Free DISA STIG and SRG Library | Vaulted

Search or scroll to view DISA’s latest STIGs and SRGs.

This library hosts DISA published Security Technical Implementation Guides (STIGs) and Security Requirements Guides (SRGs).

Version 1 Release 1
2016-04-15
U_A10_Networks_ADC_ALG_STIG_V1R1_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 1
2016-04-15
U_A10_Networks_ADC_NDM_STIG_V1R1_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 2 Release 9
2018-01-26
U_Active_Directory_Domain_STIG_V2R9_Manual-xccdf.xml
This STIG provides focused security requirements for the AD or Active Directory Domain Services (AD DS) element for Windows Servers operating systems. These requirements apply to the domain and can typically be reviewed once per AD domain. The separate Active Directory Forest STIG contains forest level requirements. Systems must also be reviewed using the applicable Windows STIG. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 2 Release 7
2017-01-27
U_Active_Directory_Forest_V2R7_STIG_Manual-xccdf.xml
This STIG provides focused security requirements for the AD or Active Directory Domain Services (AD DS) element for Windows Servers operating systems. These requirements apply to the forest and can typically be reviewed once per AD Forest. The separate Active Directory Domain STIG contains domain level requirements. Systems must also be reviewed using the applicable Windows STIG. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 1
2017-07-26
U_Adobe_Acrobat_Pro_XI_STIG_V1R1_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.
Version 1 Release 3
2018-04-27
U_Adobe_Acrobat_Reader_DC_Classic_STIG_V1R3_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 4
2018-04-27
U_Adobe_Acrobat_Reader_DC_Continuous_STIG_V1R4_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 4
2018-01-26
U_Adobe_ColdFusion_11_STIG_V1R4_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 3
2016-01-22
U_Airwatch_MDM_STIG_V1R3_Manual-xccdf.xml
Developed by AirWatch in coordination with DISA for the DoD.
Version 1 Release 2
2013-11-04
U_AIX_5.3-V1R2_STIG_Benchmark-xccdf.xml
The AIX Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via email to the following address: disa.letterkenny.FSO.mbx.stig-customer-support-mailbox@mail.mil.
Version 1 Release 13
2018-04-27
U_AIX_6-1_STIG_V1R13_Manual-xccdf.xml
The AIX Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via email to the following address: disa.letterkenny.FSO.mbx.stig-customer-support-mailbox@mail.mil.
Version 1 Release 1
2017-09-12
U_Akamai_KSD_Service_IL2_ALG_STIG_V1R1_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.
Version 1 Release 1
2017-09-12
U_Akamai_KSD_Service_IL2_NDM_STIG_V1R1_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.
Version 1 Release 12
2017-10-27
U_Apache_2-2_Server_WIN_STIG_V1R12_Manual-xccdf.xml
All directives specified in this STIG must be specifically set (i.e. the server is not allowed to revert to programmed defaults for these directives). Included files should be reviewed if they are used. Procedures for reviewing included files are included in the overview document. The use of .htaccess files are not authorized for use according to the STIG. However, if they are used, there are procedures for reviewing them in the overview document. The Web Policy STIG should be used in addition to the Apache Site and Server STIGs in order to do a comprehensive web server review.
Version 1 Release 12
2017-10-27
U_Apache_2-2_Site_WIN_STIG_V1R12_Manual-xccdf.xml
All directives specified in this STIG must be specifically set (i.e. the server is not allowed to revert to programmed defaults for these directives). Included files should be reviewed if they are used. Procedures for reviewing included files are included in the overview document. The use of .htaccess files are not authorized for use according to the STIG. However, if they are used, there are procedures for reviewing them in the overview document. The Web Policy STIG should be used in addition to the Apache Site and Server STIGs in order to do a comprehensive web server review.
Version 1 Release 5
2015-10-23
U_Apache_2-0_Server_UNIX_V1R5_Manual-xccdf.xml
All directives specified in this STIG must be specifically set (i.e. the server is not allowed to revert to programmed defaults for these directives). Included files should be reviewed if they are used. Procedures for reviewing included files are included in the overview document. The use of .htaccess files are not authorized for use according to the STIG. However, if they are used, there are procedures for reviewing them in the overview document. The Web Policy STIG should be used in addition to the Apache Site and Server STIGs in order to do a comprehensive web server review.
Version 1 Release 5
2015-10-23
U_Apache_2-0_Server_WIN_V1R5_Manual-xccdf.xml
All directives specified in this STIG must be specifically set (i.e. the server is not allowed to revert to programmed defaults for these directives). Included files should be reviewed if they are used. Procedures for reviewing included files are included in the overview document. The use of .htaccess files are not authorized for use according to the STIG. However, if they are used, there are procedures for reviewing them in the overview document. The Web Policy STIG should be used in addition to the Apache Site and Server STIGs in order to do a comprehensive web server review.
Version 1 Release 9
2017-10-27
U_Apache_2-2_Server_UNIX_STIG_V1R9_Manual-xccdf.xml
All directives specified in this STIG must be specifically set (i.e. the server is not allowed to revert to programmed defaults for these directives). Included files should be reviewed if they are used. Procedures for reviewing included files are included in the overview document. The use of .htaccess files are not authorized for use according to the STIG. However, if they are used, there are procedures for reviewing them in the overview document. The Web Policy STIG should be used in addition to the Apache Site and Server STIGs in order to do a comprehensive web server review.
Version 1 Release 5
2015-10-23
U_Apache_2-0_Site_UNIX_V1R5_Manual-xccdf.xml
All directives specified in this STIG must be specifically set (i.e. the server is not allowed to revert to programmed defaults for these directives). Included files should be reviewed if they are used. Procedures for reviewing included files are included in the overview document. The use of .htaccess files are not authorized for use according to the STIG. However, if they are used, there are procedures for reviewing them in the overview document. The Web Policy STIG should be used in addition to the Apache Site and Server STIGs in order to do a comprehensive web server review.
Version 1 Release 5
2015-10-23
U_Apache_2-0_Site_WIN_V1R5_Manual-xccdf.xml
All directives specified in this STIG must be specifically set (i.e. the server is not allowed to revert to programmed defaults for these directives). Included files should be reviewed if they are used. Procedures for reviewing included files are included in the overview document. The use of .htaccess files are not authorized for use according to the STIG. However, if they are used, there are procedures for reviewing them in the overview document. The Web Policy STIG should be used in addition to the Apache Site and Server STIGs in order to do a comprehensive web server review.
Version 1 Release 9
2017-10-27
U_Apache_2-2_Site_UNIX_STIG_V1R9_Manual-xccdf.xml
All directives specified in this STIG must be specifically set (i.e. the server is not allowed to revert to programmed defaults for these directives). Included files should be reviewed if they are used. Procedures for reviewing included files are included in the overview document. The use of .htaccess files are not authorized for use according to the STIG. However, if they are used, there are procedures for reviewing them in the overview document. The Web Policy STIG should be used in addition to the Apache Site and Server STIGs in order to do a comprehensive web server review.
Version 1 Release 3
2017-04-28
U_Apple_iOS_10_STIG_V1R3_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.
Version 1 Release 2
2018-04-27
U_Apple_iOS_11_STIG_V1R2_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.
Version 1 Release 5
2017-04-28
U_Apple_OS_X_10-10_Workstation_V1R5_Manual-xccdf.xml
The Apple OS X 10.10 Workstation Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 6
2018-01-26
U_Apple_OS_X_10-11_STIG_V1R6_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 3
2018-04-27
U_Apple_OS_X_10-12_STIG_V1R3_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.
