| AIX7-00-001108 - AIX must implement NIST FIPS-validated cryptography for the following: to provision digital signatures, to generate cryptographic hashes, and to protect unclassified information requiring confidentiality and cryptographic protection in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards. | DISA STIG AIX 7.x v2r5 | Unix | |
| AIX7-00-001108 - AIX must implement NIST FIPS-validated cryptography for the following: to provision digital signatures, to generate cryptographic hashes, and to protect unclassified information requiring confidentiality and cryptographic protection in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards. | DISA STIG AIX 7.x v2r8 | Unix | |
| AOSX-15-003001 - The macOS system must issue or obtain public key certificates under an appropriate certificate policy from an approved service provider. | DISA STIG Apple Mac OSX 10.15 v1r8 | Unix | |
| APPNET0062 - The .NET CLR must be configured to use FIPS approved encryption modules - applications | DISA STIG for Microsoft Dot Net Framework 4.0 v2r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| APPNET0062 - The .NET CLR must be configured to use FIPS approved encryption modules - machine | DISA STIG for Microsoft Dot Net Framework 4.0 v2r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| APPNET0062 - The .NET CLR must be configured to use FIPS approved encryption modules. | DISA STIG for Microsoft Dot Net Framework 4.0 v2r4 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Big Sur - Issue or Obtain Public Key Certificates from an Approved Service Provider | NIST macOS Big Sur v1.4.0 - 800-53r5 High | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| Big Sur - Issue or Obtain Public Key Certificates from an Approved Service Provider | NIST macOS Big Sur v1.4.0 - 800-53r4 High | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| Big Sur - Issue or Obtain Public Key Certificates from an Approved Service Provider | NIST macOS Big Sur v1.4.0 - CNSSI 1253 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| Big Sur - Issue or Obtain Public Key Certificates from an Approved Service Provider | NIST macOS Big Sur v1.4.0 - 800-53r5 Moderate | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| Big Sur - Issue or Obtain Public Key Certificates from an Approved Service Provider | NIST macOS Big Sur v1.4.0 - All Profiles | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| Big Sur - Issue or Obtain Public Key Certificates from an Approved Service Provider | NIST macOS Big Sur v1.4.0 - 800-53r4 Moderate | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| BIND-9X-001120 - A BIND 9.x server must implement NIST FIPS-validated cryptography for provisioning digital signatures and generating cryptographic hashes - key | DISA BIND 9.x STIG v2r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Catalina - Issue or Obtain Public Key Certificates from an Approved Service Provider | NIST macOS Catalina v1.5.0 - All Profiles | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| Catalina - Issue or Obtain Public Key Certificates from an Approved Service Provider | NIST macOS Catalina v1.5.0 - 800-53r5 High | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| Catalina - Issue or Obtain Public Key Certificates from an Approved Service Provider | NIST macOS Catalina v1.5.0 - 800-53r5 Moderate | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| Catalina - Issue or Obtain Public Key Certificates from an Approved Service Provider | NIST macOS Catalina v1.5.0 - CNSSI 1253 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| Catalina - Issue or Obtain Public Key Certificates from an Approved Service Provider | NIST macOS Catalina v1.5.0 - 800-53r4 Moderate | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| DKER-EE-006240 - Docker Enterprise data exchanged between Linux containers on different nodes must be encrypted on the overlay network. | DISA STIG Docker Enterprise 2.x Linux/Unix v1r1 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| DTBI1100-IE11 - Allow Fallback to SSL 3.0 (Internet Explorer) must be disabled. | DISA STIG IE 11 v2r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO316 - Outlook minimum encryption key length settings must be set. | DISA STIG Microsoft Outlook 2016 v2r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO316 - Outlook minimum encryption key length settings must be set. | DISA STIG Microsoft Outlook 2016 v2r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EP11-00-004900 - The EDB Postgres Advanced Server must use NIST FIPS 140-2 or 140-3 validated cryptographic modules for all cryptographic operations including generation of cryptographic hashes and data protection - alg_section | EDB PostgreSQL Advanced Server v11 Windows OS Audit v2r2 | Windows | |
| EP11-00-004900 - The EDB Postgres Advanced Server must use NIST FIPS 140-2 or 140-3 validated cryptographic modules for all cryptographic operations including generation of cryptographic hashes and data protection - hostssl | EDB PostgreSQL Advanced Server v11 Windows OS Audit v2r2 | Windows | |
| EP11-00-004900 - The EDB Postgres Advanced Server must use NIST FIPS 140-2 or 140-3 validated cryptographic modules for all cryptographic operations including generation of cryptographic hashes and data protection - openssl_conf | EDB PostgreSQL Advanced Server v11 Windows OS Audit v2r2 | Windows | |
| EP11-00-004900 - The EDB Postgres Advanced Server must use NIST FIPS 140-2 or 140-3 validated cryptographic modules for all cryptographic operations including generation of cryptographic hashes and data protection - version | EDB PostgreSQL Advanced Server v11 DB Audit v2r2 | PostgreSQLDB | |
