diff --git a/controls/pcidss_4.yml b/controls/pcidss_4.yml
index 644c313138b..31c5e493504 100644
--- a/controls/pcidss_4.yml
+++ b/controls/pcidss_4.yml
@@ -2047,6 +2047,7 @@ controls:
       status: automated
       rules:
         - enable_authselect
+        - var_authselect_profile=sssd
         - accounts_passwords_pam_faillock_deny
         - var_accounts_passwords_pam_faillock_deny=10
         - accounts_passwords_pam_faillock_unlock_time
diff --git a/products/rhel10/profiles/pci-dss.profile b/products/rhel10/profiles/pci-dss.profile
index 1f958e6f084..45f5033ae05 100644
--- a/products/rhel10/profiles/pci-dss.profile
+++ b/products/rhel10/profiles/pci-dss.profile
@@ -24,20 +24,15 @@ description: |-
 
 selections:
     - pcidss_4:all
-    # audit-audispd-plugins package does not exist in RHEL 10 (based on RHEL 9)
-    # use only package_audispd-plugins_installed
-    - '!package_audit-audispd-plugins_installed'
+    - var_password_hashing_algorithm=yescrypt
+    - var_password_hashing_algorithm_pam=yescrypt
+
     # More tests are needed to identify which rule is conflicting with rpm_verify_permissions.
     # https://github.com/ComplianceAsCode/content/issues/11285
     - '!rpm_verify_permissions'
+
     # these rules do not apply to RHEL 10
     - '!package_audit-audispd-plugins_installed'
-    - '!service_ntp_enabled'
-    - '!ntpd_specify_remote_server'
-    - '!ntpd_specify_multiple_servers'
-    - '!set_ipv6_loopback_traffic'
-    - '!set_loopback_traffic'
-    - '!service_ntpd_enabled'
     - '!package_ypserv_removed'
     - '!package_ypbind_removed'
     - '!package_talk_removed'
@@ -45,28 +40,36 @@ selections:
     - '!package_xinetd_removed'
     - '!package_rsh_removed'
     - '!package_rsh-server_removed'
-    # Following are incompatible with the rhel10 product (based on RHEL9)
-    - '!service_chronyd_or_ntpd_enabled'
+
+    - '!service_ntp_enabled'
+    - '!service_ntpd_enabled'
+    - '!service_timesyncd_enabled'
+    - '!ntpd_specify_remote_server'
+    - '!ntpd_specify_multiple_servers'
+
+    - '!accounts_passwords_pam_tally2'
+    - '!accounts_passwords_pam_tally2_unlock_time'
+    - '!cracklib_accounts_password_pam_dcredit'
+    - '!cracklib_accounts_password_pam_lcredit'
+    - '!cracklib_accounts_password_pam_minlen'
+    - '!cracklib_accounts_password_pam_retry'
+    - '!ensure_firewall_rules_for_open_ports'
+    - '!ensure_shadow_group_empty'
+    - '!ensure_suse_gpgkey_installed'
     - '!install_PAE_kernel_on_x86-32'
     - '!mask_nonessential_services'
-    - '!aide_periodic_checking_systemd_timer'
     - '!nftables_ensure_default_deny_policy'
-    - '!cracklib_accounts_password_pam_lcredit'
-    - '!file_owner_at_allow'
-    - '!ensure_firewall_rules_for_open_ports'
-    - '!cracklib_accounts_password_pam_retry'
-    - '!gnome_gdm_disable_guest_login'
+    - '!set_ipv6_loopback_traffic'
+    - '!set_ip6tables_default_rule'
+    - '!set_loopback_traffic'
+    - '!set_password_hashing_algorithm_commonauth'
+
+    # Following are incompatible with the rhel10 product (based on RHEL9)
+    - '!service_chronyd_or_ntpd_enabled'
+    - '!aide_periodic_checking_systemd_timer'
+    - '!gnome_gdm_disable_unattended_automatic_login'
+    - '!permissions_local_var_log'
     - '!sshd_use_strong_kex'
     - '!sshd_use_approved_macs'
-    - '!permissions_local_var_log'
     - '!sshd_use_approved_ciphers'
-    - '!accounts_passwords_pam_tally2'
-    - '!ensure_suse_gpgkey_installed'
-    - '!gnome_gdm_disable_unattended_automatic_login'
-    - '!accounts_passwords_pam_tally2_unlock_time'
-    - '!cracklib_accounts_password_pam_minlen'
-    - '!set_password_hashing_algorithm_commonauth'
-    - '!cracklib_accounts_password_pam_dcredit'
-    - '!ensure_shadow_group_empty'
-    - '!service_timesyncd_enabled'
     - '!security_patches_up_to_date'
diff --git a/tests/data/profile_stability/rhel8/pci-dss.profile b/tests/data/profile_stability/rhel8/pci-dss.profile
index ff8e7131428..e8e1992dc5a 100644
--- a/tests/data/profile_stability/rhel8/pci-dss.profile
+++ b/tests/data/profile_stability/rhel8/pci-dss.profile
@@ -289,6 +289,7 @@ selections:
 - var_password_pam_dcredit=1
 - var_password_pam_lcredit=1
 - var_password_pam_minlen=12
+- var_authselect_profile=sssd
 - var_accounts_passwords_pam_faillock_deny=10
 - var_accounts_passwords_pam_faillock_unlock_time=1800
 - var_password_pam_tally2=10
diff --git a/tests/data/profile_stability/rhel9/pci-dss.profile b/tests/data/profile_stability/rhel9/pci-dss.profile
index e0fc9148f4a..aae368bafba 100644
--- a/tests/data/profile_stability/rhel9/pci-dss.profile
+++ b/tests/data/profile_stability/rhel9/pci-dss.profile
@@ -281,6 +281,7 @@ selections:
 - var_password_pam_dcredit=1
 - var_password_pam_lcredit=1
 - var_password_pam_minlen=12
+- var_authselect_profile=sssd
 - var_accounts_passwords_pam_faillock_deny=10
 - var_accounts_passwords_pam_faillock_unlock_time=1800
 - var_password_pam_tally2=10