Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.5.9 Ensure NIST FIPS-validated cryptography is configured - etcCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

1.5.9 Ensure NIST FIPS-validated cryptography is configured - grubCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

1.5.9 Ensure NIST FIPS-validated cryptography is configured - procCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

1.5.9 Ensure NIST FIPS-validated cryptography is configured - rpmCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

1.67 RHEL-09-215100CIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT IIUnix

MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION

1.69 RHEL-09-215105CIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT IIUnix

MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION

1.450 RHEL-09-672020CIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT IUnix

MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION

AADC-CL-000955 - Adobe Acrobat Pro DC Classic FIPS mode must be enabled.DISA STIG Adobe Acrobat Pro DC Classic Track v2r1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

AADC-CN-000955 - Adobe Acrobat Pro DC Continuous FIPS mode must be enabled.DISA STIG Adobe Acrobat Pro DC Continuous Track v2r1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

AIX7-00-001108 - AIX must implement NIST FIPS-validated cryptography for the following: to provision digital signatures, to generate cryptographic hashes, and to protect unclassified information requiring confidentiality and cryptographic protection in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards.DISA STIG AIX 7.x v3r1Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

ALMA-09-004310 - AlmaLinux OS 9 must use the TuxCare ESU repository.DISA CloudLinux AlmaLinux OS 9 STIG v1r3Unix

ACCESS CONTROL, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION

ALMA-09-004320 - AlmaLinux OS 9 must use the TuxCare FIPS packages and not the default encryption packages.DISA CloudLinux AlmaLinux OS 9 STIG v1r3Unix

ACCESS CONTROL, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION

ALMA-09-004420 - AlmaLinux OS 9 must enable FIPS mode.DISA CloudLinux AlmaLinux OS 9 STIG v1r3Unix

ACCESS CONTROL, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION

AOSX-13-000750 - The macOS system must issue or obtain public key certificates under an appropriate certificate policy from an approved service provider.DISA STIG Apple Mac OSX 10.13 v2r5Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

AOSX-14-003001 - The macOS system must issue or obtain public key certificates under an appropriate certificate policy from an approved service provider.DISA STIG Apple Mac OSX 10.14 v2r6Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

AOSX-15-003001 - The macOS system must issue or obtain public key certificates under an appropriate certificate policy from an approved service provider.DISA STIG Apple Mac OSX 10.15 v1r10Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

APPL-11-003001 - The macOS system must issue or obtain public key certificates under an appropriate certificate policy from an approved service provider.DISA STIG Apple macOS 11 v1r5Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

APPL-11-003001 - The macOS system must issue or obtain public key certificates under an appropriate certificate policy from an approved service provider.DISA STIG Apple macOS 11 v1r8Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

APPL-12-003001 - The macOS system must issue or obtain public key certificates under an appropriate certificate policy from an approved service provider.DISA STIG Apple macOS 12 v1r9Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

APPL-13-003001 - The macOS system must issue or obtain public key certificates under an appropriate certificate policy from an approved service provider.DISA STIG Apple macOS 13 v1r5Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

AZLX-23-001195 - Amazon Linux 2023 must have the crypto-policies package installed.DISA Amazon Linux 2023 STIG v1r1Unix

MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION

DKER-EE-006240 - Docker Enterprise data exchanged between Linux containers on different nodes must be encrypted on the overlay network.DISA STIG Docker Enterprise 2.x Linux/Unix v2r2Unix

SYSTEM AND COMMUNICATIONS PROTECTION

EP11-00-004900 - The EDB Postgres Advanced Server must use NIST FIPS 140-2 or 140-3 validated cryptographic modules for all cryptographic operations including generation of cryptographic hashes and data protection - versionEDB PostgreSQL Advanced Server v11 DB Audit v2r4PostgreSQLDB

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

EP11-00-004900 - The EDB Postgres Advanced Server must use NIST FIPS 140-2 or 140-3 validated cryptographic modules for all cryptographic operations including generation of cryptographic hashes and data protection.EDB PostgreSQL Advanced Server v11 Windows OS Audit v2r4Windows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

F5BI-LT-000291 - The BIG-IP Core implementation must be configured to implement NIST FIPS-validated cryptography to generate cryptographic hashes when providing encryption traffic to virtual servers.DISA F5 BIG-IP Local Traffic Manager STIG v2r4F5

SYSTEM AND COMMUNICATIONS PROTECTION

F5BI-LT-000295 - The BIG-IP Core implementation must be configured to use NIST FIPS-validated cryptography to implement encryption services when providing encrypted traffic to virtual servers.DISA F5 BIG-IP Local Traffic Manager STIG v2r4F5

SYSTEM AND COMMUNICATIONS PROTECTION

IBMW-LS-000500 - The WebSphere Liberty Server must use DoD-issued/signed certificates.DISA IBM WebSphere Liberty Server STIG v2r2Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

JUSX-VN-000024 - The Juniper SRX Services Gateway VPN IKE must use NIST FIPS-validated cryptography to implement encryption services for unclassified VPN traffic.DISA Juniper SRX Services Gateway VPN v3r2Juniper