| EP11-00-004900 - The EDB Postgres Advanced Server must use NIST FIPS 140-2 or 140-3 validated cryptographic modules for all cryptographic operations including generation of cryptographic hashes and data protection. | EDB PostgreSQL Advanced Server v11 Windows OS Audit v2r3 | Windows | |
| EP11-00-012700 - The EDB Postgres Advanced Server must implement NIST FIPS 140-2 validated cryptographic modules to provision digital signatures - openssl_conf | EDB PostgreSQL Advanced Server v11 Windows OS Audit v2r1 | Windows | CONFIGURATION MANAGEMENT |
| F5BI-LT-000295 - The BIG-IP Core implementation must be configured to use NIST FIPS-validated cryptography to implement encryption services when providing encrypted traffic to virtual servers. | DISA F5 BIG-IP Local Traffic Manager 11.x STIG v2r1 | F5 | SYSTEM AND COMMUNICATIONS PROTECTION |
| MD3X-00-000380 - MongoDB must use NIST FIPS 140-2-validated cryptographic modules for cryptographic operations. | DISA STIG MongoDB Enterprise Advanced 3.x v2r1 OS | Unix | |
| MD3X-00-000380 - MongoDB must use NIST FIPS 140-2-validated cryptographic modules for cryptographic operations. | DISA STIG MongoDB Enterprise Advanced 3.x v2r2 OS | Unix | |
| PGS9-00-008000 - PostgreSQL must implement NIST FIPS 140-2 validated cryptographic modules to generate and validate cryptographic hashes. | DISA STIG PostgreSQL 9.x on RHEL DB v2r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| PGS9-00-008000 - PostgreSQL must implement NIST FIPS 140-2 validated cryptographic modules to generate and validate cryptographic hashes. | DISA STIG PostgreSQL 9.x on RHEL OS v2r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-09-671010 - RHEL 9 must enable FIPS mode. | DISA Red Hat Enterprise Linux 9 STIG v1r3 | Unix | |
| SP13-00-000095 - SharePoint must employ NSA-approved cryptography to protect classified information. | DISA STIG SharePoint 2013 v2r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| SP13-00-000100 - SharePoint must employ FIPS-validated cryptography to protect unclassified information when such information must be separated from individuals who have the necessary clearances yet lack the necessary access approvals. | DISA STIG SharePoint 2013 v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| SQL4-00-031100 - SQL Server must use NIST FIPS 140-2 or 140-3 validated cryptographic modules for cryptographic operations. | DISA STIG SQL Server 2014 Instance OS Audit v2r3 | Windows | |
| SQL4-00-031100 - SQL Server must use NIST FIPS 140-2 validated cryptographic modules for cryptographic operations. | DISA STIG SQL Server 2014 Instance OS Audit v1r10 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| SQL6-D0-015600 - SQL Server must implement NIST FIPS 140-2 validated cryptographic modules to provision digital signatures. | DISA STIG SQL Server 2016 Instance OS Audit v2r4 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| VCPG-70-000013 - VMware Postgres must use FIPS 140-2 approved Transport Layer Security (TLS) ciphers. | DISA STIG VMware vSphere 7.0 PostgreSQL v1r2 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| WDNS-SC-000001 - The salt value for zones signed using NSEC3 RRs must be changed every time the zone is completely re-signed. | DISA Microsoft Windows 2012 Server DNS STIG v2r1 | Windows | CONFIGURATION MANAGEMENT |
| WDNS-SC-000001 - The salt value for zones signed using NSEC3 RRs must be changed every time the zone is completely re-signed. | DISA Microsoft Windows 2012 Server DNS STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
| WN10-SO-000230 - The system must be configured to use FIPS-compliant algorithms for encryption, hashing, and signing. | DISA Windows 10 STIG v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN12-AD-000011-DC - Separate, NSA-approved (Type 1) cryptography must be used to protect the directory data-in-transit for directory service implementations at a classified confidentiality level when replication data traverses a network cleared to a lower level than the data - Type 1 cryptography must be used to protect the directory data-in-transit for directory service implementations at a classified confidentiality level when replication data traverses a network cleared to a lower level than the data. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r6 | Windows | |
| WN12-AD-000011-DC - Separate, NSA-approved (Type 1) cryptography must be used to protect the directory data-in-transit for directory service implementations at a classified confidentiality level when replication data traverses a network cleared to a lower level than the data - Type 1 cryptography must be used to protect the directory data-in-transit for directory service implementations at a classified confidentiality level when replication data traverses a network cleared to a lower level than the data. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r5 | Windows | |
| WN12-SO-000074 - The system must be configured to use FIPS-compliant algorithms for encryption, hashing, and signing. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN16-SO-000430 - Windows Server 2016 must be configured to use FIPS-compliant algorithms for encryption, hashing, and signing. | DISA Windows Server 2016 STIG v2r5 | Windows | |
| WN16-SO-000430 - Windows Server 2016 must be configured to use FIPS-compliant algorithms for encryption, hashing, and signing. | DISA Windows Server 2016 STIG v2r6 | Windows | |
| WN16-SO-000430 - Windows Server 2016 must be configured to use FIPS-compliant algorithms for encryption, hashing, and signing. | DISA Windows Server 2016 STIG v2r7 | Windows | |
| WN16-SO-000430 - Windows Server 2016 must be configured to use FIPS-compliant algorithms for encryption, hashing, and signing. | DISA Windows Server 2016 STIG v2r4 | Windows | |