Version 1 Release 2
2017-01-27
U_Apple_OS_X_10-9_Workstation_V1R2_Manual-xccdf.xml
The Apple OS X 10.9 Workstation Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 2
2015-07-24
U_Application_Layer_Gateway_V1R2_Manual-xccdf.xml
The Application Layer Gateway (ALG) SRG is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the NIST 800-53 and related documents. Comments or proposed revisions to STIG or SRG documents should be sent to this email address: disa.stig_spt@mail.mil.
Version 4 Release 6
2018-04-27
U_ASD_STIG_V4R6_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 2 Release 3
2018-01-26
U_Application_Server_SRG_V2R3_Manual-xccdf.xml
The Application Server Security Requirements Guide (SRG) is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the NIST 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.letterkenny.FSO.mbx.stig-customer-support-mailbox@mail.mil.
Version 1 Release 3
2018-01-26
U_ArcGIS_Server_10-3_STIG_V1R3_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 2
2016-04-22
U_Arista_MLS_DCS-7000_Series_L2S_STIG_V1R2_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 2
2016-04-22
U_Arista_MLS_DCS-7000_Series_NDM_STIG_V1R2_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 2
2016-04-22
U_Arista_MLS_DCS-7000_Series_RTR_STIG_V1R2_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 4
2018-04-27
U_BIND_9-x_STIG_V1R4_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 4 Release 1.20
2017-07-28
U_BIND_DNS_STIG_V4R1-20_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 6
2015-07-24
U_BlackBerry_10-2-X_OS_V1R6_Manual-xccdf.xml
Developed by BlackBerry Ltd. in coordination with DISA for use in the DoD. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 3
2017-07-28
U_BB_BES_12-5-x_MDM_STIG_V1R3_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 2
2016-10-28
U_BB_BES_12-5-x_MDM_STIG_V1R2_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 1
2017-12-11
U_BEMS_2-x_STIG_V1R1_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.
Version 2 Release 9
2016-10-28
U_BlackBerry_Enterprise_Server_5-X_Part1_V2R9_Manual-xccdf.xml
BlackBerry Enterprise Server (version 5.x) STIG, Part 1 in XCCDF format. Part 1: BES architecture and training requirements. Part 2: BES configuration requirements. Part 3: BES IT Policy configuration requirements.
Version 2 Release 9
2016-10-28
U_BlackBerry_Enterprise_Server_5-X_Part2_V2R9_Manual-xccdf.xml
BlackBerry Enterprise Server (version 5.x) STIG, Part 2 in XCCDF format. Part 1: BES architecture and training requirements. Part 2: BES configuration requirements. Part 3: BES IT Policy configuration requirements.
Version 2 Release 9
2016-10-28
U_BlackBerry_Enterprise_Server_5-X_Part3_V2R9_Manual-xccdf.xml
BlackBerry Enterprise Server (version 5.x) STIG, Part 3 in XCCDF format. Part 1: BES architecture and training requirements. Part 2: BES configuration requirements. Part 3: BES IT Policy configuration requirements.
Version 1 Release 5
2015-10-23
U_Blackberry_BES_v10-2-X_BDS_V1R5_Manual-xccdf.xml
Developed by BlackBerry Ltd. in coordination with DISA for use in the DoD. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil
Version 1 Release 3
2016-10-28
U_BlackBerry_OS_10-3-x_STIG_V1R3_Manual-xccd.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 2 Release 11
2017-10-27
U_BlackBerry_OS_7-x_STIG_V2R11_Manual-xccdf.xml
BlackBerry OS 7.x.x STIG in XCCDF format
Version 1 Release 1
2017-12-11
U_BB_UEM_12-7_STIG_V1R1_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.
Version 1 Release 2
2017-04-28
U_CA_API_Gateway_ALG_STIG_V1R2_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.
Version 4 Release 1.18
2016-01-22
U_CISCO_CSS_DNS_V4R1-18_Manual-xccdf.xml
The CISCO CSS DNS Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 4
2018-04-27
U_Cisco_IOS-XE_Release_3_NDM_STIG_V1R4_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.
Version 1 Release 3
2018-04-27
U_Cisco_IOS-XE_Release_3_RTR_STIG_V1R3_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.
Version 1 Release 1
2017-04-04
U_Cisco_ISR_4000_Series_NDM_STIG_V1R1_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.
Version 1 Release 1
2017-04-04
U_Cisco_ISR_4000_Series_RTR_STIG_V1R1_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.
Version 2 Release 5
2016-10-28
U_CMD_Policy_STIG_V2R5_Manual-xccdf.xml
This STIG contains the policy, training, and operating procedure security controls for the use of CMDs in the DoD environment. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil..
Version 2 Release 8
2018-01-26
U_Database_V2R8_SRG_Manual-xccdf.xml
The Database Security Requirements Guide (SRG) is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the NIST 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 1
2017-09-12
U_DBN-6300_IDPS_STIG_V1R1_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 1
2017-09-12
U_DBN-6300_NDM_STIG_V1R1_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 2 Release 8
2017-04-28
U_DSN_STIG_V2R8_Manual-xccdf.xml
The Defense Switched Network (DSN) Security Technical Implementation Guide (STIG) provides the policy and architectual guidance for applying security concepts to DoD telecommunications systems. These policies ensure conformance to DoD requirements that govern DSN voice services deployment and operations, to include special-C2, C2, and non-C2 services. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 4 Release 5
2017-07-28
U_Desktop_Apps_General_STIG_V4R5_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 4 Release 1.21
2017-10-27
U_DNS_Policy_STIG_V4R1-21_Manual-xccdf.xml
The DNS Policy Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 2 Release 4
2015-10-23
U_Domain_Name_System_V2R4_Manual-xccdf.xml
The DNS Security Requirements Guide (SRG) is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the NIST 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 4
2018-01-26
U_EDB_PGS_Advanced_Server_STIG_V1R4_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.
Version 2 Release 6
2015-10-23
U_Email_Services_Policy_V2R6_Manual-xccdf.xml
Email Services Policy STIG requirements must be evaluated on each system review, regardless of the email product or release level. These policies ensure conformance to DoD requirements that govern email services deployment and operations. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 9
2017-01-27
U_Exchange_2010_Client_Access_V1R9_Manual-xccdf.xml
The Microsoft Exchange Server 2010 STIGs cover four of the five roles available with Microsoft Exchange Server 2010. The Email Services Policy STIG must also be reviewed for each site hosting email services. Also, for the Client Access server, the IIS guidance must be reviewed prior to the OWA checks. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 12
2017-01-27
U_Exchange_2010_Edge_V1R12_Manual-xccdf.xml
The Microsoft Exchange Server 2010 STIGs cover four of the five roles available with Microsoft Exchange Server 2010. The Email Services Policy STIG must also be reviewed for each site hosting email services. Also, for the Client Access server, the IIS guidance must be reviewed prior to the OWA checks. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 12
2017-01-27
U_Exchange_2010_Hub_V1R12_Manual-xccdf.xml
The Microsoft Exchange Server 2010 STIGs cover four of the five roles available with Microsoft Exchange Server 2010. The Email Services Policy STIG must also be reviewed for each site hosting email services. Also, for the Client Access server, the IIS guidance must be reviewed prior to the OWA checks. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 10
2017-07-28
U_Exchange_2010_Mailbox_STIG_V1R10_Manual-xccdf.xml
The Microsoft Exchange Server 2010 STIGs cover four of the five roles available with Microsoft Exchange Server 2010. The Email Services Policy STIG must also be reviewed for each site hosting email services. Also, for the Client Access server, the IIS guidance must be reviewed prior to the OWA checks. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 1
2015-05-29
U_F5_BIG-IP_Access_Policy_Manager_11-x_STIG_V1R1_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.
Version 1 Release 1
2015-05-29
U_F5_BIG-IP_Advanced_Firewall_Manager_11-x_STIG_V1R1_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.
Version 1 Release 1
2015-05-29
U_F5_BIG-IP_Application_Security_Manager_11-x_STIG_V1R1_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.
