| APPL-15-005055 - The macOS system must disable the Screen Time prompt during Setup Assistant. | DISA Apple macOS 15 (Sequoia) STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| APPL-15-005110 - The macOS system must enforce enrollment in Mobile Device Management (MDM). | DISA Apple macOS 15 (Sequoia) STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| APPL-15-005130 - The macOS system must enforce installation of XProtect Remediator and Gatekeeper updates automatically. | DISA Apple macOS 15 (Sequoia) STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| APPL-15-999999 - The macOS system must be a supported release. | DISA Apple macOS 15 (Sequoia) STIG v1r4 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| ESXI-80-000010 - The ESXi host client must be configured with an idle session timeout. | DISA VMware vSphere 8.0 ESXi STIG v2r3 VMware | VMware | ACCESS CONTROL |
| ESXI-80-000047 - The ESXi host must be configured to disable nonessential capabilities by disabling the Managed Object Browser (MOB). | DISA VMware vSphere 8.0 ESXi STIG v2r3 VMware | VMware | CONFIGURATION MANAGEMENT |
| ESXI-80-000214 - The ESXi host must configure the firewall to block network traffic by default. | DISA VMware vSphere 8.0 ESXi STIG v2r3 VMware | VMware | CONFIGURATION MANAGEMENT |
| ESXI-80-000215 - The ESXi host must enable Bridge Protocol Data Units (BPDU) filter on the host to prevent being locked out of physical switch ports with Portfast and BPDU Guard enabled. | DISA VMware vSphere 8.0 ESXi STIG v2r3 VMware | VMware | CONFIGURATION MANAGEMENT |
| ESXI-80-000218 - The ESXi host must configure virtual switch security policies to reject promiscuous mode requests. | DISA VMware vSphere 8.0 ESXi STIG v2r3 VMware | VMware | CONFIGURATION MANAGEMENT |
| ESXI-80-000226 - The ESXi host must configure a session timeout for the vSphere API. | DISA VMware vSphere 8.0 ESXi STIG v2r3 VMware | VMware | CONFIGURATION MANAGEMENT |
| ESXI-80-000231 - The ESXi host OpenSLP service must be disabled. | DISA VMware vSphere 8.0 ESXi STIG v2r3 VMware | VMware | CONFIGURATION MANAGEMENT |
| ESXI-80-000235 - The ESXi host must forward audit records containing information to establish what type of events occurred. | DISA VMware vSphere 8.0 ESXi STIG v2r3 VMware | VMware | AUDIT AND ACCOUNTABILITY |
| ESXI-80-000239 - The ESXi host must configure the firewall to restrict access to services running on the host. | DISA VMware vSphere 8.0 ESXi STIG v2r3 VMware | VMware | CONFIGURATION MANAGEMENT |
| ESXI-80-000250 - The ESXi host must disable virtual hardware management network interfaces. | DISA VMware vSphere 8.0 ESXi STIG v2r3 VMware | VMware | CONFIGURATION MANAGEMENT |
| OL08-00-010141 - OL 8 operating systems booted with United Extensible Firmware Interface (UEFI) must have a unique name for the grub superusers account when booting into single-user mode and maintenance. | DISA Oracle Linux 8 STIG v2r5 | Unix | ACCESS CONTROL |
| OL08-00-010159 - The OL 8 "pam_unix.so" module must be configured in the system-auth file to use a FIPS 140-2 approved cryptographic hashing algorithm for system authentication. | DISA Oracle Linux 8 STIG v2r5 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL08-00-010163 - The krb5-server package must not be installed on OL 8. | DISA Oracle Linux 8 STIG v2r5 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL08-00-010240 - The OL 8 "/var/log" directory must have mode 0755 or less permissive. | DISA Oracle Linux 8 STIG v2r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| OL08-00-010250 - The OL 8 "/var/log" directory must be owned by root. | DISA Oracle Linux 8 STIG v2r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| OL08-00-010260 - The OL 8 "/var/log" directory must be group-owned by root. | DISA Oracle Linux 8 STIG v2r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| OL08-00-010420 - OL 8 must implement non-executable data to protect its memory from unauthorized code execution. | DISA Oracle Linux 8 STIG v2r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| OL08-00-010421 - OL 8 must clear the page allocator to prevent use-after-free attacks. | DISA Oracle Linux 8 STIG v2r5 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OL08-00-010424 - OL 8 must not let Meltdown and Spectre exploit critical vulnerabilities in modern processors. | DISA Oracle Linux 8 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| OL08-00-010480 - The OL 8 SSH public host key files must have mode "0644" or less permissive. | DISA Oracle Linux 8 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-40-000175 The Photon operating system must be configured to audit the loading and unloading of dynamic kernel modules. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| PHTN-40-000211 The Photon operating system must configure Secure Shell (SSH) to disallow Generic Security Service Application Program Interface (GSSAPI) authentication. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-40-000246 The Photon operating system must restrict core dumps. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-010020 - The SUSE operating system must display the Standard Mandatory DOD Notice and Consent Banner before granting access via local console. | DISA SUSE Linux Enterprise Server 15 STIG v2r5 | Unix | ACCESS CONTROL |
