| APPL-11-002064 - The macOS system must have the security assessment policy subsystem enabled. | DISA STIG Apple macOS 11 v1r8 | Unix | CONFIGURATION MANAGEMENT |
| APPL-13-002064 - The macOS system must have the security assessment policy subsystem enabled. | DISA STIG Apple macOS 13 v1r4 | Unix | CONFIGURATION MANAGEMENT |
| DKER-EE-001770 - Docker Incs official GPG key must be added to the host using the users operating systems respective package repository management tooling. | DISA STIG Docker Enterprise 2.x Linux/Unix v1r1 | Unix | CONFIGURATION MANAGEMENT |
| DTBI370-IE11 - Checking for signatures on downloaded programs must be enforced. | DISA STIG IE 11 v2r5 | Windows | CONFIGURATION MANAGEMENT |
| DTBI650-IE11 - .NET Framework-reliant components not signed with Authenticode must be disallowed to run (Restricted Sites Zone). | DISA STIG IE 11 v2r1 | Windows | CONFIGURATION MANAGEMENT |
| DTBI920-IE11 - .NET Framework-reliant components not signed with Authenticode must be disallowed to run (Internet zone). | DISA STIG IE 11 v2r1 | Windows | CONFIGURATION MANAGEMENT |
| DTBI930-IE11 - .NET Framework-reliant components signed with Authenticode must be disallowed to run (Internet zone). | DISA STIG IE 11 v2r1 | Windows | CONFIGURATION MANAGEMENT |
| DTOO127 - Add-ins to Office applications must be signed by a Trusted Publisher. | DISA STIG Microsoft Excel 2016 v2r1 | Windows | CONFIGURATION MANAGEMENT |
| DTOO131 - Trust Bar Notifications for unsigned application add-ins must be blocked. | DISA STIG Microsoft Excel 2016 v2r1 | Windows | CONFIGURATION MANAGEMENT |
| DTOO413 - Users must be prevented from using or inserting apps that come from the Office Store. | DISA STIG Microsoft Office System 2013 v2r1 | Windows | CONFIGURATION MANAGEMENT |
| ESXI-06-000047 - The Image Profile and VIB Acceptance Levels must be verified. | DISA STIG VMware vSphere 6.x ESXi OS v1r5 | Unix | CONFIGURATION MANAGEMENT |
| EX13-EG-000075 - The Exchange local machine policy must require signed scripts. | DISA Microsoft Exchange 2013 Edge Transport Server STIG v1r5 | Windows | CONFIGURATION MANAGEMENT |
| FGFW-ND-000305 - The FortiGate device must only install patches or updates that are validated by the vendor via digital signature or hash. | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | CONFIGURATION MANAGEMENT |
| GEN008800 - The package management tool must cryptographically verify the authenticity of packages during install - '/etc/yum.repos.d/*' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | CONFIGURATION MANAGEMENT |
| GEN008800 - The package management tool must cryptographically verify the authenticity of packages during installation - '/etc/yum.conf' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | CONFIGURATION MANAGEMENT |
| GEN008800 - The system package management tool must cryptographically verify the authenticity of software packages during installation. | DISA STIG Solaris 10 SPARC v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN008800 - The system package management tool must cryptographically verify the authenticity of software packages during installation. | DISA STIG Solaris 10 X86 v2r4 | Unix | CONFIGURATION MANAGEMENT |
| Monterey - Enable Gatekeeper | NIST macOS Monterey v1.0.0 - 800-53r5 Moderate | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| Monterey - Enable Gatekeeper | NIST macOS Monterey v1.0.0 - 800-53r4 High | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| Monterey - Enable Gatekeeper | NIST macOS Monterey v1.0.0 - 800-53r5 Low | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| Monterey - Enable Gatekeeper | NIST macOS Monterey v1.0.0 - 800-171 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| Monterey - Enable Gatekeeper | NIST macOS Monterey v1.0.0 - 800-53r4 Moderate | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| OL07-00-010019 - The Oracle Linux operating system must ensure cryptographic verification of vendor software packages. | DISA Oracle Linux 7 STIG v2r14 | Unix | CONFIGURATION MANAGEMENT |
| OL08-00-010019 - OL 8 must ensure cryptographic verification of vendor software packages. | DISA Oracle Linux 8 STIG v1r9 | Unix | CONFIGURATION MANAGEMENT |