Version 1 Release 5
2017-07-28
U_F5_BIG-IP_Device_Management_11-x_STIG_V1R5_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.
Version 1 Release 2
2016-10-28
U_F5_BIG-IP_Local_Traffic_Manager_11-x_STIG_V1R2_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.
Version 1 Release 1
2018-03-16
U_Firewall_SRG_V1R1_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.
Version 1 Release 2
2018-01-26
U_ForeScout_CounterACT_ALG_STIG_V1R2_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.
Version 1 Release 1
2017-09-12
U_ForeScout_CounterACT_NDM_STIG_V1R1_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.
Version 1 Release 4
2016-07-22
U_General_Purpose_Operating_System_V1R4_Manual-xccdf.xml
The General Purpose Operating System Security Requirements Guide (SRG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 2
2017-10-27
U_Good_for_Enterprise_8-x_STIG_V1R2_Manual-xccdf.xml
Developed by Good Technology in coordination with DISA for the DoD.
Version 1 Release 1
2012-12-17
U_GoolgeChrome23Windows_V1R1_STIG_Benchmark-xccdf.xml
Version 1 Release 1
2013-03-07
U_GoogleChrome24Windows_V1R1_STIG_Benchmark-xccdf.xml
Version 1 Release 1
2015-07-06
U_Google_Search_Appliance_STIG_V1R1_Manual-xccdf.xml
Developed by Microsoft in coordination with DISA for use in the DoD. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 6 Release 10
2017-01-27
U_Network_Harris_SecNet_11_54_V6R10_Manual-xccdf.xml
This STIG contains the technical security controls for the operation of the Harris SecNet 11 or 54 classified WLAN devices in the DoD environment.
Version 1 Release 3
2017-07-28
U_HPE_3PAR_StoreServ_3.2.x_STIG_V1R3_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.
Version 1 Release 9
2016-01-22
U_HPUX_11-23_V1R9_STIG_SCAP_1-1_Benchmark-xccdf.xml
The HP-UX 11.23 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 17
2018-04-27
U_HPUX_11-31_STIG_V1R17_Manual-xccdf.xml
The HP-UX 11.31 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 1
2016-01-25
U_IBM_DataPower_ALG_STIG_V1R1_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 2
2017-10-24
U_IBM_DataPower_NDM_STIG_V1R2_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 2
2018-01-26
U_IBM_DB2_V10-5_LUW_STIG_V1R2_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.
Version 1 Release 5
2015-01-20
U_IBM_Hardware_Management_Console_V1R5_Manual-xccdf.xml
IBM Hardware Management Console is used to perform Initial Program Loads (IPLs), power on resets, shutdowns, and configuring of hardware components for system logical partitions.
Version 1 Release 2
2015-01-20
U_IBM_Hardware_Management_Console_Policy_V1R2_STIG_Manual-xccdf.xml
Policy and Documentation Vulnerabilities for IBM Hardware Management Console (HMC).
Version 1 Release 1
2016-02-26
U_IBM_MaaS360_v2-3-x_MDM_STIG_V1R1_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 1
2017-06-05
U_IBM_MQ_Appliance_v9-0_AS_STIG_V1R1_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.
Version 1 Release 1
2017-06-05
U_IBM_MQ_Appliance_v9-0_NDM_STIG_V1R1_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.
Version 1 Release 0.1
2017-08-23
U_IBM_zVM_STIG_V1R0-1_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.
Version 1 Release 2
2018-04-27
U_IBM_zVM_Using_CA_VMSecure_STIG_V1R2_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.
Version 6 Release 16
2015-07-24
U_IIS_6-0_Server_V6R16_Manual-xccdf.xml
Version 6 Release 16
2015-07-24
U_IIS_6-0_Site_V6R16_Manual-xccdf.xml
Version 1 Release 16
2018-01-26
U_IIS_7-0_Server_STIG_V1R16_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.
Version 1 Release 16
2018-01-26
U_IIS_7-0_Site_STIG_V1R16_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.
Version 1 Release 3
2018-04-27
U_IIS_8-5_Server_STIG_V1R3_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.
Version 1 Release 3
2018-04-27
U_IIS_8-5_Site_STIG_V1R3_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.
Version 1 Release 5
2018-01-26
U_Infoblox_7-x_DNS_STIG_V1R5_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 20
2016-01-22
U_Microsoft_IE8_V1R20_Manual-xccdf.xml
The Internet Explorer 8 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Registry paths and values identified in each control assume the use of Group Policy Administrative Templates. Installations not using Group Policies to administer Microsoft Browser products may observe alternate registry paths for stored configuration values.
Version 1 Release 7
2015-01-23
U_Microsoft_IE9_V1R7_STIG_SCAP_1-0_Benchmark-xccdf.xml
The Internet Explorer 9 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.letterkenny.FSO.mbx.stig-customer-support-mailbox@mail.mil.
Version 2 Release 3
2017-07-28
U_IDPS_SRG_V2R3_Manual-xccdf.xml
The IDPS Security Requirements Guide (SRG) is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the NIST 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.letterkenny.FSO.mbx.stig-customer-support-mailbox@mail.mil.
Version 1 Release 6
2016-01-22
U_JRE6_UNIX_V1R6_Manual-xccdf.xml
The Java Runtime Environment (JRE) is a bundle developed and offered by Oracle Corporation which includes the Java Virtual Machine (JVM), class libraries, and other components necessary to run Java applications and applets. Certain default settings within the JRE pose a security risk so it is necessary to deploy system wide properties to ensure a higher degree of security when utilizing the JRE.
Version 1 Release 8
2016-01-22
U_JRE6_WIN7_V1R8_Manual-xccdf.xml
The Java Runtime Environment (JRE) is a bundle developed and offered by Oracle Corporation which includes the Java Virtual Machine (JVM), class libraries, and other components necessary to run Java applications and applets. Certain default settings within the JRE pose a security risk so it is necessary to deploy system wide properties to ensure a higher degree of security when utilizing the JRE.
Version 1 Release 6
2016-01-22
U_JRE7_UNIX_V1R6_Manual-xccdf.xml
The Java Runtime Environment (JRE) is a bundle developed and offered by Oracle Corporation which includes the Java Virtual Machine (JVM), class libraries, and other components necessary to run Java applications and applets. Certain default settings within the JRE pose a security risk so it is necessary to deploy system wide properties to ensure a higher degree of security when utilizing the JRE.
Version 1 Release 8
2016-01-22
U_JRE7_WIN7_V1R8_Manual-xccdf.xml
The Java Runtime Environment (JRE) is a bundle developed and offered by Oracle Corporation which includes the Java Virtual Machine (JVM), class libraries, and other components necessary to run Java applications and applets. Certain default settings within the JRE pose a security risk so it is necessary to deploy system wide properties to ensure a higher degree of security when utilizing the JRE.
Version 1 Release 3
2017-10-27
U_Oracle_JRE_8_UNIX_STIG_V1R3_Manual-xccdf.xml
The Java Runtime Environment (JRE) is a bundle developed and offered by Oracle Corporation which includes the Java Virtual Machine (JVM), class libraries, and other components necessary to run Java applications and applets. Certain default settings within the JRE pose a security risk so it is necessary to deploy system wide properties to ensure a higher degree of security when utilizing the JRE.
Version 1 Release 5
2018-01-26
U_Oracle_JRE_8_Windows_STIG_V1R5_Manual-xccdf.xml
The Java Runtime Environment (JRE) is a bundle developed and offered by Oracle Corporation which includes the Java Virtual Machine (JVM), class libraries, and other components necessary to run Java applications and applets. Certain default settings within the JRE pose a security risk so it is necessary to deploy system wide properties to ensure a higher degree of security when utilizing the JRE.
