APPL-15-002060 - The macOS system must apply gatekeeper settings to block applications from unidentified developers. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | CONFIGURATION MANAGEMENT |
APPL-15-002063 - The macOS system must disable the guest account. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | CONFIGURATION MANAGEMENT |
Big Sur - Configure System to Audit All Failed Program Execution on the System | NIST macOS Big Sur v1.4.0 - 800-53r4 Low | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
Big Sur - Configure System to Audit All Failed Program Execution on the System | NIST macOS Big Sur v1.4.0 - All Profiles | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
Catalina - Configure System to Audit All Failed Program Execution on the System | NIST macOS Catalina v1.5.0 - 800-53r4 Moderate | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
Catalina - Configure System to Audit All Failed Program Execution on the System | NIST macOS Catalina v1.5.0 - 800-53r5 High | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
Catalina - Configure System to Audit All Failed Program Execution on the System | NIST macOS Catalina v1.5.0 - 800-53r5 Moderate | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
Catalina - Configure System to Audit All Failed Program Execution on the System | NIST macOS Catalina v1.5.0 - All Profiles | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
DTAVSEL-201 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x must be configured to receive all patches, service packs and updates from a DoD-managed source. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5 | Unix | CONFIGURATION MANAGEMENT |
DTOO127 - Add-ins to Office applications must be signed by a Trusted Publisher | DISA STIG Microsoft Publisher 2016 v1r3 | Windows | CONFIGURATION MANAGEMENT |
DTOO127 - Add-ins to Office applications must be signed by a Trusted Publisher. | DISA STIG Microsoft PowerPoint 2016 v1r1 | Windows | CONFIGURATION MANAGEMENT |
DTOO127 - Add-ins to Office applications must be signed by a Trusted Publisher. | DISA STIG Microsoft Visio 2016 v1r1 | Windows | CONFIGURATION MANAGEMENT |
DTOO131 - Trust Bar Notifications for unsigned application add-ins must be blocked | DISA STIG Microsoft Office Access 2016 v1r1 | Windows | CONFIGURATION MANAGEMENT |
DTOO131 - Trust Bar Notifications for unsigned application add-ins must be blocked. | DISA STIG Microsoft Visio 2016 v1r1 | Windows | CONFIGURATION MANAGEMENT |
DTOO177 - Office System - Access to updates, add-ins, and patches on Office.com must be disabled. | DISA STIG Office System 2010 v1r13 | Windows | CONFIGURATION MANAGEMENT |
EPAS-00-003400 - Database software, including EDB Postgres Advanced Server configuration files, must be stored in dedicated directories, separate from the host OS and other applications. | EnterpriseDB PostgreSQL Advanced Server OS Linux v2r1 | Unix | CONFIGURATION MANAGEMENT |
GEN001210 - All system command files must not have extended ACLs - '/usr/bin/*' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
GEN001210 - All system command files must not have extended ACLs - '/usr/sbin/*' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
GEN001210 - All system command files must not have extended ACLs - '/usr/ucb/*' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
GEN001220 - All system files, programs, and directories must be owned by a system account - '/bin/*' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
GEN001220 - All system files, programs, and directories must be owned by a system account - '/sbin/*' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
GEN001240 - System files, programs, and directories must be group-owned by a system group - '/sbin/*' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
GEN001310 - All library files must not have extended ACLs - '/lib/*' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
GEN002760 - System must be configured to audit all admin/privileged/security actions - '/etc/security/audit/config AUD_it exists' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
GEN002760 - System must be configured to audit all admin/privileged/security actions - '/etc/security/audit/config FILE_Chpriv exists' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
GEN002760 - System must be configured to audit all admin/privileged/security actions - '/etc/security/audit/config FILE_Mknod exists' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
GEN002760 - System must be configured to audit all admin/privileged/security actions - '/etc/security/audit/config PROC_Setpgid exists' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
