Security Technical Implementation Guidelines

A Security Technical Implementation Guide (STIG) is a cybersecurity methodology for standardizing security protocols within networks, servers, computers, and logical designs to enhance overall security. These guides, when implemented, enhance security for software, hardware, physical and logical architectures to further reduce vulnerabilities. This page shows you the list of STIGs that are actively tracked by this website. These STIGs will be updated on at least a quarterly basis, dependant upon the releases DISA makes.

Title Version / Release Published Description
A10 Networks ADC ALG Security Technical Implementation Guide
  • 2016-04-15
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
A10 Networks ADC NDM Security Technical Implementation Guide
  • 2016-04-15
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Active Directory Domain Security Technical Implementation Guide (STIG)
  • 2018-11-21
  • 2018-09-13
  • 2018-05-30
  • 2016-02-19
  • 2014-12-18
This STIG provides focused security requirements for the AD or Active Directory Domain Services (AD DS) element for Windows Servers operating systems. These requirements apply to the domain and can typically be reviewed once per AD domain. The separate Active Directory Forest STIG contains forest level requirements. Systems must also be reviewed using the applicable Windows STIG. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Active Directory Domain Security Technical Implementation Guide (STIG)
  • 2014-10-14
This STIG provides focused security requirements for the AD or Active Directory Domain Services (AD DS) element for Windows Servers operating systems. These requirements apply to the domain and can typically be reviewed once per AD domain. The separate Active Directory Forest STIG contains forest level requirements. Systems must also be reviewed using the applicable Windows STIG. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Active Directory Forest Security Technical Implementation Guide (STIG)
  • 2018-05-30
  • 2016-02-19
  • 2014-12-18
  • 2014-10-15
This STIG provides focused security requirements for the AD or Active Directory Domain Services (AD DS) element for Windows Servers operating systems. These requirements apply to the forest and can typically be reviewed once per AD Forest. The separate Active Directory Domain STIG contains domain level requirements. Systems must also be reviewed using the applicable Windows STIG. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Adobe Acrobat Pro XI Security Technical Implementation Guide
  • 2018-01-03
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
Adobe Acrobat Reader DC Classic Track Security Technical Implementation Guide
  • 2018-06-11
  • 2016-02-09
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Adobe Acrobat Reader DC Continuous Track Security Technical Implementation Guide
  • 2018-06-12
  • 2016-02-22
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Adobe ColdFusion 11 Security Technical Implementation Guide
  • 2017-12-31
  • 2015-11-02
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
AirWatch MDM STIG
  • 2015-11-30
  • 2014-08-08
Developed by AirWatch in coordination with DISA for the DoD.
AIX 5.3 SECURITY TECHNICAL IMPLEMENTATION GUIDE
  • 2014-10-03
The AIX Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
AIX 6.1 SECURITY TECHNICAL IMPLEMENTATION GUIDE
  • 2018-09-18
  • 2018-04-10
  • 2016-06-01
  • 2015-12-02
  • 2015-09-21
  • 2013-03-27
The AIX Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
Akamai KSD Service Impact Level 2 ALG Security Technical Implementation Guide
  • 2017-09-15
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
Akamai KSD Service Impact Level 2 NDM Security Technical Implementation Guide
  • 2017-09-15
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
Android 2.2 (Dell) Security Technical Implementation Guide
  • 2014-08-26
This STIG contains technical security controls required for the use of the Android 2.2 (Dell version) mobile operating system in the DoD environment when managed by the Good Mobility Suite.
APACHE 2.2 Server for UNIX Security Technical Implementation Guide
  • 2019-01-07
  • 2018-07-06
  • 2015-08-28
  • 2014-12-05
  • 2014-08-28
All directives specified in this STIG must be specifically set (i.e. the server is not allowed to revert to programmed defaults for these directives). Included files should be reviewed if they are used. Procedures for reviewing included files are included in the overview document. The use of .htaccess files are not authorized for use according to the STIG. However, if they are used, there are procedures for reviewing them in the overview document. The Web Policy STIG should be used in addition to the Apache Site and Server STIGs in order to do a comprehensive web server review.
APACHE 2.2 Server for Windows Security Technical Implementation Guide
  • 2018-12-24
  • 2017-10-02
  • 2015-08-27
  • 2014-12-05
All directives specified in this STIG must be specifically set (i.e. the server is not allowed to revert to programmed defaults for these directives). Included files should be reviewed if they are used. Procedures for reviewing included files are included in the overview document. The use of .htaccess files are not authorized for use according to the STIG. However, if they are used, there are procedures for reviewing them in the overview document. The Web Policy STIG should be used in addition to the Apache Site and Server STIGs in order to do a comprehensive web server review.
APACHE 2.2 Site for UNIX Security Technical Implementation Guide
  • 2019-01-07
  • 2018-07-06
  • 2015-08-27
  • 2014-12-05
  • 2014-08-28
All directives specified in this STIG must be specifically set (i.e. the server is not allowed to revert to programmed defaults for these directives). Included files should be reviewed if they are used. Procedures for reviewing included files are included in the overview document. The use of .htaccess files are not authorized for use according to the STIG. However, if they are used, there are procedures for reviewing them in the overview document. The Web Policy STIG should be used in addition to the Apache Site and Server STIGs in order to do a comprehensive web server review.
APACHE 2.2 Site for Windows Security Technical Implementation Guide
  • 2018-12-24
  • 2017-10-02
  • 2015-08-27
  • 2014-12-09
All directives specified in this STIG must be specifically set (i.e. the server is not allowed to revert to programmed defaults for these directives). Included files should be reviewed if they are used. Procedures for reviewing included files are included in the overview document. The use of .htaccess files are not authorized for use according to the STIG. However, if they are used, there are procedures for reviewing them in the overview document. The Web Policy STIG should be used in addition to the Apache Site and Server STIGs in order to do a comprehensive web server review.
APACHE Server 2.0 for Unix
  • 2015-08-28
  • 2014-09-02
  • 2011-12-12
All directives specified in this STIG must be specifically set (i.e. the server is not allowed to revert to programmed defaults for these directives). Included files should be reviewed if they are used. Procedures for reviewing included files are included in the overview document. The use of .htaccess files are not authorized for use according to the STIG. However, if they are used, there are procedures for reviewing them in the overview document. The Web Policy STIG should be used in addition to the Apache Site and Server STIGs in order to do a comprehensive web server review.
APACHE SERVER 2.0 for Windows
  • 2015-08-27
  • 2011-12-12
All directives specified in this STIG must be specifically set (i.e. the server is not allowed to revert to programmed defaults for these directives). Included files should be reviewed if they are used. Procedures for reviewing included files are included in the overview document. The use of .htaccess files are not authorized for use according to the STIG. However, if they are used, there are procedures for reviewing them in the overview document. The Web Policy STIG should be used in addition to the Apache Site and Server STIGs in order to do a comprehensive web server review.
Apache Server 2.4 UNIX Server Security Technical Implementation Guide
  • 2018-12-06
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
Apache Server 2.4 UNIX Site Security Technical Implementation Guide
  • 2018-11-26
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
Apache Server 2.4 Windows Server Security Technical Implementation Guide
  • 2018-11-26
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
Apache Server 2.4 Windows Site Security Technical Implementation Guide
  • 2018-11-26
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
APACHE SITE 2.0 for Unix
  • 2015-08-27
  • 2014-09-02
  • 2011-12-12
All directives specified in this STIG must be specifically set (i.e. the server is not allowed to revert to programmed defaults for these directives). Included files should be reviewed if they are used. Procedures for reviewing included files are included in the overview document. The use of .htaccess files are not authorized for use according to the STIG. However, if they are used, there are procedures for reviewing them in the overview document. The Web Policy STIG should be used in addition to the Apache Site and Server STIGs in order to do a comprehensive web server review.
APACHE SITE 2.0 for Windows
  • 2015-08-27
  • 2011-12-12
All directives specified in this STIG must be specifically set (i.e. the server is not allowed to revert to programmed defaults for these directives). Included files should be reviewed if they are used. Procedures for reviewing included files are included in the overview document. The use of .htaccess files are not authorized for use according to the STIG. However, if they are used, there are procedures for reviewing them in the overview document. The Web Policy STIG should be used in addition to the Apache Site and Server STIGs in order to do a comprehensive web server review.
Apple iOS 10 Security Technical Implementation Guide
  • 2017-02-14
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
Apple iOS 11 Security Technical Implementation Guide
  • 2018-09-19
  • 2018-05-31
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
Apple iOS 12 Security Technical Implementation Guide
  • 2018-11-28
  • 2018-10-02
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
Apple iOS 7 STIG
  • 2014-08-26
This STIG contains technical security controls required for the use of Apple iOS 7 devices (iPhone and iPad) in the DoD environment when managed by an approved mobile management server. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
Apple iOS 8 Interim Security Configuration Guide
  • 2014-09-16
This ISCG contains technical security controls required for the use of Apple iOS 8 devices (iPhone and iPad) in the DoD environment. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
Apple iOS 9 Interim Security Configuration Guide
  • 2015-12-07
  • 2016-05-11
This Interim Security Configuration Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Apple iOS 9 Interim Security Configuration Guide
  • 2015-10-08
This Interim Security Configuration Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Apple iOS6 Security Technical Implementation Guide
  • 2014-10-07
Developed by DISA for use in the DoD. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Apple OS X 10.10 (Yosemite) Workstation Security Technical Implementation Guide
  • 2017-04-06
  • 2016-02-01
  • 2015-09-21
The Apple OS X 10.10 Workstation Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Apple OS X 10.11 Security Technical Implementation Guide
  • 2018-01-04
  • 2016-04-12
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Apple OS X 10.12 Security Technical Implementation Guide
  • 2018-12-24
  • 2018-04-09
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
Apple OS X 10.13 Security Technical Implementation Guide
  • 2018-10-01
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
Apple OS X 10.8 (Mountain Lion) Workstation STIG
  • 2015-02-10
The Apple OS X 10.8 (Mountain Lion) Workstation Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Apple OS X 10.9 (Mavericks) Workstation Security Technical Implementation Guide
  • 2017-01-05
  • 2015-02-26
The Apple OS X 10.9 Workstation Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Application Layer Gateway (ALG) Security Requirements Guide (SRG)
  • 2015-06-30
The Application Layer Gateway (ALG) SRG is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the NIST 800-53 and related documents. Comments or proposed revisions to STIG or SRG documents should be sent to this email address: [email protected]
Application Security and Development Checklist
  • 2014-12-22
  • 2014-10-05
Application Security and Development Security Technical Implementation Guide
  • 2018-12-24
  • 2018-09-13
  • 2018-06-20
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Application Server Security Requirements Guide
  • 2019-01-07
  • 2018-09-13
  • 2018-01-08
  • 2015-08-28
  • 2014-12-12
The Application Server Security Requirements Guide (SRG) is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the NIST 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
ArcGIS for Server 10.3 Security Technical Implementation Guide
  • 2017-12-22
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Arista MLS DCS-7000 Series L2S Security Technical Implementation Guide
  • 2018-11-28
  • 2016-03-29
  • 2015-07-06
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
Arista MLS DCS-7000 Series NDM Security Technical Implementation Guide
  • 2016-03-29
  • 2015-07-06
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Arista MLS DCS-7000 Series RTR Security Technical Implementation Guide
  • 2016-03-29
  • 2015-07-06
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide
  • 2018-10-01
This Security Requirements Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
BIND 9.x Security Technical Implementation Guide
  • 2019-01-07
  • 2018-04-03
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
BIND DNS STIG
  • 2017-07-10
  • 2015-10-01
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
BlackBerry 10 OS Security Technical Implementation Guide
  • 2014-08-27
  • 2013-10-07
Developed by BlackBerry Ltd. in coordination with DISA for use in the DoD. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
BlackBerry 10.2.x OS Security Technical Implementation Guide
  • 2015-07-02
  • 2014-08-28
  • 2014-06-13
Developed by BlackBerry Ltd. in coordination with DISA for use in the DoD. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
BlackBerry BES 12.3.x MDM Security Technical Implementation Guide
  • 2016-04-25
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
BlackBerry BES 12.5.x MDM Security Technical Implementation Guide
  • 2017-06-05
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
BlackBerry Device Service 6.2 STIG
  • 2013-05-03
Developed by Research In Motion Ltd. in coordination with DISA for use in the DoD.