Version 1 Release 2
2017-04-28
U_JBOSS_EAP_6-3_STIG_V1R2_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 3
2018-04-27
U_Juniper_SRX_SG_ALG_STIG_V1R3_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 2
2017-07-28
U_Juniper_SRX_SG_IDPS_STIG_V1R2_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 2
2017-01-27
U_Juniper_SRX_SG_NDM_STIG_V1R2_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 2
2017-10-27
U_Juniper_SRX_SG_VPN_STIG_V1R2_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 2 Release 6
2016-01-22
U_Keyboard_Video_and_Mouse_Switch_V2R6_Manual-xccdf.xml
The Keyboard Video and Mouse Switch (KVM) STIG includes the computing requirements for KVM switches operating to support the DoD. The Keyboard Video and Mouse Switch STIG must also be applied for each site using KVM switches. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 2
2015-09-25
U_LG_Android_5-x_ISCG_V1R2_Manual-xccdf.xml
This Interim Security Configuration Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 1
2016-05-09
U_LG_Android_6-x_STIG_V1R1_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 2
2017-07-28
U_Mainframe_Product_SRG_V1R2_Manual-xccdf.xml
This Security Requirements Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 3
2018-01-26
U_McAfee_Application_Control_7-x_STIG_V1R3_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.
Version 1 Release 5
2016-10-28
U_McAfee_MOVE_Multi-Platform3-6-1_Client_V1R5_Manual-xccdf.xml
The McAfee MOVE 3.6.1 Multi-Platform Client STIG is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the NIST 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 5
2016-10-28
U_McAfee_MOVE_Multi-Platform3-6-1_OSS_V1R5_Manual-xccdf.xml
The McAfee MOVE 3.6.1 Multi-Platform OSS STIG is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the NIST 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 3
2015-10-23
U_McAfee_MOVE3_0_Agentless_VSEL_for_SVA_V1R3_Manual-xccdf.xml
The McAfee MOVE 3.0 Agentless VSEL for SVA STIG The McAfee MOVE 2.6 Multi-Platform Client STIG is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the NIST 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 5
2016-10-28
U_McAfee_MOVE_Agentless3-6-1_SVA_V1R5_Manual-xccdf.xml
The McAfee MOVE 3.6.1 Agentless SVA STIG is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the NIST 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 1
2017-12-11
U_McAfee_MOVE_AV_Agentless_4-5_STIG_V1R1_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.
Version 1 Release 1
2017-12-11
U_McAfee_MOVE_AV_Multi-Platform_4-5_STIG_V1R1_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.
Version 5 Release 15
2018-04-27
U_McAfee_VirusScan88_Local_Client_STIG_V5R15_Manual-xccdf.xml
The McAfee VirusScan 8.8 Local Client STIG is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the NIST 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 5 Release 18
2018-04-27
U_McAfee_VirusScan88_Managed_Client_STIG_V5R18_Manual-xccdf.xml
The McAfee VirusScan Managed Client STIG is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the NIST 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 2
2016-04-22
U_McAfee_VSEL_1-9_2-0_Local_Client_STIG_V1R2_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 3
2017-10-27
U_McAfee_VSEL_1-9_2-0_Managed_Client_STIG_V1R3_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 2 Release 4
2016-10-28
U_MDM_Server_Policy_STIG_V2R4_Manual-xccdf.xml
This STIG contains the policy, training, and operating procedure security controls for the use of MDM servers in the DoD environment. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 4 Release 14
2016-07-22
U_MicrosoftAccess2007_V4R14_Manual-xccdf.xml
The Microsoft Access 2007 STIG is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the NIST 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 10
2018-04-27
U_MS_Access_2010_STIG_V1R10_Manual-xccdf.xml
Settings in this guidance assume a complete installation of Microsoft Office 2010 on the Windows 7 Platform. Registry paths and values identified in each control assume the use of Group Policy Administrative Templates. Installations not using Group Policies to administer Microsoft Office products may observe alternate registry paths for stored configuration values. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 6
2018-04-27
U_MS_Access_2013_STIG_V1R6_Manual-xccdf.xml
The Microsoft Access 2013 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 1
2016-11-14
U_Microsoft_Access_2016_STIG_V1R1_Manual-xccdf.xml
The Microsoft Access 2016 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 4
2016-04-22
U_Microsoft_DotNet_Framework_4_V1R4_STIG_SCAP_1-1_Benchmark-xccdf.xml
Applicable to systems and applications utilizing the Microsoft .Net version 4.0 framework.
Version 4 Release 12
2015-10-23
U_MicrosoftExcel2007_V4R12_Manual-xccdf.xml
Version 1 Release 11
2018-04-27
U_MS_Excel_2010_STIG_V1R11_Manual-xccdf.xml
Settings in this guidance assume a complete installation of Microsoft Office 2010 on the Windows 7 Platform. Registry paths and values identified in each control assume the use of Group Policy Administrative Templates. Installations not using Group Policies to administer Microsoft Office products may observe alternate registry paths for stored configuration values. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 7
2018-04-27
U_MS_Excel_2013_STIG_V1R7_Manual-xccdf.xml
The Microsoft Excel 2013 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 2
2017-10-27
U_MS_Excel_2016_STIG_V1R2_Manual-xccdf.xml
The Microsoft Excel 2016 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 3
2018-04-27
U_MS_Groove_2013_STIG_V1R3_Manual-xccdf.xml
The Microsoft Groove 2013 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 4 Release 20
2016-01-22
U_Microsoft_IE7_V4R20_Manual-xccdf.xml
Version 4 Release 12
2015-10-23
U_MicrosoftInfoPath2007_V4R12_Manual-xccdf.xml
Version 1 Release 11
2018-04-27
U_MS_InfoPath_2010_STIG_V1R11_Manual-xccdf.xml
Settings in this guidance assume a complete installation of Microsoft Office 2010 on the Windows 7 Platform. Registry paths and values identified in each control assume the use of Group Policy Administrative Templates. Installations not using Group Policies to administer Microsoft Office products may observe alternate registry paths for stored configuration values. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 5
2018-04-27
U_MS_InfoPath_2013_STIG_V1R5_Manual-xccdf.xml
The Microsoft InfoPath 2013 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 15
2017-04-28
U_Microsoft_IE10_STIG_V1R15_Manual-xccdf.xml
The Microsoft Internet Explorer 10 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil
Version 1 Release 15
2016-01-22
U_Microsoft_IE9_V1R15_Manual-xccdf.xml
Settings in this guidance assume a complete installation of Microsoft Internet Explorer 9 on the Windows 7 Platform. Registry paths and values identified in each control assume the use of Group Policy Administrative Templates. Installations not using Group Policies to administer Microsoft Browser products may observe alternate registry paths for stored configuration values.
