| AIOS-17-710400 - Apple iOS/iPadOS 17 must require a valid password be successfully entered before the mobile device data is unencrypted. | MobileIron - DISA Apple iOS/iPadOS BYOAD 17 v1r2 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-15-002062 - The macOS system must disable Bluetooth when no approved device is connected. | DISA Apple macOS 15 (Sequoia) STIG v1r4 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| CD12-00-008100 - PostgreSQL must use NSA-approved cryptography to protect classified information in accordance with the data owner's requirements. | DISA STIG Crunchy Data PostgreSQL DB v3r1 | PostgreSQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| CD12-00-012800 - The DBMS must be configured on a platform that has a NIST certified FIPS 140-2 or 140-3 installation of OpenSSL. | DISA STIG Crunchy Data PostgreSQL OS v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| CD12-00-012900 - PostgreSQL products must be a version supported by the vendor. | DISA STIG Crunchy Data PostgreSQL OS v3r1 | Unix | SYSTEM AND SERVICES ACQUISITION |
| EPAS-00-005700 - The EDB Postgres Advanced Server must protect the confidentiality and integrity of all information at rest. | EnterpriseDB PostgreSQL Advanced Server DB v2r1 | PostgreSQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| EPAS-00-013200 - EDB Postgres Advanced Server products must be a version supported by the vendor. | EnterpriseDB PostgreSQL Advanced Server OS Linux v2r1 | Unix | SYSTEM AND SERVICES ACQUISITION |
| ESXI-80-000217 - The ESXi host must configure virtual switch security policies to reject Media Access Control (MAC) address changes. | DISA VMware vSphere 8.0 ESXi STIG v2r3 VMware | VMware | CONFIGURATION MANAGEMENT |
| FGFW-ND-000200 - The FortiGate device must prohibit the use of all unnecessary and/or non-secure functions, ports, protocols, and/or services. | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | CONFIGURATION MANAGEMENT |
| FGFW-ND-000285 - The FortiGate device must only allow authorized administrators to view or change the device configuration, system files, and other files stored either in the device or on removable media (such as a flash drive). | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | SYSTEM AND COMMUNICATIONS PROTECTION |
| FNFG-FW-000060 - The FortiGate firewall must protect the traffic log from unauthorized deletion of local log files and log records. | DISA Fortigate Firewall STIG v1r3 | FortiGate | AUDIT AND ACCOUNTABILITY |
| GOOG-11-010800 - Google Android 11 devices must have the latest available Google Android 11 operating system installed. | MobileIron - DISA Google Android 11 COBO v2r1 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-011-999999 - All Google Android 11 installations must be removed. | MobileIron - DISA Google Android 11 COBO v2r1 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-12-010800 - Android 12 devices must have the latest available Google Android 12 operating system installed. | AirWatch - DISA Google Android 12 COBO v1r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-12-010800 - Android 12 devices must have the latest available Google Android 12 operating system installed. | MobileIron - DISA Google Android 12 COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-12-999999 - All Google Android 12 installations must be removed. | AirWatch - DISA Google Android 12 COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
| JRE8-UX-000180 - The version of Oracle JRE 8 running on the system must be the most current available. | DISA STIG Oracle JRE 8 Unix v1r3 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| MD3X-00-001200 - MongoDB products must be a version supported by the vendor. | DISA STIG MongoDB Enterprise Advanced 3.x v2r3 DB | MongoDB | SYSTEM AND SERVICES ACQUISITION |
| MD4X-00-003300 - MongoDB must obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals. | DISA STIG MongoDB Enterprise Advanced 4.x v1r4 OS | Unix | IDENTIFICATION AND AUTHENTICATION |
| MOTO-09-010800 - Motorola Android Pie devices must have the latest available Motorola Android Pie operating system installed. | MobileIron - DISA Motorola Android Pie.x COBO v1r2 | MDM | CONFIGURATION MANAGEMENT |
| MOTO-09-010900 - Motorola Android Pie devices must have a NIAP-validated Motorola Android Pie operating system installed. | AirWatch - DISA Motorola Android Pie.x COBO v1r2 | MDM | CONFIGURATION MANAGEMENT |
| MOTO-09-010900 - Motorola Android Pie devices must have a NIAP-validated Motorola Android Pie operating system installed. | AirWatch - DISA Motorola Android Pie.x COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
| MOTS-11-010800 - Motorola Solutions Android 11 devices must have the latest available Motorola Solutions Android 11 operating system installed. | MobileIron - DISA Motorola Solutions Android 11 COBO v1r3 | MDM | CONFIGURATION MANAGEMENT |
