| ESXI-80-000237 - The ESXi host must not be configured to override virtual machine (VM) logger settings. | DISA VMware vSphere 8.0 ESXi STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| ESXI-80-000238 - The ESXi host must require TPM-based configuration encryption. | DISA VMware vSphere 8.0 ESXi STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| ESXI-80-000248 - The ESXi host must disable key persistence. | DISA VMware vSphere 8.0 ESXi STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| ESXI-80-000249 - The ESXi host must deny shell access for the dcui account. | DISA VMware vSphere 8.0 ESXi STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| F5BI-AP-000230 - The F5 BIG-IP appliance must be configured to set a 'Maximum Session Timeout' value of 8 hours or less - Maximum Session Timeout value of 8 hours or less. | DISA F5 BIG-IP Access Policy Manager STIG v2r4 | F5 | IDENTIFICATION AND AUTHENTICATION |
| F5BI-AP-000234 - The F5 BIG-IP appliance must not use the On-Demand Cert Auth VPE agent as part of the APM Policy Profiles. | DISA F5 BIG-IP Access Policy Manager STIG v2r4 | F5 | SYSTEM AND COMMUNICATIONS PROTECTION |
| F5BI-AP-000240 - The F5 BIG-IP appliance must enforce approved authorizations for logical access to resources by explicitly configuring assigned resources with an authorization list. | DISA F5 BIG-IP Access Policy Manager STIG v2r4 | F5 | ACCESS CONTROL |
| F5BI-DM-000291 - The F5 BIG-IP appliance providing user access control intermediary services must display the Standard Mandatory DOD-approved Notice and Consent Banner before granting access to SSH. | DISA F5 BIG-IP Device Management STIG v2r4 | F5 | ACCESS CONTROL |
| GOOG-15-006300 - Google Android 15 must be configured to lock the display after 15 minutes (or less) of inactivity - or less of inactivity. | MobileIron - DISA Google Android 15 COBO v1r2 | MDM | ACCESS CONTROL |
| GOOG-15-006300 - Google Android 15 must be configured to lock the display after 15 minutes (or less) of inactivity - or less of inactivity. | AirWatch - DISA Google Android 15 COPE v1r2 | MDM | ACCESS CONTROL |
| GOOG-15-006300 - Google Android 15 must be configured to lock the display after 15 minutes (or less) of inactivity - or less of inactivity. | MobileIron - DISA Google Android 15 COPE v1r2 | MDM | ACCESS CONTROL |
| GOOG-15-006400 - Google Android 15 must be configured to not allow more than 10 consecutive failed authentication attempts. | MobileIron - DISA Google Android 15 COBO v1r2 | MDM | ACCESS CONTROL |
| GOOG-15-006700 - Google Android 15 allow list must be configured to not include applications with the following characteristics: | MobileIron - DISA Google Android 15 COPE v1r2 | MDM | IDENTIFICATION AND AUTHENTICATION |
| GOOG-15-006750 - Google Android 15 allow list must be configured to not include artificial intelligence (AI) applications that process device data in the cloud, including Google Gemini. | AirWatch - DISA Google Android 15 COBO v1r2 | MDM | IDENTIFICATION AND AUTHENTICATION |
| GOOG-15-006750 - Google Android 15 allow list must be configured to not include artificial intelligence (AI) applications that process device data in the cloud, including Google Gemini. | AirWatch - DISA Google Android 15 COPE v1r2 | MDM | IDENTIFICATION AND AUTHENTICATION |
| GOOG-15-009500 - Google Android 15 must be configured to disable ad hoc wireless client-to-client connection capability. | MobileIron - DISA Google Android 15 COPE v1r2 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| GOOG-15-009800 - Google Android 15 users must complete required training. | MobileIron - DISA Google Android 15 COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-15-009950 - Google Android 15 must be configured to enforce a password for Wi-Fi and Bluetooth hotspot, if approved for use by the authorizing official (AO). If not approved for use, Wi-Fi and Bluetooth hotspot must be disabled. | MobileIron - DISA Google Android 15 COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-15-010200 - The Google Android 15 work profile must be configured to enforce the system application disable list. | MobileIron - DISA Google Android 15 COBO v1r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-15-010300 - Google Android 15 must be provisioned as a fully managed device and configured to create a work profile. | MobileIron - DISA Google Android 15 COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-15-010500 - The Google Android 15 work profile must be configured to disable the autofill services. | AirWatch - DISA Google Android 15 COBO v1r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-15-010500 - The Google Android 15 work profile must be configured to disable the autofill services. | MobileIron - DISA Google Android 15 COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-15-010600 - Google Android 15 must be configured to disallow configuration of date and time. | AirWatch - DISA Google Android 15 COBO v1r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-15-010600 - Google Android 15 must be configured to disallow configuration of date and time. | MobileIron - DISA Google Android 15 COBO v1r2 | MDM | CONFIGURATION MANAGEMENT |
| JUEX-RT-000030 - The Juniper BGP router must be configured to reject inbound route advertisements for any prefixes belonging to the local autonomous system (AS). | DISA Juniper EX Series Router v2r1 | Juniper | ACCESS CONTROL |
