Security Technical Implementation Guidelines
A Security Technical Implementation Guide (STIG) is a cybersecurity methodology for standardizing security protocols within networks, servers, computers, and logical designs to enhance overall security. These guides, when implemented, enhance security for software, hardware, physical and logical architectures to further reduce vulnerabilities. This page shows you the list of STIGs that are actively tracked by this website. These STIGs will be updated on at least a quarterly basis, dependant upon the releases DISA makes.
| Title | Version / Release | Published | Description |
|---|---|---|---|
| A10 Networks ADC ALG Security Technical Implementation Guide |
|
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected] | |
| A10 Networks ADC NDM Security Technical Implementation Guide |
|
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected] | |
| Active Directory Domain Security Technical Implementation Guide (STIG) |
|
This STIG provides focused security requirements for the AD or Active Directory Domain Services (AD DS) element for Windows Servers operating systems. These requirements apply to the domain and can typically be reviewed once per AD domain. The separate Active Directory Forest STIG contains forest level requirements. Systems must also be reviewed using the applicable Windows STIG. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected] | |
| Active Directory Domain Security Technical Implementation Guide (STIG) |
|
This STIG provides focused security requirements for the AD or Active Directory Domain Services (AD DS) element for Windows Servers operating systems. These requirements apply to the domain and can typically be reviewed once per AD domain. The separate Active Directory Forest STIG contains forest level requirements. Systems must also be reviewed using the applicable Windows STIG. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected] | |
| Active Directory Forest Security Technical Implementation Guide (STIG) |
|
This STIG provides focused security requirements for the AD or Active Directory Domain Services (AD DS) element for Windows Servers operating systems. These requirements apply to the forest and can typically be reviewed once per AD Forest. The separate Active Directory Domain STIG contains domain level requirements. Systems must also be reviewed using the applicable Windows STIG. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected] | |
| Adobe Acrobat Pro XI Security Technical Implementation Guide |
|
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected] | |
| Adobe Acrobat Professional DC Classic Security Technical Implementation Guide |
|
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected] | |
| Adobe Acrobat Reader DC Classic Track Security Technical Implementation Guide |
|
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected] | |
| Adobe Acrobat Reader DC Continuous Track Security Technical Implementation Guide |
|
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected] | |
| Adobe ColdFusion 11 Security Technical Implementation Guide |
|
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected] | |
| AirWatch MDM STIG |
|
Developed by AirWatch in coordination with DISA for the DoD. | |
| AIX 5.3 SECURITY TECHNICAL IMPLEMENTATION GUIDE |
|
The AIX Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via email to the following address: [email protected] | |
| AIX 6.1 SECURITY TECHNICAL IMPLEMENTATION GUIDE |
|
The AIX Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via email to the following address: [email protected] | |
| Akamai KSD Service Impact Level 2 ALG Security Technical Implementation Guide |
|
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected] | |
| Akamai KSD Service Impact Level 2 NDM Security Technical Implementation Guide |
|
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected] | |
| Android 2.2 (Dell) Security Technical Implementation Guide |
|
This STIG contains technical security controls required for the use of the Android 2.2 (Dell version) mobile operating system in the DoD environment when managed by the Good Mobility Suite. | |
| APACHE 2.2 Server for UNIX Security Technical Implementation Guide |
|
All directives specified in this STIG must be specifically set (i.e. the server is not allowed to revert to programmed defaults for these directives). Included files should be reviewed if they are used. Procedures for reviewing included files are included in the overview document. The use of .htaccess files are not authorized for use according to the STIG. However, if they are used, there are procedures for reviewing them in the overview document. The Web Policy STIG should be used in addition to the Apache Site and Server STIGs in order to do a comprehensive web server review. | |
| APACHE 2.2 Server for Windows Security Technical Implementation Guide |
|
