Welcome to the Cyber Data Trackr

DoD Cyber Security Compliance requirements present an ever-changing target that needs constant management. Simplify your compliance processes with the latest DISA and NIST security requirements in an easy to use and searchable format.

RMF DIACAP STIGs SCAPs CCIs
  • Notices:

  • This web site uses advanced JavaScript for several data processing functions. Internet Explorer has severe deficiencies in it's JavaScript engine. Please use a modern browser, such as Chrome or Edge, in order to take full advantage of this web site.
  • The content on this site is based off of quarterly data dumps from DISA and from publicly available information from NIST and other sources. All updates and data loads will be documented in the change log to the right.

  • Latest STIGs / SCAPs

  • Release Date Title Version
    2019-10-25 SCAP - Google Chrome Current Windows V001.013R1
    2019-10-25 SCAP - Windows 10 V001.016R1
    2019-10-25 SCAP - Windows Server 2012/2012 R2 Domain Controller V002.018R2
    2019-10-25 SCAP - Windows Server 2012/2012 R2 Member Server V002.017R2
    2019-10-25 SCAP - Ms Windows Defender Antivirus V001.004R1
    2019-10-25 SCAP - Windows Server 2016 V001.011R1
    2019-10-25 SCAP - Mcafee Virusscan 8.8 Local Client V001.002R1
    2019-10-25 SCAP - Mcafee Virusscan 8.8 Managed Client V001.003R1
    2019-10-25 SCAP - Mozilla Firefox V001.004R1
    2019-10-25 SCAP - Mozilla Firefox V001.004R1
    2019-10-25 SCAP - Red Hat Enterprise Linux 6 V001.025R1
    2019-10-25 SCAP - Red Hat Enterprise Linux 7 V002.005R2
    2019-10-25 SCAP - Solaris 11 Sparc V001.013R1
    2019-10-25 SCAP - Solaris 11 X86 V001.013R1
    2019-10-24 STIG - Google Chrome Current Windows V1R17
    2019-10-24 STIG - Microsoft Internet Explorer 11 V1R18
    2019-10-08 STIG - Mainframe Product Security Requirements Guide V1R3
    2019-10-07 STIG - Multifunction Device And Network Printers V2R14
    2019-10-03 STIG - Apache Server 2.4 Unix Site V1R1
    2019-10-03 STIG - Apache Server 2.4 Windows Site V1R1
    2019-10-03 STIG - Windows Server 2012/2012 R2 Domain Controller V2R18
    2019-10-02 STIG - Wlan Access Point (enclave-niprnet Connected) () V6R16
    2019-10-02 STIG - Palo Alto Networks Idps V1R3
    2019-10-01 STIG - F5 Big-ip Device Management 11.x V1R6
    2019-10-01 STIG - F5 Big-ip Local Traffic Manager 11.x V1R3
    2019-10-01 STIG - Intrusion Detection And Prevention Systems (idps) Security Requirements Guide V2R5
    2019-10-01 STIG - Microsoft Exchange 2016 Mailbox Server V1R4
    2019-10-01 STIG - Iis 8.5 Server V1R9
    2019-10-01 STIG - Iis 8.5 Site V1R9
    2019-10-01 STIG - Oracle Linux 6 V1R17
    2019-10-01 STIG - Riverbed Steelhead Cx V8 Ndm V1R2
    2019-10-01 STIG - Sles 12 V1R3
    2019-10-01 STIG - Samsung Android Os 7 With Knox 2.x V1R6
    2019-10-01 STIG - Samsung Android Os 8 With Knox 3.x Cobo Use Case V1R4
    2019-10-01 STIG - Samsung Android Os 8 With Knox 3.x Cope Use Case V1R4
    2019-10-01 STIG - Samsung Os 9 With Knox 3.x Cobo Use Case Kpe(ae) Deployment V1R2
    2019-10-01 STIG - Samsung Android Os 9 With Knox 3.x Cobo Use Case Kpe(legacy) Deployment V1R2
    2019-10-01 STIG - Samsung Android Os 9 With Knox 3.x Cope Use Case Kpe(ae) Deployment V1R2
    2019-10-01 STIG - Samsung Android Os 9 With Knox 3.x Cope Use Case Kpe(legacy) Deployment V1R2
    2019-10-01 STIG - Vmware Vsphere 6.5 Esxi V1R2
    2019-10-01 STIG - Vmware Vsphere 6.5 Virtual Machine V1R2
    2019-09-30 STIG - Application Security And Development V4R10
    2019-09-30 STIG - Apache Server 2.4 Unix Server V1R2
    2019-09-30 STIG - Apache Server 2.4 Windows Server V1R2
    2019-09-30 STIG - Application Server Security Requirements Guide V2R7
    2019-09-30 STIG - Arista Mls Dcs-7000 Series Ndm V1R3
    2019-09-30 STIG - Jboss Eap 6.3 V1R4
    2019-09-30 STIG - Microsoft Dotnet Framework 4.0 V1R9
    2019-09-30 STIG - Microsoft Office System 2013 V1R9
    2019-09-30 STIG - Ms Sharepoint 2013 V1R8
    • Change Log:

    • 11-16-2019:
      • Added new RMF Security Controls, including Privacy related controls
      • Updated RMF Ingester to also process Assessment Procedures
      • Created new Assessment Procedure DB Entities
      • Created Assessment Procedure Ingester
      • Updated API to genearte list of RMF Controls based in baseline impact
      • Updated CCI Controller to also handle Assessment Procedures
      • Updated RMF Controller to also handle CNSSI 1253 Baselines and CCI Assessments
      • Added Assessment Procedure results to Search Engine
      • Updated the STIG controller to move the comparison functions to the STIG Details page
      • Updated the STIG Views to better format and display data
      • Updated ScansToPoam module to link to AP's when possible, Controls when not
      • Updated Node and PHP libraries for Security Compliance
      • Ingested latest DISA set of releases
      • Updated Contact Us page
      • Created new Help Page detailing the various pages on the site
      • Created new About page detailing the purpose and data points of the site
      • Updated CCI page to also link to Assessment Procedures
      • Updated formatting on DIACAP page
      • Updated formatting and filtering options on the RMF page (Baseline, CNSSI 1253 and Overlays)
      • Updated formatting on the STIG Comparison Page
      • Re-Added ScansToPoam and CKL Stig Viewer to commercial site with warning alert
      • Fixed bug preventing banner menus from closing automatically
      • Updated formatting for STIG Main page
      • Updated formatting for STIG Details page, added toggle to show/hide CKL editor
      • Updated site to force HTTPS connections on live commerial domain
    • September 2019:
      • 9-25-2019:
        • ScansToPoam Module
          • Created fixes to make module cross browser compatible
          • Updated output on POAM56 to use eMASS Security Check Values
          • Updated POAM56 to not include a line break in the Milestone With Completion Date column
          • Updated Predisposing Conditions columns to clean up scan result data dumps
          • Updated POAM56 tab to properly show risk levels
        • STIG Comparison Page
          • Updated STIG Compare page to properly display highlights on all themes
        • General Site
          • Added Feedback form for users on site
    • August 2019:
      • 8-8-2019:
        • Ingested the latest DISA release of STIGs and SCAPs.
    • July 2019:
      • 7-6-2019:
        • Refactored application to simultaneously support the commercial, standalone and future DoN installs on a singular code base.
        • Updated the STIG pages to allow for the updating and generation of CKL files (with comments, finding details and requirement statuses) in the standalone installation
        • Created a STIG to Excel transcoder that will convert between CKL and XLS files. Available on the commercial site, and on the stand alone site with additional scan data properties.
        • Updated the Scans To Poam module in the stand alone installation to include:
          • PPSM - Ports, Protocols and Services and descriptions
          • Linux Patches - Applications installed on Linux/Unix systems
          • Scan Info - A Breakdown of the automated scans executed and important scan details
          • Local Users - Local users installed on each host scanned
          • Missing Patches - Patches that need to be installed on hosts
          • Traceability - A traceability sync between the RAR, POAM and POAM56 tabs
        • Updates to the standalone download to only use the site source and native portable installations of Apache HTTPD 2.4 and PHP 7.2
        • Updates to the Laravel framework to version 5.8
        • Updates to the site needed PHP modules
        • Updates to the site needed JS modules
        • Ingested the latest STIGs and SCAPs from DISA
    • May 2019:
      • 5-7-2019:
        • Added options to 'compare' all STIGs on the STIGs panel
        • Updated sorting of STIG Versions and Releases
    • April 2019:
      • 4-26-2019:
        • Removed all external data processing functions
    • March 2019:
      • 3-19-2019:
        • Added RMF Controls to STIG and SCAP Requirement display
      • 3-15-2019:
        • Updated Laravel Framework to version 5.7.28
        • Updated Bootstrap Framework to version 4.3.1
        • Updated backend to properly route URLs with multiple slashes
        • Updated site to include theming support (Check Out Flatly)
        • Updated all NPM modules, internallized all library calls (The site is not entirely standalone)
        • Added large alert for Internet Explorer Users (Browser not supported)
        • Corrected an XSS bug on the new CKL page that was allowing javascript to execute on field update
        • Changed the import verbiage when SCAP files are imported for CKL Requirements
        • Updated ScansToPoam to properly map fields to the POAM, POAM56 and RAR Tabs
        • Corrected a bug preventing multiple upload tasks from parsing on the ScansToPoam Module
      • 3-03-2019:
        • Ingested new STIGs and SCAPs