Version 1 Release 4
2018-04-27
U_MS_Lync_2013_STIG_V1R4_Manual-xccdf.xml
The Microsoft Lync 2013 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 4 Release 14
2015-10-23
U_MicrosoftOfficeSystem2007_V4R14_Manual-xccdf.xml
Version 1 Release 12
2018-04-27
U_MS_OfficeSystem_2010_STIG_V1R12_Manual-xccdf.xml
Settings in this guidance assume a complete installation of Microsoft Office 2010 on the Windows 7 Platform. Registry paths and values identified in each control assume the use of Group Policy Administrative Templates. Installations not using Group Policies to administer Microsoft Office products may observe alternate registry paths for stored configuration values. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 6
2018-04-27
U_MS_OfficeSystem_2013_STIG_V1R6_Manual-xccdf.xml
The Microsoft Office System 2013 STIG is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the NIST 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 1
2016-11-14
U_Microsoft_Office_System_2016_STIG_V1R1_Manual-xccdf.xml
The Microsoft Office System 2016 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the NIST 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 2
2017-01-23
U_Microsoft_OneDrive_for_Business_2016_STIG_V1R2_Manual-xccdf.xml
The Microsoft OneDrive for Business 2016 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the NIST 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 9
2018-04-27
U_MS_OneNote_2010_STIG_V1R9_Manual-xccdf.xml
Settings in this guidance assume a complete installation of Microsoft Office 2010 on the Windows 7 Platform. Registry paths and values identified in each control assume the use of Group Policy Administrative Templates. Installations not using Group Policies to administer Microsoft Office products may observe alternate registry paths for stored configuration values. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 3
2018-04-27
U_MS_OneNote_2013_STIG_V1R3_Manual-xccdf.xml
The Microsoft OneNote 2013 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 2
2017-01-19
U_Microsoft_OneNote_2016_STIG_V1R2_Manual-xccdf.xml
The Microsoft OneNote 2016 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 4 Release 15
2015-09-18
U_Microsoft_Outlook_2007_STIG_V4R15_Manual-xccdf.xml
Version 1 Release 13
2018-04-27
U_MS_Outlook_2010_STIG_V1R13_Manual-xccdf.xml
Settings in this guidance assume a complete installation of Microsoft Office 2010 on the Windows 7 Platform. Registry paths and values identified in each control assume the use of Group Policy Administrative Templates. Installations not using Group Policies to administer Microsoft Office products may observe alternate registry paths for stored configuration values.
Version 1 Release 12
2018-04-27
U_MS_Outlook_2013_STIG_V1R12_Manual-xccdf.xml
The Microsoft Outlook 2013 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 2 Release 2
2017-07-28
U_Microsoft_Office_Outlook_2016_V1R2_STIG_SCAP_1-1_Benchmark-xccdf.xml
The Microsoft Outlook 2016 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 4 Release 15
2016-04-22
U_MicrosoftPowerPoint2007_V4R15_Manual-xccdf.xml
Version 1 Release 10
2018-04-27
U_MS_PowerPoint_2010_STIG_V1R10_Manual-xccdf.xml
Settings in this guidance assume a complete installation of Microsoft Office 2010 on the Windows 7 Platform. Registry paths and values identified in each control assume the use of Group Policy Administrative Templates. Installations not using Group Policies to administer Microsoft Office products may observe alternate registry paths for stored configuration values. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 6
2018-04-27
U_MS_PowerPoint_2013_V1R6_Manual-xccdf.xml
The Microsoft PowerPoint 2013 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 1
2016-11-14
U_Microsoft_PowerPoint_2016_STIG_V1R1_Manual-xccdf.xml
The Microsoft PowerPoint 2016 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 9
2018-04-27
U_MS_Project_2010_STIG_V1R9_Manual-xccdf.xml
Settings in this guidance assume a complete installation of Microsoft Office 2010 on the Windows 7 Platform. Registry paths and values identified in each control assume the use of Group Policy Administrative Templates. Installations not using Group Policies to administer Microsoft Office products may observe alternate registry paths for stored configuration values. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 4
2018-04-27
U_MS_Project_2013_STIG_V1R4_Manual-xccdf.xml
The Microsoft Project 2013 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 1
2016-11-14
U_Microsoft_Project_2016_STIG_V1R1_Manual-xccdf.xml
The Microsoft Project 2016 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 11
2018-04-27
U_MS_Publisher_2010_STIG_V1R11_Manual-xccdf.xml
Settings in this guidance assume a complete installation of Microsoft Office 2010 on the Windows 7 Platform. Registry paths and values identified in each control assume the use of Group Policy Administrative Templates. Installations not using Group Policies to administer Microsoft Office products may observe alternate registry paths for stored configuration values. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 5
2018-04-27
U_MS_Publisher_2013_STIG_V1R5_Manual-xccdf.xml
The Microsoft Publisher 2013 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 3
2018-04-27
U_MS_Publisher_2016_STIG_V1R3_Manual-xccdf.xml
The Microsoft Publisher 2016 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 1
2016-11-14
U_Microsoft_Skype_for_Business_2016_STIG_V1R1_Manual-xccdf.xml
The Microsoft Skype for Business 2016 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 8 Release 1.9
2015-07-24
U_SQL_Server_2005_Database_V8R1-9_Manual-xccdf.xml
The Microsoft SQL Server 2005 Database Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 8 Release 1.9
2015-07-24
U_SQL_Server_2005_Instance_V8R1-9_Manual-xccdf.xml
The Microsoft SQL Server 2005 Instance Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 17
2018-04-27
U_SQL_Server_2012_Instance_STIG_V1R17_Manual-xccdf.xml
The Microsoft SQL Server 2012 Database Instance Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 17
2018-04-27
U_SQL_Server_2012_Database_STIG_V1R17_Manual-xccdf.xml
The Microsoft SQL Server 2012 Database Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 4
2018-04-27
U_MS_Visio_2013_STIG_V1R4_Manual-xccdf.xml
The Microsoft Visio 2013 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 1
2016-11-14
U_Microsoft_Visio_2016_STIG_V1R1_Manual-xccdf.xml
The Microsoft Visio 2016 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 3
2017-10-27
U_MS_Windows_10_Mobile_STIG_V1R3_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 3
2018-04-27
U_MS_Windows_2008_Server_DNS_STIG_V1R3_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 9
2018-04-27
U_MS_Windows_2012_Server_DNS_STIG_V1R9_Manual-xccdf.xml
The Microsoft Windows 2012 Server Domain Name System Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 2
2015-07-24
U_Microsoft_Windows_Phone_8-1_STIG_V1R2_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.
Version 4 Release 14
2015-10-23
U_MicrosoftWord2007_V4R14_Manual-xccdf.xml
Version 1 Release 11
2018-04-27
U_MS_Word_2010_STIG_V1R11_Manual-xccdf.xml
Settings in this guidance assume a complete installation of Microsoft Office 2010 on the Windows 7 Platform. Registry paths and values identified in each control assume the use of Group Policy Administrative Templates. Installations not using Group Policies to administer Microsoft Office products may observe alternate registry paths for stored configuration values. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 6
2018-04-27
U_MS_Word_2013_STIG_V1R6_Manual-xccdf.xml
The Microsoft Word 2013 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 1
2016-11-14
U_Microsoft_Word_2016_STIG_V1R1_Manual-xccdf.xml
The Microsoft Word 2016 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 3
2017-07-28
U_MobileIron_Core_v9-x_MDM_STIG_V1R3_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 2 Release 3
2016-10-28
U_Mobile_Policy STIG_V2R3_Manual-xccdf.xml
This STIG provides policy, training, and operating procedure security controls for the use of mobile devices and systems in the DoD environment. This STIG applies to any mobile operating system device used to store, process, transmit, or receive DoD information. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.
Version 4 Release 21
2018-04-27
U_Mozilla_Firefox_STIG_V4R21_Manual-xccdf.xml
The Mozilla Firefox Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil
Version 1 Release 1
2016-07-25
U_MS_Exchange_2013_CAS_STIG_V1R1_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.
Version 1 Release 2
2017-01-27
U_MS_Exchange_2013_Edge_STIG_V1R2_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.
Version 1 Release 2
2017-04-28
U_MS_Exchange_2013_Mailbox_STIG_V1R2_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.
Version 1 Release 8
2018-04-27
U_MS_SharePoint_2010_STIG_V1R8_Manual-xccdf.xml
This STIG is applicable to all Microsoft SharePoint 2010 implementations. For complete security protection of any SharePoint implementation, the Windows OS, application server (s) and the database server (s) must also be secured using the applicable STIGs.