All directives specified in this STIG must be specifically set (i.e. the server is not allowed to revert to programmed defaults for these directives). Included files should be reviewed if they are used. Procedures for reviewing included files are included in the overview document. The use of .htaccess files are not authorized for use according to the STIG. However, if they are used, there are procedures for reviewing them in the overview document. The Web Policy STIG should be used in addition to the Apache Site and Server STIGs in order to do a comprehensive web server review. | |
| APACHE 2.2 Site for UNIX Security Technical Implementation Guide |
|
All directives specified in this STIG must be specifically set (i.e. the server is not allowed to revert to programmed defaults for these directives). Included files should be reviewed if they are used. Procedures for reviewing included files are included in the overview document. The use of .htaccess files are not authorized for use according to the STIG. However, if they are used, there are procedures for reviewing them in the overview document. The Web Policy STIG should be used in addition to the Apache Site and Server STIGs in order to do a comprehensive web server review. | |
| APACHE 2.2 Site for Windows Security Technical Implementation Guide |
|
All directives specified in this STIG must be specifically set (i.e. the server is not allowed to revert to programmed defaults for these directives). Included files should be reviewed if they are used. Procedures for reviewing included files are included in the overview document. The use of .htaccess files are not authorized for use according to the STIG. However, if they are used, there are procedures for reviewing them in the overview document. The Web Policy STIG should be used in addition to the Apache Site and Server STIGs in order to do a comprehensive web server review. | |
| APACHE Server 2.0 for Unix |
|
All directives specified in this STIG must be specifically set (i.e. the server is not allowed to revert to programmed defaults for these directives). Included files should be reviewed if they are used. Procedures for reviewing included files are included in the overview document. The use of .htaccess files are not authorized for use according to the STIG. However, if they are used, there are procedures for reviewing them in the overview document. The Web Policy STIG should be used in addition to the Apache Site and Server STIGs in order to do a comprehensive web server review. | |
| APACHE SERVER 2.0 for Windows |
|
All directives specified in this STIG must be specifically set (i.e. the server is not allowed to revert to programmed defaults for these directives). Included files should be reviewed if they are used. Procedures for reviewing included files are included in the overview document. The use of .htaccess files are not authorized for use according to the STIG. However, if they are used, there are procedures for reviewing them in the overview document. The Web Policy STIG should be used in addition to the Apache Site and Server STIGs in order to do a comprehensive web server review. | |
| Apache Server 2.4 UNIX Server Security Technical Implementation Guide |
|
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected] | |
| Apache Server 2.4 UNIX Site Security Technical Implementation Guide |
|
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected] | |
| Apache Server 2.4 Windows Server Security Technical Implementation Guide |
|
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected] | |
| Apache Server 2.4 Windows Site Security Technical Implementation Guide |
|
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected] | |
| APACHE SITE 2.0 for Unix |
|
All directives specified in this STIG must be specifically set (i.e. the server is not allowed to revert to programmed defaults for these directives). Included files should be reviewed if they are used. Procedures for reviewing included files are included in the overview document. The use of .htaccess files are not authorized for use according to the STIG. However, if they are used, there are procedures for reviewing them in the overview document. The Web Policy STIG should be used in addition to the Apache Site and Server STIGs in order to do a comprehensive web server review. | |
| APACHE SITE 2.0 for Windows |
|
All directives specified in this STIG must be specifically set (i.e. the server is not allowed to revert to programmed defaults for these directives). Included files should be reviewed if they are used. Procedures for reviewing included files are included in the overview document. The use of .htaccess files are not authorized for use according to the STIG. However, if they are used, there are procedures for reviewing them in the overview document. The Web Policy STIG should be used in addition to the Apache Site and Server STIGs in order to do a comprehensive web server review. | |
| Apple iOS 10 Security Technical Implementation Guide |
|
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected] | |
| Apple iOS 11 Security Technical Implementation Guide |
|
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected] | |
| Apple iOS 12 Security Technical Implementation Guide |
|
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected] | |
| Apple iOS 7 STIG |
|
