| 1.180 RHEL-09-252070 | CIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT I | Unix | CONFIGURATION MANAGEMENT |
| 1.211 RHEL-09-255050 | CIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT I | Unix | MAINTENANCE |
| ALMA-09-042700 - All AlmaLinux OS 9 networked systems must have the OpenSSH client installed. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r6 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXI-67-000015 - The ESXi host SSH daemon must not allow authentication using an empty password. | DISA STIG VMware vSphere 6.7 ESXi OS v1r3 | Unix | CONFIGURATION MANAGEMENT |
| ESXI-67-000060 - The virtual switch MAC Address Change policy must be set to reject on the ESXi host. | DISA STIG VMware vSphere 6.7 ESXi v1r3 | VMware | CONFIGURATION MANAGEMENT |
| ESXI-67-000071 - The SA must verify the integrity of the installation media before installing ESXi. | DISA STIG VMware vSphere 6.7 ESXi v1r3 | VMware | CONFIGURATION MANAGEMENT |
| ESXI-80-000217 - The ESXi host must configure virtual switch security policies to reject Media Access Control (MAC) address changes. | DISA VMware vSphere 8.0 ESXi STIG v2r3 VMware | VMware | CONFIGURATION MANAGEMENT |
| ESXI-80-000221 - The ESXi host must have all security patches and updates installed. | DISA VMware vSphere 8.0 ESXi STIG v2r3 VMware | VMware | CONFIGURATION MANAGEMENT |
| IBMW-LS-000050 - Users in the REST API admin role must be authorized. | DISA IBM WebSphere Liberty Server STIG v2r4 | Unix | ACCESS CONTROL |
| KNOX-07-003000 - The Samsung must be configured to enable encryption for information at rest on removable storage media. | AirWatch - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| MOTO-09-010800 - Motorola Android Pie devices must have the latest available Motorola Android Pie operating system installed. | MobileIron - DISA Motorola Android Pie.x COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
| MOTS-11-999999 - All Motorola Solutions Android 11 installations must be removed. | MobileIron - DISA Motorola Solutions Android 11 COBO v1r3 | MDM | CONFIGURATION MANAGEMENT |
| O19C-00-009900 - The Oracle Listener must be configured to require administration authentication. | DISA Oracle Database 19c STIG v1r3 Unix | Unix | CONFIGURATION MANAGEMENT |
| O112-BP-024750 - Oracle database products must be a version supported by the vendor. | DISA STIG Oracle 11.2g v2r5 Database | OracleDB | SYSTEM AND SERVICES ACQUISITION |
| OL07-00-010291 - The Oracle Linux operating system must not have accounts configured with blank or null passwords. | DISA Oracle Linux 7 STIG v3r5 | Unix | CONFIGURATION MANAGEMENT |
| OL08-00-010180 - OL 8 must have the crypto-policies package installed. | DISA Oracle Linux 8 STIG v2r8 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OL08-00-010820 - Unattended or automatic logon via the OL 8 graphical user interface must not be allowed. | DISA Oracle Linux 8 STIG v2r8 | Unix | CONFIGURATION MANAGEMENT |
| OL08-00-020330 - OL 8 must not allow accounts configured with blank or null passwords. | DISA Oracle Linux 8 STIG v2r8 | Unix | CONFIGURATION MANAGEMENT |
| OL08-00-020332 - OL 8 must not allow blank or null passwords in the password-auth file. | DISA Oracle Linux 8 STIG v2r8 | Unix | CONFIGURATION MANAGEMENT |
| OL08-00-040190 - The Trivial File Transfer Protocol (TFTP) server package must not be installed if not required for OL 8 operational support. | DISA Oracle Linux 8 STIG v2r8 | Unix | CONFIGURATION MANAGEMENT |
| OL08-00-040200 - The root account must be the only account having unrestricted access to the OL 8 system. | DISA Oracle Linux 8 STIG v2r8 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-002419 - OL 9 file systems must not contain shosts.equiv files. | DISA Oracle Linux 9 STIG v1r5 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-40-000188 - The Photon operating system must configure Secure Shell (SSH) to disallow HostbasedAuthentication. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| Restricting access to the Configuration utility by source IP address | Tenable F5 BIG-IP Best Practice Audit | F5 | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-07-010291 - The Red Hat Enterprise Linux operating system must not have accounts configured with blank or null passwords. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-010190 - SUSE operating systems with a basic input/output system (BIOS) must require authentication upon booting into single-user and maintenance modes. | DISA SUSE Linux Enterprise Server 15 STIG v2r6 | Unix | ACCESS CONTROL |
| SLES-15-010200 - SUSE operating systems with Unified Extensible Firmware Interface (UEFI) implemented must require authentication upon booting into single-user mode and maintenance. | DISA SUSE Linux Enterprise Server 15 STIG v2r6 | Unix | ACCESS CONTROL |
