Item Search

NameAudit NamePluginCategory
2.3.14.2 Ensure 'System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing' is set to 'Enabled'CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DCWindows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.14.2 Ensure 'System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing' is set to 'Enabled'CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DCWindows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.14.2 Ensure 'System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing' is set to 'Enabled'CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MSWindows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.14.2 Ensure 'System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing' is set to 'Enabled'CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MSWindows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.14.2 Ensure 'System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing' is set to 'Enabled' (STIG only)CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MSWindows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.14.2 Ensure 'System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing' is set to 'Enabled' (STIG only)CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.1.8 Ensure that data at rest and in transit is encrypted in Azure Databricks using customer managed keys (CMK)CIS Microsoft Azure Foundations v4.0.0 L2microsoft_azure

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.2 Ensure Federal Information Processing Standard (FIPS) is enabledCIS MongoDB 3.6 L2 Windows Audit v1.1.0Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.2 Ensure Federal Information Processing Standard (FIPS) is enabledCIS MongoDB 3.6 L2 Unix Audit v1.1.0Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.9 Ensure that Tri-Secret Secure is enabled for the Snowflake accountCIS Snowflake Foundations v1.0.0 L2Snowflake

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

8.1.3 Configure an Endpoint Certificate (SSL_SVR_LABEL)CIS IBM DB2 11 v1.1.0 Windows OS Level 1Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

8.1.3 Configure an Endpoint Certificate (SSL_SVR_LABEL)CIS IBM DB2 11 v1.1.0 Linux OS Level 1Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

20.55 Ensure 'Protection methods such as TLS, encrypted VPN's, or IPsec must be implemented if the data owner has a strict requirement for ensuring data integrity and confidentiality is maintained at every step of the data transfer and handling process'CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MSWindows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

20.55 Ensure 'Protection methods such as TLS, encrypted VPN's, or IPsec must be implemented if the data owner has a strict requirement for ensuring data integrity and confidentiality is maintained at every step of the data transfer and handling process'CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

20.55 Ensure 'Protection methods such as TLS, encrypted VPN's, or IPsec must be implemented if the data owner has a strict requirement for ensuring data integrity and confidentiality is maintained at every step of the data transfer and handling process'CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MSWindows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

20.55 Ensure 'Protection methods such as TLS, encrypted VPN's, or IPsec must be implemented if the data owner has a strict requirement for ensuring data integrity and confidentiality is maintained at every step of the data transfer and handling process'CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DCWindows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

AIX7-00-002096 - AIX must encrypt user data at rest using AIX Encrypted File System (EFS) if it is required.DISA STIG AIX 7.x v3r1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

ALMA-09-041600 - AlmaLinux OS 9 local disk partitions must implement cryptographic mechanisms to prevent unauthorized disclosure or modification of all information that requires at rest protection.DISA CloudLinux AlmaLinux OS 9 STIG v1r2Unix

SYSTEM AND COMMUNICATIONS PROTECTION

AOSX-13-000780 - The macOS system must implement cryptographic mechanisms to protect the confidentiality and integrity of all information at rest.DISA STIG Apple Mac OSX 10.13 v2r5Unix

SYSTEM AND COMMUNICATIONS PROTECTION

AOSX-14-005020 - The macOS system must implement cryptographic mechanisms to protect the confidentiality and integrity of all information at rest.DISA STIG Apple Mac OSX 10.14 v2r6Unix

SYSTEM AND COMMUNICATIONS PROTECTION

AOSX-15-005020 - The macOS system must implement cryptographic mechanisms to protect the confidentiality and integrity of all information at rest.DISA STIG Apple Mac OSX 10.15 v1r10Unix

SYSTEM AND COMMUNICATIONS PROTECTION

APPL-11-005020 - The macOS system must implement cryptographic mechanisms to protect the confidentiality and integrity of all information at rest.DISA STIG Apple macOS 11 v1r8Unix

SYSTEM AND COMMUNICATIONS PROTECTION

APPL-11-005020 - The macOS system must implement cryptographic mechanisms to protect the confidentiality and integrity of all information at rest.DISA STIG Apple macOS 11 v1r5Unix

SYSTEM AND COMMUNICATIONS PROTECTION

APPL-12-005020 - The macOS system must implement cryptographic mechanisms to protect the confidentiality and integrity of all information at rest.DISA STIG Apple macOS 12 v1r9Unix

SYSTEM AND COMMUNICATIONS PROTECTION

APPL-13-005020 - The macOS system must implement cryptographic mechanisms to protect the confidentiality and integrity of all information at rest.DISA STIG Apple macOS 13 v1r5Unix

SYSTEM AND COMMUNICATIONS PROTECTION

APPL-14-005020 The macOS system must enforce FileVault.DISA Apple macOS 14 (Sonoma) STIG v2r3Unix

SYSTEM AND COMMUNICATIONS PROTECTION

APPL-15-005020 - The macOS system must enforce FileVault.DISA Apple macOS 15 (Sequoia) STIG v1r3Unix

SYSTEM AND COMMUNICATIONS PROTECTION

DB2X-00-008900 - DB2 must implement and/or support cryptographic mechanisms preventing the unauthorized disclosure of organization-defined information at rest on organization-defined information system components.DISA STIG IBM DB2 v10.5 LUW v2r1 DatabaseIBM_DB2DB