This STIG contains technical security controls required for the use of Apple iOS 7 devices (iPhone and iPad) in the DoD environment when managed by an approved mobile management server. Comments or proposed revisions to this document should be sent via email to the following address: [email protected] | |
| Apple iOS 8 Interim Security Configuration Guide |
|
This ISCG contains technical security controls required for the use of Apple iOS 8 devices (iPhone and iPad) in the DoD environment. Comments or proposed revisions to this document should be sent via email to the following address: [email protected] | |
| Apple iOS 9 Interim Security Configuration Guide |
|
This Interim Security Configuration Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected] | |
| Apple iOS 9 Interim Security Configuration Guide |
|
This Interim Security Configuration Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected] | |
| Apple iOS6 Security Technical Implementation Guide |
|
Developed by DISA for use in the DoD. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected] | |
| Apple OS X 10.10 (Yosemite) Workstation Security Technical Implementation Guide |
|
The Apple OS X 10.10 Workstation Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected] | |
| Apple OS X 10.11 Security Technical Implementation Guide |
|
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected] | |
| Apple OS X 10.12 Security Technical Implementation Guide |
|
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected] | |
| Apple OS X 10.13 Security Technical Implementation Guide |
|
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected] | |
| Apple OS X 10.8 (Mountain Lion) Workstation STIG |
|
The Apple OS X 10.8 (Mountain Lion) Workstation Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected] | |
| Apple OS X 10.9 (Mavericks) Workstation Security Technical Implementation Guide |
|
The Apple OS X 10.9 Workstation Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected] | |
| Application Layer Gateway (ALG) Security Requirements Guide (SRG) |
|
The Application Layer Gateway (ALG) SRG is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the NIST 800-53 and related documents. Comments or proposed revisions to STIG or SRG documents should be sent to this email address: [email protected] | |
| Application Security and Development Checklist |
|
||
| Application Security and Development Security Technical Implementation Guide |
|
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected] | |
| Application Server Security Requirements Guide |
|
The Application Server Security Requirements Guide (SRG) is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the NIST 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected] | |
| ArcGIS for Server 10.3 Security Technical Implementation Guide |
|
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected] | |
| Arista MLS DCS-7000 Series L2S Security Technical Implementation Guide |
|
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected] | |
| Arista MLS DCS-7000 Series NDM Security Technical Implementation Guide |
|
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected] | |
| Arista MLS DCS-7000 Series RTR Security Technical Implementation Guide |
|
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected] | |
| Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide |
|
This Security Requirements Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected] | |
| BIND 9.x Security Technical Implementation Guide |
|
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected] | |
| BIND DNS STIG |
|
||
| BlackBerry 10 OS Security Technical Implementation Guide |
|
Developed by BlackBerry Ltd. in coordination with DISA for use in the DoD. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected] | |
| BlackBerry 10.2.x OS Security Technical Implementation Guide |
|
Developed by BlackBerry Ltd. in coordination with DISA for use in the DoD. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected] | |
| BlackBerry BES 12.3.x MDM Security Technical Implementation Guide |
|
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected] | |
| BlackBerry BES 12.5.x MDM Security Technical Implementation Guide |
|
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected] | |
| BlackBerry Device Service 6.2 STIG |
|
Developed by Research In Motion Ltd. in coordination with DISA for use in the DoD. | |
| BlackBerry Enterprise Mobility Server 2.x Security Technical Implementation Guide |
|
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected] | |
| BlackBerry Enterprise Server (version 5.x), Part 1 Security Technical Implementation Guide |
|
BlackBerry Enterprise Server (version 5.x) STIG, Part 1 in XCCDF format. Part 1: BES architecture and training requirements. Part 2: BES configuration requirements. Part 3: BES IT Policy configuration requirements. | |
| BlackBerry Enterprise Server (version 5.x), Part 2 Security Technical Implementation Guide |
|
BlackBerry Enterprise Server (version 5.x) STIG, Part 2 in XCCDF format. Part 1: BES architecture and training requirements. Part 2: BES configuration requirements. Part 3: BES IT Policy configuration requirements. | |
