Detections
Analytics

DISA IBM WebSphere Traditional 9 STIG v1r1 Middleware

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: DISA IBM WebSphere Traditional 9 STIG v1r1 Middleware

Updated: 6/9/2026

Authority: DISA STIG

Plugin: Unix

Revision: 1.11

Estimated Item Count: 92

File Details

Filename: DISA_STIG_IBM_WebSphere_Traditional_9_v1r1_Middleware.audit

Size: 175 kB

MD5: 55ff8768e7af676b83b394a1ab10d8e7
SHA256: c531bf4455cde72cb9d7b317c0acbab1199aeb9b52af2d0279ae7f5085fd62ee

Audit Items

DescriptionCategories
DISA_IBM_WebSphere_Traditional_9_v1r1_Middleware.audit for DISA IBM WebSphere Traditional 9 STIG v1r1 Middleware
WBSP-AS-000010 - The WebSphere Application Server maximum in-memory session count must be set according to application requirements.
WBSP-AS-000020 - The WebSphere Application Server admin console session timeout must be configured.
WBSP-AS-000070 - The WebSphere Application Server security auditing must be enabled.

AUDIT AND ACCOUNTABILITY

WBSP-AS-000080 - WebSphere Application Server groups mapped to WebSphere auditor roles must be configured in accordance with security plan
WBSP-AS-000090 - The WebSphere Application Server users WebSphere auditor role must be configured in accordance with System Security Plan.
WBSP-AS-000100 - The WebSphere Application Server audit event type filters must be configured.
WBSP-AS-000110 - The WebSphere Application Server audit service provider must be enabled.
WBSP-AS-000120 - The WebSphere Application Server automatic repository checkpoints must be enabled to track configuration changes - depth
WBSP-AS-000120 - The WebSphere Application Server automatic repository checkpoints must be enabled to track configuration changes - enabled
WBSP-AS-000130 - The WebSphere Application Server administrative security must be enabled.

ACCESS CONTROL

WBSP-AS-000140 - The WebSphere Application Server bus security must be enabled.
WBSP-AS-000150 - The WebSphere Application Server users in a local user registry group must be authorized for that group.
WBSP-AS-000160 - The WebSphere Application Server Quality of Protection (QoP) must be set to use TLSv1.2 or higher.
WBSP-AS-000170 - The WebSphere Application Server global application security must be enabled - administrative security

ACCESS CONTROL

WBSP-AS-000170 - The WebSphere Application Server global application security must be enabled - application security

ACCESS CONTROL

WBSP-AS-000180 - The WebSphere Application Server Single Sign On (SSO) must have SSL enabled for Web and SIP Security.
WBSP-AS-000190 - The WebSphere Application Server security cookies must be set to HTTPOnly.

CONFIGURATION MANAGEMENT

WBSP-AS-000211 - The WebSphere Application Server Java 2 security must be enabled.
WBSP-AS-000212 - The WebSphere Application Server Java 2 security must not be bypassed.
WBSP-AS-000220 - The WebSphere Application Server users in the admin role must be authorized.

ACCESS CONTROL

WBSP-AS-000230 - The WebSphere Application Server LDAP groups must be authorized for the WebSphere role.
WBSP-AS-000240 - The WebSphere Application Server users in a LDAP user registry group must be authorized for that group.
WBSP-AS-000310 - The WebSphere Application Server management interface must display the Standard Mandatory DoD Notice and Consent Banner

ACCESS CONTROL

WBSP-AS-000320 - The WebSphere Application Server management interface must retain the Standard Mandatory DoD Notice and Consent Banner

ACCESS CONTROL

WBSP-AS-000380 - The WebSphere Application Server must generate log records when attempts to access subject privileges occur.
WBSP-AS-000580 - The WebSphere Application Server must allocate JVM log record storage capacity in accordance with requirements - err
WBSP-AS-000580 - The WebSphere Application Server must allocate JVM log record storage capacity in accordance with requirements - out
WBSP-AS-000590 - WebSphere Application Server must allocate audit log record storage capacity in accordance with requirements - maxFileSize
WBSP-AS-000590 - WebSphere Application Server must allocate audit log record storage capacity in accordance with requirements - maxLogs
WBSP-AS-000630 - The WebSphere Application Server must provide an immediate real-time alert of all log failure events - notification
WBSP-AS-000630 - The WebSphere Application Server must provide an immediate real-time alert of all log failure events - enabled
WBSP-AS-000640 - The WebSphere Application Server must alert the SA and ISSO, in the event of a log processing failure - enabled
WBSP-AS-000640 - The WebSphere Application Server must alert the SA and ISSO, in the event of a log processing failure - notification
WBSP-AS-000650 - The WebSphere Application Server audit subsystem failure action must be set to Log warning.
WBSP-AS-000660 - The WebSphere Application Server must shut down by default upon log failure (unless availability is an overriding concern).
WBSP-AS-000670 - The WebSphere Application Server high availability applications must be configured to fail over in log subsystem failure.
WBSP-AS-000740 - The WebSphere Application Server must be configured to protect log information from any type of unauthorized read access.

CONFIGURATION MANAGEMENT

WBSP-AS-000750 - The WebSphere Application Server must protect log information from unauthorized modification.

CONFIGURATION MANAGEMENT

WBSP-AS-000760 - The WebSphere Application Server must protect log information from unauthorized deletion.

CONFIGURATION MANAGEMENT

WBSP-AS-000770 - The WebSphere Application Server wsadmin file must be protected from unauthorized access.

CONFIGURATION MANAGEMENT

WBSP-AS-000780 - The WebSphere Application Server wsadmin file must be protected from unauthorized modification.

CONFIGURATION MANAGEMENT

WBSP-AS-000790 - The WebSphere Application Server wsadmin file must be protected from unauthorized deletion.

CONFIGURATION MANAGEMENT

WBSP-AS-000810 - The WebSphere Application Server must be configured to encrypt log information.
WBSP-AS-000820 - The WebSphere Application Server must be configured to sign log information.
WBSP-AS-000910 - The WebSphere Application Server process must not be started from the command line with the -password option.
WBSP-AS-000920 - The WebSphere Application Server files must be owned by the non-root WebSphere user ID.
WBSP-AS-000930 - The WebSphere Application Server sample applications must be removed.

CONFIGURATION MANAGEMENT

WBSP-AS-000940 - The WebSphere Application Server must remove JREs left by web server and plug-in installers in the DMZ.
WBSP-AS-000960 - The WebSphere Application Server must be run as a non-admin user.