| APPL-13-000031 - The macOS system must be configured so that log folders do not contain access control lists (ACLs). | DISA STIG Apple macOS 13 v1r5 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-13-000053 - The macOS system must be configured with the SSH daemon LoginGraceTime set to 30 or less. | DISA STIG Apple macOS 13 v1r5 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-13-001013 - The macOS system must be configured with audit log folders owned by root. | DISA STIG Apple macOS 13 v1r5 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-13-001044 - The macOS system must generate audit records for DOD-defined events such as successful/unsuccessful logon attempts, successful/unsuccessful direct access attempts, starting and ending time for user access, and concurrent logons to the same account from different sources. | DISA STIG Apple macOS 13 v1r5 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-13-002003 - The macOS system must be configured to disable the Network File System (NFS) daemon unless it is required. | DISA STIG Apple macOS 13 v1r5 | Unix | CONFIGURATION MANAGEMENT |
| APPL-13-002008 - The macOS system must be configured to disable Web Sharing. | DISA STIG Apple macOS 13 v1r5 | Unix | CONFIGURATION MANAGEMENT |
| APPL-13-002036 - The macOS system must be configured to disable the Privacy Setup services. | DISA STIG Apple macOS 13 v1r5 | Unix | CONFIGURATION MANAGEMENT |
| APPL-13-002050 - The macOS system must disable the Screen Sharing feature. | DISA STIG Apple macOS 13 v1r5 | Unix | CONFIGURATION MANAGEMENT |
| APPL-13-003012 - The macOS system must be configured to prevent displaying password hints. | DISA STIG Apple macOS 13 v1r5 | Unix | CONFIGURATION MANAGEMENT |
| APPL-14-000003 The macOS system must enforce session lock no more than five seconds after screen saver is started. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | ACCESS CONTROL |
| APPL-14-002003 The macOS system must disable Network File System service. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | ACCESS CONTROL |
| APPL-14-002006 The macOS system must disable Unix-to-Unix Copy Protocol service. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | ACCESS CONTROL |
| APPL-14-002008 The macOS system must disable the built-in web server. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | ACCESS CONTROL |
| APPL-14-002017 The macOS system must disable the camera. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| APPL-14-002035 The macOS system must disable Apple ID setup during Setup Assistant. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| APPL-14-002041 The macOS system must disable iCloud Document synchronization. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| APPL-14-002043 The macOS system must disable iCloud Photo Library. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| APPL-14-002053 The macOS system must disable the system settings pane for Siri. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| APPL-14-002170 The macOS system must disable iCloud Private Relay. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| APPL-14-002200 The macOS system must disable personalized advertising. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| APPL-14-002250 The macOS system must disable Remote Management. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| APPL-14-002270 The macOS system must disable the iCloud Freeform services. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| APPL-14-005052 The macOS system must configure login window to prompt for username and password. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| APPL-14-005061 The macOS system must disable Erase Content and Settings. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| MYS8-00-002100 - The MySQL Database Server 8.0 must generate audit records when unsuccessful attempts to access security objects occur. | DISA Oracle MySQL 8.0 v2r2 OS Linux | Unix | AUDIT AND ACCOUNTABILITY |
| MYS8-00-002800 - The MySQL Database Server 8.0 must generate audit records when security objects are modified. | DISA Oracle MySQL 8.0 v2r2 OS Linux | Unix | AUDIT AND ACCOUNTABILITY |
| MYS8-00-002900 - The MySQL Database Server 8.0 must generate audit records when unsuccessful attempts to modify security objects occur. | DISA Oracle MySQL 8.0 v2r2 OS Linux | Unix | AUDIT AND ACCOUNTABILITY |
| MYS8-00-006000 - The MySQL Database Server 8.0 must be configured to prohibit or restrict the use of organization-defined functions, ports, protocols, and/or services, as defined in the PPSM CAL and vulnerability assessments. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | CONFIGURATION MANAGEMENT |
