| 1.314 RHEL-09-611025 | CIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT I | Unix | CONFIGURATION MANAGEMENT |
| KNOX-07-003000 - The Samsung must be configured to enable encryption for information at rest on removable storage media. | MobileIron - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| MD8X-00-000300 - MongoDB must enforce approved authorizations for logical access to information and system resources in accordance with applicable access control policies. | DISA MongoDB Enterprise Advanced 8.x STIG v1r1 MongoDB | MongoDB | ACCESS CONTROL |
| Mitigating an attack using TCP profiles | Tenable F5 BIG-IP Best Practice Audit | F5 | SYSTEM AND COMMUNICATIONS PROTECTION |
| MOTS-11-010800 - Motorola Solutions Android 11 devices must have the latest available Motorola Solutions Android 11 operating system installed. | AirWatch - DISA Motorola Solutions Android 11 COBO v1r3 | MDM | CONFIGURATION MANAGEMENT |
| MYS8-00-012600 - MySQL database products must be a version supported by the vendor. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | SYSTEM AND SERVICES ACQUISITION |
| O19C-00-011800 - Database administrator (DBA) OS accounts must be granted only those host system privileges necessary for the administration of the Oracle Database. | DISA Oracle Database 19c STIG v1r3 Unix | Unix | CONFIGURATION MANAGEMENT |
| O19C-00-011800 - Database administrator (DBA) OS accounts must be granted only those host system privileges necessary for the administration of the Oracle Database. | DISA Oracle Database 19c STIG v1r3 Windows | Windows | CONFIGURATION MANAGEMENT |
| O19C-00-011800 - Database administrator (DBA) OS accounts must be granted only those host system privileges necessary for the administration of the Oracle Database. | DISA Oracle Database 19c STIG v1r5 Unix | Unix | CONFIGURATION MANAGEMENT |
| O19C-00-011900 - Oracle Database default accounts must be assigned custom passwords. | DISA Oracle Database 19c STIG v1r3 OracleDB | OracleDB | CONFIGURATION MANAGEMENT |
| O19C-00-016800 - Oracle Database must take needed steps to protect data at rest and ensure confidentiality and integrity of application data. | DISA Oracle Database 19c STIG v1r3 OracleDB | OracleDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| OL08-00-010000 - OL 8 must be a vendor-supported release. | DISA Oracle Linux 8 STIG v2r8 | Unix | CONFIGURATION MANAGEMENT |
| OL08-00-010460 - There must be no "shosts.equiv" files on the OL 8 operating system. | DISA Oracle Linux 8 STIG v2r8 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-000050 - OL 9 must require a unique superuser's name upon booting into single-user and maintenance modes. | DISA Oracle Linux 9 STIG v1r5 | Unix | ACCESS CONTROL |
| OL09-00-000135 - OL 9 must not have a Trivial File Transfer Protocol (TFTP) server package installed. | DISA Oracle Linux 9 STIG v1r5 | Unix | CONFIGURATION MANAGEMENT |
| SLEM-05-212015 - SLEM 5 with Unified Extensible Firmware Interface (UEFI) implemented must require authentication upon booting into single-user mode and maintenance. | DISA SUSE Linux Enterprise Micro SLEM 5 STIG v1r4 | Unix | ACCESS CONTROL |
| SLEM-05-411065 - SLEM 5 root account must be the only account with unrestricted access to the system. | DISA SUSE Linux Enterprise Micro SLEM 5 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| SLEM-05-671010 - FIPS 140-2/140-3 mode must be enabled on SLEM 5. | DISA SUSE Linux Enterprise Micro SLEM 5 STIG v1r4 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| SLES-15-020300 - The SUSE operating system must not be configured to allow blank or null passwords. | DISA SUSE Linux Enterprise Server 15 STIG v2r6 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-040030 - There must be no shosts.equiv files on the SUSE operating system. | DISA SUSE Linux Enterprise Server 15 STIG v2r6 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-040060 - The SUSE operating system must disable the x86 Ctrl-Alt-Delete key sequence. | DISA SUSE Linux Enterprise Server 15 STIG v2r6 | Unix | CONFIGURATION MANAGEMENT |
| SPLK-CL-000510 - Splunk Enterprise must use a version supported by the vendor. | DISA STIG Splunk Enterprise 8.x for Linux v2r3 STIG OS | Unix | SYSTEM AND INFORMATION INTEGRITY |
| SQLD-22-000300 - SQL Server must enforce approved authorizations for logical access to information and system resources in accordance with applicable access control policies. | DISA Microsoft SQL Server 2022 Database STIG v1r3 | MS_SQLDB | ACCESS CONTROL |
| SQLI-22-018100 - When using command-line tools such as SQLCMD in a mixed-mode authentication environment, users must use a logon method that does not expose the password. | DISA Microsoft SQL Server 2022 Instance STIG v1r4 MS_SQLDB | MS_SQLDB | IDENTIFICATION AND AUTHENTICATION |
| SYMP-AG-000060 - Symantec ProxySG must implement security policies that enforce approved authorizations for logical access to information and system resources by employing identity-based, role-based, and/or attribute-based security policies. | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | ACCESS CONTROL |
