July 2024 Quarterly Release Rev. 5 STIG Update

DISA recently released the following Security Guidance, Security Readiness Review Scripts, and Benchmarks that have been updated to comply with NIST 800-53 Rev. 5: 

Note: The previous version of all STIGs updated for Rev. 5 will be retained in the Sunset – Rev 4 section of Cyber Exchange.  

 

Unclassified Application STIGs:  

https://cyber.mil/stigs/downloads/?_dl_facet_stigs=app-security  

https://public.cyber.mil/stigs/downloads/?_dl_facet_stigs=app-security 

 

Apache Server 2.4 Unix Server STIG 

Apache Server 2.4 Windows Server STIG 

Apache Tomcat Application Server 9 STIG – Ver 3, Rel 1 

Application Security and Development STIG – Ver 6, Rel 1 

Application Server SRG – Ver 4, Rel 1 

Container Platform SRG – Ver 2, Rel 1 

Crunchy Data PostgreSQL STIG – Ver 3, Rel 1 

Database SRG – Ver 4, Rel 1 

EnterpriseDB Postgres Advanced Server (EPAS) STIG – Ver 2, Rel 1 

Kubernetes STIG – Ver 2, Rel 1 

MariaDB Enterprise 10.x STIG – Ver 2, Rel 1 

MarkLogic Server v9 STIG – Ver 3, Rel 1 

Microsoft Azure SQL Database STIG – Ver 2, Rel 1 

Microsoft Edge STIG – Ver 2, Rel 1 

Microsoft Exchange 2019 STIG 

Microsoft IIS 10.0 Server STIG 

Microsoft Office 365 ProPlus STIG – Ver 3, Rel 1 

Microsoft SQL Server 2016 STIG 

Mirantis Kubernetes Engine STIG – Ver 2, Rel 1 

Oracle Database 12c STIG – Ver 3, Rel 1 

Oracle MySQL 8.0 STIG – Ver 2, Rel 1 

Palo Alto Networks Prisma Cloud Compute STIG – Ver 2, Rel 1 

Rancher Government Solutions Multi-Cluster Manager STIG – Ver 2, Rel 1 

Rancher Government Solutions RKE2 STIG – Ver 2, Rel 1 

Red Hat Ansible Automation Controller STIG 

Red Hat OpenShift Container Platform 4.12 STIG – Ver 2, Rel 1 

Redis Enterprise 6.x STIG – Ver 2, Rel 1 

Tanium 7.x STIG – Ver 2, Rel 1 

Tanium 7.x TanOS STIG 

Web Server SRG – Ver 4, Rel 1 

 

Unclassified Mobility STIGs and SRGs:  

https://cyber.mil/stigs/downloads/?_dl_facet_stigs=mobility
https://public.cyber.mil/stigs/downloads/?_dl_facet_stigs=mobility 

Apple iOS/iPadOS 16 STIG – Ver 2, Rel 1 

Apple iOS/iPadOS 17 STIG – Ver 2, Rel 1 

Google Android 13 STIG 

Google Android 14 STIG 

Ivanti MobileIron Core MDM Server STIG – Ver 2, Rel 1 

Ivanti MobileIron Sentry 9.x STIG 

Jamf Pro v10.x EMM STIG – Ver 3, Rel 1 

Samsung Android OS 13 with Knox 3.x STIG 

Samsung Android OS 14 with Knox 3.x STIG 

Unified Endpoint Management Server SRG 

 

Unclassified Network STIGs and SRGs:  

https://cyber.mil/stigs/downloads/?_dl_facet_stigs=network-perimeter-wireless  

https://public.cyber.mil/stigs/downloads/?_dl_facet_stigs=network-perimeter-wireless 

 

