| 1.73 RHEL-09-231025 | CIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT III | Unix | CONFIGURATION MANAGEMENT |
| 1.137 APPL-14-004050 | CIS Apple macOS 14 Sonoma STIG v1.0.0 CAT III | Unix | AUDIT AND ACCOUNTABILITY |
| 3.084 - The system is configured to use an unauthorized time server. - 'Type' - Domain | DISA Windows Vista STIG v6r41 | Windows | AUDIT AND ACCOUNTABILITY |
| ALMA-09-051940 - AlmaLinux OS 9 must use a separate file system for the system audit data path. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r6 | Unix | AUDIT AND ACCOUNTABILITY |
| EDGE-00-000036 - Download restrictions must be configured. | DISA STIG Edge v2r3 | Windows | CONFIGURATION MANAGEMENT |
| ESXI-67-000018 - The ESXi host SSH daemon must not permit GSSAPI authentication. | DISA STIG VMware vSphere 6.7 ESXi OS v1r3 | Unix | CONFIGURATION MANAGEMENT |
| ESXI-67-000052 - The ESXi host must protect the confidentiality and integrity of transmitted information by using different TCP/IP stacks where possible. | DISA STIG VMware vSphere 6.7 ESXi v1r3 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXI-70-000027 - The ESXi host Secure Shell (SSH) daemon must set a timeout interval on idle sessions. | DISA VMware vSphere 7.0 ESXi STIG v1r4 Unix | Unix | CONFIGURATION MANAGEMENT |
| KNOX-07-000200 - The Samsung must be configured to not allow passwords with more than two repeating or sequential characters - Numbers | AirWatch - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | CONFIGURATION MANAGEMENT |
| MD8X-00-000150 - MongoDB must limit the total number of concurrent connections to the database. | DISA MongoDB Enterprise Advanced 8.x STIG v1r1 Unix | Unix | ACCESS CONTROL |
| MOTO-09-006100 - The Motorola Android Pie must be configured to generate audit records for the following auditable events: detected integrity violations. | AirWatch - DISA Motorola Android Pie.x COPE v1r2 | MDM | AUDIT AND ACCOUNTABILITY |
| OL08-00-010171 - OL 8 must have the "policycoreutils" package installed. | DISA Oracle Linux 8 STIG v2r8 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OL08-00-010472 - OL 8 must have the packages required to use the hardware random number generator entropy gatherer service. | DISA Oracle Linux 8 STIG v2r8 | Unix | CONFIGURATION MANAGEMENT |
| OL08-00-040004 - OL 8 must enable mitigations against processor-based vulnerabilities. | DISA Oracle Linux 8 STIG v2r8 | Unix | CONFIGURATION MANAGEMENT |
| OL08-00-040025 - OL 8 must disable mounting of cramfs. | DISA Oracle Linux 8 STIG v2r8 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-000045 - OL 9 must disable mounting of cramfs. | DISA Oracle Linux 9 STIG v1r5 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-000360 - OL 9 must enable the hardware random number generator entropy gatherer service. | DISA Oracle Linux 9 STIG v1r5 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-002330 - OL 9 must enable Linux audit logging for the USBGuard daemon. | DISA Oracle Linux 9 STIG v1r5 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-09-291025 - RHEL 9 must enable Linux audit logging for the USBGuard daemon. | DISA Red Hat Enterprise Linux 9 STIG v2r8 | Unix | AUDIT AND ACCOUNTABILITY |
| SLEM-05-412035 - SLEM 5 must limit the number of concurrent sessions to 10 for all accounts and/or account types. | DISA SUSE Linux Enterprise Micro SLEM 5 STIG v1r4 | Unix | ACCESS CONTROL |
| SLES-15-010375 - The SUSE operating system must restrict access to the kernel message buffer. | DISA SUSE Linux Enterprise Server 15 STIG v2r6 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| SPLK-CL-000080 - Splunk Enterprise must display the Standard Mandatory DOD Notice and Consent Banner before granting access to the server. | DISA STIG Splunk Enterprise 8.x for Linux v2r3 STIG REST API | Splunk | ACCESS CONTROL |
| SYMP-NM-000060 - Symantec ProxySG must display the Standard Mandatory DoD Notice and Consent Banner before granting access to the device. | DISA Symantec ProxySG Benchmark NDM v1r2 | BlueCoat | ACCESS CONTROL |
