| AOSX-12-000750 - The OS X system must issue or obtain public key certificates under an appropriate certificate policy from an approved service provider. | DISA STIG Apple Mac OSX 10.12 v1r6 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| APPNET0062 - The .NET CLR must be configured to use FIPS approved encryption modules. | DISA STIG for Microsoft Dot Net Framework 4.0 v2r3 | Windows | |
| DTBI014-IE11 - Turn off Encryption Support must be enabled. | DISA STIG IE 11 v2r2 | Windows | |
| DTBI1100-IE11 - Allow Fallback to SSL 3.0 (Internet Explorer) must be disabled. | DISA STIG IE 11 v2r2 | Windows | |
| EP11-00-004900 - The EDB Postgres Advanced Server must use NIST FIPS 140-2 validated cryptographic modules for all cryptographic operations including generation of cryptographic hashes and data protection. - hostssl | EDB PostgreSQL Advanced Server v11 Windows OS Audit v1r1 | Windows | CONFIGURATION MANAGEMENT |
| EP11-00-004900 - The EDB Postgres Advanced Server must use NIST FIPS 140-2 validated cryptographic modules for all cryptographic operations including generation of cryptographic hashes and data protection. - openssl_conf | EDB PostgreSQL Advanced Server v11 Windows OS Audit v1r1 | Windows | CONFIGURATION MANAGEMENT |
| EP11-00-012700 - The EDB Postgres Advanced Server must implement NIST FIPS 140-2 validated cryptographic modules to provision digital signatures. - fips_mode | EDB PostgreSQL Advanced Server v11 Windows OS Audit v2r2 | Windows | |
| MD3X-00-000380 - MongoDB must use NIST FIPS 140-2-validated cryptographic modules for cryptographic operations. | DISA STIG MongoDB Enterprise Advanced 3.x v1r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| MD3X-00-000380 - MongoDB must use NIST FIPS 140-2-validated cryptographic modules for cryptographic operations. | DISA STIG MongoDB Enterprise Advanced 3.x v1r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Monterey - Issue or Obtain Public Key Certificates from an Approved Service Provider | NIST macOS Monterey v1.0.0 - All Profiles | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| Monterey - Issue or Obtain Public Key Certificates from an Approved Service Provider | NIST macOS Monterey v1.0.0 - CNSSI 1253 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| Monterey - Issue or Obtain Public Key Certificates from an Approved Service Provider | NIST macOS Monterey v1.0.0 - 800-53r4 Moderate | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| Monterey - Issue or Obtain Public Key Certificates from an Approved Service Provider | NIST macOS Monterey v1.0.0 - 800-53r5 High | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| Monterey - Issue or Obtain Public Key Certificates from an Approved Service Provider | NIST macOS Monterey v1.0.0 - 800-53r5 Moderate | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| Monterey - Issue or Obtain Public Key Certificates from an Approved Service Provider | NIST macOS Monterey v1.0.0 - 800-53r4 High | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| O365-OU-000011 - The minimum encryption key length in Outlook must be at least 168. | DISA STIG Microsoft Office 365 ProPlus v2r3 | Windows | |
| O365-OU-000011 - The minimum encryption key length in Outlook must be at least 168. | DISA STIG Microsoft Office 365 ProPlus v2r8 | Windows | |
| O365-OU-000011 - The minimum encryption key length in Outlook must be at least 168. | DISA STIG Microsoft Office 365 ProPlus v2r12 | Windows | |
| PANW-AG-000141 - The Palo Alto Networks security platform providing encryption intermediary services must implement NIST FIPS-validated cryptography to generate cryptographic hashes. | DISA STIG Palo Alto ALG v2r2 | Palo_Alto | |
| PANW-AG-000141 - The Palo Alto Networks security platform providing encryption intermediary services must implement NIST FIPS-validated cryptography to generate cryptographic hashes. | DISA STIG Palo Alto ALG v2r4 | Palo_Alto | |
| PANW-AG-000141 - The Palo Alto Networks security platform providing encryption intermediary services must implement NIST FIPS-validated cryptography to generate cryptographic hashes. | DISA STIG Palo Alto ALG v2r3 | Palo_Alto | |
| PGS9-00-008000 - PostgreSQL must implement NIST FIPS 140-2 or 140-3 validated cryptographic modules to generate and validate cryptographic hashes. | DISA STIG PostgreSQL 9.x on RHEL OS v2r3 | Unix | |
| PGS9-00-008000 - PostgreSQL must implement NIST FIPS 140-2 or 140-3 validated cryptographic modules to generate and validate cryptographic hashes. | DISA STIG PostgreSQL 9.x on RHEL OS v2r4 | Unix | |
| PGS9-00-008100 - PostgreSQL must use NSA-approved cryptography to protect classified information in accordance with the data owners requirements. | DISA STIG PostgreSQL 9.x on RHEL DB v2r3 | PostgreSQLDB | |
| PGS9-00-008200 - PostgreSQL must implement NIST FIPS 140-2 or 140-3 validated cryptographic modules to protect unclassified information requiring confidentiality and cryptographic protection, in accordance with the data owners requirements. | DISA STIG PostgreSQL 9.x on RHEL OS v2r4 | Unix | |
| PHTN-67-000067 - The Photon operating system must configure sshd to use preferred ciphers. | DISA STIG VMware vSphere 6.7 Photon OS v1r1 | Unix | |
