| 1.13 RHEL-09-212020 | CIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT I | Unix | ACCESS CONTROL |
| 1.59 RHEL-09-215060 | CIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT I | Unix | CONFIGURATION MANAGEMENT |
| 1.83 OL08-00-010460 | CIS Oracle Linux 8 STIG v1.0.0 CAT I | Unix | CONFIGURATION MANAGEMENT |
| 1.84 OL08-00-010470 | CIS Oracle Linux 8 STIG v1.0.0 CAT I | Unix | CONFIGURATION MANAGEMENT |
| 1.198 OL08-00-020331 | CIS Oracle Linux 8 STIG v1.0.0 CAT I | Unix | CONFIGURATION MANAGEMENT |
| 1.243 RHEL-09-271040 | CIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT I | Unix | CONFIGURATION MANAGEMENT |
| AIOS-17-006950 - Apple iOS/iPadOS 17 must be configured to enforce a passcode reuse prohibition of at least two generations. | MobileIron - DISA Apple iOS/iPadOS 17 v2r2 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-011200 - iPhone and iPad must have the latest available iOS/iPadOS operating system installed. | AirWatch - DISA Apple iOS/iPadOS 18 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-011200 - iPhone and iPad must have the latest available iOS/iPadOS operating system installed. | MobileIron - DISA Apple iOS/iPadOS 18 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-015600 - Apple iOS/iPadOS 18 must disable the ability to hide apps. | MobileIron - DISA Apple iOS/iPadOS 18 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| ALMA-09-015420 - AlmaLinux OS 9 must not allow unattended or automatic logon via the graphical user interface. | DISA CloudLinux AlmaLinux OS 9 STIG v1r3 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-040390 - AlmaLinux OS 9 must enable the Pluggable Authentication Module (PAM) interface for SSHD. | DISA CloudLinux AlmaLinux OS 9 STIG v1r3 | Unix | MAINTENANCE |
| ARST-RT-000160 - The Arista perimeter router must be configured to protect an enclave connected to an alternate gateway by using an inbound filter that only permits packets with destination addresses within the sites address space. | DISA STIG Arista MLS EOS 4.x Router v2r2 | Arista | ACCESS CONTROL |
| ARST-RT-000740 - The PE router must be configured to have each Virtual Routing and Forwarding (VRF) instance with the appropriate Route Target (RT). | DISA STIG Arista MLS EOS 4.x Router v2r2 | Arista | CONTINGENCY PLANNING |
| CNTR-K8-000360 - The Kubernetes API server must have anonymous authentication disabled. | DISA STIG Kubernetes v2r4 | Unix | ACCESS CONTROL |
| CNTR-K8-000370 - The Kubernetes Kubelet must have anonymous authentication disabled. | DISA STIG Kubernetes v2r4 | Unix | ACCESS CONTROL |
| CNTR-K8-002000 - The Kubernetes API server must have the ValidatingAdmissionWebhook enabled. | DISA STIG Kubernetes v2r4 | Unix | ACCESS CONTROL |
| CNTR-K8-002010 - Kubernetes must have a pod security policy set. | DISA STIG Kubernetes v2r4 | Unix | ACCESS CONTROL |
| ESXI-80-000221 - The ESXi host must have all security patches and updates installed. | DISA VMware vSphere 8.0 ESXi STIG v2r3 VMware | VMware | CONFIGURATION MANAGEMENT |
| GOOG-09-999999 - All Google Android 9 installations must be removed. | MobileIron - DISA Google Android 9.x v2r1 | MDM | CONFIGURATION MANAGEMENT |
| HONW-13-009600 - All mobile Honeywell cryptography must be configured to be in FIPS 140-3 validated mode. | MobileIron - DISA Honeywell Android 13 COPE v1r1 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| HONW-13-010800 - Android 13 devices must have the latest available Honeywell Android 13 operating system installed. | AirWatch - DISA Honeywell Android 13 COBO v1r1 | MDM | CONFIGURATION MANAGEMENT |
| HONW-13-010800 - Android 13 devices must have the latest available Honeywell Android 13 operating system installed. | MobileIron - DISA Honeywell Android 13 COPE v1r1 | MDM | CONFIGURATION MANAGEMENT |
| MD4X-00-001700 - MongoDB must enforce approved authorizations for logical access to information and system resources in accordance with applicable access control policies. | DISA STIG MongoDB Enterprise Advanced 4.x v1r4 DB | MongoDB | ACCESS CONTROL |
| MOTO-09-010800 - Motorola Android Pie devices must have the latest available Motorola Android Pie operating system installed. | AirWatch - DISA Motorola Android Pie.x COBO v1r2 | MDM | CONFIGURATION MANAGEMENT |
| MOTO-09-010800 - Motorola Android Pie devices must have the latest available Motorola Android Pie operating system installed. | AirWatch - DISA Motorola Android Pie.x COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
| MOTO-09-010900 - Motorola Android Pie devices must have a NIAP-validated Motorola Android Pie operating system installed. | MobileIron - DISA Motorola Android Pie.x COBO v1r2 | MDM | CONFIGURATION MANAGEMENT |
