diff --git a/linux_os/guide/system/apparmor/all_apparmor_profiles_enforced/rule.yml b/linux_os/guide/system/apparmor/all_apparmor_profiles_enforced/rule.yml
index ba5e71d237a..29306db5546 100644
--- a/linux_os/guide/system/apparmor/all_apparmor_profiles_enforced/rule.yml
+++ b/linux_os/guide/system/apparmor/all_apparmor_profiles_enforced/rule.yml
@@ -33,3 +33,5 @@ references:
     cis@sle15: 1.7.1.4
     cis@ubuntu2004: 1.7.1.4
     cis@ubuntu2204: 1.6.1.4
+
+platform: package[apparmor]
diff --git a/linux_os/guide/system/apparmor/all_apparmor_profiles_in_enforce_complain_mode/oval/shared.xml b/linux_os/guide/system/apparmor/all_apparmor_profiles_in_enforce_complain_mode/oval/shared.xml
new file mode 100644
index 00000000000..9347535cf47
--- /dev/null
+++ b/linux_os/guide/system/apparmor/all_apparmor_profiles_in_enforce_complain_mode/oval/shared.xml
@@ -0,0 +1,68 @@
+<def-group>
+  <definition class="compliance" id="{{{ rule_id }}}" version="1">
+    {{{ oval_metadata("Ensure AppArmor profiles are in enforce complain mode") }}}
+    <criteria operator="AND">
+      <criterion comment="Check sum of complaining and enforced profiles equals all profiles"
+        test_ref="{{{ rule_id }}}_test_sum_complain_n_enforced_equal_all" />
+    </criteria>
+  </definition>
+  <ind:textfilecontent54_object id="{{{ rule_id }}}_obj_apparmor_profiles" version="1">
+    <ind:filepath datatype="string">/sys/kernel/security/apparmor/profiles</ind:filepath>
+    <ind:pattern operation="pattern match">^.*$</ind:pattern>
+    <ind:instance operation="greater than or equal" datatype="int">1</ind:instance>
+  </ind:textfilecontent54_object>
+  <ind:textfilecontent54_object id="{{{ rule_id }}}_obj_apparmor_enforced_profiles" version="1">
+    <ind:filepath datatype="string">/sys/kernel/security/apparmor/profiles</ind:filepath>
+    <ind:pattern operation="pattern match" datatype="string">^.*\(enforce\)$</ind:pattern>
+    <ind:instance operation="greater than or equal" datatype="int">1</ind:instance>
+  </ind:textfilecontent54_object>
+  <ind:textfilecontent54_object id="{{{ rule_id }}}_obj_apparmor_complaining_profiles" version="1">
+    <ind:filepath datatype="string">/sys/kernel/security/apparmor/profiles</ind:filepath>
+    <ind:pattern operation="pattern match" datatype="string">^.*\(complain\)$</ind:pattern>
+    <ind:instance operation="greater than or equal" datatype="int">1</ind:instance>
+  </ind:textfilecontent54_object>
+  <ind:textfilecontent54_object id="{{{ rule_id }}}_obj_apparmor_unconfined_profiles" version="1">
+    <ind:filepath datatype="string">/sys/kernel/security/apparmor/profiles</ind:filepath>
+    <ind:pattern operation="pattern match"
+      datatype="string">^\.*processes are unconfined.*$</ind:pattern>
+    <ind:instance operation="greater than or equal" datatype="int">1</ind:instance>
+  </ind:textfilecontent54_object>
+  <local_variable datatype="int" id="{{{ rule_id }}}_var_num_apparmor_profiles" version="1"
+    comment="apparmor profiles">
+    <count>
+      <object_component item_field="subexpression"
+                        object_ref="{{{ rule_id }}}_obj_apparmor_profiles" />
+    </count>
+  </local_variable>
+  <local_variable datatype="int" comment="enforced apparmor profiles"
+    id="{{{ rule_id }}}_var_num_apparmor_enforced_complaining_profiles" version="1" >
+    <arithmetic arithmetic_operation="add">
+      <count>
+      <object_component item_field="subexpression"
+        object_ref="{{{ rule_id }}}_obj_apparmor_enforced_profiles" />
+      </count>
+      <count>
+      <object_component item_field="subexpression"
+        object_ref="{{{ rule_id }}}_obj_apparmor_complaining_profiles" />
+      </count>
+    </arithmetic>
+  </local_variable>
+  <local_variable datatype="int" id="{{{ rule_id }}}_var_num_apparmor_unconfined_profiles"
+    version="1" comment="apparmor profiles with unconfined processes">
+    <object_component item_field="subexpression"
+     object_ref="{{{ rule_id }}}_obj_apparmor_unconfined_profiles" />
+  </local_variable>
+
+  <ind:variable_object id="{{{ rule_id }}}_obj_all_apparmor_profiles" version="1">
+    <ind:var_ref>{{{ rule_id }}}_var_num_apparmor_profiles</ind:var_ref>
+  </ind:variable_object>
+  <ind:variable_state id="{{{ rule_id }}}_state_sum_complain_n_enforced" version="1">
+    <ind:value datatype="int" operation="equals" var_check="all"
+      var_ref="{{{ rule_id }}}_var_num_apparmor_enforced_complaining_profiles"/>
+  </ind:variable_state>
+  <ind:variable_test id="{{{ rule_id }}}_test_sum_complain_n_enforced_equal_all" check="all"
+    version="1" comment="Compare number of profiles with sum of complain and enforced">
+    <ind:object object_ref="{{{ rule_id }}}_obj_all_apparmor_profiles"/>
+    <ind:state state_ref="{{{ rule_id }}}_state_sum_complain_n_enforced"/>
+  </ind:variable_test>
+</def-group>
diff --git a/linux_os/guide/system/apparmor/all_apparmor_profiles_in_enforce_complain_mode/rule.yml b/linux_os/guide/system/apparmor/all_apparmor_profiles_in_enforce_complain_mode/rule.yml
index d044e07b815..f494f563543 100644
--- a/linux_os/guide/system/apparmor/all_apparmor_profiles_in_enforce_complain_mode/rule.yml
+++ b/linux_os/guide/system/apparmor/all_apparmor_profiles_in_enforce_complain_mode/rule.yml
@@ -36,3 +36,5 @@ references:
     cis@sle15: 1.7.1.3
     cis@ubuntu2004: 1.7.1.3
     cis@ubuntu2204: 1.6.1.3
+
+platform: package[apparmor]
diff --git a/linux_os/guide/system/apparmor/all_apparmor_profiles_in_enforce_complain_mode/tests/correct_all_apparmor_profiles_in_complain.pass.sh b/linux_os/guide/system/apparmor/all_apparmor_profiles_in_enforce_complain_mode/tests/correct_all_apparmor_profiles_in_complain.pass.sh
index 345881aa5d8..37770affadf 100644
--- a/linux_os/guide/system/apparmor/all_apparmor_profiles_in_enforce_complain_mode/tests/correct_all_apparmor_profiles_in_complain.pass.sh
+++ b/linux_os/guide/system/apparmor/all_apparmor_profiles_in_enforce_complain_mode/tests/correct_all_apparmor_profiles_in_complain.pass.sh
@@ -1,4 +1,5 @@
 #!/bin/bash
+# packages = apparmor
 
