| AIOS-14-008800 - Apple iOS/iPadOS must require a valid password be successfully entered before the mobile device data is unencrypted. | AirWatch - DISA Apple iOS/iPadOS 14 v1r3 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-14-008800 - Apple iOS/iPadOS must require a valid password be successfully entered before the mobile device data is unencrypted. | MobileIron - DISA Apple iOS/iPadOS 14 v1r3 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-14-011800 - Apple iOS must be configured to disable automatic transfer of diagnostic data to an external device other than an MDM service with which the device has enrolled. | AirWatch - DISA Apple iOS/iPadOS 14 v1r3 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-14-011800 - Apple iOS must be configured to disable automatic transfer of diagnostic data to an external device other than an MDM service with which the device has enrolled. | MobileIron - DISA Apple iOS/iPadOS 14 v1r3 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-16-010400 - Apple iOS/iPadOS 16 must require a valid password be successfully entered before the mobile device data is unencrypted. | AirWatch - DISA Apple iOS/iPadOS 16 v2r1 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-16-010400 - Apple iOS/iPadOS 16 must require a valid password be successfully entered before the mobile device data is unencrypted. | MobileIron - DISA Apple iOS/iPadOS 16 v2r1 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-16-013400 - The Apple iOS must be configured to disable automatic transfer of diagnostic data to an external device other than an MDM service with which the device has enrolled. | MobileIron - DISA Apple iOS/iPadOS 16 v2r1 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-16-013400 - The Apple iOS must be configured to disable automatic transfer of diagnostic data to an external device other than an MDM service with which the device has enrolled. | AirWatch - DISA Apple iOS/iPadOS 16 v2r1 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-16-710400 - Apple iOS/iPadOS 16 must require a valid password be successfully entered before the mobile device data is unencrypted. | MobileIron - DISA Apple iOS/iPadOS BYOAD 16 v1r1 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-16-710400 - Apple iOS/iPadOS 16 must require a valid password be successfully entered before the mobile device data is unencrypted. | AirWatch - DISA Apple iOS/iPadOS 16 BYOAD v1r1 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-16-713400 - The Apple iOS must be configured to disable automatic transfer of diagnostic data to an external device other than an MDM service with which the device has enrolled. | AirWatch - DISA Apple iOS/iPadOS 16 BYOAD v1r1 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-16-713400 - The Apple iOS must be configured to disable automatic transfer of diagnostic data to an external device other than an MDM service with which the device has enrolled. | MobileIron - DISA Apple iOS/iPadOS BYOAD 16 v1r1 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-17-010400 - Apple iOS/iPadOS 17 must require a valid password be successfully entered before the mobile device data is unencrypted. | MobileIron - DISA Apple iOS/iPadOS 17 v2r1 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-17-010400 - Apple iOS/iPadOS 17 must require a valid password be successfully entered before the mobile device data is unencrypted. | AirWatch - DISA Apple iOS/iPadOS 17 v2r1 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-17-013400 - The Apple iOS must be configured to disable automatic transfer of diagnostic data to an external device other than an MDM service with which the device has enrolled. | MobileIron - DISA Apple iOS/iPadOS 17 v2r1 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-17-013400 - The Apple iOS must be configured to disable automatic transfer of diagnostic data to an external device other than an MDM service with which the device has enrolled. | AirWatch - DISA Apple iOS/iPadOS 17 v2r1 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-17-710400 - Apple iOS/iPadOS 17 must require a valid password be successfully entered before the mobile device data is unencrypted. | AirWatch - DISA Apple iOS/iPadOS 17 BYOAD v1r1 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-17-710400 - Apple iOS/iPadOS 17 must require a valid password be successfully entered before the mobile device data is unencrypted. | MobileIron - DISA Apple iOS/iPadOS BYOAD 17 v1r1 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-17-713400 - The Apple iOS must be configured to disable automatic transfer of diagnostic data to an external device other than an MDM service with which the device has enrolled. | MobileIron - DISA Apple iOS/iPadOS BYOAD 17 v1r1 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-17-713400 - The Apple iOS must be configured to disable automatic transfer of diagnostic data to an external device other than an MDM service with which the device has enrolled. | AirWatch - DISA Apple iOS/iPadOS 17 BYOAD v1r1 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| CD12-00-008300 - PostgreSQL must protect the confidentiality and integrity of all information at rest. | DISA STIG Crunchy Data PostgreSQL DB v3r1 | PostgreSQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO188 - Office System - Document metadata for password protected files must be protected. | DISA STIG Office System 2010 v1r13 