| 1.85 OL08-00-010472 | CIS Oracle Linux 8 STIG v1.0.0 CAT III | Unix | CONFIGURATION MANAGEMENT |
| 1.360 OL08-00-040300 | CIS Oracle Linux 8 STIG v1.0.0 CAT III | Unix | CONFIGURATION MANAGEMENT |
| AIOS-17-008400 - Apple iOS/iPadOS 17 must be configured to display the DOD advisory warning message at startup or each time the user unlocks the device. | AirWatch - DISA Apple iOS/iPadOS 17 v2r2 | MDM | ACCESS CONTROL |
| AIOS-17-701000 - Apple iOS/iPadOS 17 must allow the administrator (MDM) to perform the following management function: enable/disable VPN protection across the device - MDM to perform the following management function: enable/disable VPN protection across the device and [selection: other methods]. | MobileIron - DISA Apple iOS/iPadOS BYOAD 17 v1r2 | MDM | CONFIGURATION MANAGEMENT |
| APPL-15-001029 - The macOS system must configure audit retention to seven days. | DISA Apple macOS 15 (Sequoia) STIG v1r4 | Unix | AUDIT AND ACCOUNTABILITY |
| EDGE-00-000010 - Data Synchronization must be disabled. | DISA STIG Edge v2r3 | Windows | CONFIGURATION MANAGEMENT |
| ESXI-80-000210 - The ESXi host Secure Shell (SSH) daemon must set a timeout count on idle sessions. | DISA VMware vSphere 8.0 ESXi STIG v2r3 Unix | Unix | CONFIGURATION MANAGEMENT |
| EX19-MB-000033 - Exchange audit record parameters must be set. | DISA Microsoft Exchange 2019 Mailbox Server STIG v2r2 | Windows | AUDIT AND ACCOUNTABILITY |
| GOOG-11-000500 - Google Android 11 must be configured to not allow more than ten consecutive failed authentication attempts. | MobileIron - DISA Google Android 11 COPE v2r1 | MDM | ACCESS CONTROL |
| GOOG-13-007700 - Google Android 13 must be configured to display the DOD advisory warning message at startup or each time the user unlocks the device. | MobileIron - DISA Google Android 13 COPE v2r2 | MDM | ACCESS CONTROL |
| GOOG-13-010900 - Android 13 devices must be configured to disable the use of third-party keyboards. | AirWatch - DISA Google Android 13 COPE v2r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-13-011000 - Android 13 devices must be configured to enable Common Criteria Mode (CC Mode) - CC Mode. | MobileIron - DISA Google Android 13 COBO v2r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-13-011000 - Android 13 devices must be configured to enable Common Criteria Mode (CC Mode) - CC Mode. | AirWatch - DISA Google Android 13 COPE v2r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-13-012400 - Google Android 13 must allow only the Administrator (MDM) to perform the following management function: Disable Phone Hub. | MobileIron - DISA Google Android 13 COBO v2r2 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| GOOG-13-012400 - Google Android 13 must allow only the Administrator (MDM) to perform the following management function: Disable Phone Hub. | AirWatch - DISA Google Android 13 COPE v2r2 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| GOOG-14-010900 - Android 14 devices must be configured to disable the use of third-party keyboards. | AirWatch - DISA Google Android 14 COPE v2r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-14-010900 - Android 14 devices must be configured to disable the use of third-party keyboards. | MobileIron - DISA Google Android 14 COPE v2r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-14-012400 - Google Android 14 must allow only the administrator (MDM) to perform the following management function: Disable Phone Hub - MDM to perform the following management function: Disable Phone Hub. | AirWatch - DISA Google Android 14 COBO v2r2 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| JRE8-UX-000060 - Oracle JRE 8 must default to the most secure built-in setting - deployment.security.level.locked | DISA STIG Oracle JRE 8 Unix v1r3 | Unix | CONFIGURATION MANAGEMENT |
| MADB-10-000100 - MariaDB must limit the number of concurrent sessions to an organization-defined number per user for all accounts and/or account types. | DISA MariaDB Enterprise 10.x v2r3 DB | MySQLDB | ACCESS CONTROL |
| MSFT-11-003400 - Microsoft Android 11 must be configured to display the DOD advisory warning message at start-up or each time the user unlocks the device. | MobileIron - DISA Microsoft Android 11 COPE v1r2 | MDM | ACCESS CONTROL |
| MSFT-11-011100 - Microsoft Android 11 devices must be configured to enable Common Criteria Mode (CC Mode). | AirWatch - DISA Microsoft Android 11 COBO v1r2 | MDM | CONFIGURATION MANAGEMENT |