Application Layer Gateway SRG – Ver 2, Rel 1 

Arista MLS EOS 4.2x STIG 

Authentication, Authorization, and Accounting Services (AAA) SRG – Ver 2, Rel 1 

Central Log Server SRG – Ver 3, Rel 1 

Cisco ASA STIG 

Cisco IOS Router STIG 

Cisco IOS Switch STIG 

Cisco IOS XE Router STIG 

Cisco IOS XE Switch STIG 

Cisco IOS XR Router STIG 

Cisco ISE STIG 

Cisco NX OS Switch STIG 

Domain Name System (DNS) SRG – Ver 4, Rel 1 

Firewall SRG – Ver 3, Rel 1 

Forescout STIG 

HPE 3PAR StoreServ OS STIG 

HPE Nimble Storage Array STIG – Ver 2, Rel 1 

Intrusion Detection and Prevention System Technology SRG – Ver 3, Rel 1 

Ivanti Connect Secure STIG 

Juniper EX Series Switches STIG 

Juniper Router STIG 

Juniper SRX Services Gateway STIG 

Layer 2 Switch SRG – Ver 3, Rel 1 

Microsoft Windows Server Domain Name System STIG – Ver 2, Rel 1 

NetApp ONTAP DSC 9.x STIG – Ver 2, Rel 1 

Network Device Management SRG – Ver 5, Rel 1 

Palo Alto Networks STIG 

Riverbed NetProfiler STIG – Ver 2, Rel 1 

Router SRG – Ver 5, Rel 1 

SDN Controller SRG – Ver 2, Rel 1 

Splunk Enterprise 7.x for Windows STIG – Ver 3, Rel 1 

Splunk Enterprise 8.x for Linux STIG – Ver 2, Rel 1 

Trend Micro TippingPoint STIG 

Virtual Private Network (VPN) SRG – Ver 3, Rel 1 

 

Unclassified Operating System STIGs and Overviews:  

https://cyber.mil/stigs/downloads/?_dl_facet_stigs=operating-systems 

https://public.cyber.mil/stigs/downloads/?_dl_facet_stigs=operating-systems 

 

Apple macOS 14 (Sonoma) STIG – Ver 2, Rel 1 

Canonical Ubuntu 22.04 LTS STIG – Ver 2, Rel 1 

General Purpose Operating System SRG – Ver 3, Rel 1 

IBM Hardware Management Console (HMC) STIG 

IBM z/OS STIG 

Mainframe Product SRG – Ver 3, Rel 1 

Microsoft Windows 10 STIG – Ver 3, Rel 1 

Microsoft Windows 11 STIG – Ver 2, Rel 1 

Microsoft Windows PAW STIG – Ver 3, Rel 1 

Microsoft Windows Server 2019 STIG – Ver 3, Rel 1 

Microsoft Windows Server 2022 STIG – Ver 2, Rel 1 

Nutanix AOS 5.20.x STIG 

Oracle Linux 8 STIG – Ver 2, Rel 1 

Red Hat Enterprise Linux 9 STIG – Ver 2, Rel 1 

Solaris 11 SPARC STIG – Ver 3, Rel 1 

Solaris 11 x86 STIG – Ver 3, Rel 1 

SUSE Linux Enterprise Server 15 STIG – Ver 2, Rel 1 

Tri-Lab Operating System Stack (TOSS) 4 STIG – Ver 2, Rel 1 

Virtual Machine Manager SRG – Ver 2, Rel 1 

z/OS SRR Scripts – Ver 6, Rel 61 

zOS ACF2 Products – Ver 6, Rel 61 

zOS RACF2 Products – Ver 6, Rel 61 

zOS TSS Products – Ver 6, Rel 61 

 

Sunset:  

https://cyber.mil/stigs/downloads/?_dl_facet_stigs=sunset 

https://public.cyber.mil/stigs/downloads/?_dl_facet_stigs=sunset 

 