| BlackBerry Enterprise Server (version 5.x), Part 3 Security Technical Implementation Guide |
|
BlackBerry Enterprise Server (version 5.x) STIG, Part 3 in XCCDF format. Part 1: BES architecture and training requirements. Part 2: BES configuration requirements. Part 3: BES IT Policy configuration requirements. | |
| BlackBerry Enterprise Service v10.1.x BlackBerry Device Service STIG |
|
Developed by Research In Motion Ltd. in coordination with DISA for use in the DoD. | |
| BlackBerry Enterprise Service v10.2.x BlackBerry Device Service STIG |
|
Developed by BlackBerry Ltd. in coordination with DISA for use in the DoD. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected] | |
| BlackBerry OS 10.3.x Security Technical Implementation Guide |
|
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected] | |
| BlackBerry OS 7.x.x Security Technical Implementation Guide |
|
BlackBerry OS 7.x.x STIG in XCCDF format | |
| BlackBerry Playbook OS (NEA mode) Security Technical Implementation Guide (STIG) |
|
This document describes required technical IA controls for the Playbook when used in the Non-Enterprise Activated (NEA mode). NEA mode is when the device is not connected to the DoD network and does not process sensitive DoD data or email. | |
| BlackBerry PlayBook OS V2.1 Security Technical Implementation Guide |
|
Developed by BlackBerry Ltd. in coordination with DISA for use in the DoD. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected] | |
| BlackBerry UEM 12.7 Security Technical Implementation Guide |
|
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected] | |
| BlackBerry UEM 12.8 Security Technical Implementation Guide |
|
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected] | |
| Bluetooth/Zigbee Security Technical Implementation Guide (STIG) |
|
This STIG contains the technical security controls for the operation of Bluetooth/Zigbee devices in the DoD environment. | |
| CA API Gateway ALG Security Technical Implementation Guide |
|
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected] | |
| CA API Gateway NDM Security Technical Implementation Guide |
|
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected] | |
| Canonical Ubuntu 16.04 Security Technical Implementation Guide |
|
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected] | |
| Central Log Server Security Requirements Guide |
|
This Security Requirements Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected] | |
| CISCO CSS DNS |
|
The CISCO CSS DNS Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected] | |
| Cisco IOS XE Release 3 NDM Security Technical Implementation Guide |
|
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected] | |
| Cisco IOS XE Release 3 RTR Security Technical Implementation Guide |
|
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected] | |
| Citrix XenDesktop 7.x Delivery Controller Security Technical Implementation Guide |
|
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected] | |
| Citrix XenDesktop 7.x License Server Security Technical Implementation Guide |
|
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected] | |
| Citrix XenDesktop 7.x Receiver Security Technical Implementation Guide |
|
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected] | |
| Citrix XenDesktop 7.x Windows Virtual Delivery Agent Security Technical Implementation Guide |
|
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected] | |
| Citrix XenDesktop v7.x StoreFront Security Technical Implementation Guide |
|
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected] | |
| CMD Management Server Policy Security Technical Implementation Guide (STIG) |
|
This STIG contains the policy, training, and operating procedure security controls for the use of CMD management servers in the DoD environment. This STIG replaces the Wireless Management Server STIG (V1R6). Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected] | |
| Commercial Mobile Device (CMD) Policy Security Technical Implementation Guide (STIG) |
|
This STIG contains the policy, training, and operating procedure security controls for the use of CMDs in the DoD environment. Comments or proposed revisions to this document should be sent via email to the following address: [email protected] | |
| CSfC Campus WLAN Policy Security Implementation Guide |
|
This STIG contains the policy, training, and operating procedure security controls for the use of classified campus WLAN systems based on the Commercial Solutions for Classified (CSfC) Campus IEEE 802.11 Wireless Local Area Network (WLAN)Capability Package. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected] | |
| Database Security Requirements Guide |
|
The Database Security Requirements Guide (SRG) is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the NIST 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected] | |
| DBN-6300 IDPS Security Technical Implementation Guide |
|
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected] | |
| DBN-6300 NDM Security Technical Implementation Guide |
|
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected] | |