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO189 - Office System - The encryption type for password protected Open XML files must be set. | DISA STIG Office System 2010 v1r13 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO190 - Office System - The encryption type for password protected Office 97 thru Office 2003 must be set. | DISA STIG Office System 2010 v1r13 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO195 - Office System - Passwords for secured documents must be enforced. | DISA STIG Office System 2010 v1r13 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EPAS-00-005700 - The EDB Postgres Advanced Server must protect the confidentiality and integrity of all information at rest. | EnterpriseDB PostgreSQL Advanced Server DB v2r1 | PostgreSQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX19-MB-000115 Exchange mailboxes must be retained until backups are complete. | DISA Microsoft Exchange 2019 Mailbox Server STIG v2r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX19-MB-000116 Exchange email forwarding must be restricted. | DISA Microsoft Exchange 2019 Mailbox Server STIG v2r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX19-MB-000117 Exchange email-forwarding SMTP domains must be restricted. | DISA Microsoft Exchange 2019 Mailbox Server STIG v2r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| FGFW-ND-000285 - The FortiGate device must only allow authorized administrators to view or change the device configuration, system files, and other files stored either in the device or on removable media (such as a flash drive). | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | SYSTEM AND COMMUNICATIONS PROTECTION |
| GEN008380 - A root kit check tool must be run on the system at least weekly. | DISA STIG AIX 5.3 v1r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUEX-NM-000370 - The Juniper device must be configured to only allow authorized administrators to view or change the device configuration, system files, and other files stored either in the device or on removable media (such as a flash drive). | DISA Juniper EX Series Network Device Management v2r1 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| KNOX-07-002600 - The Samsung must be configured to not display the following notifications when the device is locked: All notifications. | MobileIron - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| KNOX-07-002600 - The Samsung must be configured to not display the following notifications when the device is locked: All notifications. | AirWatch - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| KNOX-07-003000 - The Samsung must be configured to enable encryption for information at rest on removable storage media. | MobileIron - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| KNOX-07-003000 - The Samsung must be configured to enable encryption for information at rest on removable storage media. | AirWatch - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| MADB-10-005200 - MariaDB must protect the confidentiality and integrity of all information at rest. | DISA MariaDB Enterprise 10.x v2r1 DB | MySQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| Monterey - Enforce FileVault | NIST macOS Monterey v1.0.0 - 800-53r4 Moderate | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Monterey - Enforce FileVault | NIST macOS Monterey v1.0.0 - 800-53r5 High | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Monterey - Enforce FileVault | NIST macOS Monterey v1.0.0 - 800-53r5 Moderate | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Monterey - Enforce FileVault | NIST macOS Monterey v1.0.0 - 800-171 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Monterey - Enforce FileVault | NIST macOS Monterey v1.0.0 - All Profiles | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| MYS8-00-007200 - The MySQL Database Server 8.0 must protect the confidentiality and integrity of all information at rest. | DISA Oracle MySQL 8.0 v2r1 DB | MySQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-08-010030 - All RHEL 8 local disk partitions must implement cryptographic mechanisms to prevent unauthorized disclosure or modification of all information that requires at rest protection. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| SQL2-00-021300 - SQL Server must protect data at rest and ensure confidentiality and integrity of data. | DISA STIG SQL Server 2012 Database Audit v1r20 | MS_SQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| SQL2-00-024100 - The Database Master Key must be encrypted by the Service Master Key where required. | DISA STIG SQL Server 2012 Database Audit v1r20 | MS_SQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| SQL2-00-024200 - Database Master Key passwords must not be stored in credentials within the database. | DISA STIG SQL Server 2012 Database Audit v1r20 | MS_SQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| SQL2-00-024300 - Symmetric keys (other than the database master key) must use a DoD certificate to encrypt the key. | DISA STIG SQL Server 2012 Database Audit v1r20 | MS_SQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| SQL2-00-024500 - The Service Master Key must be backed up, stored offline and off-site. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN11-00-000250 - Windows 11 nonpersistent VM sessions must not exceed 24 hours. | DISA Windows 11 STIG v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