| SYMP-AG-000070 - Symantec ProxySG must restrict or block harmful or suspicious communications traffic by controlling the flow of information between interconnected networks based on attribute- and content-based inspection of the source, destination, headers, and/or content of the communications traffic - SSL | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | ACCESS CONTROL |
| SYMP-AG-000330 - Symantec ProxySG must be configured with a pre-established trust relationship and mechanisms with appropriate authorities that validate user account access authorizations and privileges - Domain joined | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | IDENTIFICATION AND AUTHENTICATION |
| SYMP-AG-000340 - Symantec ProxySG providing user authentication intermediary services must restrict user authentication traffic to specific authentication servers - Domain exists | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | IDENTIFICATION AND AUTHENTICATION |
| SYMP-NM-000030 - Symantec ProxySG must configure Web Management Console access restrictions to authorized IP address/ranges. | DISA Symantec ProxySG Benchmark NDM v1r2 | BlueCoat | ACCESS CONTROL |
| SYMP-NM-000310 - Symantec ProxySG must terminate all network connections associated with a device management session at the end of the session, or the session must be terminated after 10 minutes of inactivity except to fulfill documented and validated mission requirements - cli timeout | DISA Symantec ProxySG Benchmark NDM v1r2 | BlueCoat | SYSTEM AND COMMUNICATIONS PROTECTION |
| UBTU-18-999999 - The Ubuntu operating system must be a vendor supported release. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-22-211000 - Ubuntu 22.04 LTS must be a vendor-supported release. | DISA Canonical Ubuntu 22.04 LTS STIG v2r8 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-22-215030 - Ubuntu 22.04 LTS must not have the "rsh-server" package installed. | DISA Canonical Ubuntu 22.04 LTS STIG v2r8 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-22-271030 - Ubuntu 22.04 LTS must disable the x86 Ctrl-Alt-Delete key sequence if a graphical user interface is installed. | DISA Canonical Ubuntu 22.04 LTS STIG v2r8 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-22-432015 - Ubuntu 22.04 LTS must ensure only users who need access to security functions are part of sudo group. | DISA Canonical Ubuntu 22.04 LTS STIG v2r8 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| UBTU-24-100050 - Ubuntu 24.04 LTS must not have the nfs-kernel-server package installed. | DISA Canonical Ubuntu 24.04 LTS STIG v1r5 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-24-300026 - Ubuntu 24.04 LTS must disable the x86 Ctrl-Alt-Delete key sequence. | DISA Canonical Ubuntu 24.04 LTS STIG v1r5 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-24-600030 - Ubuntu 24.04 LTS must implement NIST FIPS-validated cryptography to protect classified information and for the following: To provision digital signatures, to generate cryptographic hashes, and to protect unclassified information requiring confidentiality and cryptographic protection in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards. | DISA Canonical Ubuntu 24.04 LTS STIG v1r5 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| VCLD-67-000034 - VAMI must implement TLS1.2 exclusively - tlsv11 | DISA STIG VMware vSphere 6.7 VAMI-lighttpd v1r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| VCTR-67-000999 - The version of vCenter running on the system must be a supported version. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | SYSTEM AND INFORMATION INTEGRITY |
| VCUI-67-000999 - The version of UI Tomcat running on the system must be a supported version. | DISA STIG VMware vSphere 6.7 UI Tomcat v1r3 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| VMCH-65-000999 - The version of VMM running on the server must be a supported version. | DISA STIG VMware vSphere Virtual Machine 6.5 v2r2 | VMware | CONFIGURATION MANAGEMENT |
| WN11-00-000050 - Local volumes must be formatted using NTFS. | DISA Microsoft Windows 11 STIG v2r7 | Windows | ACCESS CONTROL |
| WN11-00-000100 - Internet Information System (IIS) or its subcomponents must not be installed on a workstation. | DISA Microsoft Windows 11 STIG v2r7 | Windows | CONFIGURATION MANAGEMENT |
| WN11-CC-000330 - The Windows Remote Management (WinRM) client must not use Basic authentication. | DISA Microsoft Windows 11 STIG v2r7 | Windows | MAINTENANCE |
| WN11-SO-000145 - Anonymous enumeration of SAM accounts must not be allowed. | DISA Microsoft Windows 11 STIG v2r7 | Windows | CONFIGURATION MANAGEMENT |
| WN11-SO-000150 - Anonymous enumeration of shares must be restricted. | DISA Microsoft Windows 11 STIG v2r7 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN22-CC-000500 - Windows Server 2022 Windows Remote Management (WinRM) service must not use Basic authentication. | DISA Microsoft Windows Server 2022 STIG v2r8 | Windows | MAINTENANCE |
| WN22-MS-000140 - Windows Server 2022 must be running Credential Guard on domain-joined member servers. | DISA Microsoft Windows Server 2022 STIG v2r8 | Windows | CONFIGURATION MANAGEMENT |
| ZEBR-10-999999 - All Zebra Android 10 installations must be removed. | AirWatch - DISA Zebra Android 10 COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
