APPL-12-002063 - The macOS system must enforce access restrictions. | DISA STIG Apple macOS 12 v1r9 | Unix | CONFIGURATION MANAGEMENT |
CD12-00-001300 - The role(s)/group(s) used to modify database structure (including but not necessarily limited to tables, indexes, storage, etc.) and logic modules (functions, trigger procedures, links to software external to PostgreSQL, etc.) must be restricted to authorized users. | DISA STIG Crunchy Data PostgreSQL OS v3r1 | Unix | CONFIGURATION MANAGEMENT |
DTBI370 - Checking for signatures on downloaded programs must be enforced. | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | CONFIGURATION MANAGEMENT |
DTOO127 - Add-ins to Office applications must be signed by a Trusted Publisher. | DISA STIG Microsoft Project 2016 v1r1 | Windows | CONFIGURATION MANAGEMENT |
DTOO127 - Add-ins to Office applications must be signed by a Trusted Publisher. | DISA STIG Microsoft Word 2016 v1r1 | Windows | CONFIGURATION MANAGEMENT |
DTOO127 - Excel - Application add-ins must be signed by Trusted Publisher. | DISA STIG Office 2010 Excel v1r11 | Windows | CONFIGURATION MANAGEMENT |
DTOO131 - Access - Trust Bar Notifications for unsigned application add-ins must be blocked. | DISA STIG Office 2010 Access v1r11 | Windows | CONFIGURATION MANAGEMENT |
DTOO131 - Excel - Trust Bar Notifications for unsigned application add-ins must be blocked. | DISA STIG Office 2010 Excel v1r11 | Windows | CONFIGURATION MANAGEMENT |
DTOO131 - InfoPath - Trust Bar Notifications for unsigned application add-ins must be blocked. | DISA STIG Office 2010 InfoPath v1r12 | Windows | CONFIGURATION MANAGEMENT |
DTOO131 - Trust Bar Notifications for unsigned application add-ins must be blocked | DISA STIG Microsoft Publisher 2016 v1r3 | Windows | CONFIGURATION MANAGEMENT |
DTOO131 - Trust Bar Notifications for unsigned application add-ins must be blocked. | DISA STIG Microsoft PowerPoint 2016 v1r1 | Windows | CONFIGURATION MANAGEMENT |
DTOO131 - Trust Bar Notifications for unsigned application add-ins must be blocked. | DISA STIG Microsoft Word 2016 v1r1 | Windows | CONFIGURATION MANAGEMENT |
DTOO297 - InfoPath - A form that is digitally signed must be displayed with a warning. | DISA STIG Office 2010 InfoPath v1r12 | Windows | CONFIGURATION MANAGEMENT |
EPAS-00-003200 - Software, applications, and configuration files that are part of, or related to, the EDB Postgres Advanced Server installation must be monitored to discover unauthorized changes. | EnterpriseDB PostgreSQL Advanced Server OS Linux v2r1 | Unix | CONFIGURATION MANAGEMENT |
EPAS-00-003500 - Database objects must be owned by database/EDB Postgres Advanced Server principals authorized for ownership. | EnterpriseDB PostgreSQL Advanced Server DB v2r1 | PostgreSQLDB | CONFIGURATION MANAGEMENT |
EPAS-00-008500 - The EDB Postgres Advanced Server must enforce access restrictions associated with changes to the configuration of the EDB Postgres Advanced Server or database(s). | EnterpriseDB PostgreSQL Advanced Server DB v2r1 | PostgreSQLDB | CONFIGURATION MANAGEMENT |
EPAS-00-008600 - The EDB Postgres Advanced Server must produce audit records of its enforcement of access restrictions associated with changes to the configuration of the EDB Postgres Advanced Server or database(s). | EnterpriseDB PostgreSQL Advanced Server DB v2r1 | PostgreSQLDB | CONFIGURATION MANAGEMENT |
FGFW-ND-000150 - The FortiGate device must enforce access restrictions associated with changes to device configuration. | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | CONFIGURATION MANAGEMENT |
GEN001200 - All system command files must have mode 0755 or less permissive - '/usr/sbin/*' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
GEN001220 - All system files, programs, and directories must be owned by a system account - '/usr/bin/*' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
GEN001240 - System files, programs, and directories must be group-owned by a system group - '/bin/*' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
GEN001240 - System files, programs, and directories must be group-owned by a system group - '/usr/lbin/*' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
GEN002760 - System must be configured to audit all admin/privileged/security actions - '/etc/security/audit/config DEV_Change exists' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
GEN002760 - System must be configured to audit all admin/privileged/security actions - '/etc/security/audit/config FS_Mount exists' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
GEN002760 - System must be configured to audit all admin/privileged/security actions - '/etc/security/audit/config PROC_SetUserIDs exists' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
GEN002760 - System must be configured to audit all admin/privileged/security actions - '/etc/security/audit/config USER_Create exists' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