| UBTU-22-215025 - Ubuntu 22.04 LTS must not have the "ntp" package installed. | DISA Canonical Ubuntu 22.04 LTS STIG v2r8 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-22-252020 - Ubuntu 22.04 LTS must record time stamps for audit records that can be mapped to Coordinated Universal Time (UTC). | DISA Canonical Ubuntu 22.04 LTS STIG v2r8 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-22-412010 - Ubuntu 22.04 LTS must enforce a delay of at least four seconds between logon prompts following a failed logon attempt. | DISA Canonical Ubuntu 22.04 LTS STIG v2r8 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-22-653025 - Ubuntu 22.04 LTS must alert the information system security officer (ISSO) and system administrator (SA) in the event of an audit processing failure. | DISA Canonical Ubuntu 22.04 LTS STIG v2r8 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-24-100010 - Ubuntu 24.04 LTS must not have the "systemd-timesyncd" package installed. | DISA Canonical Ubuntu 24.04 LTS STIG v1r5 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-24-100020 - Ubuntu 24.04 LTS must not have the "ntp" package installed. | DISA Canonical Ubuntu 24.04 LTS STIG v1r5 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-24-900920 - Ubuntu 24.04 LTS must allocate audit record storage capacity to store at least one week's worth of audit records, when audit records are not immediately sent to a central audit record storage facility. | DISA Canonical Ubuntu 24.04 LTS STIG v1r5 | Unix | AUDIT AND ACCOUNTABILITY |
| VMCH-67-000018 - Shared salt values must be disabled on the virtual machine. | DISA STIG VMware vSphere 6.7 Virtual Machine v1r3 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-67-000019 - Access to virtual machines through the dvfilter network APIs must be controlled. | DISA STIG VMware vSphere 6.7 Virtual Machine v1r3 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-67-000023 - 3D features on the virtual machine must be disabled when not required. | DISA STIG VMware vSphere 6.7 Virtual Machine v1r3 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-70-000001 - Copy operations must be disabled on the virtual machine (VM). | DISA STIG VMware vSphere 7.0 Virtual Machine v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-70-000009 - Unauthorized CD/DVD devices must be disconnected on the virtual machine (VM). | DISA STIG VMware vSphere 7.0 Virtual Machine v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-70-000015 - Informational messages from the virtual machine to the VMX file must be limited on the virtual machine (VM). | DISA STIG VMware vSphere 7.0 Virtual Machine v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-80-000192 Virtual machines (VMs) must have paste operations disabled. | DISA VMware vSphere 8.0 Virtual Machine STIG v2r1 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-80-000196 Virtual machines (VMs) must limit informational messages from the virtual machine to the VMX file. | DISA VMware vSphere 8.0 Virtual Machine STIG v2r1 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-80-000210 Virtual machines (VMs) must remove unneeded CD/DVD devices. | DISA VMware vSphere 8.0 Virtual Machine STIG v2r1 | VMware | CONFIGURATION MANAGEMENT |
| WN10-CC-000080 - Virtualization-based protection of code integrity must be enabled. | DISA Microsoft Windows 10 STIG v3r6 | Windows | CONFIGURATION MANAGEMENT |
| WN11-CC-000206 - Windows Update must not obtain updates from other PCs on the internet. | DISA Microsoft Windows 11 STIG v2r7 | Windows | CONFIGURATION MANAGEMENT |
| WN11-SO-000050 - The computer account password must not be prevented from being reset. | DISA Microsoft Windows 11 STIG v2r7 | Windows | CONFIGURATION MANAGEMENT |
| WN11-SO-000085 - Caching of logon credentials must be limited. | DISA Microsoft Windows 11 STIG v2r7 | Windows | CONFIGURATION MANAGEMENT |
| WN22-CC-000040 - Windows Server 2022 source routing must be configured to the highest protection level to prevent Internet Protocol (IP) source routing. | DISA Microsoft Windows Server 2022 STIG v2r8 | Windows | CONFIGURATION MANAGEMENT |
| WN22-CC-000260 - Windows Server 2022 Windows Update must not obtain updates from other PCs on the internet. | DISA Microsoft Windows Server 2022 STIG v2r8 | Windows | CONFIGURATION MANAGEMENT |
| ZEBR-10-003400 - Zebra Android 10 must be configured to display the DoD advisory warning message at startup or each time the user unlocks the device. | AirWatch - DISA Zebra Android 10 COPE v1r2 | MDM | ACCESS CONTROL |
| ZEBR-10-006100 - Zebra Android 10 must be configured to generate audit records for the following auditable events: detected integrity violations. | MobileIron - DISA Zebra Android 10 COBO v1r2 | MDM | AUDIT AND ACCOUNTABILITY |
| ZEBR-10-011000 - Zebra Android 10 devices must be configured to disable the use of third-party keyboards. | AirWatch - DISA Zebra Android 10 COBO v1r2 | MDM | CONFIGURATION MANAGEMENT |
| ZEBR-10-011000 - Zebra Android 10 devices must be configured to disable the use of third-party keyboards. | MobileIron - DISA Zebra Android 10 COBO v1r2 | MDM | CONFIGURATION MANAGEMENT |
| ZEBR-10-011000 - Zebra Android 10 devices must be configured to disable the use of third-party keyboards. | MobileIron - DISA Zebra Android 10 COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