BlackBerry Enterprise Mobility Server 2.x Security Technical Implementation Guide
  • 2018-11-29
  • 2017-12-11
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
BlackBerry Enterprise Server (version 5.x), Part 1 Security Technical Implementation Guide
  • 2015-07-02
BlackBerry Enterprise Server (version 5.x) STIG, Part 1 in XCCDF format. Part 1: BES architecture and training requirements. Part 2: BES configuration requirements. Part 3: BES IT Policy configuration requirements.
BlackBerry Enterprise Server (version 5.x), Part 2 Security Technical Implementation Guide
  • 2015-07-02
BlackBerry Enterprise Server (version 5.x) STIG, Part 2 in XCCDF format. Part 1: BES architecture and training requirements. Part 2: BES configuration requirements. Part 3: BES IT Policy configuration requirements.
BlackBerry Enterprise Server (version 5.x), Part 3 Security Technical Implementation Guide
  • 2015-07-02
BlackBerry Enterprise Server (version 5.x) STIG, Part 3 in XCCDF format. Part 1: BES architecture and training requirements. Part 2: BES configuration requirements. Part 3: BES IT Policy configuration requirements.
BlackBerry Enterprise Service v10.1.x BlackBerry Device Service STIG
  • 2014-10-06
Developed by Research In Motion Ltd. in coordination with DISA for use in the DoD.
BlackBerry Enterprise Service v10.2.x BlackBerry Device Service STIG
  • 2015-07-23
  • 2014-07-02
Developed by BlackBerry Ltd. in coordination with DISA for use in the DoD. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
BlackBerry OS 10.3.x Security Technical Implementation Guide
  • 2016-09-08
  • 2016-05-18
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
BlackBerry OS 7.x.x Security Technical Implementation Guide
  • 2017-09-11
  • 2015-08-12
BlackBerry OS 7.x.x STIG in XCCDF format
BlackBerry Playbook OS (NEA mode) Security Technical Implementation Guide (STIG)
  • 2014-08-25
This document describes required technical IA controls for the Playbook when used in the Non-Enterprise Activated (NEA mode). NEA mode is when the device is not connected to the DoD network and does not process sensitive DoD data or email.
BlackBerry PlayBook OS V2.1 Security Technical Implementation Guide
  • 2014-08-29
Developed by BlackBerry Ltd. in coordination with DISA for use in the DoD. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
BlackBerry UEM 12.7 Security Technical Implementation Guide
  • 2017-11-27
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
BlackBerry UEM 12.8 Security Technical Implementation Guide
  • 2018-08-27
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
Bluetooth/Zigbee Security Technical Implementation Guide (STIG)
  • 2014-03-18
  • 2014-03-18
This STIG contains the technical security controls for the operation of Bluetooth/Zigbee devices in the DoD environment.
CA API Gateway ALG Security Technical Implementation Guide
  • 2017-04-07
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
CA API Gateway NDM Security Technical Implementation Guide
  • 2016-09-20
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
Canonical Ubuntu 16.04 LTS Security Technical Implementation Guide
  • 2018-07-18
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
Central Log Server Security Requirements Guide
  • 2018-08-29
This Security Requirements Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
CISCO CSS DNS
  • 2015-12-29
The CISCO CSS DNS Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Cisco IOS XE Release 3 NDM Security Technical Implementation Guide
  • 2018-12-20
  • 2018-03-08
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
Cisco IOS XE Release 3 RTR Security Technical Implementation Guide
  • 2018-02-20
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
Citrix XenDesktop 7.x Delivery Controller Security Technical Implementation Guide
  • 2018-08-28
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
Citrix XenDesktop 7.x License Server Security Technical Implementation Guide
  • 2018-08-28
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
Citrix XenDesktop 7.x Receiver Security Technical Implementation Guide
  • 2018-08-28
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
Citrix XenDesktop 7.x Windows Virtual Delivery Agent Security Technical Implementation Guide
  • 2018-08-28
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
Citrix XenDesktop v7.x StoreFront Security Technical Implementation Guide
  • 2018-08-28
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
CMD Management Server Policy Security Technical Implementation Guide (STIG)
  • 2014-08-05
This STIG contains the policy, training, and operating procedure security controls for the use of CMD management servers in the DoD environment. This STIG replaces the Wireless Management Server STIG (V1R6). Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Commercial Mobile Device (CMD) Policy Security Technical Implementation Guide (STIG)
  • 2016-09-30
  • 2013-03-12
This STIG contains the policy, training, and operating procedure security controls for the use of CMDs in the DoD environment. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
CSfC Campus WLAN Policy Security Implementation Guide
  • 2014-03-19
  • 2014-03-19
This STIG contains the policy, training, and operating procedure security controls for the use of classified campus WLAN systems based on the Commercial Solutions for Classified (CSfC) Campus IEEE 802.11 Wireless Local Area Network (WLAN)Capability Package. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Database Security Requirements Guide
  • 2017-11-30
  • 2016-03-18
  • 2015-12-21
  • 2015-06-23
  • 2015-02-13
The Database Security Requirements Guide (SRG) is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the NIST 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
DBN-6300 IDPS Security Technical Implementation Guide
  • 2017-09-15
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
DBN-6300 NDM Security Technical Implementation Guide
  • 2017-09-15
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.[email protected]
Defense Switched Network (DSN) STIG
  • 2017-01-19
  • 2015-08-11
The Defense Switched Network (DSN) Security Technical Implementation Guide (STIG) provides the policy and architectual guidance for applying security concepts to DoD telecommunications systems. These policies ensure conformance to DoD requirements that govern DSN voice services deployment and operations, to include special-C2, C2, and non-C2 services. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Defense Switched Network STIG
  • 2014-10-06
The Defense Switched Network (DSN) Security Technical Implementation Guide (STIG) provides the policy and architectual guidance for applying security concepts to DoD telecommunications systems. These policies ensure conformance to DoD requirements that govern DSN voice services deployment and operations, to include special-C2, C2, and non-C2 services. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Desktop Application Antispyware General
Desktop Applications General
  • 2017-07-10
  • 2014-10-03
  • 2012-02-28
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
DNS Policy
  • 2018-04-05
  • 2016-06-30
  • 2015-12-29
  • 2013-07-08
The DNS Policy Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Domain Name System (DNS) Security Requirements Guide
  • 2015-01-05
The DNS Security Requirements Guide (SRG) is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the NIST 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
EDB Postgres Advanced Server Security Technical Implementation Guide
  • 2018-09-13
  • 2017-11-17
  • 2016-06-28
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
Email Services Policy
Email Services Policy
Email Services Policy STIG
  • 2015-08-07
  • 2014-09-05
  • 2014-03-11
Email Services Policy STIG requirements must be evaluated on each system review, regardless of the email product or release level. These policies ensure conformance to DoD requirements that govern email services deployment and operations. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Exchange 2010 Client Access Server STIG
  • 2017-01-03
  • 2015-12-02
  • 2015-03-10
  • 2014-09-08
  • 2014-03-11
The Microsoft Exchange Server 2010 STIGs cover four of the five roles available with Microsoft Exchange Server 2010. The Email Services Policy STIG must also be reviewed for each site hosting email services. Also, for the Client Access server, the IIS guidance must be reviewed prior to the OWA checks. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
MS Exchange 2010 Edge Transport Server STIG
  • 2019-01-02
  • 2018-09-17
  • 2017-01-03
  • 2015-12-02
  • 2015-09-15
  • 2014-09-05
  • 2014-03-11
The Microsoft Exchange Server 2010 STIGs cover four of the five roles available with Microsoft Exchange Server 2010. The Email Services Policy STIG must also be reviewed for each site hosting email services. Also, for the Client Access server, the IIS guidance must be reviewed prior to the OWA checks. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Exchange 2010 Hub Transport Server STIG
  • 2017-01-04
  • 2015-12-02
  • 2015-09-15
  • 2014-09-05
  • 2014-03-11
The Microsoft Exchange Server 2010 STIGs cover four of the five roles available with Microsoft Exchange Server 2010. The Email Services Policy STIG must also be reviewed for each site hosting email services. Also, for the Client Access server, the IIS guidance must be reviewed prior to the OWA checks. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Exchange 2010 Mailbox Server STIG
  • 2017-07-05
  • 2015-12-02
  • 2015-03-10
  • 2014-09-05
  • 2014-03-11
The Microsoft Exchange Server 2010 STIGs cover four of the five roles available with Microsoft Exchange Server 2010. The Email Services Policy STIG must also be reviewed for each site hosting email services. Also, for the Client Access server, the IIS guidance must be reviewed prior to the OWA checks. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
F5 BIG-IP Access Policy Manager 11.x Security Technical Implementation Guide
  • 2015-06-02
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
F5 BIG-IP Advanced Firewall Manager 11.x Security Technical Implementation Guide
  • 2015-06-02
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
F5 BIG-IP Application Security Manager 11.x Security Technical Implementation Guide
  • 2015-06-02
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
F5 BIG-IP Device Management 11.x Security Technical Implementation Guide
  • 2015-10-01
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
F5 BIG-IP Local Traffic Manager 11.x Security Technical Implementation Guide
  • 2015-06-02
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
General Wireless Policy Security Technical Implementation Guide
  • 2011-11-28
  • 2011-09-30
  • 2011-04-08
This STIG provides policy, training, and operating procedure security controls for the use of wireless devices and systems in the DoD environment. This STIG applies to any wireless device (such as WLAN Access Points and clients, Bluetooth devices, smartphones and cell phones, wireless keyboards and mice, and wireless remote access devices) used to store, process, transmit or receive DoD information.
Firewall Security Requirements Guide
  • 2018-12-24
  • 2018-09-13
  • 2018-03-21
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
Firewall Security Technical Implementation Guide
  • 2015-09-18
  • 2013-10-08
Firewall Security Technical Implementation Guide
Firewall Security Technical Implementation Guide - Cisco
  • 2015-09-18
  • 2013-10-08
Firewall Security Technical Implementation Guide - Cisco
ForeScout CounterACT ALG Security Technical Implementation Guide
  • 2018-01-03
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
ForeScout CounterACT NDM Security Technical Implementation Guide
  • 2017-09-19
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
General Mobile Device (Technical) (Non-Enterprise Activated) Security Technical Implementation Guide
  • 2013-07-03
This STIG provides technical security controls for the use of mobile devices (smartphone and tablets) that are not authorized to be connected to a DoD network or store or process sensitive or classified DoD data/information. Non-enterprise activated refers to any device that is operated under the use conditions found in Section 2.1 of the STIG overview document. See section 1.1 of the STIG overview document for additional information.
