| APPL-11-002064 - The macOS system must have the security assessment policy subsystem enabled. | DISA STIG Apple macOS 11 v1r8 | Unix | CONFIGURATION MANAGEMENT |
| APPL-14-002060 The macOS system must apply gatekeeper settings to block applications from unidentified developers. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| APPL-14-002064 The macOS system must enable Gatekeeper. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| CNTR-R2-000460 - Rancher RKE2 must be built from verified packages. | DISA Rancher Government Solutions RKE2 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| DTOO127 - Add-ins to Office applications must be signed by a Trusted Publisher. | DISA STIG Microsoft PowerPoint 2013 v1r7 | Windows | CONFIGURATION MANAGEMENT |
| DTOO127 - Add-ins to Office applications must be signed by a Trusted Publisher. | DISA STIG Microsoft Visio 2013 v1r5 | Windows | CONFIGURATION MANAGEMENT |
| DTOO127 - Add-ins to Office applications must be signed by a Trusted Publisher. | DISA STIG Microsoft Excel 2016 v2r1 | Windows | CONFIGURATION MANAGEMENT |
| DTOO127 - Add-ins to Office applications must be signed by a Trusted Publisher. | DISA STIG Microsoft Access 2013 v1r7 | Windows | CONFIGURATION MANAGEMENT |
| DTOO127 - Add-ins to Office applications must be signed by a Trusted Publisher. | DISA STIG Microsoft Project 2013 v1r5 | Windows | CONFIGURATION MANAGEMENT |
| DTOO131 - Trust Bar Notifications for unsigned application add-ins must be blocked. | DISA STIG Microsoft Excel 2016 v2r1 | Windows | CONFIGURATION MANAGEMENT |
| DTOO131 - Trust Bar Notifications for unsigned application add-ins must be blocked. | DISA STIG Microsoft Excel 2013 v1r8 | Windows | CONFIGURATION MANAGEMENT |
| DTOO131 - Trust Bar Notifications for unsigned application add-ins must be blocked. | DISA STIG Microsoft InfoPath 2013 v1r6 | Windows | CONFIGURATION MANAGEMENT |
| DTOO131 - Trust Bar Notifications for unsigned application add-ins must be blocked. | DISA STIG Microsoft Word 2013 v1r7 | Windows | CONFIGURATION MANAGEMENT |
| DTOO131 - Trust Bar Notifications for unsigned application add-ins must be blocked. | DISA STIG Microsoft PowerPoint 2013 v1r7 | Windows | CONFIGURATION MANAGEMENT |
| DTOO131 - Trust Bar Notifications for unsigned application add-ins must be blocked. | DISA STIG Microsoft Project 2013 v1r5 | Windows | CONFIGURATION MANAGEMENT |
| DTOO131 - Trust Bar Notifications for unsigned applications must be disabled. | DISA STIG Microsoft Visio 2013 v1r5 | Windows | CONFIGURATION MANAGEMENT |
| DTOO159 - Disabling of Fully Trusted Solutions access to computers must be configured. | DISA STIG Microsoft InfoPath 2013 v1r6 | Windows | CONFIGURATION MANAGEMENT |
| DTOO297 - A form that is digitally signed must be displayed with a warning. | DISA STIG Microsoft InfoPath 2013 v1r6 | Windows | CONFIGURATION MANAGEMENT |
| ESXI-06-000047 - The Image Profile and VIB Acceptance Levels must be verified. | DISA STIG VMware vSphere 6.x ESXi OS v1r5 | Unix | CONFIGURATION MANAGEMENT |
| EX19-ED-000053 - Exchange local machine policy must require signed scripts. | DISA Microsoft Exchange 2019 Edge Server STIG v2r2 | Windows | CONFIGURATION MANAGEMENT |
| EX19-MB-000061 - Exchange local machine policy must require signed scripts. | DISA Microsoft Exchange 2019 Mailbox Server STIG v2r2 | Windows | CONFIGURATION MANAGEMENT |
| GEN008800 - The system package management tool must cryptographically verify the authenticity of software packages during installation. | DISA STIG Solaris 10 X86 v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN008800 - The system package management tool must cryptographically verify the authenticity of software packages during installation. | DISA STIG Solaris 10 SPARC v2r4 | Unix | CONFIGURATION MANAGEMENT |
| OL07-00-010019 - The Oracle Linux operating system must ensure cryptographic verification of vendor software packages. | DISA Oracle Linux 7 STIG v3r2 | Unix | CONFIGURATION MANAGEMENT |
| OL08-00-010019 - OL 8 must ensure cryptographic verification of vendor software packages. | DISA Oracle Linux 8 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| OL08-00-010370 - YUM must be configured to prevent the installation of patches, service packs, device drivers, or OL 8 system components that have not been digitally signed using a certificate that is recognized and approved by the organization. | DISA Oracle Linux 8 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| OL08-00-010371 - OL 8 must prevent the installation of software, patches, service packs, device drivers, or operating system components of local packages without verification they have been digitally signed using a