| 1.94 OL08-00-010541 | CIS Oracle Linux 8 STIG v1.0.0 CAT III | Unix | CONFIGURATION MANAGEMENT |
| 1.99 WN22-CC-000050 | CIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT III | Windows | CONFIGURATION MANAGEMENT |
| 1.244 WN22-SO-000370 | CIS Microsoft Windows Server 2022 STIG v3.0.0 MS CAT III | Windows | CONFIGURATION MANAGEMENT |
| 1.360 OL08-00-040300 | CIS Oracle Linux 8 STIG v1.0.0 CAT III | Unix | CONFIGURATION MANAGEMENT |
| AIOS-18-010800 - Apple iOS/iPadOS 18 must implement the management setting: not allow use of Handoff. | AirWatch - DISA Apple iOS/iPadOS 18 v2r2 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-011800 - Apple iOS/iPadOS 18 must implement the management setting: force Apple Watch wrist detection. | AirWatch - DISA Apple iOS/iPadOS 18 v2r2 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-012300 - Apple iOS/iPadOS 18 must not allow managed apps to write contacts to unmanaged contacts accounts. | MobileIron - DISA Apple iOS/iPadOS 18 v2r2 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-016100 - Apple iOS/iPadOS 18 must disable the use of voice assistant (Siri) unless required to meet Section 508 compliance requirements. | MobileIron - DISA Apple iOS/iPadOS 18 v2r2 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-016200 - Apple iOS/iPadOS 18 must disable the use of voice assistant (Show user-generated content in Siri) unless required to meet Section 508 compliance requirements. | AirWatch - DISA Apple iOS/iPadOS 18 v2r2 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-016600 - Apple iOS/iPadOS 18 must disable AirPrint. | AirWatch - DISA Apple iOS/iPadOS 18 v2r2 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-016600 - Apple iOS/iPadOS 18 must disable AirPrint. | MobileIron - DISA Apple iOS/iPadOS 18 v2r2 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-016700 - Apple iOS/iPadOS 18 must disable AirPrint: Allow discovery of AirPrint printers using iBeacons. | MobileIron - DISA Apple iOS/iPadOS 18 v2r2 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-016800 - Apple iOS/iPadOS 18 must disable AirPrint: Allow storage of AirPrint credentials in Keychain. | MobileIron - DISA Apple iOS/iPadOS 18 v2r2 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-016900 - Apple iOS/iPadOS 18 must enable AirPrint feature: Disallow AirPrint to destinations with untrusted certificates. | MobileIron - DISA Apple iOS/iPadOS 18 v2r2 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-017200 - Apple iOS/iPadOS 18 must disable the Apple Intelligence feature: Image Wand. | MobileIron - DISA Apple iOS/iPadOS 18 v2r2 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-26-013100 - Apple iOS/iPadOS 26 must disable 'Find My Friends' in the 'Find My' app - Find My app. | AirWatch - DISA Apple iOS/iPadOS 26 v1r2 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-26-013400 - The Apple iOS must be configured to disable automatic transfer of diagnostic data to an external device other than an MDM service with which the device has enrolled. | AirWatch - DISA Apple iOS/iPadOS 26 v1r2 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-26-016100 - Apple iOS/iPadOS 26 must disable the use voice assistant (Siri) unless required to meet Section 508 compliance requirements - Siri unless required to meet Section 508 compliance requirements. | MobileIron - DISA Apple iOS/iPadOS 26 v1r2 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-26-016300 - Apple iOS/iPadOS 26 must disable the use voice assistant (Siri suggestions) unless required to meet Section 508 compliance requirements - Siri suggestions unless required to meet Section 508 compliance requirements. | MobileIron - DISA Apple iOS/iPadOS 26 v1r2 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-26-016700 - Apple iOS/iPadOS 26 must disable AirPrint: Allow discovery of AirPrint printers using iBeacons. | MobileIron - DISA Apple iOS/iPadOS 26 v1r2 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-26-016800 - Apple iOS/iPadOS 26 must disable AirPrint: Allow storage of AirPrint credentials in Keychain. | AirWatch - DISA Apple iOS/iPadOS 26 v1r2 | MDM | CONFIGURATION MANAGEMENT |
| ARST-L2-000050 - The Arista MLS switch must have Root Guard enabled on all switch ports connecting to access layer switches and hosts. | DISA Arista MLS EOS 4.X L2S STIG v2r3 | Arista | SYSTEM AND COMMUNICATIONS PROTECTION |
| ARST-L2-000130 - The Arista MLS layer 2 switch must have IGMP or MLD Snooping configured on all VLANs. | DISA Arista MLS EOS 4.X L2S STIG v2r3 | Arista | CONFIGURATION MANAGEMENT |
| ARST-RT-000140 - The Arista multicast edge router must be configured to establish boundaries for administratively scoped multicast traffic. | DISA Arista MLS EOS 4.X Router STIG v2r2 | Arista | ACCESS CONTROL |
| ARST-RT-000180 - The Arista perimeter router must be configured to not redistribute static routes to an alternate gateway service provider into BGP or an IGP peering with the NIPRNet or to other autonomous systems. | DISA Arista MLS EOS 4.X Router STIG v2r2 | Arista | ACCESS CONTROL |