General Mobile Device Policy (Non-Enterprise Activated) Security Technical Implementation Guide
  • 2013-07-03
This STIG provides policy, training, and operating procedure security controls for the use of mobile devices (smartphone and tablets) that are not authorized to be connected to a DoD network or store or process sensitive or classified DoD data/information. Non-enterprise activated refers to any device that is operated under the use conditions found in Section 2.1 of the STIG overview document. See section 1.1 of the STIG overview document for additional information.
General Purpose Operating System SRG
  • 2019-01-02
  • 2016-04-25
  • 2015-12-31
  • 2015-06-26
The General Purpose Operating System Security Requirements Guide (SRG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Good for Enterprise 8.x Security Technical Implementation Guide
  • 2017-12-14
  • 2014-08-18
Developed by Good Technology in coordination with DISA for the DoD.
Good Mobility Suite Server (Android OS) Security Technical Implementation Guide
  • 2011-12-14
This STIG provides technical security controls required for the use of the Good Mobility Suite with Android 2.2 (Dell version) mobile operating system devices in the DoD environment.
Good Mobility Suite Server (Windows Phone 6.5) Security Technical Implementation Guide
  • 2011-10-04
This STIG provides technical security controls required for the use of the Good Mobility Suite with Windows Phone 6.5 devices in the DoD environment.
Google Chrome Current Windows STIG
  • 2018-12-13
  • 2018-11-01
  • 2018-09-06
  • 2018-03-13
  • 2016-06-28
  • 2015-10-01
The Google Chrome Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Google Search Appliance Security Technical Implementation Guide
  • 2015-07-07
Developed by Microsoft in coordination with DISA for use in the DoD. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Harris SecNet 11 / 54 Security Technical Implementation Guide (STIG)
  • 2016-11-14
  • 2016-01-04
  • 2014-04-07
  • 2014-04-07
This STIG contains the technical security controls for the operation of the Harris SecNet 11 or 54 classified WLAN devices in the DoD environment.
HP FlexFabric Switch L2S Security Technical Implementation Guide
  • 2018-12-21
  • 2016-02-29
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
HP FlexFabric Switch NDM Security Technical Implementation Guide
  • 2016-02-29
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
HP FlexFabric Switch RTR Security Technical Implementation Guide
  • 2016-02-26
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
HP-UX 11.23 Security Technical Implementation Guide
  • 2015-12-02
  • 2015-09-11
  • 2013-07-02
The HP-UX 11.23 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
HP-UX 11.31 Security Technical Implementation Guide
  • 2019-01-08
  • 2018-09-14
  • 2018-03-01
  • 2016-06-01
  • 2015-12-02
  • 2015-09-11
  • 2014-05-27
The HP-UX 11.31 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
HPE 3PAR StoreServ 3.2.x Security Technical Implementation Guide
  • 2017-05-18
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
IBM DataPower ALG Security Technical Implementation Guide
  • 2016-01-21
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
IBM DataPower Network Device Management Security Technical Implementation Guide
  • 2017-10-05
  • 2016-01-21
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
IBM DB2 V10.5 LUW Security Technical Implementation Guide
  • 2018-09-13
  • 2017-11-16
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
IBM Hardware Management Console (HMC) STIG
  • 2017-09-28
  • 2015-01-14
  • 2014-09-18
  • 2014-04-10
IBM Hardware Management Console is used to perform Initial Program Loads (IPLs), power on resets, shutdowns, and configuring of hardware components for system logical partitions.
IBM Hardware Management Console (HMC) STIG Policies
  • 2015-01-14
  • 2015-01-14
  • 2010-11-09
Policy and Documentation Vulnerabilities for IBM Hardware Management Console (HMC).
IBM MaaS360 v2.3.x MDM Security Technical Implementation Guide
  • 2018-09-13
  • 2016-02-24
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
IBM MaaS360 with Watson v10.x MDM Security Technical Implementation Guide
  • 2018-11-14
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
IBM MQ Appliance V9.0 AS Security Technical Implementation Guide
  • 2017-06-06
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
IBM MQ Appliance v9.0 NDM Security Technical Implementation Guide
  • 2017-06-06
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
IBM WebSphere Traditional V9.x Security Technical Implementation Guide
  • 2018-08-24
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
IBM z/VM Using CA VM:Secure Security Technical Implementation Guide
  • 2018-04-04
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
IDS/IPS Security Technical Implementation Guide
  • 2013-10-08
IDS/IPS Security Technical Implementation Guide
IIS 7.0 Server STIG
  • 2018-09-27
  • 2017-12-21
  • 2016-02-11
  • 2015-08-27
  • 2014-08-28
  • 2014-03-11
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
IIS 7.0 Site STIG
  • 2018-09-27
  • 2017-12-21
  • 2016-02-11
  • 2015-08-27
  • 2014-08-28
  • 2014-03-25
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
IIS 8.5 Server Security Technical Implementation Guide
  • 2019-01-08
  • 2018-09-27
  • 2018-07-10
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
IIS 8.5 Site Security Technical Implementation Guide
  • 2019-01-08
  • 2018-09-18
  • 2018-07-09
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
IIS6 Server
  • 2015-06-01
  • 2011-09-26
IIS6 Site
  • 2015-06-01
  • 2011-10-03
Infoblox 7.x DNS Security Technical Implementation Guide
  • 2018-09-18
  • 2018-01-03
  • 2016-05-04
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Infrastructure L3 Switch Secure Technical Implementation Guide - Cisco
  • 2018-11-27
  • 2018-08-22
  • 2018-05-29
  • 2016-07-07
  • 2015-09-21
  • 2013-10-08
  • 2013-10-08
Infrastructure L3 Switch Secure Technical Implementation Guide - Cisco
Infrastructure L3 Switch Security Technical Implementation Guide
  • 2019-01-09
  • 2018-08-22
  • 2018-05-29
  • 2016-06-30
  • 2015-09-21
  • 2013-10-08
  • 2013-10-08
Infrastructure L3 Switch Security Technical Implementation Guide
Infrastructure Router Security Technical Implementation Guide
  • 2018-11-27
  • 2018-09-11
  • 2018-05-29
  • 2016-07-07
  • 2015-09-21
  • 2013-10-08
  • 2013-10-08
Infrastructure Router Security Technical Implementation Guide
Infrastructure Router Security Technical Implementation Guide Cisco
  • 2018-11-27
  • 2018-09-11
  • 2018-05-29
  • 2016-07-07
  • 2015-09-21
  • 2013-10-08
  • 2013-10-08
Infrastructure Router Security Technical Implementation Guide – Cisco
Infrastructure Router Security Technical Implementation Guide Juniper
  • 2018-11-27
  • 2018-09-11
  • 2018-05-29
  • 2016-07-07
  • 2015-09-21
  • 2013-10-08
  • 2013-10-08
Infrastructure Router Security Technical Implementation Guide – Juniper
Internet Explorer 8 STIG
  • 2015-12-17
  • 2015-06-30
  • 2014-11-21
  • 2014-07-03
The Internet Explorer 8 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Registry paths and values identified in each control assume the use of Group Policy Administrative Templates. Installations not using Group Policies to administer Microsoft Browser products may observe alternate registry paths for stored configuration values.
Internet Explorer 8 STIG
  • 2014-10-01
The Internet Explorer 8 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Registry paths and values identified in each control assume the use of Group Policy Administrative Templates. Installations not using Group Policies to administer Microsoft Browser products may observe alternate registry paths for stored configuration values.
Internet Explorer 9 Security Technical Implementation Guide
  • 2015-06-30
  • 2014-11-21
  • 2014-10-01
  • 2014-07-03
The Internet Explorer 9 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Intrusion Detection and Prevention Systems (IDPS) Security Requirements Guide
  • 2018-10-09
  • 2017-07-07
  • 2015-07-28
  • 2014-08-01
The IDPS Security Requirements Guide (SRG) is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the NIST 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
IPSec VPN Gateway Security Technical Implementation Guide
  • 2018-11-27
  • 2018-03-08
  • 2015-09-21
  • 2013-10-08
IPSec VPN Gateway Security Technical Implementation Guide
Java Runtime Environment (JRE) 6 STIG for Windows XP
  • 2014-10-05
The Java Runtime Environment (JRE) is a bundle developed and offered by Oracle Corporation which includes the Java Virtual Machine (JVM), class libraries, and other components necessary to run Java applications and applets. Certain default settings within the JRE pose a security risk so it is necessary to deploy system wide properties to ensure a higher degree of security when utilizing the JRE. Guidance placed on sunset list 10/24/2014. XP OS no longer supported by vendor.
Java Runtime Environment (JRE) version 6 STIG for Unix
  • 2015-12-10
  • 2015-07-02
  • 2014-10-06
The Java Runtime Environment (JRE) is a bundle developed and offered by Oracle Corporation which includes the Java Virtual Machine (JVM), class libraries, and other components necessary to run Java applications and applets. Certain default settings within the JRE pose a security risk so it is necessary to deploy system wide properties to ensure a higher degree of security when utilizing the JRE.
Java Runtime Environment (JRE) version 6 STIG for Windows 7
  • 2015-12-10
  • 2015-07-02
  • 2014-10-05
The Java Runtime Environment (JRE) is a bundle developed and offered by Oracle Corporation which includes the Java Virtual Machine (JVM), class libraries, and other components necessary to run Java applications and applets. Certain default settings within the JRE pose a security risk so it is necessary to deploy system wide properties to ensure a higher degree of security when utilizing the JRE.
Java Runtime Environment (JRE) version 7 STIG for Unix
  • 2015-12-10
  • 2015-07-02
  • 2014-12-29
  • 2014-10-06
The Java Runtime Environment (JRE) is a bundle developed and offered by Oracle Corporation which includes the Java Virtual Machine (JVM), class libraries, and other components necessary to run Java applications and applets. Certain default settings within the JRE pose a security risk so it is necessary to deploy system wide properties to ensure a higher degree of security when utilizing the JRE.
Java Runtime Environment (JRE) version 7 STIG for Windows 7
  • 2015-12-10
  • 2015-07-02
  • 2014-12-29
  • 2014-10-05
The Java Runtime Environment (JRE) is a bundle developed and offered by Oracle Corporation which includes the Java Virtual Machine (JVM), class libraries, and other components necessary to run Java applications and applets. Certain default settings within the JRE pose a security risk so it is necessary to deploy system wide properties to ensure a higher degree of security when utilizing the JRE.
Java Runtime Environment (JRE) version 7 STIG for WinXP
  • 2014-10-05
The Java Runtime Environment (JRE) is a bundle developed and offered by Oracle Corporation which includes the Java Virtual Machine (JVM), class libraries, and other components necessary to run Java applications and applets. Certain default settings within the JRE pose a security risk so it is necessary to deploy system wide properties to ensure a higher degree of security when utilizing the JRE.
Java Runtime Environment (JRE) version 8 STIG for Unix
  • 2017-09-27
The Java Runtime Environment (JRE) is a bundle developed and offered by Oracle Corporation which includes the Java Virtual Machine (JVM), class libraries, and other components necessary to run Java applications and applets. Certain default settings within the JRE pose a security risk so it is necessary to deploy system wide properties to ensure a higher degree of security when utilizing the JRE.
Java Runtime Environment (JRE) version 8 STIG for Windows
  • 2017-12-21
The Java Runtime Environment (JRE) is a bundle developed and offered by Oracle Corporation which includes the Java Virtual Machine (JVM), class libraries, and other components necessary to run Java applications and applets. Certain default settings within the JRE pose a security risk so it is necessary to deploy system wide properties to ensure a higher degree of security when utilizing the JRE.