 #Replace apparmor definitions
 apparmor_parser -q -r /etc/apparmor.d/
diff --git a/linux_os/guide/system/apparmor/all_apparmor_profiles_in_enforce_complain_mode/tests/correct_all_apparmor_profiles_in_enforce.pass.sh b/linux_os/guide/system/apparmor/all_apparmor_profiles_in_enforce_complain_mode/tests/correct_all_apparmor_profiles_in_enforce.pass.sh
index e2651e31641..9b64f995da9 100644
--- a/linux_os/guide/system/apparmor/all_apparmor_profiles_in_enforce_complain_mode/tests/correct_all_apparmor_profiles_in_enforce.pass.sh
+++ b/linux_os/guide/system/apparmor/all_apparmor_profiles_in_enforce_complain_mode/tests/correct_all_apparmor_profiles_in_enforce.pass.sh
@@ -1,4 +1,5 @@
 #!/bin/bash
+# packages = apparmor
 
 #Replace apparmor definitions
 apparmor_parser -q -r /etc/apparmor.d/
diff --git a/linux_os/guide/system/apparmor/all_apparmor_profiles_in_enforce_complain_mode/tests/incorrect_all_apparmor_profiles.fail.sh b/linux_os/guide/system/apparmor/all_apparmor_profiles_in_enforce_complain_mode/tests/incorrect_all_apparmor_profiles.fail.sh
index 9f23139ed3b..c9c33527421 100644
--- a/linux_os/guide/system/apparmor/all_apparmor_profiles_in_enforce_complain_mode/tests/incorrect_all_apparmor_profiles.fail.sh
+++ b/linux_os/guide/system/apparmor/all_apparmor_profiles_in_enforce_complain_mode/tests/incorrect_all_apparmor_profiles.fail.sh
@@ -1,4 +1,5 @@
 #!/bin/bash
+# packages = apparmor
 
 #Configure the OS to unload all AppArmor profiles
 aa-teardown
diff --git a/linux_os/guide/system/apparmor/package_apparmor_installed/rule.yml b/linux_os/guide/system/apparmor/package_apparmor_installed/rule.yml
index a08bbb9a4e9..63f826742a6 100644
--- a/linux_os/guide/system/apparmor/package_apparmor_installed/rule.yml
+++ b/linux_os/guide/system/apparmor/package_apparmor_installed/rule.yml
@@ -1,6 +1,5 @@
 documentation_complete: true
 
-
 title: 'Ensure AppArmor is installed'
 
 description: |-
@@ -23,3 +22,4 @@ template:
     name: package_installed
     vars:
         pkgname: apparmor
+        pkgname@sle15: apparmor-profiles
diff --git a/shared/applicability/package.yml b/shared/applicability/package.yml
index 494b52c8ef0..bfea02d3f81 100644
--- a/shared/applicability/package.yml
+++ b/shared/applicability/package.yml
@@ -6,6 +6,12 @@ template:
 args:
   aide:
     pkgname: aide
+  apparmor:
+    {{% if product in ["sle12", "sle15"] %}}
+      pkgname: apparmor-profiles
+    {{% else %}}
+      pkgname: apparmor
+    {{% endif %}}
   apport:
     pkgname: apport
   audit: