| AIOS-16-710400 - Apple iOS/iPadOS 16 must require a valid password be successfully entered before the mobile device data is unencrypted. | MobileIron - DISA Apple iOS/iPadOS BYOAD 16 v1r1 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-18-010400 - Apple iOS/iPadOS 18 must require a valid password be successfully entered before the mobile device data is unencrypted. | AirWatch - DISA Apple iOS/iPadOS 18 v1r1 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-18-010400 - Apple iOS/iPadOS 18 must require a valid password be successfully entered before the mobile device data is unencrypted. | MobileIron - DISA Apple iOS/iPadOS 18 v1r1 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| ALMA-09-040390 - AlmaLinux OS 9 must enable the Pluggable Authentication Module (PAM) interface for SSHD. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | MAINTENANCE |
| APPL-11-004021 - The macOS system must be configured with the sudoers file configured to authenticate users on a per -tty basis. | DISA STIG Apple macOS 11 v1r5 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-004021 - The macOS system must be configured with the sudoers file configured to authenticate users on a per -tty basis. | DISA STIG Apple macOS 11 v1r8 | Unix | CONFIGURATION MANAGEMENT |
| APPL-13-002070 - The macOS system must use an approved antivirus program. | DISA STIG Apple macOS 13 v1r5 | Unix | CONFIGURATION MANAGEMENT |
| CASA-ND-000690 - The Cisco ASA must be configured to terminate all network connections associated with a device management session at the end of the session, or the session must be terminated after five minutes of inactivity except to fulfill documented and validated mission requirements. | DISA STIG Cisco ASA NDM v2r2 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CNTR-K8-001620 - Kubernetes Kubelet must enable kernel protection. | DISA STIG Kubernetes v2r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| CNTR-K8-002001 - Kubernetes must enable PodSecurity admission controller on static pods and Kubelets. | DISA STIG Kubernetes v2r2 | Unix | ACCESS CONTROL |
| CNTR-K8-002010 - Kubernetes must have a pod security policy set. | DISA STIG Kubernetes v2r2 | Unix | ACCESS CONTROL |
| CNTR-R2-000120 - The Kubernetes API server must have the insecure port flag disabled. | DISA Rancher Government Solutions RKE2 STIG v2r3 | Unix | ACCESS CONTROL |
| CNTR-R2-000160 - The Kubernetes API server must have anonymous authentication disabled. | DISA Rancher Government Solutions RKE2 STIG v2r3 | Unix | ACCESS CONTROL |
| F5BI-DM-999999 - The version of F5 BIG-IP must be a supported version. | DISA F5 BIG-IP Device Management STIG v2r4 | F5 | SYSTEM AND INFORMATION INTEGRITY |
| F5BI-LT-999999 - The version of F5 BIG-IP must be a supported version. | DISA F5 BIG-IP Local Traffic Manager STIG v2r4 | F5 | SYSTEM AND INFORMATION INTEGRITY |
| GOOG-13-010800 - Android 13 devices must have the latest available Google Android 13 operating system installed. | AirWatch - DISA Google Android 13 COBO v2r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-13-010800 - Android 13 devices must have the latest available Google Android 13 operating system installed. | MobileIron - DISA Google Android 13 COBO v2r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-14-010800 - Android 14 devices must have the latest available Google Android 14 operating system installed. | MobileIron - DISA Google Android 14 COPE v2r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-15-010800 - Android 15 devices must have the latest available Google Android 15 operating system installed. | MobileIron - DISA Google Android 15 COBO v1r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-15-010800 - Android 15 devices must have the latest available Google Android 15 operating system installed. | AirWatch - DISA Google Android 15 COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
| IISW-SV-009999 - The version of IIS running on the system must be a supported version. | DISA IIS 8.5 Server v2r7 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| JUEX-NM-000370 - The Juniper device must be configured to only allow authorized administrators to view or change the device configuration, system files, and other files stored either in the device or on removable media (such as a flash drive). | DISA Juniper EX Series Network Device Management v2r2 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUEX-RT-000950 - The Juniper PE router providing MPLS Virtual Private Wire Service (VPWS) must be configured to have the appropriate virtual circuit identification (VC ID) for each attachment circuit. | DISA Juniper EX Series Router v2r1 | Juniper | CONFIGURATION MANAGEMENT |
| MADB-10-000300 - MariaDB must enforce approved authorizations for logical access to information and system resources in accordance with applicable access control policies. | DISA MariaDB Enterprise 10.x v2r3 DB | MySQLDB | ACCESS CONTROL |
| MADB-10-004400 - MariaDB must use NIST FIPS 140-2 validated cryptographic modules for cryptographic operations. | DISA MariaDB Enterprise 10.x v2r3 DB | MySQLDB | IDENTIFICATION AND AUTHENTICATION |
| MADB-10-008400 - MariaDB must use NSA-approved cryptography to protect classified information in accordance with the data owner's requirements. | DISA MariaDB Enterprise 10.x v2r3 DB | MySQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| MADB-10-012600 - MariaDB products must be a version supported by the vendor. | DISA MariaDB Enterprise 10.x v2r3 DB | MySQLDB | SYSTEM AND SERVICES ACQUISITION |
| MD7X-00-000300 MongoDB must enforce approved authorizations for logical access to information and system resources in accordance with applicable access control policies. | DISA MongoDB Enterprise Advanced 7.x STIG v1r1 | MongoDB | ACCESS CONTROL |
| MD7X-00-005200 MongoDB must protect the confidentiality and integrity of all information at rest. | DISA MongoDB Enterprise Advanced 7.x STIG v1r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| O19C-00-009900 - The Oracle Listener must be configured to require administration authentication. | DISA Oracle Database 19c STIG v1r1 Windows | Windows | CONFIGURATION MANAGEMENT |
| Overview of the HTTP profile | Tenable F5 BIG-IP Best Practice Audit | F5 | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-08-040010 - RHEL 8 must not have the rsh-server package installed. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-040190 - The Trivial File Transfer Protocol (TFTP) server package must not be installed if not required for RHEL 8 operational support. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-040360 - A File Transfer Protocol (FTP) server package must not be installed unless mission essential on RHEL 8. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-010200 - SUSE operating systems with Unified Extensible Firmware Interface (UEFI) implemented must require authentication upon booting into single-user mode and maintenance. | DISA SLES 15 STIG v2r2 | Unix | ACCESS CONTROL |
| SLES-15-010510 - FIPS 140-2 mode must be enabled on the SUSE operating system. | DISA SLES 15 STIG v2r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| SLES-15-020100 - The SUSE operating system root account must be the only account with unrestricted access to the system. | DISA SLES 15 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-020300 - The SUSE operating system must not be configured to allow blank or null passwords. | DISA SLES 15 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-040020 - There must be no .shosts files on the SUSE operating system. | DISA SLES 15 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-040030 - There must be no shosts.equiv files on the SUSE operating system. | DISA SLES 15 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-20-010047 - The Ubuntu operating system must not allow unattended or automatic login via SSH. | DISA Canonical Ubuntu 20.04 LTS STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-20-010048 - The Ubuntu operating system must be configured so that remote X connections are disabled, unless to fulfill documented and validated mission requirements. | DISA Canonical Ubuntu 20.04 LTS STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-20-010463 - The Ubuntu operating system must not allow accounts configured with blank or null passwords. | DISA Canonical Ubuntu 20.04 LTS STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-22-271030 - Ubuntu 22.04 LTS must disable the x86 Ctrl-Alt-Delete key sequence if a graphical user interface is installed. | DISA Canonical Ubuntu 22.04 LTS STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-22-432015 - Ubuntu 22.04 LTS must ensure only users who need access to security functions are part of sudo group. | DISA Canonical Ubuntu 22.04 LTS STIG v2r4 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| UBTU-24-300025 - Ubuntu 24.04 LTS must disable the x86 Ctrl-Alt-Delete key sequence if a graphical user interface is installed. | DISA Canonical Ubuntu 24.04 LTS STIG v1r1 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-24-300031 - Ubuntu 24.04 LTS must not allow unattended or automatic login via SSH. | DISA Canonical Ubuntu 24.04 LTS STIG v1r1 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-24-600030 - Ubuntu 24.04 LTS must implement NIST FIPS-validated cryptography to protect classified information and for the following: To provision digital signatures, to generate cryptographic hashes, and to protect unclassified information requiring confidentiality and cryptographic protection in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards. | DISA Canonical Ubuntu 24.04 LTS STIG v1r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| UBTU-24-600130 - Ubuntu 24.04 LTS must ensure only users who need access to security functions are part of sudo group. | DISA Canonical Ubuntu 24.04 LTS STIG v1r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| WBLC-10-000999 - The version of Oracle WebLogic running on the system must be a supported version. | Oracle WebLogic Server 12c Linux v2r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