| ARST-RT-000600 - The Arista BGP router must be configured to enable the Generalized TTL Security Mechanism (GTSM). | DISA Arista MLS EOS 4.X Router STIG v2r2 | Arista | SYSTEM AND COMMUNICATIONS PROTECTION |
| EDGE-00-000036 - Download restrictions must be configured. | DISA Microsoft Edge STIG v2r5 | Windows | CONFIGURATION MANAGEMENT |
| EX19-MB-000042 - Exchange circular logging must be disabled. | DISA Microsoft Exchange 2019 Mailbox Server STIG v2r3 | Windows | AUDIT AND ACCOUNTABILITY |
| F5BI-AP-000239 - The F5 BIG-IP appliance must be configured to set the 'Max In Progress Sessions per Client IP' value to 10 or less - Max In Progress Sessions per Client IP value to 10 or less. | DISA F5 BIG-IP Access Policy Manager STIG v2r4 | F5 | ACCESS CONTROL |
| FFOX-00-000015 - Firefox development tools must be disabled. | DISA STIG Mozilla Firefox Windows v6r7 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| GEN001280 - Manual page files must have mode 0644 or less permissive - '/usr/share/infopage/*' | DISA AIX 5.3 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN001440 - All interactive users must be assigned a home directory in the /etc/passwd file. | DISA AIX 5.3 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN001780 - Global initialization files must contain the mesg -n or mesg n commands. - '/etc/bashrc' | DISA AIX 5.3 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN001780 - Global initialization files must contain the mesg -n or mesg n commands. - '/etc/environment' | DISA AIX 5.3 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| JUEX-L2-000160 - The Juniper EX switch must be configured to enable IGMP or MLD Snooping on all VLANs. | DISA Juniper EX Series Layer 2 Switch v2r4 | Juniper | CONFIGURATION MANAGEMENT |
| JUEX-RT-000070 - The Juniper router configured for Multicast Source Discovery Protocol (MSDP) must filter received source-active multicast advertisements for any undesirable multicast groups and sources. | DISA Juniper EX Series Router v2r1 | Juniper | ACCESS CONTROL |
| JUEX-RT-000220 - The Juniper multicast Rendezvous Point (RP) router must be configured to filter Protocol Independent Multicast (PIM) Register messages received from the Designated Router (DR) for any undesirable multicast groups and sources. | DISA Juniper EX Series Router v2r1 | Juniper | ACCESS CONTROL |
| JUEX-RT-000260 - The Juniper router must be configured to log all packets that have been dropped. | DISA Juniper EX Series Router v2r1 | Juniper | AUDIT AND ACCOUNTABILITY |
| JUEX-RT-000270 - The Juniper router must be configured to have all nonessential capabilities disabled. | DISA Juniper EX Series Router v2r1 | Juniper | CONFIGURATION MANAGEMENT |
| JUEX-RT-000900 - The Juniper MPLS router must be configured to synchronize IGP and LDP to minimize packet loss when an IGP adjacency is established prior to LDP peers completing label exchange. | DISA Juniper EX Series Router v2r1 | Juniper | CONFIGURATION MANAGEMENT |
| JUEX-RT-000970 - The Juniper PE router must be configured to enforce the split-horizon rule for all pseudowires within a Virtual Private LAN Services (VPLS) bridge domain. | DISA Juniper EX Series Router v2r1 | Juniper | CONFIGURATION MANAGEMENT |
| JUEX-RT-000980 - The Juniper Multicast Source Discovery Protocol (MSDP) router must be configured to use its loopback address as the source address when originating MSDP traffic. | DISA Juniper EX Series Router v2r1 | Juniper | CONFIGURATION MANAGEMENT |
| RHEL-08-030063 - RHEL 8 must resolve audit information before writing to disk. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-030601 - RHEL 8 must enable auditing of processes that start prior to the audit daemon. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030602 - RHEL 8 must allocate an audit_backlog_limit of sufficient size to capture processes that start prior to the audit daemon. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-040004 - RHEL 8 must enable mitigations against processor-based vulnerabilities. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-040022 - RHEL 8 must disable the controller area network (CAN) protocol. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-040024 - RHEL 8 must disable the transparent inter-process communication (TIPC) protocol. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | CONFIGURATION MANAGEMENT |
| WN25-CC-000040 - Windows Server 2025 source routing must be configured to the highest protection level to prevent Internet Protocol (IP) source routing. | DISA Microsoft Windows Server 2025 STIG v1r1 | Windows | CONFIGURATION MANAGEMENT |
| WN25-CC-000050 - Windows Server 2025 must be configured to prevent Internet Control Message Protocol (ICMP) redirects from overriding Open Shortest Path First (OSPF)-generated routes. | DISA Microsoft Windows Server 2025 STIG v1r1 | Windows | CONFIGURATION MANAGEMENT |