| SLES-15-010510 - FIPS 140-2 mode must be enabled on the SUSE operating system. | DISA SUSE Linux Enterprise Server 15 STIG v2r6 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| SLES-15-020100 - The SUSE operating system root account must be the only account with unrestricted access to the system. | DISA SUSE Linux Enterprise Server 15 STIG v2r6 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-040020 - There must be no .shosts files on the SUSE operating system. | DISA SUSE Linux Enterprise Server 15 STIG v2r6 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-040061 - The SUSE operating system must disable the x86 Ctrl-Alt-Delete key sequence for Graphical User Interfaces. | DISA SUSE Linux Enterprise Server 15 STIG v2r6 | Unix | CONFIGURATION MANAGEMENT |
| SPLK-CL-000430 - Splunk Enterprise must use TLS 1.2 and SHA-2 or higher cryptographic algorithms. | DISA STIG Splunk Enterprise 8.x for Linux v2r3 STIG OS | Unix | IDENTIFICATION AND AUTHENTICATION |
| SYMP-AG-000440 - Symantec ProxySG must terminate all network connections associated with a communications session at the end of the session or terminate user sessions (nonprivileged session) after 15 minutes of inactivity. | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | SYSTEM AND COMMUNICATIONS PROTECTION |
| SYMP-NM-000220 - Symantec ProxySG must use only approved management services protocols. | DISA Symantec ProxySG Benchmark NDM v1r2 | BlueCoat | CONFIGURATION MANAGEMENT |
| SYMP-NM-000320 - Symantec ProxySG must enable Attack Detection. | DISA Symantec ProxySG Benchmark NDM v1r2 | BlueCoat | SYSTEM AND COMMUNICATIONS PROTECTION |
| UBTU-22-212010 - Ubuntu 22.04 LTS, when booted, must require authentication upon booting into single-user and maintenance modes. | DISA Canonical Ubuntu 22.04 LTS STIG v2r8 | Unix | ACCESS CONTROL |
| UBTU-22-255025 - Ubuntu 22.04 LTS must not allow unattended or automatic login via SSH. | DISA Canonical Ubuntu 22.04 LTS STIG v2r8 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-22-255040 - Ubuntu 22.04 LTS must be configured so that remote X connections are disabled, unless to fulfill documented and validated mission requirements. | DISA Canonical Ubuntu 22.04 LTS STIG v2r8 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-24-102000 - Ubuntu 24.04 LTS when booted must require authentication upon booting into single-user and maintenance modes. | DISA Canonical Ubuntu 24.04 LTS STIG v1r5 | Unix | ACCESS CONTROL |
| VCPG-67-000012 - VMware Postgres must require authentication on all connections. | DISA STIG VMware vSphere 6.7 PostgreSQL v1r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| VCPG-67-000999 - The version of PostgreSQL running on the system must be a supported version. | DISA STIG VMware vSphere 6.7 PostgreSQL v1r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| WBLC-10-000999 - The version of Oracle WebLogic running on the system must be a supported version. | Oracle WebLogic Server 12c Linux v2r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| WN11-00-000240 - Administrative accounts must not be used with applications that access the internet, such as web browsers, or with potential internet sources, such as email. | DISA Microsoft Windows 11 STIG v2r7 | Windows | CONFIGURATION MANAGEMENT |
| WN11-CC-000345 - The Windows Remote Management (WinRM) service must not use Basic authentication. | DISA Microsoft Windows 11 STIG v2r7 | Windows | MAINTENANCE |
| WN11-SO-000205 - The LanMan authentication level must be set to send NTLMv2 response only, and to refuse LM and NTLM. | DISA Microsoft Windows 11 STIG v2r7 | Windows | CONFIGURATION MANAGEMENT |
| WN22-CC-000470 - Windows Server 2022 Windows Remote Management (WinRM) client must not use Basic authentication. | DISA Microsoft Windows Server 2022 STIG v2r8 | Windows | MAINTENANCE |
| WN22-SO-000230 - Windows Server 2022 must not allow anonymous enumeration of shares. | DISA Microsoft Windows Server 2022 STIG v2r8 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN22-SO-000310 - Windows Server 2022 LAN Manager authentication level must be configured to send NTLMv2 response only and to refuse LM and NTLM. | DISA Microsoft Windows Server 2022 STIG v2r8 | Windows | CONFIGURATION MANAGEMENT |
| ZEBR-10-010800 - Zebra Android 10 devices must have the latest available Zebra Android 10 operating system installed. | MobileIron - DISA Zebra Android 10 COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
| ZEBR-10-999999 - All Zebra Android 10 installations must be removed. | AirWatch - DISA Zebra Android 10 COBO v1r2 | MDM | CONFIGURATION MANAGEMENT |
