| ESXI-70-000025 - The ESXi host Secure Shell (SSH) daemon must not permit tunnels. | DISA STIG VMware vSphere 7.0 ESXi OS v1r4 | Unix | CONFIGURATION MANAGEMENT |
| ESXI-70-000055 - The ESXi host must disable Inter-Virtual Machine (VM) Transparent Page Sharing. | DISA STIG VMware vSphere 7.0 ESXi v1r4 | VMware | CONFIGURATION MANAGEMENT |
| ESXI-70-000059 - All port groups on standard switches must be configured to reject forged transmits. | DISA STIG VMware vSphere 7.0 ESXi v1r4 | VMware | CONFIGURATION MANAGEMENT |
| ESXI-70-000060 - All port groups on standard switches must be configured to reject guest Media Access Control (MAC) address changes. | DISA STIG VMware vSphere 7.0 ESXi v1r4 | VMware | CONFIGURATION MANAGEMENT |
| ESXI-70-000076 - The ESXi host must enable Secure Boot. | DISA STIG VMware vSphere 7.0 ESXi OS v1r4 | Unix | CONFIGURATION MANAGEMENT |
| ESXI-70-000083 - The ESXi host OpenSLP service must be disabled. | DISA STIG VMware vSphere 7.0 ESXi OS v1r4 | Unix | CONFIGURATION MANAGEMENT |
| ESXI-70-000085 - The ESXi host must enable strict x509 verification for SSL syslog endpoints. | DISA STIG VMware vSphere 7.0 ESXi OS v1r4 | Unix | CONFIGURATION MANAGEMENT |
| ESXI-70-000093 - The ESXi host must not be configured to override virtual machine (VM) logger settings. | DISA STIG VMware vSphere 7.0 ESXi OS v1r4 | Unix | CONFIGURATION MANAGEMENT |
| ESXI-80-000204 - The ESXi host Secure Shell (SSH) daemon must not permit user environment settings. | DISA VMware vSphere 8.0 ESXi STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| ESXI-80-000207 - The ESXi host Secure Shell (SSH) daemon must be configured to not allow gateway ports. | DISA VMware vSphere 8.0 ESXi STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| ESXI-80-000211 - The ESXi host Secure Shell (SSH) daemon must set a timeout interval on idle sessions. | DISA VMware vSphere 8.0 ESXi STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| ESXI-80-000229 - The ESXi host must use DOD-approved certificates. | DISA VMware vSphere 8.0 ESXi STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| ESXI-80-000230 - The ESXi host Secure Shell (SSH) daemon must disable port forwarding. | DISA VMware vSphere 8.0 ESXi STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| ESXI-80-000234 - The ESXi host must enable strict x509 verification for SSL syslog endpoints. | DISA VMware vSphere 8.0 ESXi STIG v2r3 | VMware | CONFIGURATION MANAGEMENT |
| ESXI-80-000245 - The ESXi host must use sufficient entropy for cryptographic operations. | DISA VMware vSphere 8.0 ESXi STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| GOOG-13-010200 - The Google Android 13 work profile must be configured to enforce the system application disable list. | MobileIron - DISA Google Android 13 COPE v2r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-13-010300 - Google Android 13 must be provisioned as a fully managed device and configured to create a work profile. | MobileIron - DISA Google Android 13 COPE v2r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-14-006500 - Google Android 14 must be configured to enforce an application installation policy by specifying one or more authorized application repositories, including [selection: DOD-approved commercial app repository, MDM server, mobile application store]. | AirWatch - DISA Google Android 14 COPE v2r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-14-010200 - The Google Android 14 work profile must be configured to enforce the system application disable list. | MobileIron - DISA Google Android 14 COBO v2r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-14-011000 - Android 14 devices must be configured to enable Common Criteria Mode (CC Mode) - CC Mode. | MobileIron - DISA Google Android 14 COPE v2r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-15-010400 - The Google Android 15 work profile must be configured to disable automatic completion of workspace internet browser text input. | MobileIron - DISA Google Android 15 COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-15-010500 - The Google Android 15 work profile must be configured to disable the autofill services. | MobileIron - DISA Google Android 15 COBO v1r2 | MDM | CONFIGURATION MANAGEMENT |
| JUNI-RT-000235 - The Juniper router must not be configured to use IPv6 Site Local Unicast addresses. | DISA STIG Juniper Router RTR v3r2 | Juniper | CONFIGURATION MANAGEMENT |
| OL07-00-010063 - The Oracle Linux operating system must disable the login screen user list for graphical user interfaces. | DISA Oracle Linux 7 STIG v3r2 | Unix | CONFIGURATION MANAGEMENT |
| OL07-00-010339 - The Oracle Linux operating system must specify the default 'include' directory for the /etc/sudoers file - include directory for the /etc/sudoers file. | DISA Oracle Linux 7 STIG v3r2 | Unix | CONFIGURATION MANAGEMENT |
