| 1.15 OL08-00-010121 | CIS Oracle Linux 8 STIG v1.0.0 CAT I | Unix | CONFIGURATION MANAGEMENT |
| 1.333 OL08-00-040171 | CIS Oracle Linux 8 STIG v1.0.0 CAT I | Unix | CONFIGURATION MANAGEMENT |
| AIOS-15-999999 - All Apple iOS/iPadOS 15 installations must be removed. | MobileIron - DISA Apple iOS/iPadOS 15 STIG v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-16-715000 - All Apple iOS/iPadOS 16 BYOAD installations must be removed. | MobileIron - DISA Apple iOS/iPadOS BYOAD 16 v1r2 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-17-010400 - Apple iOS/iPadOS 17 must require a valid password be successfully entered before the mobile device data is unencrypted. | MobileIron - DISA Apple iOS/iPadOS 17 v2r2 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-18-011200 - iPhone and iPad must have the latest available iOS/iPadOS operating system installed. | AirWatch - DISA Apple iOS/iPadOS 18 v2r2 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-26-010400 - Apple iOS/iPadOS 26 must require a valid password be successfully entered before the mobile device data is unencrypted. | AirWatch - DISA Apple iOS/iPadOS 26 v1r2 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AMLS-L2-000170 - The Arista MLS L2S must be using a version supported by the vendor. | DISA STIG Arista MLS DCS-7000 Series L2S v1r3 | Arista | CONFIGURATION MANAGEMENT |
| APPL-11-002070 - The macOS system must use an approved antivirus program. | DISA STIG Apple macOS 11 v1r5 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-004021 - The macOS system must be configured with the sudoers file configured to authenticate users on a per -tty basis. | DISA STIG Apple macOS 11 v1r5 | Unix | CONFIGURATION MANAGEMENT |
| APPL-12-000016 - The macOS system must be integrated into a directory services infrastructure. | DISA STIG Apple macOS 12 v1r9 | Unix | CONFIGURATION MANAGEMENT |
| APPL-13-002070 - The macOS system must use an approved antivirus program. | DISA STIG Apple macOS 13 v1r5 | Unix | CONFIGURATION MANAGEMENT |
| ARST-ND-000340 - The Arista network device must be configured to prohibit the use of all unnecessary and/or nonsecure functions, ports, protocols, and/or services. | DISA Arista MLS EOS 4.X NDM STIG v2r2 | Arista | CONFIGURATION MANAGEMENT |
| ARST-ND-000860 - The Arista network device must be running an operating system release that is currently supported by the vendor. | DISA STIG Arista MLS EOS 4.2x NDM v2r1 | Arista | CONFIGURATION MANAGEMENT |
| ARST-RT-000160 - The Arista perimeter router must be configured to protect an enclave connected to an alternate gateway by using an inbound filter that only permits packets with destination addresses within the sites address space. | DISA Arista MLS EOS 4.X Router STIG v2r2 | Arista | ACCESS CONTROL |
| ARST-RT-000340 - The Arista router must be configured to restrict traffic destined to itself. | DISA STIG Arista MLS EOS 4.2x Router v2r1 | Arista | SYSTEM AND COMMUNICATIONS PROTECTION |
| AZLX-23-001255 - Amazon Linux 2023 must enable the Pluggable Authentication Module (PAM) interface for SSHD. | DISA Amazon Linux 2023 STIG v1r2 | Unix | MAINTENANCE |
| CASA-FW-000010 - The Cisco ASA must be configured to filter outbound traffic, allowing only authorized ports and services - ACL Applied | DISA STIG Cisco ASA FW v2r1 | Cisco | ACCESS CONTROL |
| CASA-ND-000690 - The Cisco ASA must be configured to terminate all network connections associated with a device management session at the end of the session, or the session must be terminated after five minutes of inactivity except to fulfill documented and validated mission requirements. | DISA STIG Cisco ASA NDM v2r4 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CASA-ND-001420 - The Cisco ASA must be running an operating system release that is currently supported by Cisco Systems. | DISA STIG Cisco ASA NDM v2r4 | Cisco | SYSTEM AND SERVICES ACQUISITION |
| CASA-VN-000240 - The Cisco ASA must be configured to use FIPS-validated SHA-2 or higher for Internet Key Exchange (IKE) Phase 2. | DISA STIG Cisco ASA VPN v2r2 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CNTR-K8-000440 - The Kubernetes kubelet staticPodPath must not enable static pods. | DISA STIG Kubernetes v2r5 | Unix | ACCESS CONTROL |
| CNTR-K8-001162 - Kubernetes Secrets must be encrypted at rest. | DISA STIG Kubernetes v2r5 | Unix | ACCESS CONTROL |
| CNTR-K8-002010 - Kubernetes must have a pod security policy set. | DISA STIG Kubernetes v2r5 | Unix | ACCESS CONTROL |
| F5BI-AP-999999 - The version of F5 BIG-IP must be a supported version. | DISA F5 BIG-IP Access Policy Manager STIG v2r4 | F5 | SYSTEM AND INFORMATION INTEGRITY |