Sunset – A10 Networks ADC STIG 

Sunset – Apple macOS 12 STIG – Ver 1, Rel 9 

Sunset – Arista MultiLayer Switch DCS 7000 Series STIG 

Sunset – CA API Gateway STIG 

Sunset – Canonical Ubuntu 18.04 LTS STIG – Ver 2, Rel 15 

Sunset – DBN 6300 STIG 

Sunset – Docker Enterprise 2.x Linux/Unix STIG – Ver 2, Rel 2 

Sunset – EDB Postgres Advanced Server v11 on Windows STIG – Ver 2, Rel 4 

Sunset – ForeScout CounterACT ALG STIG – Ver 1, Rel 3 

Sunset – ForeScout CounterACT NDM STIG – Ver 1, Rel 2 

Sunset – Google Android 12 STIG 

Sunset – IBM MQ Appliance V9-0 STIG 

Sunset – Microsoft Access 2010 STIG – Ver 1, Rel 11 

Sunset – Microsoft Access 2013 STIG – Ver 1, Rel 7 

Sunset – Microsoft Android 11 STIG 

Sunset – Microsoft Excel 2010 STIG – Ver 1, Rel 12 

Sunset – Microsoft Excel 2013 STIG – Ver 1, Rel 8 

Sunset – Microsoft Exchange 2013 STIG 

Sunset – Microsoft InfoPath 2010 STIG – Ver 1, Rel 12 

Sunset – Microsoft InfoPath 2013 STIG – Ver 1, Rel 6 

Sunset – Microsoft Lync 2013 STIG – Ver 1, Rel 5 

Sunset – Microsoft Office System 2010 STIG – Ver 1, Rel 13 

Sunset – Microsoft Office System 2013 STIG – Ver 2, Rel 2 

Sunset – Microsoft PowerPoint 2010 STIG – Ver 1, Rel 11 

Sunset – Microsoft PowerPoint 2013 STIG – Ver 1, Rel 7 

Sunset – Microsoft Project 2010 STIG – Ver 1, Rel 10 

Sunset – Microsoft Project 2013 STIG – Ver 1, Rel 5 

Sunset – Microsoft Publisher 2010 STIG – Ver 1, Rel 12 

Sunset – Microsoft Publisher 2013 STIG – Ver 1, Rel 6 

Sunset – Microsoft SQL Server 2014 STIG 

Sunset – Microsoft Visio 2013 STIG – Ver 1, Rel 5 

Sunset – Microsoft Windows 2012 Server Domain Name System STIG – Ver 2, Rel 7 

Sunset – Microsoft Word 2010 STIG – Ver 1, Rel 12 

Sunset – Microsoft Word 2013 STIG – Ver 1, Rel 7 

Sunset – MongoDB 3.x STIG – Ver 2, Rel 3 

Sunset – MongoDB 4.x STIG – Ver 1, Rel 4 

Sunset – Motorola Solutions Android 11 COBO STIG – Ver 1, Rel 3 

Sunset – Oracle Database 11.2g STIG – Ver 2, Rel 5 

Sunset – PostgreSQL 9.x STIG – Ver 2, Rel 5 

Sunset – Red Hat Enterprise Linux 7 STIG – Ver 3, Rel 15 

Sunset – Riverbed Steelhead CX v8 STIG 

Sunset – Samsung Android 11 Knox 3.x STIG 

Sunset – Samsung Android 12 KPE 3.x STIG 

Sunset – VMware Workspace ONE13:54 UEM STIG – Ver 2, Rel 2 

 

Rev. 4 Sunset:  

https://cyber.mil/stigs/downloads/?_dl_facet_stigs=sunset 

https://public.cyber.mil/stigs/downloads/?_dl_facet_stigs=sunset 

 

Rev. 4 Sunset – Apache Server 2.4 Unix STIG 

Rev. 4 Sunset – Apache Server 2.4 Windows STIG 

Rev. 4 Sunset – Apache Tomcat Application Server 9 STIG – Ver 2, Rel 7 

Rev. 4 Sunset – Apple iOS/iPadOS 16 STIG – Ver 1, Rel 13 

Rev. 4 Sunset – Apple iOS/iPadOS 17 STIG – Ver 1, Rel 1 

Rev. 4 Sunset – Apple macOS 14 (Sonoma) STIG – Ver 1, Rel 2 

Rev. 4 Sunset – Application Layer Gateway SRG – Ver 1, Rel 2 

Rev. 4 Sunset – Application Security and Development STIG – Ver 5, Rel 3 

Rev. 4 Sunset – Application Server SRG – Ver 3, Rel 4 

Rev. 4 Sunset – Arista MLS EOS 4.2x STIG 

Rev. 4 Sunset – Authentication, Authorization, and Accounting Services (AAA) SRG – Ver 1, Rel 2 