| RHEL-09-672010 - RHEL 9 must have the crypto-policies package installed. | DISA Red Hat Enterprise Linux 9 STIG v1r1 | Unix | |
| RHEL-09-672010 - RHEL 9 must have the crypto-policies package installed. | DISA Red Hat Enterprise Linux 9 STIG v1r2 | Unix | |
| RHEL-09-672010 - RHEL 9 must have the crypto-policies package installed. | DISA Red Hat Enterprise Linux 9 STIG v1r3 | Unix | |
| RHEL-09-672020 - RHEL 9 crypto policy must not be overridden. | DISA Red Hat Enterprise Linux 9 STIG v1r1 | Unix | |
| RHEL-09-672045 - RHEL 9 must implement a system-wide encryption policy. | DISA Red Hat Enterprise Linux 9 STIG v1r1 | Unix | |
| SOL-11.1-060060 - The operating system must employ FIPS-validate or NSA-approved cryptography to implement digital signatures. | DISA STIG Solaris 11 X86 v2r7 | Unix | |
| SOL-11.1-060060 - The operating system must employ FIPS-validate or NSA-approved cryptography to implement digital signatures. | DISA STIG Solaris 11 X86 v2r8 | Unix | |
| SOL-11.1-060060 - The operating system must employ FIPS-validate or NSA-approved cryptography to implement digital signatures. | DISA STIG Solaris 11 SPARC v2r10 | Unix | |
| SOL-11.1-060060 - The operating system must employ FIPS-validate or NSA-approved cryptography to implement digital signatures. | DISA STIG Solaris 11 X86 v2r10 | Unix | |
| SPLK-CL-000390 - Splunk Enterprise must be installed in FIPS mode to implement NIST FIPS-approved cryptography for all cryptographic functions. | DISA STIG Splunk Enterprise 8.x for Linux v1r5 STIG REST API | Splunk | |
| SQL6-D0-003200 - SQL Server must use NSA-approved cryptography to protect classified information in accordance with the data owners requirements - DB | DISA STIG SQL Server 2016 Database Audit v2r5 | MS_SQLDB | |
| SQL6-D0-003200 - SQL Server must use NSA-approved cryptography to protect classified information in accordance with the data owners requirements - OS | DISA STIG SQL Server 2016 Database Audit v2r9 | MS_SQLDB | |
| SQL6-D0-015600 - SQL Server must implement NIST FIPS 140-2 validated cryptographic modules to provision digital signatures. | DISA STIG SQL Server 2016 Instance OS Audit v2r7 | Windows | |
| SQL6-D0-015700 - SQL Server must implement NIST FIPS 140-2 or 140-3 validated cryptographic modules to generate and validate cryptographic hashes. | DISA STIG SQL Server 2016 Instance OS Audit v2r10 | Windows | |
| TCAT-AS-001640 - Application servers must use NIST-approved or NSA-approved key management technology and processes. | DISA STIG Apache Tomcat Application Server 9 v2r3 | Unix | |
| TCAT-AS-001640 - Application servers must use NIST-approved or NSA-approved key management technology and processes. | DISA STIG Apache Tomcat Application Server 9 v2r4 | Unix | |
| WDNS-SC-000031 - The Windows 2012 DNS Server must implement NIST FIPS-validated cryptography for provisioning digital signatures, generating cryptographic hashes, and protecting unclassified information requiring confidentiality. | DISA Microsoft Windows 2012 Server DNS STIG v2r6 | Windows | |
| WN10-SO-000230 - The system must be configured to use FIPS-compliant algorithms for encryption, hashing, and signing. | DISA Windows 10 STIG v2r7 | Windows | |
| WN10-SO-000230 - The system must be configured to use FIPS-compliant algorithms for encryption, hashing, and signing. | DISA Windows 10 STIG v2r8 | Windows | |
| WN12-SO-000074 - The system must be configured to use FIPS-compliant algorithms for encryption, hashing, and signing. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r6 | Windows | |
| WN16-DC-000140 - Separate, NSA-approved (Type 1) cryptography must be used to protect the directory data in transit for directory service implementations at a classified confidentiality level when replication data traverses a network cleared to a lower level than the data - Type 1 cryptography must be used to protect the directory data in transit for directory service implementations at a classified confidentiality level when replication data traverses a network cleared to a lower level than the data | DISA Windows Server 2016 STIG v2r7 | Windows | |
| WN16-DC-000140 - Separate, NSA-approved (Type 1) cryptography must be used to protect the directory data in transit for directory service implementations at a classified confidentiality level when replication data traverses a network cleared to a lower level than the data - Type 1 cryptography must be used to protect the directory data in transit for directory service implementations at a classified confidentiality level when replication data traverses a network cleared to a lower level than the data | DISA Windows Server 2016 STIG v2r6 | Windows | |
| WN16-DC-000140 - Separate, NSA-approved (Type 1) cryptography must be used to protect the directory data in transit for directory service implementations at a classified confidentiality level when replication data traverses a network cleared to a lower level than the data. | DISA Windows Server 2016 STIG v2r3 | Windows | |
| WN19-DC-000140 - Windows Server 2019 must use separate, NSA-approved (Type 1) cryptography to protect the directory data in transit for directory service implementations at a classified confidentiality level when replication data traverses a network cleared to a lower level than the data. | DISA Windows Server 2019 STIG v2r9 | Windows | |