| MOTO-09-999999 - All Motorola Android 9 installations must be removed. | AirWatch - DISA Motorola Android Pie.x COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
| MOTS-11-999999 - All Motorola Solutions Android 11 installations must be removed. | MobileIron - DISA Motorola Solutions Android 11 COBO v1r3 | MDM | CONFIGURATION MANAGEMENT |
| OL07-00-020231 - The Oracle Linux operating system must be configured so the x86 Ctrl-Alt-Delete key sequence is disabled in the Graphical User Interface. | DISA Oracle Linux 7 STIG v3r3 | Unix | CONFIGURATION MANAGEMENT |
| OL08-00-010140 - OL 8 operating systems booted with United Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user mode and maintenance. | DISA Oracle Linux 8 STIG v2r5 | Unix | ACCESS CONTROL |
| OL08-00-040171 - The x86 Ctrl-Alt-Delete key sequence in OL 8 must be disabled if a graphical user interface is installed. | DISA Oracle Linux 8 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-010121 - The RHEL 8 operating system must not have accounts configured with blank or null passwords. | DISA Red Hat Enterprise Linux 8 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-010470 - There must be no .shosts files on the RHEL 8 operating system. | DISA Red Hat Enterprise Linux 8 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-040000 - RHEL 8 must not have the telnet-server package installed. | DISA Red Hat Enterprise Linux 8 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-040170 - The x86 Ctrl-Alt-Delete key sequence must be disabled on RHEL 8. | DISA Red Hat Enterprise Linux 8 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-010000 - The SUSE operating system must be a vendor-supported release. | DISA SUSE Linux Enterprise Server 15 STIG v2r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| SYMP-AG-000330 - Symantec ProxySG must be configured with a pre-established trust relationship and mechanisms with appropriate authorities that validate user account access authorizations and privileges - Domain Exists | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | IDENTIFICATION AND AUTHENTICATION |
| SYMP-AG-000330 - Symantec ProxySG must be configured with a pre-established trust relationship and mechanisms with appropriate authorities that validate user account access authorizations and privileges - Domain joined | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | IDENTIFICATION AND AUTHENTICATION |
| SYMP-AG-000440 - Symantec ProxySG must terminate all network connections associated with a communications session at the end of the session or terminate user sessions (nonprivileged session) after 15 minutes of inactivity. | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | SYSTEM AND COMMUNICATIONS PROTECTION |
| UBTU-20-010048 - The Ubuntu operating system must be configured so that remote X connections are disabled, unless to fulfill documented and validated mission requirements. | DISA Canonical Ubuntu 20.04 LTS STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-24-100040 - Ubuntu 24.04 LTS must not have the rsh-server package installed. | DISA Canonical Ubuntu 24.04 LTS STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-24-300027 - Ubuntu 24.04 LTS must not have accounts configured with blank or null passwords. | DISA Canonical Ubuntu 24.04 LTS STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| WN11-00-000045 - The Windows 11 system must use an antivirus program. | DISA Microsoft Windows 11 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
| WN11-00-000050 - Local volumes must be formatted using NTFS. | DISA Microsoft Windows 11 STIG v2r4 | Windows | ACCESS CONTROL |
| WN11-00-000100 - Internet Information System (IIS) or its subcomponents must not be installed on a workstation. | DISA Microsoft Windows 11 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
| WN11-CC-000155 - Solicited Remote Assistance must not be allowed. | DISA Microsoft Windows 11 STIG v2r4 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN11-CC-000345 - The Windows Remote Management (WinRM) service must not use Basic authentication. | DISA Microsoft Windows 11 STIG v2r4 | Windows | MAINTENANCE |
| WN22-CC-000500 - Windows Server 2022 Windows Remote Management (WinRM) service must not use Basic authentication. | DISA Microsoft Windows Server 2022 STIG v2r5 | Windows | MAINTENANCE |
| WN22-MS-000140 - Windows Server 2022 must be running Credential Guard on domain-joined member servers. | DISA Microsoft Windows Server 2022 STIG v2r5 | Windows | CONFIGURATION MANAGEMENT |