| WN10-CC-000070 - Virtualization Based Security must be enabled on Windows 10 with the platform security level configured to Secure Boot or Secure Boot with DMA Protection. | DISA Microsoft Windows 10 STIG v3r4 | Windows | CONFIGURATION MANAGEMENT |
| WN10-CC-000080 - Virtualization-based protection of code integrity must be enabled. | DISA Microsoft Windows 10 STIG v3r4 | Windows | CONFIGURATION MANAGEMENT |
| WN11-00-000025 - Windows 11 must employ automated mechanisms to determine the state of system components with regard to flaw remediation using the following frequency: Continuously, where ESS is used; 30 days, for any additional internal network scans not covered by ESS; and annually, for external scans by Computer Network Defense Service Provider (CNDSP). | DISA Microsoft Windows 11 STIG v2r3 | Windows | CONFIGURATION MANAGEMENT |
| WN11-00-000085 - Standard local user accounts must not exist on a system in a domain. | DISA Microsoft Windows 11 STIG v2r3 | Windows | CONFIGURATION MANAGEMENT |
| WN11-00-000230 - The system must notify the user when a Bluetooth device attempts to connect. | DISA Microsoft Windows 11 STIG v2r3 | Windows | CONFIGURATION MANAGEMENT |
| WN11-CC-000020 - IPv6 source routing must be configured to highest protection. | DISA Microsoft Windows 11 STIG v2r3 | Windows | CONFIGURATION MANAGEMENT |
| WN11-CC-000050 - Hardened UNC Paths must be defined to require mutual authentication and integrity for at least the \\*\SYSVOL and \\*\NETLOGON shares. | DISA Microsoft Windows 11 STIG v2r3 | Windows | CONFIGURATION MANAGEMENT |
| WN11-CC-000070 - Virtualization-based Security must be enabled on Windows 11 with the platform security level configured to Secure Boot or Secure Boot with DMA Protection. | DISA Microsoft Windows 11 STIG v2r3 | Windows | CONFIGURATION MANAGEMENT |
| WN11-CC-000195 - Enhanced anti-spoofing for facial recognition must be enabled on Windows 11. | DISA Microsoft Windows 11 STIG v2r3 | Windows | CONFIGURATION MANAGEMENT |
| WN11-CC-000204 - Enhanced diagnostic data must be limited to the minimum required to support Windows Analytics. | DISA Microsoft Windows 11 STIG v2r3 | Windows | CONFIGURATION MANAGEMENT |
| WN11-CC-000255 - The use of a hardware security device with Windows Hello for Business must be enabled. | DISA Microsoft Windows 11 STIG v2r3 | Windows | CONFIGURATION MANAGEMENT |
| WN11-CC-000260 - Windows 11 must be configured to require a minimum pin length of six characters or greater. | DISA Microsoft Windows 11 STIG v2r3 | Windows | CONFIGURATION MANAGEMENT |
| WN11-SO-000085 - Caching of logon credentials must be limited. | DISA Microsoft Windows 11 STIG v2r3 | Windows | CONFIGURATION MANAGEMENT |
| WN11-SO-000140 - Anonymous SID/Name translation must not be allowed. | DISA Microsoft Windows 11 STIG v2r3 | Windows | CONFIGURATION MANAGEMENT |
| WN11-SO-000215 - The system must be configured to meet the minimum session security requirement for NTLM SSP based clients. | DISA Microsoft Windows 11 STIG v2r3 | Windows | CONFIGURATION MANAGEMENT |
| WN11-SO-000240 - The default permissions of global system objects must be increased. | DISA Microsoft Windows 11 STIG v2r3 | Windows | CONFIGURATION MANAGEMENT |
| WN22-00-000010 - Windows Server 2022 users with Administrative privileges must have separate accounts for administrative duties and normal operational tasks. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
| WN22-00-000090 - Windows Server 2022 domain-joined systems must have a Trusted Platform Module (TPM) enabled and ready for use. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
| WN22-00-000100 - Windows Server 2022 must be maintained at a supported servicing level. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
| WN22-CC-000320 - Windows Server 2022 Turning off File Explorer heap termination on corruption must be disabled. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
| WN22-CC-000440 - Windows Server 2022 users must be notified if a web-based program attempts to install software. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
| WN22-CC-000450 - Windows Server 2022 must disable automatically signing in the last interactive user after a system-initiated restart. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
| WN22-DC-000330 - Windows Server 2022 domain controllers must be configured to allow reset of machine account passwords. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
| WN22-MS-000050 - Windows Server 2022 must limit the caching of logon credentials to four or less on domain-joined member servers. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
| WN22-SO-000150 - Windows Server 2022 Smart Card removal option must be configured to Force Logoff or Lock Workstation. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