JBoss EAP 6.3 Security Technical Implementation Guide
  • 2019-01-02
  • 2017-03-20
  • 2015-11-09
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Juniper Router NDM Security Technical Implementation Guide
  • 2018-11-14
  • 2018-08-30
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Juniper Router RTR Security Technical Implementation Guide
  • 2018-11-15
  • 2018-08-30
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Juniper SRX SG ALG Security Technical Implementation Guide
  • 2018-04-04
  • 2016-03-31
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Juniper SRX SG IDPS Security Technical Implementation Guide
  • 2017-07-07
  • 2016-03-30
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Juniper SRX SG NDM Security Technical Implementation Guide
  • 2017-01-05
  • 2016-03-31
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Juniper SRX SG VPN Security Technical Implementation Guide
  • 2017-10-03
  • 2016-04-01
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Keyboard Video and Mouse Switch STIG
  • 2015-12-09
  • 2015-06-30
The Keyboard Video and Mouse Switch (KVM) STIG includes the computing requirements for KVM switches operating to support the DoD. The Keyboard Video and Mouse Switch STIG must also be applied for each site using KVM switches. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
L3 KOV-26 Talon (Wireless Role) Security Technical Implementation Guide (STIG)
  • 2014-04-07
  • 2014-04-07
This STIG contains the technical security controls for the operation of a L3 KOV-26 Talon (Wireless Role) encryptor in the DoD environment.
Layer 2 Switch Security Requirements Guide
  • 2019-01-07
  • 2018-05-22
This Security Requirements Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Layer 2 Switch Security Technical Implementation Guide
  • 2018-11-27
  • 2018-08-22
  • 2018-05-29
  • 2015-09-21
  • 2013-10-08
  • 2013-10-08
Layer 2 Switch Security Technical Implementation Guide
Layer 2 Switch Security Technical Implementation Guide - Cisco
  • 2019-01-09
  • 2018-08-22
  • 2018-05-29
  • 2015-09-21
  • 2013-10-08
  • 2013-10-08
Layer 2 Switch Security Technical Implementation Guide - Cisco
LG Android 5.x Interim Security Configuration Guide
  • 2015-09-22
This Interim Security Configuration Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
LG Android 6.x Security Technical Implementation Guide
  • 2016-05-05
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
MAC OSX 10.5 Security Technical Implementation Guide
  • 2011-07-29
MAC OSX 10.5 Security Technical Implementation Guide
MAC OSX 10.6 Workstation Security Technical Implementation Guide
  • 2013-04-09
MAC OSX 10.6 Workstation Security Technical Implementation Guide
Mainframe Product Security Requirements Guide
  • 2017-06-22
  • 2016-04-18
This Security Requirements Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
McAfee MOVE 2.6 Multi-Platform Client STIG
  • 2014-01-15
The McAfee MOVE 2.6 Multi-Platform Client STIG is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the NIST 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
McAfee MOVE 2.6/3.6.1 Multi-Platform OSS STIG
  • 2016-04-05
  • 2015-10-05
The McAfee MOVE 2.6/3.6.1 Multi-Platform OSS STIG is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the NIST 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
McAfee MOVE 2.6/3.6.1 Multi-Platform Client STIG
  • 2016-04-05
The McAfee MOVE 2.6/3.6.1 Multi-Platform Client STIG is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the NIST 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
McAfee MOVE Agentless 3.0/3.6.1 Security Virtual Appliance STIG
  • 2016-04-05
  • 2015-10-06
The McAfee MOVE 3.0/3.6.1 Agentless SVA STIG is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the NIST 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
McAfee MOVE Agentless 3.0 VSEL 1.9 for SVA STIG
  • 2014-05-08
The McAfee MOVE 3.0 Agentless VSEL for SVA STIG The McAfee MOVE 2.6 Multi-Platform Client STIG is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the NIST 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
McAfee VirusScan 8.8 Local Client STIG
  • 2018-07-09
  • 2016-03-31
  • 2015-12-29
  • 2015-10-01
  • 2015-03-30
  • 2014-10-03
The McAfee VirusScan 8.8 Local Client STIG is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the NIST 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
McAfee VirusScan 8.8 Managed Client STIG
  • 2018-07-09
  • 2016-06-30
  • 2016-01-04
  • 2015-10-01
  • 2015-03-30
  • 2014-10-03
The McAfee VirusScan Managed Client STIG is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the NIST 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
McAfee VirusScan Locally Configured Client
  • 2014-01-03
McAfee VirusScan Managed Client
  • 2014-01-03
McAfee VSEL 1.9/2.0 Local Client Security Technical Implementation Guide
  • 2019-01-02
  • 2016-03-31
  • 2015-11-30
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
McAfee VSEL 1.9/2.0 Managed Client Security Technical Implementation Guide
  • 2016-04-06
  • 2015-11-30
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
MDM Server Policy Security Technical Implementation Guide (STIG)
  • 2016-09-30
This STIG contains the policy, training, and operating procedure security controls for the use of MDM servers in the DoD environment. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Microsoft Access 2003
  • 2014-10-03
Microsoft Access 2007 Security Technical Implementation Guide
  • 2017-10-02
  • 2016-06-30
  • 2015-12-29
  • 2015-10-01
  • 2014-01-07
  • 2014-01-07
The Microsoft Access 2007 STIG is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the NIST 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Microsoft Access 2010
  • 2018-04-03
  • 2014-01-07
  • 2014-01-07
Settings in this guidance assume a complete installation of Microsoft Office 2010 on the Windows 7 Platform. Registry paths and values identified in each control assume the use of Group Policy Administrative Templates. Installations not using Group Policies to administer Microsoft Office products may observe alternate registry paths for stored configuration values. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Microsoft Access 2013 STIG
  • 2018-04-03
  • 2013-12-11
  • 2013-12-11
The Microsoft Access 2013 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Microsoft Access 2016 Security Technical Implementation Guide
  • 2016-11-02
The Microsoft Access 2016 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Microsoft DotNet Framework 4.0 STIG
  • 2018-09-06
  • 2018-06-27
  • 2016-03-01
  • 2014-01-08
Applicable to systems and applications utilizing the Microsoft .Net version 4.0 framework.
Microsoft Excel 2003
  • 2014-10-03
Microsoft Excel 2007
  • 2017-10-03
  • 2015-10-02
  • 2014-12-22
  • 2014-01-07
Microsoft Excel 2010
  • 2018-04-04
  • 2014-04-03
  • 2014-04-03
Settings in this guidance assume a complete installation of Microsoft Office 2010 on the Windows 7 Platform. Registry paths and values identified in each control assume the use of Group Policy Administrative Templates. Installations not using Group Policies to administer Microsoft Office products may observe alternate registry paths for stored configuration values. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Microsoft Excel 2013 STIG
  • 2018-04-03
  • 2015-06-18
  • 2014-04-03
The Microsoft Excel 2013 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Microsoft Excel 2016 Security Technical Implementation Guide
  • 2017-09-19
The Microsoft Excel 2016 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Microsoft Exchange 2016 Edge Transport Server Security Technical Implementation Guide
  • 2018-08-28
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
Microsoft Exchange 2016 Mailbox Server Security Technical Implementation Guide
  • 2019-01-09
  • 2018-08-28
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
Microsoft Exchange Server 2003
  • 2014-08-19
Guidance for Microsoft Exhange Server 2003 in the Mailbox Server, MTA, and the Client Access (OWA) Server Roles.
Microsoft Groove 2013 STIG
  • 2018-04-03
  • 2014-12-23
  • 2013-12-11
The Microsoft Groove 2013 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Microsoft IE Version 6
  • 2014-12-17
  • 2014-07-03
Microsoft IE Version 7
  • 2015-12-17
  • 2015-06-30
  • 2014-11-21
  • 2014-10-01
  • 2014-07-03
Microsoft InfoPath 2003
  • 2014-10-03
Microsoft InfoPath 2007 Security Technical Implementation Guide
  • 2017-10-02
  • 2015-10-02
  • 2014-01-07
  • 2014-01-07
Microsoft InfoPath 2010 STIG
  • 2018-04-03
  • 2014-04-03
  • 2014-04-03
Settings in this guidance assume a complete installation of Microsoft Office 2010 on the Windows 7 Platform. Registry paths and values identified in each control assume the use of Group Policy Administrative Templates. Installations not using Group Policies to administer Microsoft Office products may observe alternate registry paths for stored configuration values. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Microsoft InfoPath 2013 STIG
  • 2018-04-03
  • 2015-06-18
  • 2014-01-06
The Microsoft InfoPath 2013 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Microsoft Internet Explorer 10 Security Technical Implementation Guide
  • 2017-03-22
  • 2016-06-24
  • 2015-12-16
  • 2015-09-14
  • 2014-11-21
  • 2014-10-01
  • 2014-07-03
The Microsoft Internet Explorer 10 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Microsoft Internet Explorer 11 Security Technical Implementation Guide
  • 2018-06-08
  • 2016-06-24
  • 2015-12-18
  • 2015-06-30
  • 2015-03-26
  • 2014-11-21
  • 2014-10-01
  • 2014-05-13
The Microsoft Internet Explorer 11 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Microsoft Internet Explorer 9 Security Technical Implementation Guide
  • 2015-12-17
Settings in this guidance assume a complete installation of Microsoft Internet Explorer 9 on the Windows 7 Platform. Registry paths and values identified in each control assume the use of Group Policy Administrative Templates. Installations not using Group Policies to administer Microsoft Browser products may observe alternate registry paths for stored configuration values.
Microsoft ISA Server 2006
Microsoft ISA Server 2006 Guidance
Microsoft ISA Server 2006 (OWA Proxy)
Microsoft ISA Server 2006 configured in a Web Proxy Profile for Microsoft Exchange 2003 OWA Server
Microsoft Lync 2013 STIG
  • 2018-04-04
  • 2014-04-03
  • 2014-04-03
The Microsoft Lync 2013 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Microsoft Office System 2007 Security Technical Implementation Guide
  • 2017-10-02
  • 2015-10-02
  • 2014-01-07
  • 2014-01-07
Microsoft Office System 2010 STIG
  • 2018-04-04
  • 2015-06-23
  • 2014-01-07
  • 2014-01-07
Settings in this guidance assume a complete installation of Microsoft Office 2010 on the Windows 7 Platform. Registry paths and values identified in each control assume the use of Group Policy Administrative Templates. Installations not using Group Policies to administer Microsoft Office products may observe alternate registry paths for stored configuration values. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Microsoft Office System 2013 STIG
  • 2018-09-05
  • 2018-03-19
  • 2015-06-18
  • 2013-12-11
The Microsoft Office System 2013 STIG is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the NIST 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Microsoft OneNote 2010 STIG
  • 2018-04-04
  • 2014-01-07
  • 2014-01-07
Settings in this guidance assume a complete installation of Microsoft Office 2010 on the Windows 7 Platform. Registry paths and values identified in each control assume the use of Group Policy Administrative Templates. Installations not using Group Policies to administer Microsoft Office products may observe alternate registry paths for stored configuration values. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Microsoft OneNote 2013 STIG
  • 2018-04-04
  • 2013-12-11
  • 2013-12-11
The Microsoft OneNote 2013 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Microsoft OneNote 2016 Security Technical Implementation Guide
  • 2017-01-19
The Microsoft OneNote 2016 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Microsoft Outlook 2003
  • 2014-10-03
Microsoft Outlook 2007 Security Technical Implementation Guide
  • 2017-10-03
  • 2015-09-17
  • 2014-10-03
  • 2014-10-03
Microsoft Outlook 2010 STIG
  • 2018-04-04
  • 2015-09-17
  • 2014-10-03
  • 2014-10-03
Settings in this guidance assume a complete installation of Microsoft Office 2010 on the Windows 7 Platform. Registry paths and values identified in each control assume the use of Group Policy Administrative Templates. Installations not using Group Policies to administer Microsoft Office products may observe alternate registry paths for stored configuration values.
Microsoft Outlook 2013 STIG
  • 2018-09-05
  • 2018-04-04
  • 2016-06-06
  • 2015-12-10
  • 2015-10-02
  • 2014-01-06
The Microsoft Outlook 2013 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Microsoft Outlook 2016 Security Technical Implementation Guide
  • 2017-05-08
The Microsoft Outlook 2016 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Microsoft PowerPoint 2003 STIG
  • 2014-10-03
Microsoft PowerPoint 2007 Security Technical Implementation Guide
  • 2017-10-02
  • 2016-03-31
  • 2015-03-31
  • 2015-03-31
  • 2014-04-03
Microsoft PowerPoint 2010 STIG
  • 2018-04-05
  • 2014-01-07
  • 2014-01-07
Settings in this guidance assume a complete installation of Microsoft Office 2010 on the Windows 7 Platform. Registry paths and values identified in each control assume the use of Group Policy Administrative Templates. Installations not using Group Policies to administer Microsoft Office products may observe alternate registry paths for stored configuration values. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Microsoft PowerPoint 2013 STIG
  • 2018-04-04
  • 2014-04-03
  • 2014-04-03
The Microsoft PowerPoint 2013 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Microsoft PowerPoint 2016 Security Technical Implementation Guide
  • 2016-11-02
The Microsoft PowerPoint 2016 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Microsoft Project 2010 STIG
  • 2018-04-04
  • 2014-01-07
  • 2014-01-07
Settings in this guidance assume a complete installation of Microsoft Office 2010 on the Windows 7 Platform. Registry paths and values identified in each control assume the use of Group Policy Administrative Templates. Installations not using Group Policies to administer Microsoft Office products may observe alternate registry paths for stored configuration values. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Microsoft Project 2013 STIG
  • 2018-04-04
  • 2013-12-12
  • 2013-12-12
The Microsoft Project 2013 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Microsoft Project 2016 Security Technical Implementation Guide
  • 2016-11-02
The Microsoft Project 2016 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Microsoft Publisher 2010 STIG
  • 2018-04-04
  • 2015-06-09
  • 2014-01-07
  • 2014-01-07
Settings in this guidance assume a complete installation of Microsoft Office 2010 on the Windows 7 Platform. Registry paths and values identified in each control assume the use of Group Policy Administrative Templates. Installations not using Group Policies to administer Microsoft Office products may observe alternate registry paths for stored configuration values. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Microsoft Publisher 2013 STIG
  • 2018-04-04
  • 2015-06-19
  • 2013-12-12
The Microsoft Publisher 2013 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Microsoft Publisher 2016 Security Technical Implementation Guide
  • 2018-03-19
The Microsoft Publisher 2016 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
MS SharePoint Designer 2013 Security Technical Implementation Guide
  • 2018-04-02
  • 2013-12-12
  • 2013-12-12
The Microsoft SharePointDesigner 2013 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Microsoft SQL Server 2005 Database Security Technical Implementation Guide
  • 2015-06-16
  • 2015-04-03
The Microsoft SQL Server 2005 Database Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Microsoft SQL Server 2005 Instance Security Technical Implementation Guide
  • 2015-06-16
  • 2015-04-03
The Microsoft SQL Server 2005 Instance Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Microsoft SQL Server 2012 Database Instance Security Technical Implementation Guide
  • 2018-02-27
  • 2016-06-24
  • 2015-12-21
  • 2015-09-22
  • 2014-06-23
The Microsoft SQL Server 2012 Database Instance Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Microsoft SQL Server 2012 Database Security Technical Implementation Guide
  • 2019-01-08
  • 2019-01-08
The Microsoft SQL Server 2012 Database Instance Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Microsoft SQL Server 2012 Database Security Technical Implementation Guide
  • 2018-03-01
  • 2016-06-24
  • 2015-12-21
  • 2015-09-22
  • 2014-06-23
The Microsoft SQL Server 2012 Database Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Microsoft Visio 2013 STIG
  • 2018-04-04
  • 2013-12-12
  • 2013-12-12
The Microsoft Visio 2013 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Microsoft Visio 2016 Security Technical Implementation Guide
  • 2016-11-02
The Microsoft Visio 2016 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Microsoft Windows 10 Mobile Security Technical Implementation Guide
  • 2017-09-11
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Microsoft Windows 2008 Server Domain Name System Security Technical Implementation Guide
  • 2019-01-04
  • 2018-07-09
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Microsoft Windows 2012 Server Domain Name System Security Technical Implementation Guide
  • 2019-01-04
  • 2018-07-09
  • 2016-06-30
  • 2015-03-30
The Microsoft Windows 2012 Server Domain Name System Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Microsoft Windows Phone 8.1 Security Technical Implementation Guide
  • 2015-05-13
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
Microsoft Word 2003
  • 2014-10-03
Microsoft Word 2007 Security Technical Implementation Guide
  • 2017-10-02
  • 2015-10-02
  • 2014-10-03
  • 2014-10-03
Microsoft Word 2010 STIG
  • 2018-04-04
  • 2014-10-03
  • 2014-10-03
Settings in this guidance assume a complete installation of Microsoft Office 2010 on the Windows 7 Platform. Registry paths and values identified in each control assume the use of Group Policy Administrative Templates. Installations not using Group Policies to administer Microsoft Office products may observe alternate registry paths for stored configuration values. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Microsoft Word 2013 STIG
  • 2018-04-04
  • 2014-12-23
  • 2014-10-03
The Microsoft Word 2013 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Microsoft Word 2016 Security Technical Implementation Guide
  • 2016-11-02
The Microsoft Word 2016 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Mobile Application Management (MAM) Server Security Technical Implementation Guide (STIG)
  • 2013-05-08
This STIG provides technical security controls required for the use of a MAM server to manage applications installed on mobile devices in the DoD environment. The requirements listed in this benchmark apply to any DoD iOS implementation when iOS devices process sensitive DoD information, connect to a DoD network or network connected PC, or provide service to a DoD email system. The requirements can be implemented in an application server separate from the MDM server or included in the MDM server. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Mobile Application Security Requirements Guide
  • 2013-01-04
The Mobile Application Security Requirements Guide (SRG) is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the NIST 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Mobile Device Integrity Scanning (MDIS) Server Security Technical Implementation Guide (STIG)
  • 2013-05-08
This STIG provides technical security controls required for the use of a mobile MDIS server to audit the integrity of mobile devices in the DoD environment. The requirements listed in this benchmark apply to any DoD iOS implementation when iOS devices process sensitive DoD information, connect to a DoD network or network connected PC, or provide service to a DoD email system. The requirements can be implemented in an application server separate from the MDM server or included in the MDM server. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Mobile Device Management (MDM) Server Security Technical Implementation Guide (STIG)
  • 2013-05-08
This STIG provides technical security controls required for the use of a MDM server to manage mobile devices in the DoD environment. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Mobile Email Management (MEM) Server Security Technical Implementation Guide (STIG)
  • 2013-05-08
This STIG provides technical security controls required for the use of a MEM server that manages mobile email from/to mobile devices in the DoD environment. The requirements listed in this benchmark apply to any DoD iOS implementation when iOS devices process sensitive DoD information, connect to a DoD network or network connected PC, or provide service to a DoD email system. The requirements can be implemented in an application server separate from the MDM server or included in the MDM server. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Mobile Policy Security Requirements Guide
  • 2013-07-03
The Mobile Policy Security Requirements Guide (SRG) is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the NIST 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Mobile Policy Security Technical Implementation Guide (STIG)
  • 2018-09-07
  • 2016-09-01
  • 2013-03-12
This STIG provides policy, training, and operating procedure security controls for the use of mobile devices and systems in the DoD environment. This STIG applies to any mobile operating system device used to store, process, transmit, or receive DoD information. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
MobileIron Core v9.x MDM Security Technical Implementation Guide
  • 2017-06-02
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
MongoDB Enterprise Advanced 3.x Security Technical Implementation Guide
  • 2018-10-01
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
Mozilla Firefox Security Technical Implementation Guide
  • 2018-09-17
  • 2016-06-28
  • 2015-12-30
  • 2015-10-01
The Mozilla Firefox Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Mozilla FireFox Security Technical Implementation Guide
  • 2019-01-02
The Mozilla FireFox Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Mozilla Firefox Security Technical Implementation Guide
  • 2018-06-28
The Mozilla Firefox Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
MS Exchange 2013 Client Access Server Security Technical Implementation Guide
  • 2019-01-02
  • 2016-07-19
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
MS Exchange 2013 Edge Transport Server Security Technical Implementation Guide
  • 2019-01-02
  • 2018-09-18
  • 2017-01-04
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
MS Exchange 2013 Mailbox Server Security Technical Implementation Guide
  • 2019-01-02
  • 2017-04-06
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
MS SharePoint 2010 Security Technical Implementation Guide
  • 2019-01-02
This STIG is applicable to all Microsoft SharePoint 2010 implementations. For complete security protection of any SharePoint implementation, the Windows OS, application server (s) and the database server (s) must also be secured using the applicable STIGs.
MS SharePoint 2010 Security Technical Implementation Guide
  • 2018-04-02
  • 2015-10-02
  • 2014-07-03
This STIG is applicable to all Microsoft SharePoint 2010 implementations. For complete security protection of any SharePoint implementation, the Windows OS, application server (s) and the database server (s) must also be secured using the applicable STIGs.
MS SharePoint 2013 Security Technical Implementation Guide
  • 2019-01-08
  • 2018-06-27
  • 2018-04-02
  • 2016-03-25
  • 2015-09-29
Developed by Microsoft in coordination with DISA for use in the DoD. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
MS SQL Server 2014 Database Security Technical Implementation Guide
  • 2016-04-20
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
MS SQL Server 2014 Instance Security Technical Implementation Guide
  • 2018-09-18
  • 2018-06-25
  • 2016-06-27
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
MS SQL Server 2016 Database Security Technical Implementation Guide
  • 2018-09-18
  • 2018-06-25
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
MS SQL Server 2016 Instance Security Technical Implementation Guide
  • 2019-01-03
  • 2018-09-18
  • 2018-06-25
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
Multifunction Device and Network Printers STIG
  • 2019-01-04
  • 2018-09-18
  • 2015-12-18
  • 2015-09-14
  • 2015-04-02
Multifunction Device and Network Printers (MFD) STIG includes the computing requirements for Multifunction Device and Network Printers operating to support the DoD. The Multifunction Device and Network Printers STIG must also be applied for each site using Multifunction Devices and Network Printers. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Network Device Management Security Requirements Guide
  • 2018-07-02
  • 2016-07-07
  • 2015-12-20
  • 2015-09-28
The Network Device Management Security Requirements Guide (SRG) is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the NIST 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Network Devices Security Technical Implementation Guide
  • 2018-11-27
  • 2018-02-27
  • 2015-09-22
  • 2013-10-08
Network Devices Security Technical Implementation Guide
Network Infrastructure Policy Security Technical Implementation Guide
  • 2018-09-27
  • 2018-05-24
  • 2016-07-11
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Network Policy Security Technical Implementation Guide
  • 2014-04-04
Network Policy Security Technical Implementation Guide
NIPRNet DoD DMZ Devices STIG
  • 2014-06-27
  • 2011-12-07
NIPRNet DoD DMZ Policy Requirements
  • 2014-06-27
  • 2011-12-07
Oracle 10 Database Installation STIG
  • 2014-01-14
  • 2014-01-14
This STIG includes the Database Installation checks for an Oracle 10g Database installation.
