| ESXI-70-000015 - The ESXi host Secure Shell (SSH) daemon must not allow authentication using an empty password. | DISA STIG VMware vSphere 7.0 ESXi OS v1r4 | Unix | CONFIGURATION MANAGEMENT |
| F5BI-AP-000236 - The F5 BIG-IP appliance must be configured to limit authenticated client sessions to initial session source IP. | DISA F5 BIG-IP Access Policy Manager STIG v2r4 | F5 | SYSTEM AND COMMUNICATIONS PROTECTION |
| FFOX-00-000021 - Firefox autoplay must be disabled. | DISA STIG Mozilla Firefox Windows v6r6 | Windows | CONFIGURATION MANAGEMENT |
| GEN000244 - The system must use time sources local to the enclave. | DISA STIG AIX 5.3 v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002750 - The audit system must be configured to audit account creation - '/etc/security/audit/events USER_Create exists' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN002751 - The audit system must be configured to audit account modification - '/etc/security/audit/config USER_Change exists' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN002751 - The audit system must be configured to audit account modification - '/etc/security/audit/events USER_Change exists' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN002752 - The audit system must be configured to audit account disabling - '/etc/security/audit/config USER_Change exists' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN002752 - The audit system must be configured to audit account disabling - 'User audit class assignments should be reviewed' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN002753 - The audit system must be configured to audit account termination - '/etc/security/audit/events USER_Remove exists' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GOOG-11-000500 - Google Android 11 must be configured to not allow more than ten consecutive failed authentication attempts. | MobileIron - DISA Google Android 11 COPE v2r1 | MDM | ACCESS CONTROL |
| GOOG-11-006100 - Google Android 11 must be configured to generate audit records for the following auditable events: detected integrity violations. | MobileIron - DISA Google Android 11 COPE v2r1 | MDM | AUDIT AND ACCOUNTABILITY |
| GOOG-12-010900 - Android 12 devices must be configured to disable the use of third-party keyboards. | AirWatch - DISA Google Android 12 COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-13-710900 - Android 13 devices must be configured to disable the use of third-party keyboards (work profile only). | AirWatch - DISA Google Android 13 BYOD v1r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-15-007700 - Google Android 15 must be configured to display the DOD advisory warning message at startup or each time the user unlocks the device. | AirWatch - DISA Google Android 15 COBO v1r2 | MDM | ACCESS CONTROL |
| GOOG-15-012400 - Google Android 15 must allow only the administrator (MDM) to perform the following management function: Disable Phone Hub - MDM to perform the following management function: Disable Phone Hub. | MobileIron - DISA Google Android 15 COPE v1r2 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| HONW-09-000500 - The Honeywell Mobility Edge Android Pie device must be configured to not allow more than 10 consecutive failed authentication attempts. | AirWatch - DISA Honeywell Android 9.x COPE v1r2 | MDM | ACCESS CONTROL |
| HONW-09-003400 - The Honeywell Mobility Edge Android Pie device must be configured to display the DoD advisory warning message at start-up or each time the user unlocks the device. | AirWatch - DISA Honeywell Android 9.x COBO v1r2 | MDM | ACCESS CONTROL |
| HONW-09-003400 - The Honeywell Mobility Edge Android Pie device must be configured to display the DoD advisory warning message at start-up or each time the user unlocks the device. | AirWatch - DISA Honeywell Android 9.x COPE v1r2 | MDM | ACCESS CONTROL |
| HONW-09-006100 - The Honeywell Mobility Edge Android Pie device must be configured to generate audit records for the following auditable events: detected integrity violations. | MobileIron - DISA Honeywell Android 9.x COPE v1r2 | MDM | AUDIT AND ACCOUNTABILITY |
| JRE8-UX-000060 - Oracle JRE 8 must default to the most secure built-in setting - deployment.security.level.locked | DISA STIG Oracle JRE 8 Unix v1r3 | Unix | CONFIGURATION MANAGEMENT |
| MOTO-09-006100 - The Motorola Android Pie must be configured to generate audit records for the following auditable events: detected integrity violations. | MobileIron - DISA Motorola Android Pie.x COBO v1r2 | MDM | AUDIT AND ACCOUNTABILITY |
| MOTS-11-011000 - Motorola Solutions Android 11 devices must be configured to disable the use of third-party keyboards. | MobileIron - DISA Motorola Solutions Android 11 COBO v1r3 | MDM | CONFIGURATION MANAGEMENT |
| MSFT-11-003400 - Microsoft Android 11 must be configured to display the DOD advisory warning message at start-up or each time the user unlocks the device. | MobileIron - DISA Microsoft Android 11 COPE v1r2 | MDM | ACCESS CONTROL |