Version 1 Release 4
2018-04-27
U_MS_SharePoint_2013_STIG_V1R4_Manual-xccdf.xml
Developed by Microsoft in coordination with DISA for use in the DoD. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 3
2018-04-27
U_MS_SharePointDesigner_2013_STIG_V1R3_Manual-xccdf.xml
The Microsoft SharePointDesigner 2013 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 6
2018-01-26
U_MS_SQL_Server_2014_Database_STIG_V1R6_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 7
2018-01-26
U_MS_SQL_Server_2014_Instance_STIG_V1R7_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 1
2018-03-09
U_MS_SQL_Server_2016_Database_STIG_V1R1_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.
Version 1 Release 1
2018-03-09
U_MS_SQL_Server_2016_Instance_STIG_V1R1_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.
Version 1 Release 4
2018-04-27
U_MS_Windows_Defender_Antivirus_STIG_V1R4_Manual-xccdf.xml
The Windows Defender Antivirus Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be send via e-mail to the following address: disa.stig_spt@mail.mil.
Version 2 Release 11
2018-01-26
U_Multifunction_Device_and_Network_Printers_STIG_V2R11_Manual-xccdf.xml
Multifunction Device and Network Printers (MFD) STIG includes the computing requirements for Multifunction Device and Network Printers operating to support the DoD. The Multifunction Device and Network Printers STIG must also be applied for each site using Multifunction Devices and Network Printers. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 2 Release 13
2018-01-26
U_NDM_SRG_V2R13_Manual-xccdf.xml
The Network Device Management Security Requirements Guide (SRG) is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the NIST 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 8 Release 22
2018-04-27
U_Network_Devices_STIG_V8R22_Manual-xccdf.xml
Network Devices Security Technical Implementation Guide
Version 9 Release 5
2018-01-26
U_Network_Infrastructure_Policy_STIG_V9R5_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 13
2018-01-26
U_Oracle_Database_11-2g_STIG_V1R13_Manual-xccdf.xml
Developed by Oracle in coordination with DISA for the DoD. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 8 Release 20
2017-07-28
U_Oracle_Database_11g_Installation_STIG_V8R20_Manual-xccdf.xml
The Oracle Database 11g Installation Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 8 Release 20
2017-07-28
U_Oracle_Database_11g_Instance_STIG_V8R20_Manual-xccdf.xml
The Oracle Database 11g Instance Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 10
2018-04-27
U_Oracle_Database_12c_STIG_V1R10_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 3
2018-04-27
U_Oracle_HTTP_Server_12-1-3_STIG_V1R3_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 12
2018-04-27
U_Oracle_Linux_5_STIG_V1R12_Manual-xccdf.xml
The Oracle Linux 5 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 12
2018-04-27
U_Oracle_Linux_6_STIG_V1R12_Manual-xccdf.xml
The Oracle Linux 6 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 4
2017-10-27
U_Oracle_WebLogic_Server_12c_STIG_V1R4_Manual-xccdf.xml
Developed by Oracle in coordination with DISA for use in the DoD.
Version 1 Release 3
2017-07-28
U_Palo_Alto_Networks_ALG_STIG_V1R3_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.letterkenny.FSO.mbx.stig-customer-support-mailbox@mail.mil.
Version 1 Release 1
2015-11-30
U_Palo_Alto_Networks_IDPS_STIG_V1R1_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 3
2017-07-28
U_Palo_Alto_Networks_NDM_STIG_V1R3_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.letterkenny.FSO.mbx.stig-customer-support-mailbox@mail.mil.
Version 1 Release 3
2018-04-27
U_PostgreSQL_9-x_STIG_V1R3_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.
Version 1 Release 18
2017-01-27
U_RedHat_5_V1R18_STIG_SCAP_1-1_Benchmark-xccdf.xml
The Red Hat Enterprise Linux 5 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 4
2018-01-26
U_Red_Hat_Enterprise_Linux_7_STIG_V1R4_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.
Version 1 Release 0.2
2016-06-30
U_Red_Hat_Enterprise_Linux_7_STIG_V1R0-2_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.
Version 2 Release 11
2016-04-22
U_Remote_Access_Policy_V2R11_Manual-xccdf.xml
Version 1 Release 1
2015-11-30
U_Riverbed_SteelHead_CX_v8_ALG_STIG_V1R1_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 1
2015-11-30
U_Riverbed_SteelHead_CX_v8_NDM_STIG_V1R1_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 3 Release 1
2017-12-11
U_Router_SRG_V3R1_Manual-xccdf.xml
The Router Security Requirements Guide (SRG) is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the NIST 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.letterkenny.FSO.mbx.stig-customer-support-mailbox@mail.mil.
Version 1 Release 3
2016-04-22
U_Samsung_Android_OS_5_with_Knox_2-x_STIG_V1R3_Manual-xccdf.xml.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 2
2017-01-27
U_Samsung_Android_OS_6_KNOX_2-x_STIG_V1R2_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.
Version 1 Release 2
2018-04-27
U_Samsung_Android_OS_7_with_Knox_2-x_STIG_V1R2_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.
Version 1 Release 22
2018-04-27
U_Solaris_10_SPARC_STIG_V1R22_Manual-xccdf.xml
The Solaris 10 (SPARC) Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 22
2018-04-27
U_Solaris_10_X86_STIG_V1R22_Manual-xccdf.xml
The Solaris 10 (X86) Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 12
2015-10-23
U_Solaris_9_SPARC_V1R12_STIG_SCAP_1-1_Benchmark-xccdf.xml
The Solaris 9 (SPARC) Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 9
2015-10-23
U_Solaris_9_X86_V1R9_Manual-xccdf.xml
The Solaris 9 (X86) Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 11
2017-10-27
U_SLES_V11_for_System_z_STIG_V1R11_Manual-xccdf.xml
The SUSE Linux Enterprise Server Ver 11 for System z Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil
Version 1 Release 4
2015-07-24
U_Symantec_Endpoint_Protection_12-1_Locally_Configured_V1R3_Manual-xccdf.xml
The Symantec Endpoint protection 12.1 Local Client Antivirus STIG is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the NIST 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.letterkenny.FSO.mbx.stig-customer-support-mailbox@mail.mil.
Version 1 Release 4
2015-07-24
U_Symantec_Endpoint_Protection_12-1_Managed_Client_V1R4_Manual-xccdf.xml
The Symantec Endpoint protection 12.1 Managed Client Antivirus STIG is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the NIST 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.letterkenny.FSO.mbx.stig-customer-support-mailbox@mail.mil.
Version 1 Release 2
2016-10-28
U_Tanium_6-5_STIG_V1R2_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 1
2017-12-11
U_Tanium_7-0_STIG_V1R1_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.
Version 1 Release 3
2016-01-22
U_Enclave_Test_and_Development_Zone_A_V1R3_Manual-xccdf.xml
Version 1 Release 3
2016-01-22
U_Enclave_Test_and_Development_Zone_B_V1R3_Manual-xccdf.xml
Version 1 Release 3
2016-01-22
U_Enclave_Test_and_Development_Zone_C_V1R3_Manual-xccdf.xml
Version 1 Release 3
2016-01-22
U_Enclave_Test_and_Development_Zone_D_V1R3_Manual-xccdf.xml
Version 1 Release 2
2013-07-12
U_traditional_security_v1r2_checklist-xccdf.xml
Previously the Traditional Security Checklist, consisted of five (5) component sub-checklists that were selected for use based upon the type of review being conducted. The new Traditional Security Checklist consolidates all checks into one document and is more granular both in the increased number of checks (151 total versus 96 total in the old checklists) and the details about how to conduct them. It provides a more complete and current list of references, the relationship and authority for checks relative to protection of Defense Information System Network (DISN) assets, and will enhance reviewer consistency with application of potential findings. While the number of potential findings have increased and are more focused to a specific check there is additional granularity within each check. In many of the primary checks there are additional considerations and "sub-checks". As the new checklist is further developed it may be that some of these sub-checks will become additional stand-alone primary checks. The format and content flow of the new checklist is like other Security Technical Implementation Guide (STIG) checklists derived from the Vulnerability Management System (VMS) database, which is used by DISA FSO, the Combatant Commands, Services, and Agencies (CC/S/A) and other Federal Agencies with access to the Defense Information Systems Network (DISN) to document and follow-up findings noted during Command Cyber Readiness Inspections (CCRIs). Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.letterkenny.FSO.mbx.stig-customer-support-mailbox@mail.mil.