| Defense Switched Network (DSN) STIG |
|
The Defense Switched Network (DSN) Security Technical Implementation Guide (STIG) provides the policy and architectual guidance for applying security concepts to DoD telecommunications systems. These policies ensure conformance to DoD requirements that govern DSN voice services deployment and operations, to include special-C2, C2, and non-C2 services. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected] | |
| Defense Switched Network STIG |
|
The Defense Switched Network (DSN) Security Technical Implementation Guide (STIG) provides the policy and architectual guidance for applying security concepts to DoD telecommunications systems. These policies ensure conformance to DoD requirements that govern DSN voice services deployment and operations, to include special-C2, C2, and non-C2 services. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected] | |
| Desktop Application Antispyware General |
|
||
| Desktop Applications General |
|
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected] | |
| DNS Policy |
|
||
| Domain Name System (DNS) Security Requirements Guide |
|
The DNS Security Requirements Guide (SRG) is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the NIST 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected] | |
| EDB Postgres Advanced Server Security Technical Implementation Guide |
|
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected] | |
| Email Services Policy |
|
Email Services Policy | |
| Email Services Policy STIG |
|
Email Services Policy STIG requirements must be evaluated on each system review, regardless of the email product or release level. These policies ensure conformance to DoD requirements that govern email services deployment and operations. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected] | |
| Exchange 2010 Client Access Server STIG |
|
The Microsoft Exchange Server 2010 STIGs cover four of the five roles available with Microsoft Exchange Server 2010. The Email Services Policy STIG must also be reviewed for each site hosting email services. Also, for the Client Access server, the IIS guidance must be reviewed prior to the OWA checks. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected] | |
| MS Exchange 2010 Edge Transport Server STIG |
|
The Microsoft Exchange Server 2010 STIGs cover four of the five roles available with Microsoft Exchange Server 2010. The Email Services Policy STIG must also be reviewed for each site hosting email services. Also, for the Client Access server, the IIS guidance must be reviewed prior to the OWA checks. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected] | |
| Exchange 2010 Hub Transport Server STIG |
|
The Microsoft Exchange Server 2010 STIGs cover four of the five roles available with Microsoft Exchange Server 2010. The Email Services Policy STIG must also be reviewed for each site hosting email services. Also, for the Client Access server, the IIS guidance must be reviewed prior to the OWA checks. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected] | |
| Exchange 2010 Mailbox Server STIG |
|
The Microsoft Exchange Server 2010 STIGs cover four of the five roles available with Microsoft Exchange Server 2010. The Email Services Policy STIG must also be reviewed for each site hosting email services. Also, for the Client Access server, the IIS guidance must be reviewed prior to the OWA checks. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected] | |
| F5 BIG-IP Access Policy Manager 11.x Security Technical Implementation Guide |
|
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected] | |
| F5 BIG-IP Advanced Firewall Manager 11.x Security Technical Implementation Guide |
|
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected] | |
| F5 BIG-IP Application Security Manager 11.x Security Technical Implementation Guide |
|
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected] | |
| F5 BIG-IP Device Management 11.x Security Technical Implementation Guide |
|
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected] | |
| F5 BIG-IP Local Traffic Manager 11.x Security Technical Implementation Guide |
|
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected] | |
| General Wireless Policy Security Technical Implementation Guide |
|
This STIG provides policy, training, and operating procedure security controls for the use of wireless devices and systems in the DoD environment. This STIG applies to any wireless device (such as WLAN Access Points and clients, Bluetooth devices, smartphones and cell phones, wireless keyboards and mice, and wireless remote access devices) used to store, process, transmit or receive DoD information. | |
| Firewall Security Requirements Guide |
|
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected] | |
| Firewall Security Technical Implementation Guide |
|
Firewall Security Technical Implementation Guide | |
| Firewall Security Technical Implementation Guide - Cisco |
|
Firewall Security Technical Implementation Guide - Cisco | |
| ForeScout CounterACT ALG Security Technical Implementation Guide |
|