Oracle Database 10g Installation STIG
  • 2014-04-02
Oracle Database 10g Instance STIG
  • 2014-04-02
Oracle Database 11.2g Security Technical Implementation Guide
  • 2018-06-25
Developed by Oracle in coordination with DISA for the DoD. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Oracle Database 11g Installation STIG
  • 2014-04-02
Oracle Database 11g Instance STIG
  • 2017-06-29
  • 2014-04-02
The Oracle Database 11g Instance Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Oracle Database 12c Security Technical Implementation Guide
  • 2019-01-04
  • 2018-09-18
  • 2018-02-28
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Oracle HTTP Server 12.1.3 Security Technical Implementation Guide
  • 2019-01-04
  • 2018-09-19
  • 2018-04-05
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Oracle Linux 5 Security Technical Implementation Guide
  • 2018-10-03
  • 2018-03-01
The Oracle Linux 5 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Oracle Linux 6 Security Technical Implementation Guide
  • 2018-11-28
  • 2018-09-19
  • 2018-03-01
The Oracle Linux 6 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Oracle WebLogic Server 12c Security Technical Implementation Guide
  • 2018-08-30
  • 2018-01-02
Developed by Oracle in coordination with DISA for use in the DoD.
Palo Alto Networks ALG Security Technical Implementation Guide
  • 2019-01-04
  • 2017-07-07
  • 2016-06-30
  • 2015-11-17
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Palo Alto Networks IDPS Security Technical Implementation Guide
  • 2019-01-04
  • 2015-11-17
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Palo Alto Networks NDM Security Technical Implementation Guide
  • 2017-07-07
  • 2016-06-30
  • 2015-11-06
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
PDA Security Technical Implementation Guide (STIG)
  • 2014-03-18
  • 2014-03-18
This STIG contains technical security controls for the operation of a PDA in the DoD environment. In this case, PDA refers to any handheld computing device with or without wireless, except for Commercial Mobile Devices (CMDs) (smartphones or tablet computers).
Perimeter L3 Switch Security Technical Implementation Guide
  • 2018-11-27
  • 2018-08-22
  • 2018-05-29
  • 2016-07-07
  • 2015-12-18
  • 2015-09-21
  • 2015-04-06
  • 2014-04-04
Perimeter L3 Switch Security Technical Implementation Guide
Perimeter L3 Switch Security Technical Implementation Guide - Cisco
  • 2018-11-28
  • 2018-08-22
  • 2018-05-29
  • 2016-07-07
  • 2016-01-04
  • 2015-09-21
  • 2015-04-06
  • 2014-04-07
Perimeter L3 Switch Security Technical Implementation Guide - Cisco
Perimeter Router Security Technical Implementation Guide
  • 2018-11-28
  • 2018-08-23
  • 2018-05-29
  • 2016-07-07
  • 2015-12-18
  • 2015-09-21
  • 2015-04-03
  • 2014-04-07
Perimeter Router Security Technical Implementation Guide
Perimeter Router Security Technical Implementation Guide Cisco
  • 2018-11-28
  • 2018-08-23
  • 2018-05-29
  • 2016-07-07
  • 2016-01-04
  • 2015-09-21
  • 2015-04-06
  • 2014-04-07
Perimeter Router Security Technical Implementation Guide – Cisco
Perimeter Router Security Technical Implementation Guide Juniper
  • 2018-11-28
  • 2018-08-23
  • 2018-05-29
  • 2016-07-07
  • 2015-12-18
  • 2015-09-21
  • 2015-04-06
  • 2014-04-07
Perimeter Router Security Technical Implementation Guide – Juniper
PostgreSQL 9.x Security Technical Implementation Guide
  • 2018-09-19
  • 2018-02-27
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
Red Hat Enterprise Linux 5 Security Technical Implementation Guide
  • 2017-03-01
  • 2016-06-01
  • 2015-12-03
  • 2015-09-03
  • 2014-10-02
  • 2014-07-07
The Red Hat Enterprise Linux 5 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Red Hat Enterprise Linux 6 Security Technical Implementation Guide
  • 2018-11-28
  • 2018-09-18
  • 2018-03-01
  • 2016-06-05
  • 2015-12-03
  • 2015-09-09
  • 2015-03-06
  • 2014-06-11
The Red Hat Enterprise Linux 6 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Red Hat Enterprise Linux 7 Security Technical Implementation Guide
  • 2017-12-14
  • 2018-11-28
  • 2018-09-06
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
Remote Access Policy STIG
  • 2016-03-28
  • 2015-09-16
Remote Access Server STIG
  • 2012-01-10
Remote Access VPN STIG
  • 2012-01-10
Remote Endpoint STIG
  • 2012-07-09
Remote XenApp, ICA, and Thin Client STIG
  • 2012-01-10
Removable Storage and External Connections Security Technical Implementation Guide
  • 2017-09-25
  • 2015-01-26
RFID Scanner Security Technical Implementation Guide (STIG)
  • 2014-03-18
  • 2014-03-18
This STIG contains the technical security controls for the operation of a RFID Scanner in the DoD environment.
RFID Workstation Security Technical Implementation Guide (STIG)
  • 2014-03-18
  • 2014-03-18
This STIG contains the technical security controls for the operation of a RFID Workstation in the DoD environment.
Riverbed SteelHead CX v8 ALG Security Technical Implementation Guide
  • 2015-11-30
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Riverbed SteelHead CX v8 NDM Security Technical Implementation Guide
  • 2015-11-30
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Router Security Requirements Guide
  • 2016-07-01
  • 2015-09-28
  • 2018-01-26
  • 2014-07-24
The Router Security Requirements Guide (SRG) is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the NIST 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Samsung Android (with Knox 1.x) STIG
  • 2014-04-22
Developed by Samsung Electronics Co., Ltd. in coordination with DISA for the DoD.
Samsung Android (with Knox 2.x) STIG
  • 2016-02-25
  • 2015-05-20
Developed by Samsung Electronics Co., Ltd. in coordination with DISA for the DoD.
Samsung Android OS 5 with Knox 2.0 Security Technical Implementation Guide
  • 2016-02-24
  • 2015-08-25
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Samsung Android OS 6 (with KNOX 2.x) Security Technical Implementation Guide
  • 2016-06-29
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
Samsung Android OS 7 with Knox 2.x Security Technical Implementation Guide
  • 2018-11-29
  • 2018-09-07
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
Samsung Android OS 8 with Knox 3.x COBO Use Case Security Technical Implementation Guide
  • 2018-11-30
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected] This set of requirements is for the Corporate Owned Business Only (COBO) use case and assumes no personal data or applications are installed on the Samsung device and the full device is a secure work environment.
Samsung Android OS 8 with Knox 3.x COPE Use Case Security Technical Implementation Guide
  • 2018-11-30
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected] This set of requirements is for the Corporate Owned Personally Enabled (COPE) use case and assumes the Authorizing Authority (AO) has approved unrestricted use of the personal space/container on Samsung devices. If the AO has not approved unrestricted use of the personal space/container on Samsung devices, additional device-wide controls should be implemented (see Section 3 of the STIG Supplemental document for more information).
Samsung SDS EMM v1.5.x Security Technical Implementation Guide
  • 2017-01-20
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
SDN Controller Security Requirements Guide
  • 2018-07-18
This Security Requirements Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
SDN Using NV Security Technical Implementation Guide
  • 2017-03-01
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
SLES 12 Security Technical Implementation Guide
  • 2018-09-27
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
Smartphone Policy Security Technical Implementation Guide
  • 2011-11-28
  • 2011-09-30
This STIG contains the policy, training, and operating procedure security controls for the use of smartphones in the DoD environment.
Solaris 10 SPARC Security Technical Implementation Guide
  • 2018-12-17
  • 2018-06-29
  • 2016-06-22
  • 2015-12-07
  • 2015-09-04
  • 2014-10-02
The Solaris 10 (SPARC) Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
SOLARIS 10 X86 SECURITY TECHNICAL IMPLEMENTATION GUIDE
  • 2018-12-10
  • 2016-06-22
  • 2015-12-07
  • 2015-09-17
  • 2014-10-02
The Solaris 10 (X86) Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Solaris 10 x86 Security Technical Implementation Guide
  • 2018-06-29
The Solaris 10 (X86) Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Solaris 11 SPARC Security Technical Implementation Guide
  • 2018-09-05
  • 2018-06-20
  • 2016-06-29
  • 2015-12-07
  • 2015-09-16
  • 2014-04-23
Developed by Oracle in coordination with DISA for the DoD. The Solaris 11 (SPARC) Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Solaris 11 X86 Security Technical Implementation Guide
  • 2018-09-05
  • 2018-06-20
  • 2016-06-29
  • 2015-12-07
  • 2015-09-16
  • 2014-04-23
Developed by Oracle in coordination with DISA for the DoD. The Solaris 11 (X86) Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
SOLARIS 9 SPARC SECURITY TECHNICAL IMPLEMENTATION GUIDE
  • 2015-10-01
  • 2014-10-02
The Solaris 9 (SPARC) Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
SOLARIS 9 X86 SECURITY TECHNICAL IMPLEMENTATION GUIDE
  • 2015-10-01
  • 2014-10-02
The Solaris 9 (X86) Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Storage Area Network STIG
  • 2018-10-03
  • 2013-10-07
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
Sun Ray 4 Policy STIG
  • 2015-04-02
The Sun Ray 4 Policy Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Sun Ray 4 STIG
  • 2015-04-02
The Sun Ray 4 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
SUSE Linux Enterprise Server v11 for System z Security Technical Implementation Guide
  • 2018-09-19
  • 2017-08-25
The SUSE Linux Enterprise Server Ver 11 for System z Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Symantec AntiVirus Locally Configured Client
Symantec AntiVirus Managed Client
Symantec Endpoint Protection 12.1 Local Client Antivirus STIG
  • 2015-06-30
  • 2014-07-03
  • 2014-07-03
The Symantec Endpoint protection 12.1 Local Client Antivirus STIG is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the NIST 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Symantec Endpoint Protection 12.1 Managed Client Antivirus
  • 2015-07-08
  • 2014-10-01
  • 2014-07-03
The Symantec Endpoint protection 12.1 Managed Client Antivirus STIG is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the NIST 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Tanium 6.5 Security Technical Implementation Guide
  • 2016-09-29
  • 2016-03-23
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Tanium 7.0 Security Technical Implementation Guide
  • 2018-07-09
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
Test and Development Zone A Security Technical Implementation Guide
  • 2018-09-17
  • 2018-07-02
  • 2015-12-17
  • 2015-08-19
The Test & Development Zone A STIG is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Test and Development Zone B Security Technical Implementation Guide
  • 2018-09-17
  • 2018-07-02
  • 2015-12-17
  • 2015-08-19
The Test & Development Zone A STIG is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Test and Development Zone C Security Technical Implementation Guide
  • 2018-09-17
  • 2018-07-02
  • 2015-12-17
  • 2015-08-19
The Test & Development Zone A STIG is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Test and Development Zone D Security Technical Implementation Guide
  • 2018-09-17
  • 2018-07-02
  • 2015-12-17
  • 2015-08-19
The Test & Development Zone A STIG is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Trend Micro Deep Security 9.x Security Technical Implementation Guide
  • 2016-02-26
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
UNIX SRG
  • 2013-03-26
This UNIX SRG contains general requirements for operating systems as well as specific requirements for UNIX operating systems. This SRG may be used as a guide for enhancing the security configuration of any UNIX-like system.