Version 1 Release 9
2017-04-28
U_Video_Services_Policy_STIG_V1R9_Manual-xccdf.xml
The Video Services Policy Security Technical Implementation Guide (STIG) provides policy guidance for video teleconferencing systems and endpoints implemented on DoD networks. These policies ensure conformance to DoD requirements that govern video services deployment and operations. The Video Services Policy STIG works with the Video Teleconference STIG requirements for evaluation on each video teleconferencing (VTC) system review, regardless of the VTC product or release level. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 7
2017-04-28
U_Video_Teleconference_STIG_V1R7_Manual-xccdf.xml
The Video Teleconference Security Technical Implementation Guide (STIG) provides technical guidance for video teleconferencing systems and endpoints implemented on DoD networks. The Video Services Policy STIG works with the Video Teleconference STIG requirements for evaluation on each video teleconferencing (VTC) system review, regardless of the VTC product or release level. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 2
2016-07-22
U_VMware_ESX_3_Policy_V1R2_Manual-xccdf.xml
The VMware ESX 3 Policy Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 2
2016-07-22
U_VMware_ESX_3_Server_V1R2_Manual-xccdf.xml
The VMware ESX 3 Server Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 2
2016-07-22
U_VMware_ESX_3_Virtual_Center_V1R2_Manual-xccdf.xml
The VMware ESX 3 Virtual Center Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 2
2016-07-22
U_VMware_ESX_3_Virtual_Machine_V1R2_Manual-xccdf.xml
The VMware ESX 3 Virtual Machine Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 10
2017-01-27
U_ESXi5_Server_V1R10_Manual-xccdf.xml
The VMware ESXi Version 5 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 7
2017-07-28
U_ESXi5_Virtual_Machine_STIG_V1R7_Manual-xccdf.xml
The VMware ESXi Version 5 Virtual Machine Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 1
2016-06-27
U_VMware_NSX_Distributed_Firewall_STIG_V1R1_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 1
2016-06-27
U_VMware_NSX_Distributed_Logical_Router_STIG_V1R1_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 1
2016-06-27
U_VMware_NSX_Manager_STIG_V1R1_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 7
2016-04-22
U_ESXi5_vCenter_Server_V1R7_Manual-xccdf.xml
The VMware vCenter Server Version 5 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 4
2017-07-28
U_VMware_vSphere_6-0_ESXi_STIG_V1R4_Manual-xccdf.xml
The VMware vSphere ESXi Version 6 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 4
2017-07-28
U_VMware_vSphere_6-0_vCenter_Server_for_Windows_STIG_V1R4_Manual-xccdf.xml
The VMware vSphere vCenter Server Version 6 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 1
2015-12-21
U_VMware_vSphere_6-0_Virtual_Machine_STIG_V1R1_Manual-xccdf.xml
The VMware vSphere Virtual Machine Version 6 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 7
2018-01-26
U_Voice_Video_Endpoint_SRG_V1R7_Manual-xccdf.xml
This Security Requirements Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 3 Release 11
2017-04-28
U_VVoIP_STIG_V3R11_Manual-xccdf.xml
The Voice/Video over Internet Protocol (VVoIP) STIG includes the computing requirements for Voice/Video systems operating to support the DoD. The Voice/Video Services Policy STIG must also be applied for each site using voice/video services. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 0.1
2017-06-19
U_Voice_Video_Policy_STIG_V1R0-1_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.
Version 3 Release 12
2018-01-26
U_Voice_Video_Services_Policy_STIG_V3R12_Manual-xccdf.xml
The Voice Video Services Policy STIG includes the non-computing requirements for Voice/Video systems operating to support the DoD. The Voice/Video over Internet Protocol (VVoIP) STIG containing the computing requirements must also be reviewed for each site using voice/video services. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 5
2018-01-26
U_Voice_Video_Session_Mgmt_SRG_V1R5_Manual-xccdf.xml
This Security Requirements Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 2 Release 2
2015-10-23
U_Web_Server_V2R2_Manual-xccdf.xml
The Web Server SRG is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the NIST 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.letterkenny.FSO.mbx.stig-customer-support-mailbox@mail.mil.
Version 6 Release 1.29
2013-07-26
Win2k3Audit_Benchmark-xccdf.xml
The Windows 2003 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements were developed from Federal and DoD consensus, as well as the Windows 2003 Security Guide and security templates published by Microsoft Corporation. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.letterkenny.FSO.mbx.stig-customer-support-mailbox@mail.mil.
Version 6 Release 1.22
2013-07-26
Win2k8Audit_Benchmark-xccdf.xml
The Windows 2008 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements were developed from DoD consensus, as well as the Windows 2008 Security Guide and security templates published by Microsoft Corporation. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.letterkenny.FSO.mbx.stig-customer-support-mailbox@mail.mil.
Version 1 Release 8
2013-07-26
Win2k8R2Audit_Benchmark-xccdf.xml
The Windows Server 2008 R2 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements were developed from DoD consensus, as well as the Windows Server 2008 R2 Security Guide and security templates published by Microsoft Corporation. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.letterkenny.FSO.mbx.stig-customer-support-mailbox@mail.mil.
Version 1 Release 16
2013-07-26
Win7Audit_Benchmark-xccdf.xml
The Windows 7 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements were developed from DoD consensus, as well as the Windows 7 Security Guide and security templates published by Microsoft Corporation. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.letterkenny.FSO.mbx.stig-customer-support-mailbox@mail.mil.
Version 6 Release 40
2015-07-24
U_Windows_2003_DC_V6R40_STIG_SCAP_1-1_Benchmark-xccdf.xml
The Windows 2003 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements were developed from Federal and DoD consensus, as well as the Windows 2003 Security Guide and security templates published by Microsoft Corporation. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 6 Release 40
2015-07-24
U_Windows_2003_MS_V6R40_STIG_SCAP_1-1_Benchmark-xccdf.xml
The Windows 2003 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements were developed from Federal and DoD consensus, as well as the Windows 2003 Security Guide and security templates published by Microsoft Corporation. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 6 Release 39
2018-01-26
U_Windows_2008_DC_STIG_V6R39_Manual-xccdf.xml
The Windows 2008 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements were developed from DoD consensus, as well as the Windows 2008 Security Guide and security templates published by Microsoft Corporation. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 6 Release 40
2018-04-27
U_Windows_2008_MS_STIG_V6R40_Manual-xccdf.xml
The Windows 2008 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements were developed from DoD consensus, as well as the Windows 2008 Security Guide and security templates published by Microsoft Corporation. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 31
2017-01-27
U_Windows_7_V1R31_STIG_SCAP_1-1_Benchmark-xccdf.xml
The Windows 7 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements were developed from DoD consensus, as well as the Windows 7 Security Guide and security templates published by Microsoft Corporation. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 0.1
2017-07-12
U_Windows_DAW_STIG_V1R0-1_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.
Version 4 Release 1.19
2016-01-22
U_Windows_DNS_V4R1-19_Manual-xccdf.xml
Version 1 Release 7
2018-04-27
U_Windows_Firewall_STIG_V1R7_Manual-xccdf.xml
The Windows Firewall with Advanced Security Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 1
2017-12-11
U_Windows_PAW_STIG_V1R1_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.
