| 1.50 UBTU-24-200660 | CIS Ubuntu Linux 24.04 LTS STIG v1.0.0 CAT II | Unix | ACCESS CONTROL |
| 1.99 UBTU-24-600000 | CIS Ubuntu Linux 24.04 LTS STIG v1.0.0 CAT II | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-17-706800 - Apple iOS/iPadOS 17 must be configured to lock the display after 15 minutes (or less) of inactivity - or less of inactivity. | MobileIron - DISA Apple iOS/iPadOS BYOAD 17 v1r2 | MDM | ACCESS CONTROL |
| AIOS-17-707000 - Apple iOS/iPadOS 17 must be configured to enforce an application installation policy by specifying one or more authorized application repositories, including [selection: DOD-approved commercial app repository, MDM server, mobile application store]. | MobileIron - DISA Apple iOS/iPadOS BYOAD 17 v1r2 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-17-714700 - Apple iOS/iPadOS 17 must have DOD root and intermediate PKI certificates installed. | AirWatch - DISA Apple iOS/iPadOS 17 BYOAD v1r2 | MDM | CONFIGURATION MANAGEMENT |
| APPL-15-000002 - The macOS system must enforce screen saver password. | DISA Apple macOS 15 (Sequoia) STIG v1r4 | Unix | ACCESS CONTROL |
| APPL-15-000051 - The macOS system must configure SSHD ClientAliveInterval to 900. | DISA Apple macOS 15 (Sequoia) STIG v1r4 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-15-000190 - The macOS system must configure sudo to log events. | DISA Apple macOS 15 (Sequoia) STIG v1r4 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-15-002008 - The macOS system must disable the built-in web server. | DISA Apple macOS 15 (Sequoia) STIG v1r4 | Unix | ACCESS CONTROL |
| APPL-15-002036 - The macOS system must disable Privacy Setup services during Setup Assistant. | DISA Apple macOS 15 (Sequoia) STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| APPL-15-002042 - The macOS system must disable iCloud Bookmarks. | DISA Apple macOS 15 (Sequoia) STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| APPL-15-002090 - The macOS system must disable TouchID for unlocking the device. | DISA Apple macOS 15 (Sequoia) STIG v1r4 | Unix | ACCESS CONTROL |
| APPL-15-002150 - The macOS system must disable iCloud Desktop and Document folder sync. | DISA Apple macOS 15 (Sequoia) STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| APPL-15-002160 - The macOS system must disable iCloud Game Center. | DISA Apple macOS 15 (Sequoia) STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| APPL-15-002250 - The macOS system must disable Remote Management. | DISA Apple macOS 15 (Sequoia) STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| APPL-15-002270 - The macOS system must disable the iCloud Freeform services. | DISA Apple macOS 15 (Sequoia) STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| APPL-15-005055 - The macOS system must disable the Screen Time prompt during Setup Assistant. | DISA Apple macOS 15 (Sequoia) STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| APPL-15-005110 - The macOS system must enforce enrollment in Mobile Device Management (MDM). | DISA Apple macOS 15 (Sequoia) STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| APPL-15-005130 - The macOS system must enforce installation of XProtect Remediator and Gatekeeper updates automatically. | DISA Apple macOS 15 (Sequoia) STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| APPL-15-999999 - The macOS system must be a supported release. | DISA Apple macOS 15 (Sequoia) STIG v1r4 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| ESXI-80-000010 - The ESXi host client must be configured with an idle session timeout. | DISA VMware vSphere 8.0 ESXi STIG v2r3 VMware | VMware | ACCESS CONTROL |
| ESXI-80-000047 - The ESXi host must be configured to disable nonessential capabilities by disabling the Managed Object Browser (MOB). | DISA VMware vSphere 8.0 ESXi STIG v2r3 VMware | VMware | CONFIGURATION MANAGEMENT |
| ESXI-80-000214 - The ESXi host must configure the firewall to block network traffic by default. | DISA VMware vSphere 8.0 ESXi STIG v2r3 VMware | VMware | CONFIGURATION MANAGEMENT |
| ESXI-80-000215 - The ESXi host must enable Bridge Protocol Data Units (BPDU) filter on the host to prevent being locked out of physical switch ports with Portfast and BPDU Guard enabled. | DISA VMware vSphere 8.0 ESXi STIG v2r3 VMware | VMware | CONFIGURATION MANAGEMENT |
| ESXI-80-000218 - The ESXi host must configure virtual switch security policies to reject promiscuous mode requests. | DISA VMware vSphere 8.0 ESXi STIG v2r3 VMware | VMware | CONFIGURATION MANAGEMENT |
| ESXI-80-000226 - The ESXi host must configure a session timeout for the vSphere API. | DISA VMware vSphere 8.0 ESXi STIG v2r3 VMware | VMware | CONFIGURATION MANAGEMENT |
| ESXI-80-000231 - The ESXi host OpenSLP service must be disabled. | DISA VMware vSphere 8.0 ESXi STIG v2r3 VMware | VMware | CONFIGURATION MANAGEMENT |
| ESXI-80-000235 - The ESXi host must forward audit records containing information to establish what type of events occurred. | DISA VMware vSphere 8.0 ESXi STIG v2r3 VMware | VMware | AUDIT AND ACCOUNTABILITY |