| SLES-15-010300 - The sticky bit must be set on all SUSE operating system world-writable directories. | DISA SUSE Linux Enterprise Server 15 STIG v2r5 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| SLES-15-030660 - The SUSE operating system must allocate audit record storage capacity to store at least one week of audit records when audit records are not immediately sent to a central audit record storage facility. | DISA SUSE Linux Enterprise Server 15 STIG v2r5 | Unix | AUDIT AND ACCOUNTABILITY |
| SLES-15-030760 - The SUSE operating system must generate audit records for the /run/utmp file. | DISA SUSE Linux Enterprise Server 15 STIG v2r5 | Unix | AUDIT AND ACCOUNTABILITY |
| SLES-15-040010 - The SUSE operating system must enforce a delay of at least four seconds between logon prompts following a failed logon attempt. | DISA SUSE Linux Enterprise Server 15 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-040070 - All SUSE operating system local interactive users must have a home directory assigned in the /etc/passwd file. | DISA SUSE Linux Enterprise Server 15 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-040080 - All SUSE operating system local interactive user home directories defined in the /etc/passwd file must exist. | DISA SUSE Linux Enterprise Server 15 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-040090 - All SUSE operating system local interactive user home directories must have mode 0750 or less permissive. | DISA SUSE Linux Enterprise Server 15 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-040150 - SUSE operating system file systems that are used with removable media must be mounted to prevent files with the setuid and setgid bit set from being executed. | DISA SUSE Linux Enterprise Server 15 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-040180 - All SUSE operating system world-writable directories must be group-owned by root, sys, bin, or an application group. | DISA SUSE Linux Enterprise Server 15 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-040220 - The SUSE operating system must be configured to not overwrite Pluggable Authentication Modules (PAM) configuration on package changes. | DISA SUSE Linux Enterprise Server 15 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-040290 - The SUSE operating system SSH daemon must disable forwarded remote X connections for interactive users, unless to fulfill documented and validated mission requirements. | DISA SUSE Linux Enterprise Server 15 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-040300 - The SUSE operating system must not forward Internet Protocol version 4 (IPv4) source-routed packets. | DISA SUSE Linux Enterprise Server 15 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-040320 - The SUSE operating system must not forward Internet Protocol version 4 (IPv4) source-routed packets by default. | DISA SUSE Linux Enterprise Server 15 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| SYMP-AG-000100 - Symantec ProxySG providing user access control intermediary services must display the Standard Mandatory DoD-approved Notice and Consent Banner before granting access to the network. | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | ACCESS CONTROL |
| SYMP-AG-000130 - Symantec ProxySG providing user access control intermediary services must generate audit records showing starting and ending time for user access to the system. | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | AUDIT AND ACCOUNTABILITY |
| SYMP-AG-000310 - Symantec ProxySG providing user authentication intermediary services must require users to reauthenticate every 900 seconds when organization-defined circumstances or situations require reauthentication - coreid | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | IDENTIFICATION AND AUTHENTICATION |
| SYMP-AG-000510 - Symantec ProxySG must fail to a secure state upon failure of initialization, shutdown, or abort actions. | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | SYSTEM AND COMMUNICATIONS PROTECTION |
| VCSA-80-000269 - The vCenter Server must set the distributed port group Media Access Control (MAC) Address Change policy to "Reject". | DISA VMware vSphere 8.0 vCenter STIG v2r3 | VMware | CONFIGURATION MANAGEMENT |
| VCSA-80-000275 - The vCenter Server must configure the "vpxuser" auto-password to be changed every 30 days. | DISA VMware vSphere 8.0 vCenter STIG v2r3 | VMware | CONFIGURATION MANAGEMENT |
| VCSA-80-000287 - The vCenter Server must have new Key Encryption Keys (KEKs) reissued at regular intervals for vSAN encrypted datastore(s). | DISA VMware vSphere 8.0 vCenter STIG v2r3 | VMware | CONFIGURATION MANAGEMENT |
| VCSA-80-000291 - The vCenter Server must limit membership to the "TrustedAdmins" Single Sign-On (SSO) group. | DISA VMware vSphere 8.0 vCenter STIG v2r3 | VMware | CONFIGURATION MANAGEMENT |
| VCSA-80-000296 - The vCenter server must enable the OVF security policy for content libraries. | DISA VMware vSphere 8.0 vCenter STIG v2r3 | VMware | CONFIGURATION MANAGEMENT |