Rev. 4 Sunset – Canonical Ubuntu 22.04 LTS STIG – Ver 1, Rel 1 

Rev. 4 Sunset – Central Log Server SRG – Ver 2, Rel 2 

Rev. 4 Sunset – Cisco ASA STIG 

Rev. 4 Sunset – Cisco IOS Router STIG 

Rev. 4 Sunset – Cisco IOS Switch STIG 

Rev. 4 Sunset – Cisco IOS XE Router STIG 

Rev. 4 Sunset – Cisco IOS XE Switch STIG 

Rev. 4 Sunset – Cisco IOS XR Router STIG 

Rev. 4 Sunset – Cisco ISE STIG 

Rev. 4 Sunset – Cisco NX OS Switch STIG 

Rev. 4 Sunset – Container Platform SRG – Ver 1, Rel 5 

Rev. 4 Sunset – Crunchy Data PostgreSQL STIG – Ver 2, Rel 2 

Rev. 4 Sunset – Database SRG – Ver 3, Rel 4 

Rev. 4 Sunset – Domain Name System (DNS) SRG – Ver 3, Rel 1 

Rev. 4 Sunset – EnterpriseDB Postgres Advanced Server (EPAS) STIG – Ver 1, Rel 1 

Rev. 4 Sunset – Firewall SRG – Ver 2, Rel 3 

Rev. 4 Sunset – Forescout STIG 

Rev. 4 Sunset – General Purpose Operating System SRG – Ver 2, Rel 7 

Rev. 4 Sunset – Google Android 13 STIG – Ver 1, Rel 1 

Rev. 4 Sunset – Google Android 14 STIG 

Rev. 4 Sunset – HPE 3PAR StoreServ OS STIG 

Rev. 4 Sunset – HPE Nimble Storage Array STIG – Ver 1, Rel 2 

Rev. 4 Sunset – IBM Hardware Management Console (HMC) STIG 

Rev. 4 Sunset – IBM z/OS STIG 

Rev. 4 Sunset – Intrusion Detection and Prevention System Technology SRG – Ver 2, Rel 6 

Rev. 4 Sunset – Ivanti Connect Secure STIG 

Rev. 4 Sunset – Ivanti MobileIron Core MDM Server STIG – Ver 1, Rel 1 

Rev. 4 Sunset – Ivanti MobileIron Sentry 9.x STIG – Ver 1, Rel 1 

Rev. 4 Sunset – Jamf Pro v10.x EMM STIG – Ver 2, Rel 1 

Rev. 4 Sunset – Juniper EX Series Switches STIG 

Rev. 4 Sunset – Juniper Router STIG 

Rev. 4 Sunset – Juniper SRX Services Gateway STIG 

Rev. 4 Sunset – Kubernetes STIG – Ver 1, Rel 11 

Rev. 4 Sunset – Layer 2 Switch SRG – Ver 2, Rel 1 

Rev. 4 Sunset – Mainframe Product SRG – Ver 2, Rel 1 

Rev. 4 Sunset – MariaDB Enterprise 10.x STIG – Ver 1, Rel 3 

Rev. 4 Sunset – MarkLogic Server v9 STIG – Ver 2, Rel 2 

Rev. 4 Sunset – Microsoft Azure SQL Database STIG – Ver 1, Rel 2 

Rev. 4 Sunset – Microsoft Edge STIG – Ver 1, Rel 8 

Rev. 4 Sunset – Microsoft Exchange 2019 STIG 

Rev. 4 Sunset – Microsoft IIS 10.0 Server STIG 

Rev. 4 Sunset – Microsoft Office 365 ProPlus STIG – Ver 2, Rel 12 

Rev. 4 Sunset – Microsoft SQL Server 2016 STIG 

Rev. 4 Sunset – Microsoft Windows 10 STIG – Ver 2, Rel 9 

Rev. 4 Sunset – Microsoft Windows 11 STIG – Ver 1, Rel 6 

Rev. 4 Sunset – Microsoft Windows PAW STIG – Ver 2, Rel 3 

Rev. 4 Sunset – Microsoft Windows Server 2019 STIG – Ver 2, Rel 9 

Rev. 4 Sunset – Microsoft Windows Server 2022 STIG – Ver 1, Rel 5 

Rev. 4 Sunset – Microsoft Windows Server Domain Name System STIG – Ver 1, Rel 1 

Rev. 4 Sunset – Mirantis Kubernetes Engine STIG – Ver 1, Rel 1 

Rev. 4 Sunset – MS SQL Server 2016 STIG 

Rev. 4 Sunset – NetApp ONTAP DSC 9.x STIG – Ver 1, Rel 4 

Rev. 4 Sunset – Network Device Management SRG – Ver 5, Rel 1 

Rev. 4 Sunset – Nutanix AOS 5.20.x STIG – Ver, 1, Rel 1 

Rev. 4 Sunset – Oracle Database 12c STIG – Ver 2, Rel 9 

Rev. 4 Sunset – Oracle Linux 8 STIG – Ver 1, Rel 10 

Rev. 4 Sunset – Oracle MySQL 8.0 STIG – Ver 1, Rel 5 

Rev. 4 Sunset – Palo Alto Networks STIG 

Rev. 4 Sunset – Palo Alto Networks Prisma Cloud Compute STIG – Ver 1, Rel 3 

Rev. 4 Sunset – Rancher Government Solutions Multi-Cluster Manager STIG – Ver 1, Rel 3 