SYSTEM AND COMMUNICATIONS PROTECTION

MD3X-00-000380 - MongoDB must use NIST FIPS 140-2-validated cryptographic modules for cryptographic operations.DISA STIG MongoDB Enterprise Advanced 3.x v2r3 OSUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

OL09-00-000240 - OL 9 must have the crypto-policies package installed.DISA Oracle Linux 9 STIG v1r2Unix

MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION

OL09-00-000241 - OL 9 must implement a FIPS 140-3 compliant system-wide cryptographic policy.DISA Oracle Linux 9 STIG v1r2Unix

MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION

OL09-00-000242 - OL 9 must not allow the cryptographic policy to be overridden.DISA Oracle Linux 9 STIG v1r2Unix

MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION

PANW-AG-000143 - The Palo Alto Networks security platform, if used for TLS/SSL decryption, must use NIST FIPS-validated cryptography to implement encryption.DISA STIG Palo Alto ALG v3r4Palo_Alto

SYSTEM AND COMMUNICATIONS PROTECTION

PHTN-67-000067 - The Photon operating system must configure sshd to use FIPS 140-2 ciphers.DISA STIG VMware vSphere 6.7 Photon OS v1r6Unix

MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION

RHEL-09-215100 - RHEL 9 must have the crypto-policies package installed.DISA Red Hat Enterprise Linux 9 STIG v2r5Unix

MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION

RHEL-09-215105 - RHEL 9 must implement a FIPS 140-3-compliant systemwide cryptographic policy.DISA Red Hat Enterprise Linux 9 STIG v2r5Unix

MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION

RHEL-09-672020 - RHEL 9 cryptographic policy must not be overridden.DISA Red Hat Enterprise Linux 9 STIG v2r5Unix

MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION

SLES-12-010420 - FIPS 140-2 mode must be enabled on the SUSE operating system.DISA SLES 12 STIG v3r3Unix

SYSTEM AND COMMUNICATIONS PROTECTION

SOL-11.1-060060 - The operating system must employ FIPS-validate or NSA-approved cryptography to implement digital signatures.DISA Solaris 11 SPARC STIG v3r3Unix

SYSTEM AND COMMUNICATIONS PROTECTION

SPLK-CL-000390 - Splunk Enterprise must be installed in FIPS mode to implement NIST FIPS-approved cryptography for all cryptographic functions.DISA STIG Splunk Enterprise 8.x for Linux v2r2 STIG REST APISplunk

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

SQL4-00-031100 - SQL Server must use NIST FIPS 140-2 or 140-3 validated cryptographic modules for cryptographic operations.DISA STIG SQL Server 2014 Instance OS Audit v2r4Windows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

SQL6-D0-015600 - SQL Server must implement NIST FIPS 140-2 or 140-3 validated cryptographic modules to provision digital signatures.DISA STIG SQL Server 2016 Instance OS Audit v3r4Windows

SYSTEM AND COMMUNICATIONS PROTECTION

UBTU-18-010005 - The Ubuntu operating system must implement NIST FIPS-validated cryptography to protect classified information and for the following: to provision digital signatures, to generate cryptographic hashes, and to protect unclassified information requiring confidentiality and cryptographic protection in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards.DISA STIG Ubuntu 18.04 LTS v2r15Unix

SYSTEM AND COMMUNICATIONS PROTECTION

VCLD-70-000002 - VAMI must be configured with FIPS 140-2 compliant ciphers for HTTPS connections.DISA STIG VMware vSphere 7.0 VAMI v1r2Unix

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

VCRP-70-000003 - Envoy must be configured to operate in FIPS mode.DISA STIG VMware vSphere 7.0 RhttpProxy v1r1Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

WN12-AD-000011-DC - Separate, NSA-approved (Type 1) cryptography must be used to protect the directory data-in-transit for directory service implementations at a classified confidentiality level when replication data traverses a network cleared to a lower level than the data - Type 1 cryptography must be used to protect the directory data-in-transit for directory service implementations at a classified confidentiality level when replication data traverses a network cleared to a lower level than the data.DISA Windows Server 2012 and 2012 R2 DC STIG v3r7Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WN12-SO-000074 - The system must be configured to use FIPS-compliant algorithms for encryption, hashing, and signing.DISA Windows Server 2012 and 2012 R2 DC STIG v3r7Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WN16-DC-000140 - Separate, NSA-approved (Type 1) cryptography must be used to protect the directory data in transit for directory service implementations at a classified confidentiality level when replication data traverses a network cleared to a lower level than the data.DISA Microsoft Windows Server 2016 STIG v2r10Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WN16-SO-000430 - Windows Server 2016 must be configured to use FIPS-compliant algorithms for encryption, hashing, and signing.DISA Microsoft Windows Server 2016 STIG v2r10Windows

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

WN19-SO-000360 - Windows Server 2019 must be configured to use FIPS-compliant algorithms for encryption, hashing, and signing.DISA Microsoft Windows Server 2019 STIG v3r5Windows

SYSTEM AND COMMUNICATIONS PROTECTION