| OL08-00-010541 - OL 8 must use a separate file system for "/var/log". | DISA Oracle Linux 8 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-002330 - OL 9 must enable Linux audit logging for the USBGuard daemon. | DISA Oracle Linux 9 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| PHTN-40-000110 The Photon operating system must allocate audit record storage capacity to store audit records when audit records are not immediately sent to a central audit record storage facility. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-010472 - RHEL 8 must have the packages required to use the hardware random number generator entropy gatherer service. | DISA Red Hat Enterprise Linux 8 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-010540 - RHEL 8 must use a separate file system for /var. | DISA Red Hat Enterprise Linux 8 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-020024 - RHEL 8 must limit the number of concurrent sessions to ten for all accounts and/or account types. | DISA Red Hat Enterprise Linux 8 STIG v2r4 | Unix | ACCESS CONTROL |
| RHEL-08-020340 - RHEL 8 must display the date and time of the last successful account logon upon logon. | DISA Red Hat Enterprise Linux 8 STIG v2r4 | Unix | ACCESS CONTROL |
| RHEL-08-030063 - RHEL 8 must resolve audit information before writing to disk. | DISA Red Hat Enterprise Linux 8 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-030601 - RHEL 8 must enable auditing of processes that start prior to the audit daemon. | DISA Red Hat Enterprise Linux 8 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030742 - RHEL 8 must disable network management of the chrony daemon. | DISA Red Hat Enterprise Linux 8 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-040023 - RHEL 8 must disable the stream control transmission protocol (SCTP). | DISA Red Hat Enterprise Linux 8 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-040024 - RHEL 8 must disable the transparent inter-process communication (TIPC) protocol. | DISA Red Hat Enterprise Linux 8 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-040300 - The RHEL 8 file integrity tool must be configured to verify extended attributes. | DISA Red Hat Enterprise Linux 8 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-010410 - The SUSE operating system must be configured to use Coordinated Universal Time (UTC) or Greenwich Mean Time (GMT). | DISA SUSE Linux Enterprise Server 15 STIG v2r5 | Unix | AUDIT AND ACCOUNTABILITY |
| SLES-15-040210 - The SUSE operating system must use a separate file system for /var. | DISA SUSE Linux Enterprise Server 15 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| SQL2-00-010200 - SQL Server default account sa must have its name changed. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL2-00-013700 - SQL Server must protect audit information from unauthorized modification. | DISA STIG SQL Server 2012 Database OS Audit v1r20 | Windows | AUDIT AND ACCOUNTABILITY |
| UBTU-22-412010 - Ubuntu 22.04 LTS must enforce a delay of at least four seconds between logon prompts following a failed logon attempt. | DISA Canonical Ubuntu 22.04 LTS STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| VMCH-70-000002 - Drag and drop operations must be disabled on the virtual machine (VM). | DISA STIG VMware vSphere 7.0 Virtual Machine v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-70-000018 - Shared salt values must be disabled on the virtual machine (VM). | DISA STIG VMware vSphere 7.0 Virtual Machine v1r4 | VMware | CONFIGURATION MANAGEMENT |
| WBSP-AS-000640 - The WebSphere Application Server must alert the SA and ISSO, in the event of a log processing failure - enabled | DISA IBM WebSphere Traditional 9 Windows STIG v1r1 | Windows | AUDIT AND ACCOUNTABILITY |
| WBSP-AS-000740 - The WebSphere Application Server must be configured to protect log information from any type of unauthorized read access. | DISA IBM WebSphere Traditional 9 Windows STIG v1r1 | Windows | AUDIT AND ACCOUNTABILITY |
| WN11-00-000085 - Standard local user accounts must not exist on a system in a domain. | DISA Microsoft Windows 11 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
| WN11-CC-000035 - The system must be configured to ignore NetBIOS name release requests except from WINS servers. | DISA Microsoft Windows 11 STIG v2r4 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN11-CC-000175 - The Application Compatibility Program Inventory must be prevented from collecting data and sending the information to Microsoft. | DISA Microsoft Windows 11 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
| WN11-SO-000050 - The computer account password must not be prevented from being reset. | DISA Microsoft Windows 11 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
| WN11-UC-000015 - Toast notifications to the lock screen must be turned off. | DISA Microsoft Windows 11 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
| WN22-CC-000200 - Windows Server 2022 Application Compatibility Program Inventory must be prevented from collecting data and sending the information to Microsoft. | DISA Microsoft Windows Server 2022 STIG v2r5 | Windows | CONFIGURATION MANAGEMENT |
