| 1.2.7 Ensure removal of software components after update | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | SYSTEM AND INFORMATION INTEGRITY |
| ALMA-09-045120 - AlmaLinux OS 9 must remove all software components after updated versions have been installed. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| APPL-11-000015 - The macOS system must utilize an Endpoint Security Solution (ESS) and implement all DoD required modules. | DISA STIG Apple macOS 11 v1r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| APPL-11-000015 - The macOS system must utilize an Endpoint Security Solution (ESS) and implement all DoD required modules. | DISA STIG Apple macOS 11 v1r8 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| APPL-12-000015 - The macOS system must utilize an ESS solution and implement all DoD required modules - ESS and implement all DoD required modules. | DISA STIG Apple macOS 12 v1r9 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| APPL-13-000015 - The macOS system must use an Endpoint Security Solution (ESS) and implement all DOD required modules. | DISA STIG Apple macOS 13 v1r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| Big Sur - Configure Automated Flaw Remediation | NIST macOS Big Sur v1.4.0 - 800-53r4 High | Unix | SYSTEM AND INFORMATION INTEGRITY |
| Big Sur - Configure Automated Flaw Remediation | NIST macOS Big Sur v1.4.0 - 800-53r5 High | Unix | SYSTEM AND INFORMATION INTEGRITY |
| Big Sur - Configure Automated Flaw Remediation | NIST macOS Big Sur v1.4.0 - All Profiles | Unix | SYSTEM AND INFORMATION INTEGRITY |
| Big Sur - Configure Automated Flaw Remediation | NIST macOS Big Sur v1.4.0 - CNSSI 1253 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| Big Sur - Must Use an Approved Antivirus Program | NIST macOS Big Sur v1.4.0 - All Profiles | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| Big Sur - Must Use Host Based Security Solution | NIST macOS Big Sur v1.4.0 - All Profiles | Unix | SYSTEM AND INFORMATION INTEGRITY |
| Catalina - Must Use an Approved Antivirus Program | NIST macOS Catalina v1.5.0 - All Profiles | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| Catalina - Must Use HBSS | NIST macOS Catalina v1.5.0 - All Profiles | Unix | SYSTEM AND INFORMATION INTEGRITY |
| CD12-00-004300 - When updates are applied to PostgreSQL software, any software components that have been replaced or made unnecessary must be removed. | DISA STIG Crunchy Data PostgreSQL OS v3r1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| CNTR-R2-001580 - Rancher RKE2 must remove old components after updated versions have been installed. | DISA Rancher Government Solutions RKE2 STIG v2r3 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DO6751-ORACLE11 - The SQLNet SQLNET.ALLOWED_LOGON_VERSION parameter must be set to a value of 11 or higher - '%ORACLE_HOME%\NETWORK\ADMIN\SQLNET.ORA SQLNET.ALLOWED_LOGON_VERSION > 11' | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| DO6751-ORACLE11 - The SQLNet SQLNET.ALLOWED_LOGON_VERSION parameter must be set to a value of 11 or higher - '$ORACLE_HOME/network/admin/sqlnet.ora SQLNET.ALLOWED_LOGON_VERSION > 11' | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| DTBI680 - The update check interval must be configured and set to 30 days. | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| DTBI775 - Automatic checking for Internet Explorer updates must be disallowed. | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| GEN006480 - The system must have a host-based intrusion detection tool installed. | DISA STIG Solaris 10 X86 v2r4 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| GEN006480 - The system must have a host-based intrusion detection tool installed. | DISA STIG Solaris 10 SPARC v2r4 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| GEN008820 - The system package management tool must not automatically obtain updates - /var/spool/cron/atjobs/* | DISA STIG Solaris 10 SPARC v2r4 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| GEN008820 - The system package management tool must not automatically obtain updates - /var/spool/cron/atjobs/* | DISA STIG Solaris 10 X86 v2r4 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| GEN008820 - The system package management tool must not automatically obtain updates - /var/spool/cron/crontabs/* | DISA STIG Solaris 10 X86 v2r4 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| GEN008820 - The system package management tool must not automatically obtain updates - /var/spool/cron/crontabs/* | DISA STIG Solaris 10 SPARC v2r4 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| GEN008820 - The system package management tool must not automatically obtain updates. | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | SYSTEM AND INFORMATION INTEGRITY |
