| APPL-14-000054 - The macOS system must limit SSHD to FIPS-compliant connections. | DISA Apple macOS 14 (Sonoma) STIG v2r2 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-15-000054 - The macOS system must limit SSHD to FIPS-compliant connections. | DISA Apple macOS 15 (Sequoia) STIG v1r1 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION |
| AS24-U2-000030 - The Apache web server must use encryption strength in accordance with the categorization of data hosted by the Apache web server when remote connections are provided. | DISA STIG Apache Server 2.4 Unix Site v2r4 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| AS24-U2-000030 - The Apache web server must use encryption strength in accordance with the categorization of data hosted by the Apache web server when remote connections are provided. | DISA STIG Apache Server 2.4 Unix Site v2r4 Middleware | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| Big Sur - Limit SSH to FIPS 140 Validated Message Authentication Code Algorithms | NIST macOS Big Sur v1.4.0 - 800-53r4 Low | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION |
| Big Sur - Limit SSH to FIPS 140 Validated Message Authentication Code Algorithms | NIST macOS Big Sur v1.4.0 - 800-53r4 Moderate | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION |
| Big Sur - Limit SSH to FIPS 140 Validated Message Authentication Code Algorithms | NIST macOS Big Sur v1.4.0 - All Profiles | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION |
| Big Sur - Limit SSH to FIPS 140 Validated Message Authentication Code Algorithms | NIST macOS Big Sur v1.4.0 - CNSSI 1253 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION |
| CNTR-R2-000010 Rancher RKE2 must protect authenticity of communications sessions with the use of FIPS-validated 140-2 or 140-3 security requirements for cryptographic modules. | DISA Rancher Government Solutions RKE2 STIG v2r2 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| DKER-EE-001070 - FIPS mode must be enabled on all Docker Engine - Enterprise nodes - docker info .SecurityOptions | DISA STIG Docker Enterprise 2.x Linux/Unix v2r2 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION |
| OL6-00-000534 - The Oracle Linux 6 operating system must implement NIST FIPS-validated cryptography for the following: to provision digital signatures, to generate cryptographic hashes, and to protect data requiring data-at-rest protections in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards. | DISA STIG Oracle Linux 6 v2r7 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| OL07-00-021350 - The Oracle Linux operating system must implement NIST FIPS-validated cryptography for the following: to provision digital signatures, to generate cryptographic hashes, and to protect data requiring data-at-rest protections in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards - grub. | DISA Oracle Linux 7 STIG v2r14 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| OL07-00-021350 - The Oracle Linux operating system must implement NIST FIPS-validated cryptography for the following: to provision digital signatures, to generate cryptographic hashes, and to protect data requiring data-at-rest protections in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards - rpm. | DISA Oracle Linux 7 STIG v2r14 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| OL07-00-021350 - The Oracle Linux operating system must implement NIST FIPS-validated cryptography for the following: to provision digital signatures, to generate cryptographic hashes, and to protect data requiring data-at-rest protections in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards. | DISA Oracle Linux 7 STIG v2r14 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-06-000534 - The Red Hat Enterprise Linux operating system must implement NIST FIPS-validated cryptography for the following: to provision digital signatures, to generate cryptographic hashes, and to protect data requiring data-at-rest protections in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards - grub | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-06-000534 - The Red Hat Enterprise Linux operating system must implement NIST FIPS-validated cryptography for the following: to provision digital signatures, to generate cryptographic hashes, and to protect data requiring data-at-rest protections in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards - proc | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-07-021350 - The Red Hat Enterprise Linux operating system must implement NIST FIPS-validated cryptography for the following: to provision digital signatures, to generate cryptographic hashes, and to protect data requiring data-at-rest protections in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| VCSA-70-000009 - The vCenter Server must use TLS 1.2, at a minimum, to protect the confidentiality of sensitive data during electronic dissemination using remote access. | DISA STIG VMware vSphere 7.0 vCenter v1r3 | VMware | ACCESS CONTROL, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| VCSA-70-000077 - The vCenter Server must enable FIPS-validated cryptography. | DISA STIG VMware vSphere 7.0 vCenter v1r3 | VMware | IDENTIFICATION AND AUTHENTICATION, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION |
| VCSA-80-000009 The vCenter Server must use DOD-approved encryption to protect the confidentiality of network sessions. | DISA VMware vSphere 8.0 vCenter STIG v2r1 | VMware | ACCESS CONTROL, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| VCSA-80-000077 The vCenter Server must enable FIPS-validated cryptography. | DISA VMware vSphere 8.0 vCenter STIG v2r1 | VMware | IDENTIFICATION AND AUTHENTICATION, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION |
| WBSP-AS-001290 - WebSphere Application Server must utilize FIPS 140-2-approved encryption modules when authenticating users and processes. | DISA IBM WebSphere Traditional 9 STIG v1r1 Middleware | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| WBSP-AS-001290 - WebSphere Application Server must utilize FIPS 140-2-approved encryption modules when authenticating users and processes. | DISA IBM WebSphere Traditional 9 Windows STIG v1r1 | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| WBSP-AS-001290 - WebSphere Application Server must utilize FIPS 140-2-approved encryption modules when authenticating users and processes. | DISA IBM WebSphere Traditional 9 STIG v1r1 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