GEN002760 - System must be configured to audit all admin/privileged/security actions - '/etc/security/audit/config RESTORE_Import exists' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
GEN002760 - System must be configured to audit all admin/privileged/security actions - '/etc/security/audit/events AUD_it exists' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
GEN002760 - System must be configured to audit all admin/privileged/security actions - '/etc/security/audit/events BACKUP_Export exists' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
GEN002760 - System must be configured to audit all admin/privileged/security actions - '/etc/security/audit/events FS_Umount exists' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
GEN002760 - System must be configured to audit all admin/privileged/security actions - '/etc/security/audit/events PASSWORD_Check exists' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
GEN002760 - System must be configured to audit all admin/privileged/security actions - '/etc/security/audit/events USER_Change exists' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
MD4X-00-002000 - MongoDB must limit privileges to change software modules, to include stored procedures, functions and triggers, and links to software external to MongoDB. | DISA STIG MongoDB Enterprise Advanced 4.x v1r4 DB | MongoDB | CONFIGURATION MANAGEMENT |
Monterey - Disable the Guest Account | NIST macOS Monterey v1.0.0 - 800-53r5 Moderate | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
OL08-00-010330 - OL 8 library files must have mode 755 or less permissive. | DISA Oracle Linux 8 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
PHTN-40-000199 The Photon operating system TDNF package management tool must cryptographically verify the authenticity of all software packages during installation for all repos. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
PHTN-67-000064 - The Photon operating system RPM package management tool must cryptographically verify the authenticity of all software packages during installation. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | CONFIGURATION MANAGEMENT |
SQL2-00-014600 - SQL Server must support the organizational requirement to employ automated mechanisms for enforcing access restrictions. | DISA STIG SQL Server 2012 Database OS Audit v1r20 | Windows | CONFIGURATION MANAGEMENT |
SQL2-00-015400 - SQL Server software installation account(s) must be restricted to authorized users. | DISA STIG SQL Server 2012 Database OS Audit v1r20 | Windows | CONFIGURATION MANAGEMENT |
SQL2-00-015500 - Database software directories, including SQL Server configuration files, must be stored in dedicated directories, separate from the host OS and other applications. | DISA STIG SQL Server 2012 Database OS Audit v1r20 | Windows | CONFIGURATION MANAGEMENT |
SQL2-00-015620 - In a database owned by a login not having administrative privileges at the instance level, the database property TRUSTWORTHY must be OFF unless required and authorized. | DISA STIG SQL Server 2012 Database Audit v1r20 | MS_SQLDB | CONFIGURATION MANAGEMENT |
SQL2-00-025200 - The OS must limit privileges to the SQL Server data directories and their subordinate directories and files. | DISA STIG SQL Server 2012 Database OS Audit v1r20 | Windows | CONFIGURATION MANAGEMENT |
UBTU-20-010427 - The Ubuntu operating system library directories must have mode 0755 or less permissive. | DISA Canonical Ubuntu 20.04 LTS STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
UBTU-20-010430 - The Ubuntu operating system library files must be group-owned by root or a system account. | DISA Canonical Ubuntu 20.04 LTS STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
UBTU-22-232055 - Ubuntu 22.04 LTS must have system commands group-owned by "root" or a system account. | DISA Canonical Ubuntu 22.04 LTS STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
VCLU-70-000009 - Lookup Service must only run one webapp. | DISA STIG VMware vSphere 7.0 Lookup Service v1r2 | Unix | CONFIGURATION MANAGEMENT |
VCLU-80-000034 The vCenter Lookup service must limit privileges for creating or modifying hosted application shared files. | DISA VMware vSphere 8.0 vCenter Appliance Lookup Service STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
VCPF-80-000144 The vCenter Perfcharts service files must have permissions in an out-of-the-box state. | DISA VMware vSphere 8.0 vCenter Appliance Perfcharts STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
VCST-67-000009 - The Security Token Service must only run one web app. | DISA STIG VMware vSphere 6.7 STS Tomcat v1r3 | Unix | CONFIGURATION MANAGEMENT |