| GEN008820 - The system package management tool must not automatically obtain updates. | DISA STIG for Oracle Linux 5 v2r1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| JRE8-UX-000190 - Oracle JRE 8 must remove previous versions when the latest version is installed. | DISA STIG Oracle JRE 8 Unix v1r3 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| JRE8-WN-000190 - Oracle JRE 8 must remove previous versions when the latest version is installed. | DISA STIG Oracle JRE 8 Windows v2r1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| MADB-10-009200 - When updates are applied to the MariaDB software, any software components that have been replaced or made unnecessary must be removed. | DISA MariaDB Enterprise 10.x v2r3 OS Linux | Unix | SYSTEM AND INFORMATION INTEGRITY |
| MD4X-00-006300 - When updates are applied to MongoDB software, any software components that have been replaced or made unnecessary must be removed. | DISA STIG MongoDB Enterprise Advanced 4.x v1r4 OS | Unix | SYSTEM AND INFORMATION INTEGRITY |
| MD7X-00-009100 When updates are applied to MongoDB software, any software components that have been replaced or made unnecessary must be removed. | DISA MongoDB Enterprise Advanced 7.x STIG v1r1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| MS.TEAMS.5.1v1 - Agencies SHOULD only allow installation of Microsoft apps approved by the agency. | CISA SCuBA Microsoft 365 Teams v1.5.0 | microsoft_azure | SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, RISK ASSESSMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND INFORMATION INTEGRITY |
| OL08-00-010440 - YUM must remove all software components after updated versions have been installed on OL 8. | DISA Oracle Linux 8 STIG v2r4 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| PHTN-30-000066 - The Photon operating system must remove all software components after updated versions have been installed. | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| PHTN-40-000161 The Photon operating system must remove all software components after updated versions have been installed. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| PHTN-67-000070 - The Photon operating system must remove all software components after updated versions have been installed. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| RHEL-08-010440 - YUM must remove all software components after updated versions have been installed on RHEL 8. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| RHEL-09-214035 - RHEL 9 must remove all software components after updated versions have been installed. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| SLES-15-010560 - The SUSE operating system must remove all outdated software components after updated versions have been installed. | DISA SUSE Linux Enterprise Server 15 STIG v2r4 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| UBTU-16-010570 - Advance package Tool (APT) must remove all software components after updated versions have been installed. | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| UBTU-20-010449 - The Ubuntu operating system must be configured so that Advance Package Tool (APT) removes all software components after updated versions have been installed. | DISA Canonical Ubuntu 20.04 LTS STIG v2r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| UBTU-22-214015 - Ubuntu 22.04 LTS must be configured so that the Advance Package Tool (APT) removes all software components after updated versions have been installed. | DISA Canonical Ubuntu 22.04 LTS STIG v2r4 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| UBTU-24-700320 - Ubuntu 24.04 LTS must be configured so that Advance Package Tool (APT) removes all software components after updated versions have been installed. | DISA Canonical Ubuntu 24.04 LTS STIG v1r1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| WBSP-AS-001740 - The WebSphere Application Server must remove organization-defined software components after updated versions installed. | DISA IBM WebSphere Traditional 9 STIG v1r1 Middleware | Unix | SYSTEM AND INFORMATION INTEGRITY |
| WBSP-AS-001740 - The WebSphere Application Server must remove organization-defined software components after updated versions installed. | DISA IBM WebSphere Traditional 9 Windows STIG v1r1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| WBSP-AS-001740 - The WebSphere Application Server must remove organization-defined software components after updated versions installed. | DISA IBM WebSphere Traditional 9 STIG v1r1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| WG237 A22 - Remote authors or content providers must have all files scanned for viruses and malicious code before uploading files to the Document Root directory. | DISA STIG Apache Site 2.2 Unix v1r11 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| WG237 A22 - Remote authors or content providers must have all files scanned for viruses and malicious code before uploading files to the Document Root directory. | DISA STIG Apache Site 2.2 Unix v1r11 Middleware | Unix | SYSTEM AND INFORMATION INTEGRITY |