Rev. 4 Sunset – Rancher Government Solutions RKE2 STIG – Ver 1, Rel 5 

Rev. 4 Sunset – Red Hat Ansible Automation Controller STIG 

Rev. 4 Sunset – Red Hat Enterprise Linux 9 STIG – Ver 1, Rel 3 

Rev. 4 Sunset – Red Hat OpenShift Container Platform 4.12 STIG – Ver 1, Rel 1 

Rev. 4 Sunset – Redis Enterprise 6.x STIG – Ver 1, Rel 3 

Rev. 4 Sunset – Riverbed NetProfiler STIG – Ver 1, Rel 1 

Rev. 4 Sunset – Router SRG – Ver 4, Rel 3 

Rev. 4 Sunset – Samsung Android OS 13 with Knox 3.x STIG 

Rev. 4 Sunset – Samsung Android OS 14 with Knox 3.x STIG 

Rev. 4 Sunset – SDN Controller SRG – Ver 1, Rel 2 

Rev. 4 Sunset – Solaris 11 SPARC STIG – Ver 2, Rel 10 

Rev. 4 Sunset – Solaris 11 x86 STIG – Ver 2, Rel 10 

Rev. 4 Sunset – Splunk Enterprise 7.x for Windows STIG – Ver 2, Rel 4 

Rev. 4 Sunset – Splunk Enterprise 8.x for Linux STIG – Ver 1, Rel 5 

Rev. 4 Sunset – SUSE Linux Enterprise Server 15 STIG – Ver 1, Rel 13 

Rev. 4 Sunset – Tanium 7.x TanOS STIG – Ver 1, Rel 1 

Rev. 4 Sunset – Tanium 7.x STIG – Ver 1, Rel 2 

Rev. 4 Sunset – Trellix Application Control 8.x STIG – Ver 2, Rel 2 

Rev. 4 Sunset – Trend Micro TippingPoint STIG 

Rev. 4 Sunset – Tri-Lab Operating System Stack (TOSS) 4 STIG – Ver 1, Rel 3 

Rev. 4 Sunset – Unified Endpoint Management Server SRG 

Rev. 4 Sunset – Virtual Machine Manager SRG – Ver 1, Rel 3 

Rev. 4 Sunset – Virtual Private Network (VPN) SRG – Ver 2, Rel 6 

Rev. 4 Sunset – Web Server SRG – Ver 3, Rel 3 

 

Benchmarks:  

https://cyber.mil/stigs/downloads/?_dl_facet_stigs=scap 

https://public.cyber.mil/stigs/downloads/?_dl_facet_stigs=scap 

 

Canonical Ubuntu 18.04 LTS STIG Benchmark – Ver 2, Rel 12 

Canonical Ubuntu 20.04 LTS STIG Benchmark – Ver 1, Rel 10 

Cisco IOS-XE Router NDM STIG Benchmark – Ver 3, Rel 1 

Cisco IOS-XE Router RTR STIG Benchmark – Ver 3, Rel 1 

Kubernetes STIG Benchmark – Ver 2, Rel 1 

Microsoft Edge STIG Benchmark – Ver 2, Rel 1 

Microsoft Windows 10 STIG Benchmark – Ver 3, Rel 1 

Microsoft Windows 11 STIG Benchmark – Ver 2, Rel 1 

Microsoft Windows Server 2016 STIG Benchmark – Ver 2, Rel 6 

Microsoft Windows Server 2019 STIG Benchmark – Ver 3, Rel 1 

Microsoft Windows Server 2022 STIG Benchmark – Ver 2, Rel 1 

Oracle Linux 8 STIG Benchmark – Ver 2, Rel 1 

Red Hat Enterprise Linux 7 STIG Benchmark – Ver 3, Rel 15 

Red Hat Enterprise Linux 8 STIG Benchmark – Ver 1, Rel 13 

Red Hat Enterprise Linux 9 STIG Benchmark – Ver 2, Rel 1 

Solaris 11 SPARC STIG SCAP Benchmark – Ver 3, Rel 1 

Solaris 11 x86 STIG SCAP Benchmark – Ver 3, Rel 1 

SUSE Linux Enterprise Server 15 Benchmark – Ver 2, Rel 1 

TOSS 4 STIG Benchmark – Ver 2, Rel 1 

 

Unclassified HBSS STIGs:  

https://public.cyber.mil/stigs/downloads/?_dl_facet_stigs=hbss  

 

Trellix Application Control 8.x STIG – Ver 3, Rel 1