| O19C-00-016000 - Oracle Database must implement NIST FIPS 140-2/140-3 validated cryptographic modules to protect unclassified information requiring confidentiality and cryptographic protection, in accordance with the data owner's requirements. | DISA Oracle Database 19c STIG v1r2 OracleDB | OracleDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| OL08-00-020332 - OL 8 must not allow blank or null passwords in the password-auth file. | DISA Oracle Linux 8 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| OL08-00-040170 - The x86 Ctrl-Alt-Delete key sequence must be disabled on OL 8. | DISA Oracle Linux 8 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| OL08-00-040190 - The Trivial File Transfer Protocol (TFTP) server package must not be installed if not required for OL 8 operational support. | DISA Oracle Linux 8 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-000010 - OL 9 must be a vendor supported release. | DISA Oracle Linux 9 STIG v1r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| OL09-00-002344 - OL 9 must enable the Pluggable Authentication Module (PAM) interface for SSHD. | DISA Oracle Linux 9 STIG v1r2 | Unix | MAINTENANCE |
| OL09-00-002420 - OL 9 file systems must not contain .shosts files. | DISA Oracle Linux 9 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-07-010291 - The Red Hat Enterprise Linux operating system must not have accounts configured with blank or null passwords. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-040171 - The x86 Ctrl-Alt-Delete key sequence in RHEL 8 must be disabled if a graphical user interface is installed. | DISA Red Hat Enterprise Linux 8 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-040172 - The systemd Ctrl-Alt-Delete burst key sequence in RHEL 8 must be disabled. | DISA Red Hat Enterprise Linux 8 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-211010 - RHEL 9 must be a vendor-supported release. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-252070 - There must be no shosts.equiv files on RHEL 9. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-040030 - There must be no shosts.equiv files on the SUSE operating system. | DISA SUSE Linux Enterprise Server 15 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-040060 - The SUSE operating system must disable the x86 Ctrl-Alt-Delete key sequence. | DISA SUSE Linux Enterprise Server 15 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-040061 - The SUSE operating system must disable the x86 Ctrl-Alt-Delete key sequence for Graphical User Interfaces. | DISA SUSE Linux Enterprise Server 15 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-040440 - The SUSE operating system must not allow unattended or automatic logon via SSH. | DISA SUSE Linux Enterprise Server 15 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| SYMP-AG-000060 - Symantec ProxySG must implement security policies that enforce approved authorizations for logical access to information and system resources by employing identity-based, role-based, and/or attribute-based security policies. | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | ACCESS CONTROL |
| SYMP-AG-000320 - Symantec ProxySG must uniquely identify and authenticate organizational users (or processes acting on behalf of organizational users) - Domain Joined | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | IDENTIFICATION AND AUTHENTICATION |
| SYMP-AG-000340 - Symantec ProxySG providing user authentication intermediary services must restrict user authentication traffic to specific authentication servers - Domain joined | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | IDENTIFICATION AND AUTHENTICATION |
| SYMP-NM-000220 - Symantec ProxySG must use only approved management services protocols. | DISA Symantec ProxySG Benchmark NDM v1r2 | BlueCoat | CONFIGURATION MANAGEMENT |
| SYMP-NM-000320 - Symantec ProxySG must enable Attack Detection. | DISA Symantec ProxySG Benchmark NDM v1r2 | BlueCoat | SYSTEM AND COMMUNICATIONS PROTECTION |
| VCEM-67-000999 - The version of EAM running on the system must be a supported version. | DISA STIG VMware vSphere 6.7 EAM Tomcat v1r4 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| WDNS-CM-999999 - The Windows 2012 DNS Server must be a vendor supported release. | DISA Microsoft Windows 2012 Server DNS STIG v2r7 | Windows | CONFIGURATION MANAGEMENT |
| ZEBR-10-010800 - Zebra Android 10 devices must have the latest available Zebra Android 10 operating system installed. | MobileIron - DISA Zebra Android 10 COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
| ZEBR-10-999999 - All Zebra Android 10 installations must be removed. | AirWatch - DISA Zebra Android 10 COBO v1r2 | MDM | CONFIGURATION MANAGEMENT |
| ZEBR-10-999999 - All Zebra Android 10 installations must be removed. | AirWatch - DISA Zebra Android 10 COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
| ZEBR-10-999999 - All Zebra Android 10 installations must be removed. | MobileIron - DISA Zebra Android 10 COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
