONFIGURATION MANAGEMENT |
