| AIOS-18-011200 - iPhone and iPad must have the latest available iOS/iPadOS operating system installed. | AirWatch - DISA Apple iOS/iPadOS 18 v1r1 | MDM | CONFIGURATION MANAGEMENT |
| ALMA-09-042700 - All AlmaLinux OS 9 networked systems must have the OpenSSH client installed. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-15-002062 - The macOS system must disable Bluetooth when no approved device is connected. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| CASA-VN-000150 - The Cisco ASA must be configured to use Internet Key Exchange (IKE) for all IPsec security associations. | DISA STIG Cisco ASA VPN v2r2 | Cisco | CONFIGURATION MANAGEMENT |
| CASA-VN-000240 - The Cisco ASA must be configured to use FIPS-validated SHA-2 or higher for Internet Key Exchange (IKE) Phase 2. | DISA STIG Cisco ASA VPN v2r2 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CD12-00-008100 - PostgreSQL must use NSA-approved cryptography to protect classified information in accordance with the data owner's requirements. | DISA STIG Crunchy Data PostgreSQL DB v3r1 | PostgreSQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| CD12-00-012800 - The DBMS must be configured on a platform that has a NIST certified FIPS 140-2 or 140-3 installation of OpenSSL. | DISA STIG Crunchy Data PostgreSQL OS v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| CD12-00-012900 - PostgreSQL products must be a version supported by the vendor. | DISA STIG Crunchy Data PostgreSQL OS v3r1 | Unix | SYSTEM AND SERVICES ACQUISITION |
| CNTR-R2-000130 - The Kubernetes Kubelet must have the read-only port flag disabled. | DISA Rancher Government Solutions RKE2 STIG v2r3 | Unix | ACCESS CONTROL |
| CNTR-R2-000140 - The Kubernetes API server must have the insecure bind address not set. | DISA Rancher Government Solutions RKE2 STIG v2r3 | Unix | ACCESS CONTROL |
| EDGE-00-000045 - The version of Microsoft Edge running on the system must be a supported version. | DISA STIG Edge v2r2 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| ESXI-70-000060 - All port groups on standard switches must be configured to reject guest Media Access Control (MAC) address changes. | DISA STIG VMware vSphere 7.0 ESXi v1r4 | VMware | CONFIGURATION MANAGEMENT |
| EX19-ED-000235 - Exchange internal Receive connectors must require encryption. | DISA Microsoft Exchange 2019 Edge Server STIG v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| F5BI-AS-999999 - The version of F5 BIG-IP must be a supported version. | DISA F5 BIG-IP Application Security Manager STIG v2r2 | F5 | SYSTEM AND INFORMATION INTEGRITY |
| JRE8-UX-000180 - The version of Oracle JRE 8 running on the system must be the most current available. | DISA STIG Oracle JRE 8 Unix v1r3 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| JUEX-L2-000010 - The Juniper EX switch must be configured to disable non-essential capabilities. | DISA Juniper EX Series Layer 2 Switch v2r2 | Juniper | CONFIGURATION MANAGEMENT |
| JUEX-NM-000060 - The Juniper EX switch must be configured to assign appropriate user roles or access levels to authenticated users. | DISA Juniper EX Series Network Device Management v2r2 | Juniper | ACCESS CONTROL |
| JUEX-NM-000230 - The Juniper EX switch must be configured to prohibit the use of all unnecessary and/or nonsecure functions, ports, protocols, and/or services. | DISA Juniper EX Series Network Device Management v2r2 | Juniper | CONFIGURATION MANAGEMENT |
| JUEX-NM-000680 - The Juniper EX switch must be configured with an operating system release that is currently supported by the vendor. | DISA Juniper EX Series Network Device Management v2r2 | Juniper | CONFIGURATION MANAGEMENT |
| JUEX-RT-000180 - The Juniper perimeter router must not be configured to be a Border Gateway Protocol (BGP) peer to an alternate gateway service provider. | DISA Juniper EX Series Router v2r1 | Juniper | ACCESS CONTROL |
| MADB-10-004400 - MariaDB must use NIST FIPS 140-2 validated cryptographic modules for cryptographic operations. | DISA MariaDB Enterprise 10.x v2r3 OS Linux | Unix | IDENTIFICATION AND AUTHENTICATION |
| MD7X-00-004300 MongoDB must obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals. | DISA MongoDB Enterprise Advanced 7.x STIG v1r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| O19C-00-007400 - Oracle Database products must be a version supported by the vendor. | DISA Oracle Database 19c STIG v1r1 Database | OracleDB | SYSTEM AND SERVICES ACQUISITION |
| O19C-00-009900 - The Oracle Listener must be configured to require administration authentication. | DISA Oracle Database 19c STIG v1r1 Unix | Unix | CONFIGURATION MANAGEMENT |