| MSFT-11-011100 - Microsoft Android 11 devices must be configured to enable Common Criteria Mode (CC Mode). | AirWatch - DISA Microsoft Android 11 COBO v1r2 | MDM | CONFIGURATION MANAGEMENT |
| OL07-00-010375 - The Oracle Linux operating system must restrict access to the kernel message buffer. | DISA Oracle Linux 7 STIG v3r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OL08-00-010473 - OL 8 must enable the hardware random number generator entropy gatherer service. | DISA Oracle Linux 8 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| OL08-00-010542 - OL 8 must use a separate file system for the system audit data path. | DISA Oracle Linux 8 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| OL08-00-020340 - OL 8 must display the date and time of the last successful account logon upon logon. | DISA Oracle Linux 8 STIG v2r4 | Unix | ACCESS CONTROL |
| SQL2-00-010200 - SQL Server default account sa must have its name changed. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL2-00-013700 - SQL Server must protect audit information from unauthorized modification. | DISA STIG SQL Server 2012 Database OS Audit v1r20 | Windows | AUDIT AND ACCOUNTABILITY |
| SQL2-00-020400 - SQL Server must associate and maintain security labels when exchanging information between systems. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| UBTU-20-010075 - The Ubuntu operating system must enforce a delay of at least 4 seconds between logon prompts following a failed logon attempt. | DISA Canonical Ubuntu 20.04 LTS STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-22-215015 - Ubuntu 22.04 LTS must have the "chrony" package installed. | DISA Canonical Ubuntu 22.04 LTS STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-22-252020 - Ubuntu 22.04 LTS must record time stamps for audit records that can be mapped to Coordinated Universal Time (UTC). | DISA Canonical Ubuntu 22.04 LTS STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
| VCSA-70-000267 - The vCenter Server must disable the distributed virtual switch health check. | DISA STIG VMware vSphere 7.0 vCenter v1r3 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-80-000189 Virtual machines (VMs) must have copy operations disabled. | DISA VMware vSphere 8.0 Virtual Machine STIG v2r1 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-80-000191 Virtual machines (VMs) must have drag and drop operations disabled. | DISA VMware vSphere 8.0 Virtual Machine STIG v2r1 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-80-000202 Virtual machines (VMs) must disable 3D features when not required. | DISA VMware vSphere 8.0 Virtual Machine STIG v2r1 | VMware | CONFIGURATION MANAGEMENT |
| WINCC-000147 - The touch keyboard or input panel must not highlight keys as passwords are entered. - PasswordSecurity | DISA Windows Vista STIG v6r41 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN11-CC-000035 - The system must be configured to ignore NetBIOS name release requests except from WINS servers. | DISA Microsoft Windows 11 STIG v2r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN11-CC-000197 - Microsoft consumer experiences must be turned off. | DISA Microsoft Windows 11 STIG v2r3 | Windows | CONFIGURATION MANAGEMENT |
| WN22-00-000180 - Windows Server 2022 nonadministrative accounts or groups must only have print permissions on printer shares. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | ACCESS CONTROL |
| WN22-CC-000030 - Windows Server 2022 Internet Protocol version 6 (IPv6) source routing must be configured to the highest protection level to prevent IP source routing. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
| WN22-CC-000200 - Windows Server 2022 Application Compatibility Program Inventory must be prevented from collecting data and sending the information to Microsoft. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
| ZEBR-10-000500 - Zebra Android 10 must be configured to not allow more than 10 consecutive failed authentication attempts. | AirWatch - DISA Zebra Android 10 COPE v1r2 | MDM | ACCESS CONTROL |
| ZEBR-10-003400 - Zebra Android 10 must be configured to display the DoD advisory warning message at startup or each time the user unlocks the device. | MobileIron - DISA Zebra Android 10 COBO v1r2 | MDM | ACCESS CONTROL |
| ZEBR-10-006100 - Zebra Android 10 must be configured to generate audit records for the following auditable events: detected integrity violations. | MobileIron - DISA Zebra Android 10 COBO v1r2 | MDM | AUDIT AND ACCOUNTABILITY |
| ZEBR-10-006100 - Zebra Android 10 must be configured to generate audit records for the following auditable events: detected integrity violations. | MobileIron - DISA Zebra Android 10 COPE v1r2 | MDM | AUDIT AND ACCOUNTABILITY |
| ZEBR-11-011000 - Zebra Android 11 devices must be configured to disable the use of third-party keyboards. | MobileIron - DISA Zebra Android 11 COBO v1r3 | MDM | CONFIGURATION MANAGEMENT |