| ESXI-80-000239 - The ESXi host must configure the firewall to restrict access to services running on the host. | DISA VMware vSphere 8.0 ESXi STIG v2r3 VMware | VMware | CONFIGURATION MANAGEMENT |
| ESXI-80-000250 - The ESXi host must disable virtual hardware management network interfaces. | DISA VMware vSphere 8.0 ESXi STIG v2r3 VMware | VMware | CONFIGURATION MANAGEMENT |
| PHTN-40-000093 The operating system must automatically terminate a user session after inactivity time-outs have expired. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | ACCESS CONTROL |
| SLES-15-010020 - The SUSE operating system must display the Standard Mandatory DOD Notice and Consent Banner before granting access via local console. | DISA SUSE Linux Enterprise Server 15 STIG v2r5 | Unix | ACCESS CONTROL |
| SLES-15-010300 - The sticky bit must be set on all SUSE operating system world-writable directories. | DISA SUSE Linux Enterprise Server 15 STIG v2r5 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| SLES-15-030660 - The SUSE operating system must allocate audit record storage capacity to store at least one week of audit records when audit records are not immediately sent to a central audit record storage facility. | DISA SUSE Linux Enterprise Server 15 STIG v2r5 | Unix | AUDIT AND ACCOUNTABILITY |
| SLES-15-030760 - The SUSE operating system must generate audit records for the /run/utmp file. | DISA SUSE Linux Enterprise Server 15 STIG v2r5 | Unix | AUDIT AND ACCOUNTABILITY |
| SLES-15-040010 - The SUSE operating system must enforce a delay of at least four seconds between logon prompts following a failed logon attempt. | DISA SUSE Linux Enterprise Server 15 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-040070 - All SUSE operating system local interactive users must have a home directory assigned in the /etc/passwd file. | DISA SUSE Linux Enterprise Server 15 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-040080 - All SUSE operating system local interactive user home directories defined in the /etc/passwd file must exist. | DISA SUSE Linux Enterprise Server 15 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-040090 - All SUSE operating system local interactive user home directories must have mode 0750 or less permissive. | DISA SUSE Linux Enterprise Server 15 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-040150 - SUSE operating system file systems that are used with removable media must be mounted to prevent files with the setuid and setgid bit set from being executed. | DISA SUSE Linux Enterprise Server 15 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-040180 - All SUSE operating system world-writable directories must be group-owned by root, sys, bin, or an application group. | DISA SUSE Linux Enterprise Server 15 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-040220 - The SUSE operating system must be configured to not overwrite Pluggable Authentication Modules (PAM) configuration on package changes. | DISA SUSE Linux Enterprise Server 15 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-040290 - The SUSE operating system SSH daemon must disable forwarded remote X connections for interactive users, unless to fulfill documented and validated mission requirements. | DISA SUSE Linux Enterprise Server 15 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-040300 - The SUSE operating system must not forward Internet Protocol version 4 (IPv4) source-routed packets. | DISA SUSE Linux Enterprise Server 15 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-040320 - The SUSE operating system must not forward Internet Protocol version 4 (IPv4) source-routed packets by default. | DISA SUSE Linux Enterprise Server 15 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| SYMP-AG-000100 - Symantec ProxySG providing user access control intermediary services must display the Standard Mandatory DoD-approved Notice and Consent Banner before granting access to the network. | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | ACCESS CONTROL |
| SYMP-AG-000130 - Symantec ProxySG providing user access control intermediary services must generate audit records showing starting and ending time for user access to the system. | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | AUDIT AND ACCOUNTABILITY |
| SYMP-AG-000310 - Symantec ProxySG providing user authentication intermediary services must require users to reauthenticate every 900 seconds when organization-defined circumstances or situations require reauthentication - coreid | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | IDENTIFICATION AND AUTHENTICATION |
| SYMP-AG-000510 - Symantec ProxySG must fail to a secure state upon failure of initialization, shutdown, or abort actions. | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | SYSTEM AND COMMUNICATIONS PROTECTION |
| VCSA-80-000269 - The vCenter Server must set the distributed port group Media Access Control (MAC) Address Change policy to "Reject". | DISA VMware vSphere 8.0 vCenter STIG v2r3 | VMware | CONFIGURATION MANAGEMENT |