SYSTEM AND COMMUNICATIONS PROTECTION

EP11-00-009200 - The EDB Postgres Advanced Server must implement cryptographic mechanisms to prevent unauthorized modification of organization-defined information at rest (to include, at a minimum, PII and classified information) on organization-defined information system components.EDB PostgreSQL Advanced Server v11 Windows OS Audit v2r4Windows

SYSTEM AND COMMUNICATIONS PROTECTION

ESXI-67-000047 - The ESXi Image Profile and vSphere Installation Bundle (VIB) Acceptance Levels must be verified.DISA STIG VMware vSphere 6.7 ESXi OS v1r3Unix

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

ESXI-70-000047 - The ESXi Image Profile and vSphere Installation Bundle (VIB) acceptance levels must be verified.DISA STIG VMware vSphere 7.0 ESXi OS v1r4Unix

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

IIST-SI-000242 - The IIS 10.0 private website must employ cryptographic mechanisms (TLS) and require client certificates.DISA IIS 10.0 Site v2r11Windows

SYSTEM AND COMMUNICATIONS PROTECTION

O365-CO-000002 - Document metadata for rights managed Office Open XML files must be protected.DISA STIG Microsoft Office 365 ProPlus v3r3Windows

SYSTEM AND COMMUNICATIONS PROTECTION

OL08-00-010030 - All OL 8 local disk partitions must implement cryptographic mechanisms to prevent unauthorized disclosure or modification of all information that requires at-rest protection.DISA Oracle Linux 8 STIG v2r4Unix

SYSTEM AND COMMUNICATIONS PROTECTION

PGS9-00-010500 - PostgreSQL must implement cryptographic mechanisms preventing the unauthorized disclosure of organization-defined information at rest on organization-defined information system components.DISA STIG PostgreSQL 9.x on RHEL DB v2r5PostgreSQLDB

SYSTEM AND COMMUNICATIONS PROTECTION

RHEL-09-231190 - RHEL 9 local disk partitions must implement cryptographic mechanisms to prevent unauthorized disclosure or modification of all information that requires at rest protection.DISA Red Hat Enterprise Linux 9 STIG v2r4Unix

SYSTEM AND COMMUNICATIONS PROTECTION

SLES-12-010450 - All SUSE operating system persistent disk partitions must implement cryptographic mechanisms to prevent unauthorized disclosure or modification of all information that requires at rest protection.DISA SLES 12 STIG v3r2Unix

SYSTEM AND COMMUNICATIONS PROTECTION

SOL-11.1-060150 - The operating system must employ cryptographic mechanisms to protect information in storage.DISA STIG Solaris 11 X86 v3r1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

SOL-11.1-060170 - The operating system must employ cryptographic mechanisms to prevent unauthorized disclosure of information at rest unless otherwise protected by alternative physical measures.DISA STIG Solaris 11 X86 v3r1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

SQL6-D0-003400 - SQL Server must implement cryptographic mechanisms preventing the unauthorized disclosure of organization-defined information at rest on organization-defined information system components.DISA STIG SQL Server 2016 Database Audit v3r2MS_SQLDB

SYSTEM AND COMMUNICATIONS PROTECTION

UBTU-16-010400 - All persistent disk partitions must implement cryptographic mechanisms to prevent unauthorized disclosure or modification of all information that requires at rest protection.DISA STIG Ubuntu 16.04 LTS v2r3Unix

SYSTEM AND COMMUNICATIONS PROTECTION

UBTU-20-010414 - Ubuntu operating systems handling data requiring "data at rest" protections must employ cryptographic mechanisms to prevent unauthorized disclosure and modification of the information at rest.DISA Canonical Ubuntu 20.04 LTS STIG v2r2Unix

SYSTEM AND COMMUNICATIONS PROTECTION

UBTU-22-231010 - Ubuntu 22.04 LTS must implement cryptographic mechanisms to prevent unauthorized disclosure and modification of all information that requires protection at rest.DISA Canonical Ubuntu 22.04 LTS STIG v2r4Unix

SYSTEM AND COMMUNICATIONS PROTECTION

UBTU-24-600090 - Ubuntu 24.04 LTS handling data requiring "data at rest" protections must employ cryptographic mechanisms to prevent unauthorized disclosure and modification of the information at rest.DISA Canonical Ubuntu 24.04 LTS STIG v1r1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

WN10-00-000030 - Windows 10 information systems must use BitLocker to encrypt all disks to protect the confidentiality and integrity of all information at rest.DISA Microsoft Windows 10 STIG v3r4Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WN10-00-000032 - Windows 10 systems must use a BitLocker PIN with a minimum length of six digits for pre-boot authentication.DISA Microsoft Windows 10 STIG v3r4Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WN12-00-000020 - Systems requiring data at rest protections must employ cryptographic mechanisms to prevent unauthorized disclosure and modification of the information at rest.DISA Windows Server 2012 and 2012 R2 MS STIG v3r7Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WN12-00-000020 - Systems requiring data at rest protections must employ cryptographic mechanisms to prevent unauthorized disclosure and modification of the information at rest.DISA Windows Server 2012 and 2012 R2 DC STIG v3r7Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WN19-00-000250 - Windows Server 2019 systems requiring data at rest protections must employ cryptographic mechanisms to prevent unauthorized disclosure and modification of the information at rest.DISA Microsoft Windows Server 2019 STIG v3r4Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WN22-00-000250 - Windows Server 2022 systems requiring data at rest protections must employ cryptographic mechanisms to prevent unauthorized disclosure and modification of the information at rest.DISA Microsoft Windows Server 2022 STIG v2r4Windows

SYSTEM AND COMMUNICATIONS PROTECTION