Version 1 Release 26
2018-04-27
U_Windows_2008_R2_DC_STIG_V1R26_Manual-xccdf.xml
The Windows Server 2008 R2 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements were developed from DoD consensus, as well as the Windows Server 2008 R2 Security Guide and security templates published by Microsoft Corporation. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 26
2018-04-27
U_Windows_2008_R2_MS_STIG_V1R26_Manual-xccdf.xml
The Windows Server 2008 R2 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements were developed from DoD consensus, as well as the Windows Server 2008 R2 Security Guide and security templates published by Microsoft Corporation. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 1 Release 4
2018-04-27
U_Windows_Server_2016_STIG_V1R4_Manual-xccdf.xml
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.
Version 6 Release 44
2016-10-28
U_Windows_Vista_V6R44_STIG_SCAP_1-1_Benchmark-xccdf.xml
The Windows Vista Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements were developed from DoD consensus, as well as the Windows Vista Security Guide and security templates published by Microsoft Corporation. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.
Version 6 Release 1.34
2014-04-25
U_Windows_XP_V6R1.34_STIG_Benchmark-xccdf.xml
The Windows XP Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements were developed from Federal and DoD consensus, as well as the Windows XP Security Guide and security templates published by Microsoft Corporation. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.letterkenny.FSO.mbx.stig-customer-support-mailbox@mail.mil.
Version 6 Release 14
2018-04-27
U_Network_WLAN_Access_Point-Enclave_NIPRNet_Connected_Role_STIG_V6R14_Manual-xccdf.xml
This STIG contains the technical security controls for the operation of a WLAN access point (Enclave-NIPRNet Connected role) in the DoD environment.
Version 6 Release 14
2018-04-27
U_Network_WLAN_Access_Point-Internet_Gateway_Only_Connection_Role_STIG_V6R14_Manual-xccdf.xml
This STIG contains the technical security controls for the operation of a WLAN access point (Internet Gateway Only Connection role) in the DoD environment.
Version 6 Release 14
2018-04-27
U_Network_WLAN Bridge_STIG_V6R14_Manual-xccdf.xml
This STIG contains the technical security controls for the operation of a WLAN bridge in the DoD environment.
Version 6 Release 14
2018-04-27
U_Network_WLAN_Controller_STIG_V6R14_Manual-xccdf.xml
This STIG contains the technical security controls for the operation of a WLAN Controller in the DoD environment.
Version 6 Release 11
2016-10-28
U_Network_WMAN_Access_Point_V6R11_Manual-xccdf.xml
This STIG contains the technical security controls for the operation of a WMAN Access Point in the DoD environment.
Version 6 Release 11
2016-10-28
U_Network_WMAN_Bridge_V6R11_Manual-xccdf.xml
This STIG contains the technical security controls for the operation of a WMAN Bridge in the DoD environment.
Version 6 Release 6
2015-01-20
U_zOS_BMC_CONTROL-D_for_ACF2_V6R6_STIG_Manual-xccdf.xml
Version 6 Release 6
2015-01-20
U_zOS_BMC_CONTROL-D_for_RACF_V6R6_STIG_Manual-xccdf.xml
Version 6 Release 6
2015-01-20
U_zOS_BMC_CONTROL-D_for_TSS_V6R6_STIG_Manual-xccdf.xml
Version 6 Release 7
2016-04-28
U_zOS_BMC_CONTROL-M_for_ACF2_V6R7_STIG_Manual-xccdf.xml
Version 6 Release 7
2016-04-28
U_zOS_BMC_CONTROL-M_for_RACF_V6R7_STIG_Manual-xccdf.xml
Version 6 Release 7
2016-04-28
U_zOS_BMC_CONTROL-M_ for_TSS_V6R7_STIG_Manual-xccdf.xml
Version 6 Release 5
2015-10-23
U_zOS_BMC_CONTROL-M_Restart_for_ACF2_V6R5_STIG_Manual-xccdf.xml
Version 6 Release 5
2015-10-23
U_zOS_BMC_CONTROL-M_Restart_for_RACF_V6R5_STIG_manual-xccdf.xml
Version 6 Release 5
2015-10-23
U_zOS_BMC_CONTROL-M_Restart_for_TSS_V6R5_STIG_Manual-xccdf.xml
Version 6 Release 6
2015-07-24
U_zOS_BMC_CONTROL-O_for_ACF2_V6R6_STIG_Manual-xccdf.xml
Version 6 Release 6
2015-07-24
U_zOS_BMC_CONTROL-O_for_RACF_V6R6_STIG_Manual-xccdf.xml
Version 6 Release 6
2015-07-24
U_zOS_BMC_CONTROL-O_for_TSS_V6R6_STIG_Manual-xccdf.xml
Version 6 Release 6
2015-10-23
U_zOS_BMC_IOA_for_ACF2_V6R6_STIG_Manual-xccdf.xml
Version 6 Release 6
2015-10-23
U_zOS_BMC_IOA_for_RACF_V6R6_STIG_Manual-xccdf.xml
Version 6 Release 6
2015-10-23
U_zOS_BMC_IOA_for_TSS_V6R6_STIG_Manual-xccdf.xml
Version 6 Release 8
2017-10-27
U_zOS_BMC_MAINVIEW_for_zOS_for_ACF2_V6R8_STIG_Manual-xccdf.xml
Version 6 Release 7
2015-01-20
U_zOS_BMC_MAINVIEW_for_zOS_for_RACF_V6R7_STIG_Manual-xccdf.xml
Version 6 Release 7
2015-01-20
U_zOS_BMC_MAINVIEW_for_zOS_for_TSS_V6R7_STIG_Manual-xccdf.xml
Version 6 Release 6
2017-01-27
zOS_CA_1_Tape_Management_for_ACF2_V6R6_STIG_Manual-xccdf.xml
Version 6 Release 6
2017-01-27
U_zOS_CA_1_Tape_Management_for_RACF_V6R6_STIG_Manual-xccdf.xml
Version 6 Release 6
2017-01-27
U_zOS_CA_1_Tape_Management_for_TSS_V6R6__STIG_Manual-xccdf.xml
Version 6 Release 3
2015-01-20
U_zOS_CA_Auditor_for_ACF2_V6R3_STIG_Manual-xccdf.xml
Version 6 Release 3
2015-01-20
U_zOS_CA_Auditor_for_RACF_V6R3_STIG_Manual-xccdf.xml
Version 6 Release 3
2015-01-20
U_zOS_CA_Auditor_for_TSS_V6R3_STIG_Manual-xccdf.xml
Version 6 Release 2
2015-01-20
U_zOS_CA_Common_Services_for_ACF2_V6R2_STIG_Manual-xccdf.xml
Version 6 Release 2
2015-01-20
U_zOS_CA_Common_Services_for_RACF_V6R2_STIG_Manual-xccdf.xml
Version 6 Release 2
2015-01-20
U_zOS_CA_Common_Services_for_TSS_V6R2_STIG_Manual-xccdf.xml
Version 6 Release 3
2015-01-20
U_zOS_CA_MICS_for_ACF2_V6R3_STIG_Manual-xccdf.xml
Version 6 Release 3
2015-01-20
U_zOS_CA_MICS_for_RACF_V6R3_STIG_Manual-xccdf.xml
Version 6 Release 3
2015-01-20
U_zOS_CA_MICS_for_TSS_V6R3_STIG_Manual-xccdf.xml
Version 6 Release 3
2015-01-20
U_zOS_CA_MIM_for_ACF2_V6R3_STIG_Manual-xccdf.xml
Version 6 Release 3
2015-01-20
U_zOS_CA_MIM_for_RACF_V6R3_STIG_Manual-xccdf.xml
Version 6 Release 3
2015-01-20
U_zOS_CA_MIM_for_TSS_V6R3_STIG_Manual-xccdf.xml