        • Added CCI Definition Data to Scans2Poam Export
        • Updated STIG Module:
          • Import CKL and XCCDF Data
          • Allow inline editing of CKL Data
          • Export valid CKL files based on updated fields
    • February 2019:
      • 2-10-2019:
        • Added linked RMF and DIACAP controls to CCI tab
      • 2-9-2019:
        • Created a Standalone Bundle of this site available on the Utilities tab
        • Updates to the Scans to POAM Module
          • Added filters to the Software List to remove unnecessary applications
          • Added a PPSM tab
          • Added an Operating System Count tab
          • Added a Missing Patches tab
          • Fixed a bug on the STIG Data tab
      • 2-3-2019:
        • Added routes to view latest STIGs or SCAPs without specifying version and release in the URL
        • Updates to the Scans to POAM Module
          • Updated the parsing and rendering engine to be more efficient
          • Added Windows software list tab
          • Added C-I-A outputs for RAR tab
          • Added RMF Control Data tab
          • Added applicable STIG Data tab
    • January 2019:
      • 1-30-2019:
        • Fixed DIFF coloring bug for STIG comparison
        • Fixed sorting mechanism for low, medium and high
        • Added search modules for Checks and Fixes
      • 1-29-2019:
        • Bug Fixes and Updates
          • Fixed sorting issue with STIG Releases
          • Added 'No Change' category to Comparison Totals
          • Fixed bug where 'added' and 'removed' were backwards
      • 1-27-2019:
        • Ingested the latest STIGs and SCAPs from DISA
        • Added the option to export STIGs directly to Stig Viewer v2.8 Checklists
        • Added the option to update existing Checklists to the current STIG version on the STIG pages
      • 1-14-2019:
        • Made updates to Scans to Poam module
          • Added data point fill ins
          • Added option to pre-fill SCD dates
          • Added option to Expand hostnames
          • Added option to Condense Test Plan tab to single entries per scan type
          • Added option to automatically lower the Residual Risk
      • 1-12-2019:
        • Added a Traceability Tab to the Scans to Poam module
        • Added new data points (CCI, Security Control, etc.) to the Scans to Poam module
    • December 2018:
      • 12-14-2018:
        • Bug Fixes for the Scans to Poam module
      • 12-8-2018:
        • Ingested STIGs and SCAPs that have dropped since last quarterly release
        • Updated Welcome Page STIG/SCAP listing to show more history
      • 12-5-2018:
        • Bug fixes for the new Scans to Poam utility
      • 12-2-2018:
        • Developed a Scan Files to RAR/POAM Module in the utilities section of the site
        • Fixed a bug preventing the sortable/filterable table from showing up on the STIG/SCAP pages
    • November 2018:
      • 11-24-2018:
        • Regenerated the Benchmark - CCI - Control Crosswalk with updated data pull
        • Added Previous and Next Arrows to the modal windows for the controls, STIGs and SCAPs
        • Added CCI Data Dump page with sortable data table
        • Added recently viewed page widget to navigation bar
      • 11-3-2018:
        • Ingested latest STIGs and SCAPs from DISA
    • October 2018:
      • 10-17-2018:
        • Added a new Crosswalk Download to the SCAP and STIG pages
        • Added an option to download the SCAP XML files
      • 10-16-2018:
        • Added download options for STIGs
        • Updated Contact form to use form mailer
      • 10-11-2018:
        • Updated ingest scripts to handle SCAP 1.1 and 1.2
        • Imported Sunsetted Products
        • Updated Search Engine to search for CCI items related to STIGs and SCAPs
        • Updated Welcome page to differentiate between STIGs and SCAPs
        • Updated SCAP page to properly handle the new Rule and Vulnerability formats
        • Imported missing SCAP and STIG benchmarks from DISA
      • 10-10-2018:
        • Created a Contact Us page
        • Added RMF Version to the heading on the RMF Page
        • Updated search engine to allow searching for RMF Enhancements
        • Updated RMF filters to properly filter the control table
        • Added Enhancement filter buttons to the RMF Control Details page
        • Updated introduction paragraphs on the STIG and SCAP Pages
      • 10-03-2018:
        • Fixed a symbolic link issue that was prevent STIG details from populating
    • September 2018:
      • 9-26-2018:
        • Continued developing the compare function
        • Added more SCAP 1.1 Benchmarks
        • Reseached SCAP 1.2 Changes
      • 9-25-2018:
        • Fixed a bug with the new quote search engine
        • Re-ordered and updated navigation bar
        • Linked SCAP and STIG severity buttons to table filters
        • Added search results for CCI Queries
        • Began working on compare functions
      • 9-24-2018:
        • Fixed HTTPS Global Switch
        • Attached filters to DIACAP and RMF buttons
        • Updated search engine to accept quoted terms