| FNFG-FW-000110 - The FortiGate firewall must employ filters that prevent or limit the effects of all types of commonly known denial-of-service (DoS) attacks, including flooding, packet sweeps, and unauthorized port scanning. | DISA Fortigate Firewall STIG v1r4 | FortiGate | SYSTEM AND COMMUNICATIONS PROTECTION |
| GEN002040 - There must be no .rhosts, .shosts, hosts.equiv, or shosts.equiv files on the system - 'shosts.equiv' | DISA AIX 5.3 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN004640 - The SMTP service must not have a uudecode alias active - '/usr/lib/aliases uudecode alias does not exist' | DISA AIX 5.3 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| JUEX-NM-000230 - The Juniper EX switch must be configured to prohibit the use of all unnecessary and/or nonsecure functions, ports, protocols, and/or services. | DISA Juniper EX Series Network Device Management v2r4 | Juniper | CONFIGURATION MANAGEMENT |
| JUEX-NM-000340 - The Juniper EX switch must be configured to use FIPS 140-2/140-3-validated algorithms for authentication to a cryptographic module. | DISA Juniper EX Series Network Device Management v2r4 | Juniper | IDENTIFICATION AND AUTHENTICATION |
| JUEX-NM-000370 - The Juniper device must be configured to only allow authorized administrators to view or change the device configuration, system files, and other files stored either in the device or on removable media (such as a flash drive). | DISA Juniper EX Series Network Device Management v2r4 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| OS10-NDM-000980 - The Dell OS10 Switch must be running an operating system release that is currently supported by Dell. | DISA Dell OS10 Switch NDM STIG v1r1 | Dell_OS10 | CONFIGURATION MANAGEMENT |
| RHEL-08-010000 - RHEL 8 must be a vendor-supported release. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-010121 - The RHEL 8 operating system must not have accounts configured with blank or null passwords. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-010140 - RHEL 8 operating systems booted with United Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user mode and maintenance. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | ACCESS CONTROL |
| RHEL-08-010470 - There must be no .shosts files on the RHEL 8 operating system. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-020330 - RHEL 8 must not allow accounts configured with blank or null passwords. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-040171 - The x86 Ctrl-Alt-Delete key sequence in RHEL 8 must be disabled if a graphical user interface is installed. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-271040 - RHEL 9 must not allow unattended or automatic logon via the graphical user interface. | DISA Red Hat Enterprise Linux 9 STIG v2r8 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-10-200020 - RHEL 10 must not have the "telnet-server" package installed. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-10-600560 - RHEL 10 must require users to provide a password for privilege escalation. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-10-700640 - RHEL 10 must not allow users to override Secure Shell (SSH) environment variables. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | CONFIGURATION MANAGEMENT |
| SLES-12-010221 - The SUSE operating system must not have accounts configured with blank or null passwords. | DISA SLES 12 STIG v3r4 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-20-010001 - Ubuntu 20.04 LTS must be a vendor-supported release. | DISA Canonical Ubuntu 20.04 LTS STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-20-010406 - The Ubuntu operating system must not have the rsh-server package installed. | DISA Canonical Ubuntu 20.04 LTS STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-20-010463 - The Ubuntu operating system must not allow accounts configured with blank or null passwords. | DISA Canonical Ubuntu 20.04 LTS STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| WN25-DC-000150 - Windows Server 2025 directory data (outside the root DSE) of a nonpublic directory must be configured to prevent anonymous access. | DISA Microsoft Windows Server 2025 STIG v1r1 | Windows | CONFIGURATION MANAGEMENT |
| WN25-SO-000230 - Windows Server 2025 must not allow anonymous enumeration of shares. | DISA Microsoft Windows Server 2025 STIG v1r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| ZEBR-11-999999 - All Zebra Android 11 installations must be removed. | AirWatch - DISA Zebra Android 11 COBO STIG v1r4 | MDM | CONFIGURATION MANAGEMENT |
| ZEBR-11-999999 - All Zebra Android 11 installations must be removed. | MobileIron - DISA Zebra Android 11 COBO STIG v1r4 | MDM | CONFIGURATION MANAGEMENT |