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected] | |
| ForeScout CounterACT NDM Security Technical Implementation Guide |
|
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected] | |
| General Mobile Device (Technical) (Non-Enterprise Activated) Security Technical Implementation Guide |
|
This STIG provides technical security controls for the use of mobile devices (smartphone and tablets) that are not authorized to be connected to a DoD network or store or process sensitive or classified DoD data/information. Non-enterprise activated refers to any device that is operated under the use conditions found in Section 2.1 of the STIG overview document. See section 1.1 of the STIG overview document for additional information. | |
| General Mobile Device Policy (Non-Enterprise Activated) Security Technical Implementation Guide |
|
This STIG provides policy, training, and operating procedure security controls for the use of mobile devices (smartphone and tablets) that are not authorized to be connected to a DoD network or store or process sensitive or classified DoD data/information. Non-enterprise activated refers to any device that is operated under the use conditions found in Section 2.1 of the STIG overview document. See section 1.1 of the STIG overview document for additional information. | |
| General Purpose Operating System SRG |
|
The General Purpose Operating System Security Requirements Guide (SRG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected] | |
| Good for Enterprise 8.x Security Technical Implementation Guide |
|
Developed by Good Technology in coordination with DISA for the DoD. | |
| Good Mobility Suite Server (Android OS) Security Technical Implementation Guide |
|
This STIG provides technical security controls required for the use of the Good Mobility Suite with Android 2.2 (Dell version) mobile operating system devices in the DoD environment. | |
| Good Mobility Suite Server (Windows Phone 6.5) Security Technical Implementation Guide |
|
This STIG provides technical security controls required for the use of the Good Mobility Suite with Windows Phone 6.5 devices in the DoD environment. | |
| Google Chrome Current Windows STIG |
|
The Google Chrome Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected] | |
| Google Search Appliance Security Technical Implementation Guide |
|
Developed by Microsoft in coordination with DISA for use in the DoD. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected] | |
| Harris SecNet 11 / 54 Security Technical Implementation Guide (STIG) |
|
This STIG contains the technical security controls for the operation of the Harris SecNet 11 or 54 classified WLAN devices in the DoD environment. | |
| HP FlexFabric Switch L2S Security Technical Implementation Guide |
|
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected] | |
| HP FlexFabric Switch NDM Security Technical Implementation Guide |
|
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected] | |
| HP FlexFabric Switch RTR Security Technical Implementation Guide |
|
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected] | |
| HP-UX 11.23 Security Technical Implementation Guide |
|
The HP-UX 11.23 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected] | |
| HP-UX 11.31 Security Technical Implementation Guide |
|
The HP-UX 11.31 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected] | |
| HPE 3PAR StoreServ 3.2.x Security Technical Implementation Guide |
|
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected] | |
| IBM DataPower ALG Security Technical Implementation Guide |
|
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected] | |
| IBM DataPower Network Device Management Security Technical Implementation Guide |
|
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected] | |
| IBM DB2 V10.5 LUW Security Technical Implementation Guide |
|
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected] | |
| IBM Hardware Management Console (HMC) STIG |
|
IBM Hardware Management Console is used to perform Initial Program Loads (IPLs), power on resets, shutdowns, and configuring of hardware components for system logical partitions. | |
| IBM Hardware Management Console (HMC) STIG Policies |
|
Policy and Documentation Vulnerabilities for IBM Hardware Management Console (HMC). | |
| IBM MaaS360 v2.3.x MDM Security Technical Implementation Guide |
|
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected] | |
| IBM MaaS360 with Watson v10.x MDM Security Technical Implementation Guide |
|
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected] | |
| IBM MQ Appliance V9.0 AS Security Technical Implementation Guide |
|
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected] | |
| IBM MQ Appliance v9.0 NDM Security Technical Implementation Guide |
|
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected] | |
| IBM WebSphere Traditional V9.x Security Technical Implementation Guide |
|
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected] | |
| IBM z/VM Using CA VM:Secure Security Technical Implementation Guide |
|
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected] | |