| O121-BP-024750 - Oracle database products must be a version supported by the vendor. | DISA STIG Oracle 12c v3r2 Database | OracleDB | SYSTEM AND SERVICES ACQUISITION |
| OL08-00-010470 - There must be no ".shosts" files on the OL 8 operating system. | DISA Oracle Linux 8 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| OL08-00-010820 - Unattended or automatic logon via the OL 8 graphical user interface must not be allowed. | DISA Oracle Linux 8 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| OL08-00-040010 - OL 8 must not have the rsh-server package installed. | DISA Oracle Linux 8 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| OL08-00-040190 - The Trivial File Transfer Protocol (TFTP) server package must not be installed if not required for OL 8 operational support. | DISA Oracle Linux 8 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-30-000031 - The Photon operating system must require authentication upon booting into single-user and maintenance modes. | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | ACCESS CONTROL |
| RHEL-08-040172 - The systemd Ctrl-Alt-Delete burst key sequence in RHEL 8 must be disabled. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-040200 - The root account must be the only account having unrestricted access to the RHEL 8 system. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-215060 - RHEL 9 must not have a Trivial File Transfer Protocol (TFTP) server package installed. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-411100 - The root account must be the only account having unrestricted access to RHEL 9 system. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-18-999999 - The Ubuntu operating system must be a vendor supported release. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-20-010442 - The Ubuntu operating system must implement NIST FIPS-validated cryptography to protect classified information and for the following: To provision digital signatures, to generate cryptographic hashes, and to protect unclassified information requiring confidentiality and cryptographic protection in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards. | DISA Canonical Ubuntu 20.04 LTS STIG v2r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| UBTU-20-010462 - The Ubuntu operating system must not have accounts configured with blank or null passwords. | DISA Canonical Ubuntu 20.04 LTS STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-22-211015 - Ubuntu 22.04 LTS must disable the x86 Ctrl-Alt-Delete key sequence. | DISA Canonical Ubuntu 22.04 LTS STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-22-611065 - Ubuntu 22.04 LTS must not have accounts configured with blank or null passwords. | DISA Canonical Ubuntu 22.04 LTS STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-24-300026 - Ubuntu 24.04 LTS must disable the x86 Ctrl-Alt-Delete key sequence. | DISA Canonical Ubuntu 24.04 LTS STIG v1r1 | Unix | CONFIGURATION MANAGEMENT |
| VCPG-67-000015 - VMware Postgres must use FIPS 140-2 approved TLS ciphers. | DISA STIG VMware vSphere 6.7 PostgreSQL v1r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| VCPG-67-000999 - The version of PostgreSQL running on the system must be a supported version. | DISA STIG VMware vSphere 6.7 PostgreSQL v1r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| WBSP-AS-000211 - The WebSphere Application Server Java 2 security must be enabled. | DISA IBM WebSphere Traditional 9 STIG v1r1 | Unix | ACCESS CONTROL |
| WBSP-AS-000211 - The WebSphere Application Server Java 2 security must be enabled. | DISA IBM WebSphere Traditional 9 STIG v1r1 Middleware | Unix | ACCESS CONTROL |
| WBSP-AS-000211 - The WebSphere Application Server Java 2 security must be enabled. | DISA IBM WebSphere Traditional 9 Windows STIG v1r1 | Windows | ACCESS CONTROL |
| WBSP-AS-000212 - The WebSphere Application Server Java 2 security must not be bypassed. | DISA IBM WebSphere Traditional 9 Windows STIG v1r1 | Windows | ACCESS CONTROL |
| WN11-CC-000155 - Solicited Remote Assistance must not be allowed. | DISA Microsoft Windows 11 STIG v2r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN11-CC-000345 - The Windows Remote Management (WinRM) service must not use Basic authentication. | DISA Microsoft Windows 11 STIG v2r3 | Windows | MAINTENANCE |
| WN11-SO-000140 - Anonymous SID/Name translation must not be allowed. | DISA Microsoft Windows 11 STIG v2r3 | Windows | CONFIGURATION MANAGEMENT |
| WN11-SO-000150 - Anonymous enumeration of shares must be restricted. | DISA Microsoft Windows 11 STIG v2r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