| JUEX-RT-000290 - The Juniper router must be configured to use encryption for routing protocol authentication. | DISA Juniper EX Series Router v2r1 | Juniper | IDENTIFICATION AND AUTHENTICATION |
| JUEX-RT-000400 - The Juniper perimeter router must be configured to filter traffic destined to the enclave in accordance with the guidelines contained in DoD Instruction 8551.1. | DISA Juniper EX Series Router v2r1 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUEX-RT-000410 - The Juniper perimeter router must be configured to filter ingress traffic at the external interface on an inbound direction. | DISA Juniper EX Series Router v2r1 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUEX-RT-000570 - The Juniper Multicast Source Discovery Protocol (MSDP) router must be configured to authenticate all received MSDP packets. | DISA Juniper EX Series Router v2r1 | Juniper | IDENTIFICATION AND AUTHENTICATION |
| JUEX-RT-001010 - The Juniper perimeter router must be configured to suppress Router Advertisements on all external IPv6-enabled interfaces. | DISA Juniper EX Series Router v2r1 | Juniper | CONFIGURATION MANAGEMENT |
| JUEX-RT-001020 - The Juniper router must be configured in accordance with the security configuration settings based on DoD security configuration or implementation guidance, including STIGs, NSA configuration guides, CTOs, and DTMs. | DISA Juniper EX Series Router v2r1 | Juniper | CONFIGURATION MANAGEMENT |
| MADB-10-000700 - MariaDB must be able to generate audit records when privileges/permissions are retrieved. | DISA MariaDB Enterprise 10.x v2r3 DB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| MADB-10-002300 - MariaDB must protect its audit features from unauthorized access. | DISA MariaDB Enterprise 10.x v2r3 DB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| MADB-10-003400 - Access to external executables must be disabled or restricted. | DISA MariaDB Enterprise 10.x v2r3 DB | MySQLDB | CONFIGURATION MANAGEMENT |
| MADB-10-004600 - MariaDB must separate user functionality (including user interface services) from database management functionality. | DISA MariaDB Enterprise 10.x v2r3 DB | MySQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| MADB-10-005600 - Access to database files must be limited to relevant processes and to authorized, administrative users. | DISA MariaDB Enterprise 10.x v2r3 DB | MySQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| MADB-10-005700 - MariaDB must check the validity of all data inputs except those specifically identified by the organization. | DISA MariaDB Enterprise 10.x v2r3 DB | MySQLDB | SYSTEM AND INFORMATION INTEGRITY |
| MADB-10-006400 - MariaDB must associate organization-defined types of security labels having organization-defined security label values with information in storage. | DISA MariaDB Enterprise 10.x v2r3 DB | MySQLDB | ACCESS CONTROL |
| MADB-10-010200 - MariaDB must generate audit records when security objects are modified. | DISA MariaDB Enterprise 10.x v2r3 DB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| MADB-10-010300 - MariaDB must generate audit records when unsuccessful attempts to modify security objects occur. | DISA MariaDB Enterprise 10.x v2r3 DB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| MADB-10-010900 - MariaDB must generate audit records when unsuccessful attempts to delete security objects occur. | DISA MariaDB Enterprise 10.x v2r3 DB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| MADB-10-011400 - MariaDB must generate audit records for all privileged activities or other system-level access. | DISA MariaDB Enterprise 10.x v2r3 DB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| MADB-10-011600 - MariaDB must generate audit records showing starting and ending time for user access to the database(s). | DISA MariaDB Enterprise 10.x v2r3 DB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| MADB-10-012100 - MariaDB must implement NIST FIPS 140-2 validated cryptographic modules to provision digital signatures. | DISA MariaDB Enterprise 10.x v2r3 OS Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| MADB-10-012200 - MariaDB must implement NIST FIPS 140-2 validated cryptographic modules to generate and validate cryptographic hashes. | DISA MariaDB Enterprise 10.x v2r3 OS Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| MADB-10-012300 - MariaDB must implement NIST FIPS 140-2 validated cryptographic modules to protect unclassified information requiring confidentiality and cryptographic protection, in accordance with the data owners requirements. | DISA MariaDB Enterprise 10.x v2r3 OS Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OL07-00-010341 - The Oracle Linux operating system must restrict privilege elevation to authorized personnel. | DISA Oracle Linux 7 STIG v3r2 | Unix | CONFIGURATION MANAGEMENT |
| OL07-00-021031 - The Oracle Linux operating system must be configured so that all world-writable directories are owned by root, sys, bin, or an application user. | DISA Oracle Linux 7 STIG v3r2 | Unix | CONFIGURATION MANAGEMENT |
| WN10-00-000107 - Copilot in Windows must be disabled for Windows 10. | DISA Microsoft Windows 10 STIG v3r4 | Windows | CONFIGURATION MANAGEMENT |
| WN22-00-000060 - Windows Server 2022 manually managed application account passwords must be changed at least annually or when a system administrator with knowledge of the password leaves the organization. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