| OL08-00-010370 - YUM must be configured to prevent the installation of patches, service packs, device drivers, or OL 8 system components that have not been digitally signed using a certificate that is recognized and approved by the organization. | DISA Oracle Linux 8 STIG v1r9 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-30-000059 - The Photon operating system RPM package management tool must cryptographically verify the authenticity of all software packages during installation. | DISA STIG VMware vSphere 7.0 Photon OS v1r3 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-67-000062 - The Photon operating system RPM package management tool must cryptographically verify the authenticity of all software packages during installation. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-67-000064 - The Photon operating system RPM package management tool must cryptographically verify the authenticity of all software packages during installation. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-07-010019 - The Red Hat Enterprise Linux operating system must ensure cryptographic verification of vendor software packages. | DISA Red Hat Enterprise Linux 7 STIG v3r14 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-010371 - RHEL 8 must prevent the installation of software, patches, service packs, device drivers, or operating system components of local packages without verification they have been digitally signed using a certificate that is issued by a Certificate Authority (CA) that is recognized and approved by the organization. | DISA Red Hat Enterprise Linux 8 STIG v1r14 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-010372 - RHEL 8 must prevent the loading of a new kernel for later execution. | DISA Red Hat Enterprise Linux 8 STIG v1r14 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-213020 - RHEL 9 must prevent the loading of a new kernel for later execution. | DISA Red Hat Enterprise Linux 9 STIG v1r3 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-214020 - RHEL 9 must check the GPG signature of locally installed software packages before installation. | DISA Red Hat Enterprise Linux 9 STIG v1r3 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-214025 - RHEL 9 must have GPG signature verification enabled for all software repositories. | DISA Red Hat Enterprise Linux 9 STIG v1r3 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-010430 - The SUSE operating system tool zypper must have gpgcheck enabled. | DISA SLES 15 STIG v1r12 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-20-010438 - The Ubuntu operating system's Advance Package Tool (APT) must be configured to prevent the installation of patches, service packs, device drivers, or Ubuntu operating system components without verification they have been digitally signed using a certificate that is recognized and approved by the organization. | DISA STIG Ubuntu 20.04 LTS v1r12 | Unix | CONFIGURATION MANAGEMENT |
| VCEM-67-000008 - ESX Agent Manager application files must be verified for their integrity. | DISA STIG VMware vSphere 6.7 EAM Tomcat v1r4 | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| VCEM-67-000009 - ESX Agent Manager must only run one webapp. | DISA STIG VMware vSphere 6.7 EAM Tomcat v1r4 | Unix | CONFIGURATION MANAGEMENT |
| VCEM-70-000008 - ESX Agent Manager application files must be verified for their integrity. | DISA STIG VMware vSphere 7.0 EAM Tomcat v1r2 | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| VCEM-70-000009 - ESX Agent Manager must only run one webapp. | DISA STIG VMware vSphere 7.0 EAM Tomcat v1r2 | Unix | CONFIGURATION MANAGEMENT |
| VCFL-67-000012 - vSphere Client application files must be verified for their integrity. | DISA STIG VMware vSphere 6.7 Virgo Client v1r2 | Unix | CONFIGURATION MANAGEMENT |
| VCLD-67-000015 - VAMI server binaries and libraries must be verified for their integrity. | DISA STIG VMware vSphere 6.7 VAMI-lighttpd v1r3 | Unix | CONFIGURATION MANAGEMENT |
| VCPF-70-000008 - Performance Charts application files must be verified for their integrity. | DISA STIG VMware vSphere 7.0 Perfcharts Tomcat v1r1 | Unix | CONFIGURATION MANAGEMENT |
| VCST-67-000008 - The Security Token Service application files must be verified for their integrity. | DISA STIG VMware vSphere 6.7 STS Tomcat v1r3 | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| VCST-70-000008 - The Security Token Service application files must be verified for their integrity. | DISA STIG VMware vSphere 7.0 STS Tomcat v1r2 | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| VCST-70-000009 - The Security Token Service must only run one webapp. | DISA STIG VMware vSphere 7.0 STS Tomcat v1r2 | Unix | CONFIGURATION MANAGEMENT |
| VCUI-67-000008 - vSphere UI application files must be verified for their integrity. | DISA STIG VMware vSphere 6.7 UI Tomcat v1r3 | Unix | CONFIGURATION MANAGEMENT |
| VCUI-67-000009 - vSphere UI plugins must be authorized before use. | DISA STIG VMware vSphere 6.7 UI Tomcat v1r3 | Unix | CONFIGURATION MANAGEMENT |
| VCUI-70-000008 - vSphere UI application files must be verified for their integrity. | DISA STIG VMware vSphere 7.0 vCA UI v1r2 | Unix | CONFIGURATION MANAGEMENT |
| VCUI-70-000009 - vSphere UI plugins must be authorized before use. | DISA STIG VMware vSphere 7.0 vCA UI v1r2 | Unix | CONFIGURATION MANAGEMENT |
