| 1.209 RHEL-09-255040 | CIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT I | Unix | IDENTIFICATION AND AUTHENTICATION |
| ALMA-09-003100 - AlmaLinux OS 9 must implement DOD-approved encryption ciphers to protect the confidentiality of SSH connections. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r6 | Unix | ACCESS CONTROL |
| ALMA-09-003980 - AlmaLinux OS 9 must implement DOD-approved encryption in the OpenSSL package. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r6 | Unix | ACCESS CONTROL |
| ALMA-09-006730 - The Ctrl-Alt-Delete key sequence must be disabled on AlmaLinux OS 9. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r6 | Unix | ACCESS CONTROL |
| ALMA-09-009700 - AlmaLinux OS 9 must ensure cryptographic verification of vendor software packages. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r6 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-010030 - AlmaLinux OS 9 must have GPG signature verification enabled for all software repositories. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r6 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-002063 - The macOS system must enforce access restrictions. | DISA STIG Apple macOS 11 v1r5 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-002064 - The macOS system must have the security assessment policy subsystem enabled. | DISA STIG Apple macOS 11 v1r5 | Unix | CONFIGURATION MANAGEMENT |
| APPL-15-002069 - The macOS system must require an administrator password to modify systemwide preferences. | DISA Apple macOS 15 Sequoia STIG v1r7 | Unix | ACCESS CONTROL |
| APPL-26-002069 - The macOS system must require an administrator password to modify systemwide preferences. | DISA Apple macOS 26 Tahoe STIG v1r2 | Unix | ACCESS CONTROL |
| AZLX-23-001275 - Amazon Linux 2023 must implement DOD-approved encryption to protect the confidentiality of remote access sessions. | DISA Amazon Linux 2023 STIG v1r2 | Unix | ACCESS CONTROL |
| CASA-ND-001310 - The Cisco ASA must be configured to use at least two authentication servers to authenticate users prior to granting administrative access. | DISA STIG Cisco ASA NDM v2r4 | Cisco | CONFIGURATION MANAGEMENT |
| CNTR-K8-000220 - The Kubernetes Controller Manager must create unique service accounts for each work payload. | DISA STIG Kubernetes v2r5 | Unix | ACCESS CONTROL |
| CNTR-K8-002640 - Kubernetes endpoints must use approved organizational certificate and key pair to protect information in transit. | DISA STIG Kubernetes v2r5 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| FFOX-00-000002 - Firefox must be configured to allow only TLS 1.2 or above. | DISA STIG Mozilla Firefox MacOS v6r7 | Unix | ACCESS CONTROL |
| FFOX-00-000002 - Firefox must be configured to allow only TLS 1.2 or above. | DISA STIG Mozilla Firefox Windows v6r7 | Windows | ACCESS CONTROL |
| JUEX-NM-000520 - The Juniper EX switch must be configured to implement cryptographic mechanisms using a FIPS 140-2/140-3 approved algorithm to protect the confidentiality of remote maintenance sessions. | DISA Juniper EX Series Network Device Management v2r4 | Juniper | MAINTENANCE |
| JUEX-RT-000370 - The Juniper perimeter router must be configured to deny network traffic by default and allow network traffic by exception. | DISA Juniper EX Series Router v2r1 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| MADB-10-008600 - MariaDB must implement cryptographic mechanisms to prevent unauthorized modification of organization-defined information at rest (to include, at a minimum, PII and classified information) on organization-defined information system components. | DISA MariaDB Enterprise 10.x v2r4 DB | MySQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| MD8X-00-002500 - MongoDB software installation account must be restricted to authorized users. | DISA MongoDB Enterprise Advanced 8.x STIG v1r1 Unix | Unix | CONFIGURATION MANAGEMENT |
| O19C-00-008000 - The Oracle Database software installation account must be restricted to authorized users. | DISA Oracle Database 19c STIG v1r3 OracleDB | OracleDB | CONFIGURATION MANAGEMENT |
| OL08-00-010184 - The OL 8 SSH client must be configured to use only DOD-approved encryption ciphers employing FIPS 140-3-validated cryptographic hash algorithms to protect the confidentiality of SSH client connections. | DISA Oracle Linux 8 STIG v2r8 | Unix | ACCESS CONTROL |
| OL09-00-000261 - OL 9 SSH client must be configured to use only DOD-approved encryption ciphers employing FIPS 140-3 validated cryptographic hash algorithms to protect the confidentiality of SSH client connections. | DISA Oracle Linux 9 STIG v1r5 | Unix | ACCESS CONTROL |
| OL09-00-000262 - OL 9 SSH client must be configured to use only DOD-approved Message Authentication Codes (MACs) employing FIPS 140-3 validated cryptographic hash algorithms to protect the confidentiality of SSH client connections. | DISA Oracle Linux 9 STIG v1r5 | Unix | ACCESS CONTROL |
| OL09-00-002412 - OL 9 must be configured so that the systemd Ctrl-Alt-Delete burst key sequence is disabled. | DISA Oracle Linux 9 STIG v1r5 | Unix | ACCESS CONTROL |