certificate that is issued by a Certificate Authority (CA) that is recognized and approved by the organization. | DISA Oracle Linux 8 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| OL08-00-010372 - OL 8 must prevent the loading of a new kernel for later execution. | DISA Oracle Linux 8 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-30-000061 - The Photon operating system YUM repository must cryptographically verify the authenticity of all software packages during installation. | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-67-000064 - The Photon operating system RPM package management tool must cryptographically verify the authenticity of all software packages during installation. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-010019 - RHEL 8 must ensure cryptographic verification of vendor software packages. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-010370 - RHEL 8 must prevent the installation of software, patches, service packs, device drivers, or operating system components from a repository without verification they have been digitally signed using a certificate that is issued by a Certificate Authority (CA) that is recognized and approved by the organization. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-010371 - RHEL 8 must prevent the installation of software, patches, service packs, device drivers, or operating system components of local packages without verification they have been digitally signed using a certificate that is issued by a Certificate Authority (CA) that is recognized and approved by the organization. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-010372 - RHEL 8 must prevent the loading of a new kernel for later execution. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-213020 - RHEL 9 must prevent the loading of a new kernel for later execution. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-214010 - RHEL 9 must ensure cryptographic verification of vendor software packages. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-214015 - RHEL 9 must check the GPG signature of software packages originating from external software repositories before installation. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-214020 - RHEL 9 must check the GPG signature of locally installed software packages before installation. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-214025 - RHEL 9 must have GPG signature verification enabled for all software repositories. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-215010 - RHEL 9 subscription-manager package must be installed. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-010430 - The SUSE operating system tool zypper must have gpgcheck enabled. | DISA SLES 15 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-20-010438 - The Ubuntu operating system's Advance Package Tool (APT) must be configured to prevent the installation of patches, service packs, device drivers, or Ubuntu operating system components without verification they have been digitally signed using a certificate that is recognized and approved by the organization. | DISA Canonical Ubuntu 20.04 LTS STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-22-214010 - Ubuntu 22.04 LTS must be configured so that the Advance Package Tool (APT) prevents the installation of patches, service packs, device drivers, or operating system components without verification they have been digitally signed using a certificate that is recognized and approved by the organization. | DISA Canonical Ubuntu 22.04 LTS STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| VCEM-67-000009 - ESX Agent Manager must only run one webapp. | DISA STIG VMware vSphere 6.7 EAM Tomcat v1r4 | Unix | CONFIGURATION MANAGEMENT |
| VCLU-70-000009 - Lookup Service must only run one webapp. | DISA STIG VMware vSphere 7.0 Lookup Service v1r2 | Unix | CONFIGURATION MANAGEMENT |
| VCPF-67-000008 - Performance Charts application files must be verified for their integrity. | DISA STIG VMware vSphere 6.7 Perfcharts Tomcat v1r3 | Unix | CONFIGURATION MANAGEMENT |
| VCPF-70-000009 - Performance Charts must only run one webapp. | DISA STIG VMware vSphere 7.0 Perfcharts Tomcat v1r1 | Unix | CONFIGURATION MANAGEMENT |
| VCST-67-000009 - The Security Token Service must only run one web app. | DISA STIG VMware vSphere 6.7 STS Tomcat v1r3 | Unix | CONFIGURATION MANAGEMENT |
| VCST-70-000009 - The Security Token Service must only run one webapp. | DISA STIG VMware vSphere 7.0 STS Tomcat v1r2 | Unix | CONFIGURATION MANAGEMENT |
| VCUI-70-000009 - vSphere UI plugins must be authorized before use. | DISA STIG VMware vSphere 7.0 vCA UI v1r2 | Unix | CONFIGURATION MANAGEMENT |