GEN002760 - System must be configured to audit all admin/privileged/security actions - '/etc/security/audit/events ACCT_Enable exists' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
GEN002760 - System must be configured to audit all admin/privileged/security actions - '/etc/security/audit/events DEV_Change exists' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
GEN002760 - System must be configured to audit all admin/privileged/security actions - '/etc/security/audit/events FS_Mount exists' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
GEN002760 - System must be configured to audit all admin/privileged/security actions - '/etc/security/audit/events PROC_Adjtime exists' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
GEN002760 - System must be configured to audit all admin/privileged/security actions - '/etc/security/audit/events PROC_SetUserIDs exists' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
GEN002760 - System must be configured to audit all admin/privileged/security actions - 'User audit class assignments should be reviewed' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
MD4X-00-002300 - Database objects (including but not limited to tables, indexes, storage, stored procedures, functions, triggers, links to software external to MongoDB, etc.) must be owned by database/DBMS principals authorized for ownership. | DISA STIG MongoDB Enterprise Advanced 4.x v1r4 DB | MongoDB | CONFIGURATION MANAGEMENT |
MD4X-00-002400 - The role(s)/group(s) used to modify database structure (including but not necessarily limited to tables, indexes, storage, etc.) and logic modules (stored procedures, functions, triggers, links to software external to MongoDB, etc.) must be restricted to authorized users. | DISA STIG MongoDB Enterprise Advanced 4.x v1r4 DB | MongoDB | CONFIGURATION MANAGEMENT |
Monterey - Disable the Guest Account | NIST macOS Monterey v1.0.0 - 800-53r4 High | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
Monterey - Disable the Guest Account | NIST macOS Monterey v1.0.0 - All Profiles | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
Monterey - Disable the Guest Account | NIST macOS Monterey v1.0.0 - 800-53r4 Low | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
Monterey - Disable the Guest Account | NIST macOS Monterey v1.0.0 - 800-53r5 Low | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
PHTN-40-000130 The Photon operating system TDNF package management tool must cryptographically verify the authenticity of all software packages during installation. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
PHTN-67-000062 - The Photon operating system RPM package management tool must cryptographically verify the authenticity of all software packages during installation. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | CONFIGURATION MANAGEMENT |
SQL2-00-004400 - SQL Server must not grant users direct access to the View Any Database permission. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | CONFIGURATION MANAGEMENT |
SQL2-00-015200 - SQL Server must be monitored to discover unauthorized changes to stored procedures. | DISA STIG SQL Server 2012 Database Audit v1r20 | MS_SQLDB | CONFIGURATION MANAGEMENT |
SQL2-00-015300 - SQL Server must monitor for security-relevant configuration settings to discover unauthorized changes. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | CONFIGURATION MANAGEMENT |
SQL2-00-015700 - Vendor-supported software and patches must be evaluated and patched against newly found vulnerabilities. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | CONFIGURATION MANAGEMENT |
VCEM-67-000028 - ESX Agent Manager must set the secure flag for cookies. | DISA STIG VMware vSphere 6.7 EAM Tomcat v1r4 | Unix | CONFIGURATION MANAGEMENT |
VCPF-70-000008 - Performance Charts application files must be verified for their integrity. | DISA STIG VMware vSphere 7.0 Perfcharts Tomcat v1r1 | Unix | CONFIGURATION MANAGEMENT |
VCPF-80-000034 The vCenter Perfcharts service must limit privileges for creating or modifying hosted application shared files. | DISA VMware vSphere 8.0 vCenter Appliance Perfcharts STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
VCST-80-000034 The vCenter STS service must limit privileges for creating or modifying hosted application shared files. | DISA VMware vSphere 8.0 vCenter Appliance Secure Token Service (STS) STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
VCST-80-000144 The vCenter STS service files must have permissions in an out-of-the-box state. | DISA VMware vSphere 8.0 vCenter Appliance Secure Token Service (STS) STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
VCUI-70-000008 - vSphere UI application files must be verified for their integrity. | DISA STIG VMware vSphere 7.0 vCA UI v1r2 | Unix | CONFIGURATION MANAGEMENT |