Video Services Policy STIG
  • 2018-09-19
  • 2017-04-06
  • 2015-12-29
  • 2015-07-01
The Video Services Policy Security Technical Implementation Guide (STIG) provides policy guidance for video teleconferencing systems and endpoints implemented on DoD networks. These policies ensure conformance to DoD requirements that govern video services deployment and operations. The Video Services Policy STIG works with the Video Teleconference STIG requirements for evaluation on each video teleconferencing (VTC) system review, regardless of the VTC product or release level. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Video Teleconference (VTC) STIG
  • 2015-12-29
  • 2015-01-05
The Video Teleconference Security Technical Implementation Guide (STIG) provides technical guidance for video teleconferencing systems and endpoints implemented on DoD networks. The Video Services Policy STIG works with the Video Teleconference STIG requirements for evaluation on each video teleconferencing (VTC) system review, regardless of the VTC product or release level. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
VMW vRealize Automation 7.x HA Proxy Security Technical Implementation Guide
  • 2018-10-12
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
VMW vRealize Automation 7.x PostgreSQL Security Technical Implementation Guide
  • 2018-10-12
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
VMW vRealize Automation 7.x vAMI Security Technical Implementation Guide
  • 2018-10-12
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
VMW vRealize Automation 7.x vIDM Security Technical Implementation Guide
  • 2018-10-12
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
VMW vRealize Operations Manager 6.x PostgreSQL Security Technical Implementation Guide
  • 2018-10-11
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
VMware AirWatch v9.x MDM Security Technical Implementation Guide
  • 2016-09-20
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
VMware Automation 7.x Application Security Technical Implementation Guide
  • 2018-10-12
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
VMware ESX 3 Policy
  • 2016-05-03
The VMware ESX 3 Policy Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
VMware ESX 3 Server
  • 2016-05-13
The VMware ESX 3 Server Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
VMware ESX 3 Virtual Center
  • 2016-05-03
The VMware ESX 3 Virtual Center Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
VMware ESX 3 Virtual Machine
  • 2016-05-03
The VMware ESX 3 Virtual Machine Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
VMware ESXi Server 5.0 Security Technical Implementation Guide
  • 2017-01-06
  • 2016-02-10
  • 2015-09-15
  • 2014-10-02
The VMware ESXi Version 5 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
VMware ESXi Version 5 Virtual Machine Security Technical Implementation Guide
  • 2017-07-11
  • 2015-12-03
  • 2015-05-11
The VMware ESXi Version 5 Virtual Machine Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
VMware NSX Distributed Firewall Security Technical Implementation Guide
  • 2016-06-27
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
VMware NSX Distributed Logical Router Security Technical Implementation Guide
  • 2016-06-27
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
VMware NSX Manager Security Technical Implementation Guide
  • 2016-06-27
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
VMware vCenter Server Version 5 Security Technical Implementation Guide
  • 2016-02-10
  • 2014-11-10
  • 2014-03-21
The VMware vCenter Server Version 5 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
VMware vRealize Automation 7.x Lighttpd Security Technical Implementation Guide
  • 2018-10-12
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
VMware vRealize Automation 7.x SLES Security Technical Implementation Guide
  • 2018-10-12
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
VMware vRealize Automation 7.x tc Server Security Technical Implementation Guide
  • 2018-10-12
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
VMware vRealize Operations Manager 6.x Application Security Technical Implementation Guide
  • 2018-10-11
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
VMware vRealize Operations Manager 6.x SLES Security Technical Implementation Guide
  • 2018-10-11
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
VMware vRealize Operations Manager 6.x tc Server Security Technical Implementation Guide
  • 2018-10-12
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
VMware vSphere ESXi 6.0 Security Technical Implementation Guide
  • 2019-01-04
  • 2017-07-11
  • 2016-06-07
The VMware vSphere ESXi Version 6 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
VMware vSphere vCenter Server Version 6 Security Technical Implementation Guide
  • 2016-06-01
  • 2015-12-09
The VMware vSphere vCenter Server Version 6 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
VMware vSphere Virtual Machine Version 6 Security Technical Implementation Guide
  • 2015-12-09
The VMware vSphere Virtual Machine Version 6 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Voice Video Endpoint Security Requirements Guide
  • 2018-07-03
  • 2016-06-24
This Security Requirements Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Voice Video Services Policy Security Technical Implementation Guide
  • 2019-01-09
The Voice Video Services Policy STIG includes the non-computing requirements for Voice/Video systems operating to support the DoD. The Voice/Video over Internet Protocol (VVoIP) STIG containing the computing requirements must also be reviewed for each site using voice/video services. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Voice Video Services Policy STIG
  • 2018-09-19
  • 2018-07-03
  • 2016-06-24
  • 2015-12-29
  • 2015-08-17
  • 2014-09-26
  • 2014-04-07
The Voice Video Services Policy STIG includes the non-computing requirements for Voice/Video systems operating to support the DoD. The Voice/Video over Internet Protocol (VVoIP) STIG containing the computing requirements must also be reviewed for each site using voice/video services. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Voice Video Session Management Security Requirements Guide
  • 2018-07-10
  • 2016-06-28
This Security Requirements Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Voice/Video over Internet Protocol (VVoIP) STIG
  • 2018-09-19
  • 2018-07-10
  • 2016-06-28
  • 2015-12-29
  • 2015-09-24
  • 2014-09-25
  • 2014-04-07
The Voice/Video over Internet Protocol (VVoIP) STIG includes the computing requirements for Voice/Video systems operating to support the DoD. The Voice/Video Services Policy STIG must also be applied for each site using voice/video services. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
vRealize - Cassandra Security Technical Implementation Guide
  • 2017-06-06
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
Web Policy STIG
  • 2011-10-03
Web Server Security Requirements Guide
  • 2015-08-28
  • 2014-11-17
  • 2013-12-26
The Web Server SRG is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the NIST 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Windows 10 Security Technical Implementation Guide
  • 2019-01-04
  • 2018-10-15
  • 2018-06-07
  • 2016-06-24
  • 2015-11-30
The Windows 10 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Windows 2003 Domain Controller Security Technical Implementation Guide
  • 2015-06-03
  • 2014-10-09
The Windows 2003 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements were developed from Federal and DoD consensus, as well as the Windows 2003 Security Guide and security templates published by Microsoft Corporation. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Windows 2003 Member Server Security Technical Implementation Guide
  • 2015-06-03
  • 2014-10-09
The Windows 2003 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements were developed from Federal and DoD consensus, as well as the Windows 2003 Security Guide and security templates published by Microsoft Corporation. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Windows 2008 Domain Controller Security Technical Implementation Guide
  • 2019-01-16
  • 2018-05-25
  • 2016-05-12
  • 2015-09-02
  • 2014-10-09
The Windows 2008 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements were developed from DoD consensus, as well as the Windows 2008 Security Guide and security templates published by Microsoft Corporation. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Windows 2008 Member Server Security Technical Implementation Guide
  • 2018-05-25
  • 2016-05-12
  • 2015-09-02
  • 2014-10-09
The Windows 2008 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements were developed from DoD consensus, as well as the Windows 2008 Security Guide and security templates published by Microsoft Corporation. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Windows 7 Security Technical Implementation Guide
  • 2018-02-12
  • 2016-06-08
  • 2015-09-02
  • 2015-03-09
  • 2014-10-16
The Windows 7 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements were developed from DoD consensus, as well as the Windows 7 Security Guide and security templates published by Microsoft Corporation. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Windows 8/8.1 Security Technical Implementation Guide
  • 2018-02-12
  • 2016-06-08
  • 2015-11-30
  • 2015-09-02
  • 2014-10-09
The Windows 8/8.1 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Windows DNS
  • 2015-12-28
Windows Firewall with Advanced Security Security Technical Implementation Guide
  • 2018-02-21
  • 2016-05-12
  • 2015-06-03
The Windows Firewall with Advanced Security Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Windows PAW Security Technical Implementation Guide
  • 2017-11-21
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
Windows Phone 6.5 (with Good Mobility Suite) Security Technical Implementation Guide
  • 2011-10-04
This STIG contains technical security controls required for the use of Windows Phone 6.5 devices in the DoD environment when managed by the Good Mobility Suite.
Windows Server 2008 R2 Domain Controller Security Technical Implementation Guide
  • 2019-01-16
  • 2018-09-05
  • 2018-05-24
  • 2016-06-08
  • 2015-09-02
  • 2015-03-09
  • 2014-10-09
The Windows Server 2008 R2 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements were developed from DoD consensus, as well as the Windows Server 2008 R2 Security Guide and security templates published by Microsoft Corporation. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Windows Server 2008 R2 Member Server Security Technical Implementation Guide
  • 2018-09-05
  • 2018-05-24
  • 2016-06-08
  • 2015-09-02
  • 2015-03-09
  • 2014-10-09
The Windows Server 2008 R2 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements were developed from DoD consensus, as well as the Windows Server 2008 R2 Security Guide and security templates published by Microsoft Corporation. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Windows Server 2012/2012 R2 Domain Controller Security Technical Implementation Guide
  • 2019-01-16
  • 2018-10-30
  • 2018-05-24
  • 2016-06-08
  • 2014-10-09
  • 2015-09-02
The Windows Server 2012/2012 R2 Domain Controller Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Windows Server 2012/2012 R2 Member Server Security Technical Implementation Guide
  • 2018-10-30
  • 2018-05-24
  • 2016-06-08
  • 2014-10-09
  • 2015-09-02
The Windows Server 2012/2012 R2 Member Server Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Windows Server 2016 Security Technical Implementation Guide
  • 2019-01-16
  • 2018-09-05
  • 2018-05-23
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]
Windows Vista Security Technical Implementation Guide
  • 2017-01-30
  • 2016-06-03
  • 2015-09-01
  • 2014-10-16
The Windows Vista Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements were developed from DoD consensus, as well as the Windows Vista Security Guide and security templates published by Microsoft Corporation. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Windows XP Security Technical Implementation Guide
  • 2014-04-02
The Windows XP Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements were developed from Federal and DoD consensus, as well as the Windows XP Security Guide and security templates published by Microsoft Corporation. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]
Wireless Keyboard and Mouse Security Technical Implementation Guide (STIG)
  • 2014-03-18
  • 2014-03-18
This STIG contains the technical security controls for the operation of a Wireless Keyboard & Mouse in the DoD environment.
Wireless Management Server Policy Security Technical Implementation Guide
  • 2011-11-28
  • 2011-09-30
This STIG contains the policy, training, and operating procedure security controls for the use of wireless management servers in the DoD environment.
WLAN Access Point (Enclave-NIPRNet Connected) Security Technical Implementation Guide (STIG)
  • 2016-01-07
  • 2015-09-22
  • 2014-04-07
This STIG contains the technical security controls for the operation of a WLAN access point (Enclave-NIPRNet Connected role) in the DoD environment.
WLAN Access Point (Internet Gateway Only Connection) Security Technical Implementation Guide (STIG)
  • 2016-01-04
  • 2015-09-21
  • 2014-04-07
This STIG contains the technical security controls for the operation of a WLAN access point (Internet Gateway Only Connection role) in the DoD environment.
