| RHEL-08-010370 | V1R6 | RHEL 8 must prevent the installation of software, patches, service packs, device drivers, or operating system components from a repository without verification they have been digitally signed using a certificate that is issued by a Certificate Authority (CA) that is recognized and approved by the organization. | |
| RHEL-08-010371 | V1R6 | RHEL 8 must prevent the installation of software, patches, service packs, device drivers, or operating system components of local packages without verification they have been digitally signed using a certificate that is issued by a Certificate Authority (CA) that is recognized and approved by the organization. | |
| RHEL-08-010372 | V1R6 | RHEL 8 must prevent the loading of a new kernel for later execution. | |
| SLES-15-010430 | V1R4 | The SUSE operating system tool zypper must have gpgcheck enabled. | |
| UBTU-18-010016 | V2R12 | Advance package Tool (APT) must be configured to prevent the installation of patches, service packs, device drivers, or Ubuntu operating system components without verification they have been digitally signed using a certificate that is recognized and approved by the organization. | |
| UBTU-20-010438 | V1R6 | The Ubuntu operating system's Advance Package Tool (APT) must be configured to prevent the installation of patches, service packs, device drivers, or Ubuntu operating system components without verification they have been digitally signed using a certificate that is recognized and approved by the organization. | |
| APPL-14-002060 | V1R1 | The macOS system must apply gatekeeper settings to block applications from unidentified developers. | |
| APPL-14-002064 | V1R1 | The macOS system must enable Gatekeeper. | |
| APPL-13-002064 | V1R5 | The macOS system must have the security assessment policy subsystem enabled. | |
| OL07-00-020050 | V3R1 | The Oracle Linux operating system must prevent the installation of software, patches, service packs, device drivers, or operating system components from a repository without verification they have been digitally signed using a certificate that is issued by a Certificate Authority (CA) that is recognized and approved by the organization. | |
| OL07-00-020060 | V3R1 | The Oracle Linux operating system must prevent the installation of software, patches, service packs, device drivers, or operating system components of local packages without verification they have been digitally signed using a certificate that is issued by a Certificate Authority (CA) that is recognized and approved by the organization. | |
| OL07-00-010019 | V3R1 | The Oracle Linux operating system must ensure cryptographic verification of vendor software packages. | |
| RHEL-07-020050 | V3R6 | The Red Hat Enterprise Linux operating system must prevent the installation of software, patches, service packs, device drivers, or operating system components from a repository without verification they have been digitally signed using a certificate that is issued by a Certificate Authority (CA) that is recognized and approved by the organization. | |
| RHEL-07-020060 | V3R6 | The Red Hat Enterprise Linux operating system must prevent the installation of software, patches, service packs, device drivers, or operating system components of local packages without verification they have been digitally signed using a certificate that is issued by a Certificate Authority (CA) that is recognized and approved by the organization. | |
| SLES-12-010550 | V3R1 | The SUSE operating system tool zypper must have gpgcheck enabled. | |
| APPL-15-002060 | V1R1 | The macOS system must apply gatekeeper settings to block applications from unidentified developers. | |
| APPL-15-002064 | V1R1 | The macOS system must enable gatekeeper. | |
| ALMA-09-009590 | V1R1 | AlmaLinux OS 9 must check the GPG signature of software packages originating from external software repositories before installation. | |
| ALMA-09-009700 | V1R1 | AlmaLinux OS 9 must ensure cryptographic verification of vendor software packages. | |
| ALMA-09-009810 | V1R1 | AlmaLinux OS 9 must check the GPG signature of locally installed software packages before installation. | |
| ALMA-09-009920 | V1R1 | AlmaLinux OS 9 must check the GPG signature of repository metadata before package installation. | |
| ALMA-09-010030 | V1R1 | AlmaLinux OS 9 must have GPG signature verification enabled for all software repositories. | |
| ALMA-09-010140 | V1R1 | AlmaLinux OS 9 must prevent the loading of a new kernel for later execution. | |
| OL08-00-010370 | V1R6 | YUM must be configured to prevent the installation of patches, service packs, device drivers, or OL 8 system components that have not been digitally signed using a certificate that is recognized and approved by the organization. | |
| OL08-00-010371 | V1R6 | OL 8 must prevent the installation of software, patches, service packs, device drivers, or operating system components of local packages without verification they have been digitally signed using a certificate that is issued by a Certificate Authority (CA) that is recognized and approved by the organization. | |
| OL08-00-010372 | V1R6 | OL 8 must prevent the loading of a new kernel for later execution. | |
| OL08-00-010019 | V1R6 | OL 8 must ensure cryptographic verification of vendor software packages. | |
| OL09-00-000330 | V1R1 | OL 9 must have the subscription-manager package installed. | |
| OL09-00-000496 | V1R1 | OL 9 must check the GPG signature of locally installed software packages before installation. | |
| OL09-00-000497 | V1R1 | OL 9 must check the GPG signature of software packages originating from external software repositories before installation. | |
| OL09-00-000498 | V1R1 | OL 9 must have GPG signature verification enabled for all software repositories. | |
| OL09-00-000499 | V1R1 | OL 9 must ensure cryptographic verification of vendor software packages. | |
| OL09-00-002428 | V1R1 | OL 9 must prevent the loading of a new kernel for later execution. | |
| UBTU-24-300001 | V1R1 | Ubuntu 24.04 LTS Advance Package Tool (APT) must be configured to prevent the installation of patches, service packs, device drivers, or Ubuntu 24.04 LTS components without verification they have been digitally signed using a certificate that is recognized and approved by the organization. | |
| UBTU-22-214010 | V1R1 | Ubuntu 22.04 LTS must be configured so that the Advance Package Tool (APT) prevents the installation of patches, service packs, device drivers, or operating system components without verification they have been digitally signed using a certificate that is recognized and approved by the organization. | |
| RHEL-09-214010 | V2R5 | RHEL 9 must ensure cryptographic verification of vendor software packages. | |
| RHEL-09-214015 | V2R5 | RHEL 9 must check the GPG signature of software packages originating from external software repositories before installation. | |
| RHEL-09-214020 | V2R5 | RHEL 9 must check the GPG signature of locally installed software packages before installation. | |
| RHEL-09-214025 | V2R5 | RHEL 9 must have GPG signature verification enabled for all software repositories. | |
| RHEL-09-215010 | V2R5 | RHEL 9 subscription-manager package must be installed. | |