| IDS/IPS Security Technical Implementation Guide |
|
IDS/IPS Security Technical Implementation Guide | |
| IIS 7.0 Server STIG |
|
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected] | |
| IIS 7.0 Site STIG |
|
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected] | |
| IIS 8.5 Server Security Technical Implementation Guide |
|
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected] | |
| IIS 8.5 Site Security Technical Implementation Guide |
|
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected] | |
| IIS6 Server |
|
||
| IIS6 Site |
|
||
| Infoblox 7.x DNS Security Technical Implementation Guide |
|
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected] | |
| Infrastructure L3 Switch Secure Technical Implementation Guide - Cisco |
|
Infrastructure L3 Switch Secure Technical Implementation Guide - Cisco | |
| Infrastructure L3 Switch Security Technical Implementation Guide |
|
Infrastructure L3 Switch Security Technical Implementation Guide | |
| Infrastructure Router Security Technical Implementation Guide |
|
Infrastructure Router Security Technical Implementation Guide | |
| Infrastructure Router Security Technical Implementation Guide Cisco |
|
Infrastructure Router Security Technical Implementation Guide – Cisco | |
| Infrastructure Router Security Technical Implementation Guide Juniper |
|
Infrastructure Router Security Technical Implementation Guide – Juniper | |
| Internet Explorer 8 STIG |
|
The Internet Explorer 8 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Registry paths and values identified in each control assume the use of Group Policy Administrative Templates. Installations not using Group Policies to administer Microsoft Browser products may observe alternate registry paths for stored configuration values. | |
| Internet Explorer 8 STIG |
|
The Internet Explorer 8 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Registry paths and values identified in each control assume the use of Group Policy Administrative Templates. Installations not using Group Policies to administer Microsoft Browser products may observe alternate registry paths for stored configuration values. | |
| Internet Explorer 9 Security Technical Implementation Guide |
|
The Internet Explorer 9 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected] | |
| Intrusion Detection and Prevention Systems (IDPS) Security Requirements Guide |
|
The IDPS Security Requirements Guide (SRG) is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the NIST 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected] | |
| IPSec VPN Gateway Security Technical Implementation Guide |
|
IPSec VPN Gateway Security Technical Implementation Guide | |
| Java Runtime Environment (JRE) 6 STIG for Windows XP |
|
The Java Runtime Environment (JRE) is a bundle developed and offered by Oracle Corporation which includes the Java Virtual Machine (JVM), class libraries, and other components necessary to run Java applications and applets. Certain default settings within the JRE pose a security risk so it is necessary to deploy system wide properties to ensure a higher degree of security when utilizing the JRE. Guidance placed on sunset list 10/24/2014. XP OS no longer supported by vendor. | |
| Java Runtime Environment (JRE) version 6 STIG for Unix |
|
The Java Runtime Environment (JRE) is a bundle developed and offered by Oracle Corporation which includes the Java Virtual Machine (JVM), class libraries, and other components necessary to run Java applications and applets. Certain default settings within the JRE pose a security risk so it is necessary to deploy system wide properties to ensure a higher degree of security when utilizing the JRE. | |
| Java Runtime Environment (JRE) version 6 STIG for Windows 7 |
|
The Java Runtime Environment (JRE) is a bundle developed and offered by Oracle Corporation which includes the Java Virtual Machine (JVM), class libraries, and other components necessary to run Java applications and applets. Certain default settings within the JRE pose a security risk so it is necessary to deploy system wide properties to ensure a higher degree of security when utilizing the JRE. | |
| Java Runtime Environment (JRE) version 7 STIG for Unix |
|
The Java Runtime Environment (JRE) is a bundle developed and offered by Oracle Corporation which includes the Java Virtual Machine (JVM), class libraries, and other components necessary to run Java applications and applets. Certain default settings within the JRE pose a security risk so it is necessary to deploy system wide properties to ensure a higher degree of security when utilizing the JRE. | |
| Java Runtime Environment (JRE) version 7 STIG for Windows 7 |
|
The Java Runtime Environment (JRE) is a bundle developed and offered by Oracle Corporation which includes the Java Virtual Machine (JVM), class libraries, and other components necessary to run Java applications and applets. Certain default settings within the JRE pose a security risk so it is necessary to deploy system wide properties to ensure a higher degree of security when utilizing the JRE. | |
| Java Runtime Environment (JRE) version 7 STIG for WinXP |