| MYS8-00-006400 - The MySQL Database Server 8.0 must separate user functionality (including user interface services) from database management functionality. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| MYS8-00-007300 - The MySQL Database Server 8.0 must check the validity of all data inputs except those specifically identified by the organization. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | SYSTEM AND INFORMATION INTEGRITY |
| MYS8-00-011100 - The MySQL Database Server 8.0 must automatically terminate a user session after organization-defined conditions or trigger events requiring session disconnect. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | ACCESS CONTROL |
| MYS8-00-011600 - The MySQL Database Server 8.0 must implement NIST FIPS 140-2 or 140-3 validated cryptographic modules to provision digital signatures. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| MYS8-00-012300 - Security-relevant software updates to the MySQL Database Server 8.0 must be installed within the time period directed by an authoritative source (e.g., IAVM, CTOs, DTMs, and STIGs). | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | SYSTEM AND INFORMATION INTEGRITY |
| UBTU-24-100200 - Ubuntu 24.04 LTS must be configured to preserve log records from failure events. | DISA Canonical Ubuntu 24.04 LTS STIG v1r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| UBTU-24-100600 - Ubuntu 24.04 LTS must have the "libpam-pwquality" package installed. | DISA Canonical Ubuntu 24.04 LTS STIG v1r1 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-24-200650 - Ubuntu 24.04 LTS must enable the graphical user logon banner to display the Standard Mandatory DOD Notice and Consent Banner before granting local access to the system via a graphical user logon. | DISA Canonical Ubuntu 24.04 LTS STIG v1r1 | Unix | ACCESS CONTROL |
| UBTU-24-300029 - Ubuntu 24.04 LTS must generate audit records for all events that affect the systemd journal files. | DISA Canonical Ubuntu 24.04 LTS STIG v1r1 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-24-700060 - Ubuntu 24.04 LTS must configure the directories used by the system journal to be group-owned by "systemd-journal". | DISA Canonical Ubuntu 24.04 LTS STIG v1r1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| UBTU-24-700080 - Ubuntu 24.04 LTS must configure the directories used by the system journal to be owned by "root". | DISA Canonical Ubuntu 24.04 LTS STIG v1r1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| UBTU-24-700130 - Ubuntu 24.04 LTS must configure the /var/log/syslog file to be group-owned by adm. | DISA Canonical Ubuntu 24.04 LTS STIG v1r1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| UBTU-24-700150 - Ubuntu 24.04 LTS must configure /var/log/syslog file with mode "0640" or less permissive. | DISA Canonical Ubuntu 24.04 LTS STIG v1r1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| UBTU-24-900050 - Ubuntu 24.04 LTS must permit only authorized accounts to own the audit configuration files. | DISA Canonical Ubuntu 24.04 LTS STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-24-900060 - Ubuntu 24.04 LTS must permit only authorized groups to own the audit configuration files. | DISA Canonical Ubuntu 24.04 LTS STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-24-900120 - Ubuntu 24.04 LTS must generate audit records for successful/unsuccessful uses of the ssh-keysign command. | DISA Canonical Ubuntu 24.04 LTS STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-24-900180 - Ubuntu 24.04 LTS must generate audit records for successful/unsuccessful uses of the sudoedit command. | DISA Canonical Ubuntu 24.04 LTS STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-24-900210 - Ubuntu 24.04 LTS must generate audit records for successful/unsuccessful uses of the chcon command. | DISA Canonical Ubuntu 24.04 LTS STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-24-900270 - Ubuntu 24.04 LTS must generate audit records for successful/unsuccessful uses of the passwd command. | DISA Canonical Ubuntu 24.04 LTS STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-24-900290 - Ubuntu 24.04 LTS must generate audit records for successful/unsuccessful uses of the gpasswd command. | DISA Canonical Ubuntu 24.04 LTS STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-24-900350 - Ubuntu 24.04 LTS must generate audit records for successful/unsuccessful uses of the delete_module syscall. | DISA Canonical Ubuntu 24.04 LTS STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-24-900520 - Ubuntu 24.04 LTS must generate audit records when successful/unsuccessful attempts to modify the /etc/sudoers.d directory occur. | DISA Canonical Ubuntu 24.04 LTS STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