WLAN Bridge Security Technical Implementation Guide (STIG)
  • 2018-03-01
  • 2016-01-07
  • 2015-09-22
  • 2014-04-07
This STIG contains the technical security controls for the operation of a WLAN bridge in the DoD environment.
WLAN Client Security Technical Implementation Guide (STIG)
  • 2014-08-26
  • 2014-03-18
This STIG contains the technical security controls for the operation of a WLAN client in the DoD environment.
WLAN Controller Security Technical Implementation Guide (STIG)
  • 2018-03-01
  • 2016-01-07
  • 2015-09-22
  • 2014-04-07
This STIG contains the technical security controls for the operation of a WLAN Controller in the DoD environment.
WMAN Access Point Security Technical Implementation Guide (STIG)
  • 2018-03-01
  • 2016-01-04
  • 2014-04-07
  • 2014-04-07
This STIG contains the technical security controls for the operation of a WMAN Access Point in the DoD environment.
WMAN Bridge Security Technical Implementation Guide (STIG)
  • 2018-03-01
  • 2016-01-04
  • 2014-04-07
  • 2014-04-07
This STIG contains the technical security controls for the operation of a WMAN Bridge in the DoD environment.
WMAN Subscriber Security Technical Implementation Guide (STIG)
  • 2014-03-18
  • 2014-03-18
This STIG contains the technical security controls for the operation of a WMAN Subscriber in the DoD environment.
z/OS ACF2 STIG
  • 2018-12-20
  • 2018-10-04
  • 2018-07-06
  • 2016-06-30
  • 2016-01-04
  • 2015-09-28
  • 2014-09-19
z/OS BMC CONTROL-D for ACF2 STIG
  • 2018-09-20
  • 2018-09-20
  • 2015-01-15
  • 2014-09-18
z/OS BMC CONTROL-D for RACF STIG
  • 2018-09-20
  • 2018-09-20
  • 2015-01-15
  • 2014-09-18
z/OS BMC CONTROL-D for TSS STIG
  • 2018-09-20
  • 2018-09-20
  • 2015-01-15
z/OS BMC CONTROL-M for ACF2 STIG
  • 2018-09-20
  • 2017-03-22
  • 2015-09-28
  • 2014-09-18
z/OS BMC CONTROL-M for RACF STIG
  • 2018-09-20
  • 2018-09-20
  • 2017-09-22
  • 2015-09-28
  • 2014-09-18
z/OS BMC CONTROL-M for TSS STIG
  • 2018-09-20
  • 2018-09-20
  • 2017-09-19
  • 2015-09-28
z/OS BMC CONTROL-M/Restart for ACF2 STIG
  • 2015-09-28
  • 2015-09-28
  • 2015-09-28
  • 2015-09-28
  • 2014-09-18
z/OS BMC CONTROL-M/Restart for RACF STIG
  • 2015-09-28
  • 2015-09-28
  • 2014-09-18
z/OS BMC CONTROL-M/Restart for TSS STIG
  • 2015-09-28
  • 2015-09-28
z/OS BMC CONTROL-O for ACF2 STIG
  • 2018-09-20
  • 2015-06-22
  • 2014-09-18
z/OS BMC CONTROL-O for RACF STIG
  • 2018-09-20
  • 2018-09-20
  • 2015-06-22
  • 2014-09-18
z/OS BMC CONTROL-O for TSS STIG
  • 2018-09-20
  • 2018-09-20
  • 2015-06-22
z/OS BMC IOA for ACF2 STIG
  • 2018-09-20
  • 2015-09-28
  • 2014-09-18
z/OS BMC IOA for RACF STIG
  • 2018-09-20
  • 2018-09-20
  • 2015-09-28
  • 2014-09-18
z/OS BMC IOA for TSS STIG
  • 2018-09-20
  • 2018-09-20
  • 2015-09-28
z/OS BMC MAINVIEW for z/OS for ACF2 STIG
  • 2017-09-15
  • 2015-01-16
  • 2013-06-28
z/OS BMC MAINVIEW for z/OS for RACF STIG
  • 2015-01-16
  • 2013-06-28
z/OS BMC MAINVIEW for z/OS for TSS STIG
  • 2015-01-16
z/OS CA 1 Tape Management for ACF2 STIG
  • 2016-12-21
  • 2015-01-15
  • 2012-09-27
z/OS CA 1 Tape Management for RACF STIG
  • 2016-12-21
  • 2015-01-16
  • 2012-09-27
z/OS CA 1 Tape Management for TSS STIG
  • 2016-12-21
  • 2015-01-15
z/OS CA Auditor for ACF2 STIG
  • 2015-01-15
  • 2014-09-18
z/OS CA Auditor for RACF STIG
  • 2015-01-15
  • 2014-09-18
z/OS CA Auditor for TSS STIG
  • 2015-01-15
z/OS CA Common Services for ACF2 STIG
  • 2015-01-15
  • 2012-01-10
z/OS CA Common Services for RACF STIG
  • 2015-01-15
  • 2012-01-10
z/OS CA Common Services for TSS STIG
  • 2015-01-15
z/OS CA MICS for ACF2 STIG
  • 2015-01-15
  • 2014-04-07
z/OS CA MICS for RACF STIG
  • 2015-01-15
  • 2014-04-08
z/OS CA MICS for TSS STIG
  • 2015-01-15
z/OS CA MIM for ACF2 STIG
  • 2015-01-15
  • 2013-06-28
z/OS CA MIM for RACF STIG
  • 2015-01-15
  • 2013-06-28
z/OS CA MIM for TSS STIG
  • 2015-01-15
z/OS CA VTAPE for ACF2 STIG
  • 2015-01-15
  • 2012-01-09
z/OS CA VTAPE for RACF STIG
  • 2015-01-15
  • 2012-01-09
z/OS CA VTAPE for TSS STIG
  • 2015-01-15
z/OS Catalog Solutions for ACF2 STIG
  • 2015-01-15
  • 2013-06-28
z/OS Catalog Solutions for RACF STIG
  • 2015-01-15
  • 2013-06-28
z/OS Catalog Solutions for TSS STIG
  • 2015-01-15
z/OS CL/SuperSession for ACF2 STIG
  • 2018-04-04
  • 2015-03-27
  • 2015-03-27
  • 2013-04-09
z/OS CL/SuperSession for RACF STIG
  • 2018-04-04
  • 2015-03-27
  • 2015-03-27
  • 2013-04-09
z/OS CL/SuperSession for TSS STIG
  • 2018-04-04
  • 2018-04-04
  • 2015-03-30
  • 2015-03-30
z/OS Compuware Abend-AID for ACF2 STIG
  • 2018-07-06
  • 2015-09-25
  • 2013-01-10
z/OS Compuware Abend-AID for RACF STIG
  • 2018-07-06
  • 2015-09-25
  • 2013-01-10
z/OS Compuware Abend-AID for TSS STIG
  • 2018-07-06
  • 2015-09-25
z/OS CSSMTP for ACF2 STIG
  • 2017-09-15
  • 2015-01-15
  • 2011-10-03
z/OS CSSMTP for RACF STIG
  • 2017-09-15
  • 2015-01-15
  • 2011-10-03
z/OS CSSMTP for TSS STIG
  • 2017-09-15
  • 2015-01-15
z/OS FDR for ACF2 STIG
  • 2015-01-15
  • 2010-10-18
z/OS FDR for RACF STIG
  • 2015-01-15
  • 2010-10-18
z/OS FDR for TSS STIG
  • 2015-01-15
z/OS HCD for ACF2 STIG
  • 2015-01-15
  • 2010-10-18
z/OS HCD for RACF STIG
  • 2015-01-15
  • 2010-10-18
z/OS HCD for TSS STIG
  • 2015-01-15
z/OS IBM CICS Transaction Server for ACF2 STIG
  • 2018-01-05
  • 2015-01-15
  • 2014-01-07
z/OS IBM CICS Transaction Server for RACF STIG
  • 2018-01-05
  • 2015-01-15
  • 2014-01-07
z/OS IBM CICS Transaction Server for TSS STIG
  • 2018-01-05
  • 2015-01-15
z/OS IBM Health Checker for ACF2 STIG
  • 2015-01-15
  • 2012-07-09
z/OS IBM Health Checker for RACF STIG
  • 2015-01-15
  • 2012-07-09
z/OS IBM Health Checker for TSS STIG
  • 2015-01-15
z/OS IBM System Display and Search Facility (SDSF) for ACF2 STIG
  • 2016-03-28
  • 2015-09-28
  • 2014-09-19
z/OS IBM System Display and Search Facility (SDSF) for RACF STIG
  • 2016-03-28
  • 2016-03-28
  • 2015-09-28
  • 2014-09-19
z/OS IBM System Display and Search Facility (SDSF) for TSS STIG
  • 2016-03-23
  • 2015-09-28
z/OS ICSF for ACF2 STIG
  • 2018-09-21
  • 2018-07-06
  • 2015-06-22
  • 2011-10-03
z/OS ICSF for RACF STIG
  • 2018-09-21
  • 2018-07-06
  • 2015-06-22
  • 2011-10-03
z/OS ICSF for TSS STIG
  • 2018-09-21
  • 2018-07-06
  • 2015-06-22
z/OS NetView for ACF2 STIG
  • 2016-06-30
  • 2016-06-30
  • 2015-01-15
  • 2014-09-18
z/OS NetView for RACF STIG
  • 2016-06-30
  • 2016-06-30
  • 2015-01-15
  • 2014-09-18
z/OS NetView for TSS STIG
  • 2016-06-30
  • 2016-06-30
  • 2015-01-15
z/OS Quest NC-Pass for ACF2 STIG
  • 2015-01-15
  • 2012-01-10
z/OS Quest NC-Pass for RACF STIG
  • 2015-01-15
  • 2012-01-10
z/OS Quest NC-Pass for TSS STIG
  • 2015-01-15
z/OS RACF STIG
  • 2018-12-20
  • 2018-10-04
  • 2018-07-06
  • 2016-06-30
  • 2016-01-04
  • 2015-09-28
  • 2014-09-18
z/OS ROSCOE for ACF2 STIG
  • 2015-01-16
  • 2014-01-07
z/OS ROSCOE for RACF STIG
  • 2015-01-16
  • 2014-01-07
z/OS ROSCOE for TSS STIG
  • 2015-01-15
z/OS SRRAUDIT for ACF2 STIG
  • 2015-01-15
  • 2014-01-07
z/OS SRRAUDIT for RACF STIG
  • 2015-01-15
  • 2014-01-07
z/OS SRRAUDIT for TSS STIG
  • 2015-01-15
z/OS TADz for ACF2 STIG
  • 2016-03-28
  • 2016-01-04
  • 2015-01-15
  • 2011-10-03
z/OS TADz for RACF STIG
  • 2016-03-28
  • 2016-01-04
  • 2015-01-15
  • 2011-10-03
z/OS TADz for TSS STIG
  • 2016-03-23
  • 2016-01-04
  • 2015-01-15
z/OS TDMF for ACF2 STIG
  • 2015-01-15
  • 2012-01-09
z/OS TDMF for RACF STIG
  • 2015-01-15
  • 2012-01-09
z/OS TDMF for TSS STIG
  • 2015-01-15
z/OS TSS STIG
  • 2018-12-20
  • 2018-10-04
  • 2018-07-06
  • 2016-06-30
  • 2016-01-04
  • 2015-09-28
z/OS VSS for RACF STIG
  • 2016-06-30
  • 2016-01-04
  • 2015-01-15