|
The Java Runtime Environment (JRE) is a bundle developed and offered by Oracle Corporation which includes the Java Virtual Machine (JVM), class libraries, and other components necessary to run Java applications and applets. Certain default settings within the JRE pose a security risk so it is necessary to deploy system wide properties to ensure a higher degree of security when utilizing the JRE. | |
| Java Runtime Environment (JRE) version 8 STIG for Unix |
|
The Java Runtime Environment (JRE) is a bundle developed and offered by Oracle Corporation which includes the Java Virtual Machine (JVM), class libraries, and other components necessary to run Java applications and applets. Certain default settings within the JRE pose a security risk so it is necessary to deploy system wide properties to ensure a higher degree of security when utilizing the JRE. | |
| Java Runtime Environment (JRE) version 8 STIG for Windows |
|
The Java Runtime Environment (JRE) is a bundle developed and offered by Oracle Corporation which includes the Java Virtual Machine (JVM), class libraries, and other components necessary to run Java applications and applets. Certain default settings within the JRE pose a security risk so it is necessary to deploy system wide properties to ensure a higher degree of security when utilizing the JRE. | |
| JBoss EAP 6.3 Security Technical Implementation Guide |
|
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected] | |
| Juniper Router NDM Security Technical Implementation Guide |
|
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected] | |
| Juniper Router RTR Security Technical Implementation Guide |
|
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected] | |
| Juniper SRX SG ALG Security Technical Implementation Guide |
|
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected] | |
| Juniper SRX SG IDPS Security Technical Implementation Guide |
|
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected] | |
| Juniper SRX SG NDM Security Technical Implementation Guide |
|
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected] | |
| Juniper SRX SG VPN Security Technical Implementation Guide |
|
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected] | |
| Keyboard Video and Mouse Switch STIG |
|
The Keyboard Video and Mouse Switch (KVM) STIG includes the computing requirements for KVM switches operating to support the DoD. The Keyboard Video and Mouse Switch STIG must also be applied for each site using KVM switches. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected] | |
| L3 KOV-26 Talon (Wireless Role) Security Technical Implementation Guide (STIG) |
|
This STIG contains the technical security controls for the operation of a L3 KOV-26 Talon (Wireless Role) encryptor in the DoD environment. | |
| Layer 2 Switch Security Requirements Guide |
|
This Security Requirements Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected] | |
| Layer 2 Switch Security Technical Implementation Guide |
|
Layer 2 Switch Security Technical Implementation Guide | |
| Layer 2 Switch Security Technical Implementation Guide - Cisco |
|
Layer 2 Switch Security Technical Implementation Guide - Cisco | |
| LG Android 5.x Interim Security Configuration Guide |
|
This Interim Security Configuration Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected] | |
| LG Android 6.x Security Technical Implementation Guide |
|
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected] | |
| MAC OSX 10.5 Security Technical Implementation Guide |
|
MAC OSX 10.5 Security Technical Implementation Guide | |
| MAC OSX 10.6 Workstation Security Technical Implementation Guide |
|
MAC OSX 10.6 Workstation Security Technical Implementation Guide | |
| Mainframe Product Security Requirements Guide |
|
This Security Requirements Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected] | |
| McAfee MOVE 2.6 Multi-Platform Client STIG |
|
The McAfee MOVE 2.6 Multi-Platform Client STIG is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the NIST 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected] | |
| McAfee MOVE 2.6/3.6.1 Multi-Platform OSS STIG |
|
The McAfee MOVE 2.6/3.6.1 Multi-Platform OSS STIG is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the NIST 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected] | |
| McAfee MOVE 2.6/3.6.1 Multi-Platform Client STIG |
|
The McAfee MOVE 2.6/3.6.1 Multi-Platform Client STIG is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the NIST 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected] | |
| McAfee MOVE Agentless 3.0/3.6.1 Security Virtual Appliance STIG |
|
The McAfee MOVE 3.0/3.6.1 Agentless SVA STIG is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the NIST 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected] | |
| McAfee MOVE Agentless 3.0 VSEL 1.9 for SVA STIG |
|
The McAfee MOVE 3.0 Agentless VSEL for SVA STIG The McAfee MOVE 2.6 Multi-Platform Client STIG is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the NIST 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected] | |
| McAfee VirusScan 8.8 Local Client STIG |