| RHEL-08-010296 - The RHEL 8 SSH client must be configured to use only DOD-approved Message Authentication Codes (MACs) employing FIPS 140-3-validated cryptographic hash algorithms to protect the confidentiality of SSH client connections. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | ACCESS CONTROL |
| RHEL-08-010297 - The RHEL 8 SSH client must be configured to use only DOD-approved encryption ciphers employing FIPS 140-3-validated cryptographic hash algorithms to protect the confidentiality of SSH client connections. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | ACCESS CONTROL |
| RHEL-09-211045 - The systemd Ctrl-Alt-Delete burst key sequence in RHEL 9 must be disabled. | DISA Red Hat Enterprise Linux 9 STIG v2r8 | Unix | ACCESS CONTROL |
| RHEL-09-255065 - The RHEL 9 SSH server must be configured to use only DOD-approved encryption ciphers employing FIPS 140-3 validated cryptographic hash algorithms to protect the confidentiality of SSH server connections. | DISA Red Hat Enterprise Linux 9 STIG v2r8 | Unix | ACCESS CONTROL |
| RHEL-10-001030 - RHEL 10 must check the GNU Privacy Guard (GPG) signature of software packages originating from external software repositories before installation. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-10-700950 - RHEL 10 must disable the systemd Ctrl-Alt-Delete burst key sequence. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | ACCESS CONTROL |
| RHEL-10-700960 - RHEL 10 must disable the x86 Ctrl-Alt-Delete key sequence. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | ACCESS CONTROL |
| SLEM-05-214015 - The SLEM 5 tool zypper must have gpgcheck enabled. | DISA SUSE Linux Enterprise Micro SLEM 5 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| SLEM-05-255055 - SLEM 5 SSH server must be configured to use only FIPS 140-2/140-3 validated key exchange algorithms. | DISA SUSE Linux Enterprise Micro SLEM 5 STIG v1r4 | Unix | ACCESS CONTROL |
| SQL2-00-017500 - SQL Server must recover to a known state that is verifiable. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | CONTINGENCY PLANNING |
| SQL2-00-022600 - SQL Server must employ cryptographic mechanisms preventing the unauthorized disclosure of information during transmission. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| SQLI-22-003700 - SQL Server must integrate with an organization-level authentication/access mechanism providing account management and automation for all users, groups, roles, and any other principals. | DISA Microsoft SQL Server 2022 Instance STIG v1r4 MS_SQLDB | MS_SQLDB | ACCESS CONTROL |
| VCFL-67-000007 - vSphere Client must be configured to only communicate over TLS 1.2. | DISA STIG VMware vSphere 6.7 Virgo Client v1r2 | Unix | ACCESS CONTROL |
| WN11-CC-000180 - Autoplay must be turned off for non-volume devices. | DISA Microsoft Windows 11 STIG v2r7 | Windows | CONFIGURATION MANAGEMENT |
| WN22-CC-000220 - Windows Server 2022 default AutoRun behavior must be configured to prevent AutoRun commands. | DISA Microsoft Windows Server 2022 STIG v2r8 | Windows | CONFIGURATION MANAGEMENT |
| WN22-CC-000230 - Windows Server 2022 AutoPlay must be disabled for all drives. | DISA Microsoft Windows Server 2022 STIG v2r8 | Windows | CONFIGURATION MANAGEMENT |
| WN22-DC-000010 - Windows Server 2022 must only allow administrators responsible for the domain controller to have Administrator rights on the system. | DISA Microsoft Windows Server 2022 STIG v2r8 | Windows | ACCESS CONTROL |
| WN22-DC-000100 - Windows Server 2022 Active Directory Domain Controllers Organizational Unit (OU) object must have the proper access control permissions. | DISA Microsoft Windows Server 2022 STIG v2r8 | Windows | ACCESS CONTROL |
| WN22-MS-000010 - Windows Server 2022 must only allow administrators responsible for the member server or standalone or nondomain-joined system to have Administrator rights on the system. | DISA Microsoft Windows Server 2022 STIG v2r8 | Windows | ACCESS CONTROL |
| WN22-UR-000020 - Windows Server 2022 Act as part of the operating system user right must not be assigned to any groups or accounts. | DISA Microsoft Windows Server 2022 STIG v2r8 | Windows | ACCESS CONTROL |
| WN22-UR-000060 - Windows Server 2022 create a token object user right must not be assigned to any groups or accounts. | DISA Microsoft Windows Server 2022 STIG v2r8 | Windows | ACCESS CONTROL |
| WN22-UR-000100 - Windows Server 2022 debug programs user right must only be assigned to the Administrators group. | DISA Microsoft Windows Server 2022 STIG v2r8 | Windows | ACCESS CONTROL |
| WN25-DC-000010 - Windows Server 2025 must only allow administrators responsible for the domain controller to have Administrator rights on the system. | DISA Microsoft Windows Server 2025 STIG v1r1 | Windows | ACCESS CONTROL |
| WN25-DC-000110 - Windows Server 2025 organization created Active Directory Organizational Unit (OU) objects must have proper access control permissions. | DISA Microsoft Windows Server 2025 STIG v1r1 | Windows | ACCESS CONTROL |
| WN25-MS-000010 - Windows Server 2025 must only allow administrators responsible for the member server or stand-alone or nondomain-joined system to have Administrator rights on the system. | DISA Microsoft Windows Server 2025 STIG v1r1 | Windows | ACCESS CONTROL |
