STIG Update

October 24, 2024

Note: All STIGs converted to NIST SP 800-53 Rev. 5 CCIs for Q3 (July 2024) were updated to include the deprecated Rev. 4 CCIs to ensure all vulnerabilities are captured in eMASS. STIGs with Rev. 4 reversions that had no other changes for the quarter did not increment in release number. All new STIG releases will be Rev. 5 only. 

 

DISA recently released the following updated Security Guidance, Security Readiness Review Scripts, and Benchmarks: 

Unclassified Application STIGs :   

https://cyber.mil/stigs/downloads/?_dl_facet_stigs=app-security  

https://public.cyber.mil/stigs/downloads/?_dl_facet_stigs=app-security 

 

CA IDMS STIG – Ver 2, Rel 1 

Database SRG – Ver 4, Rel 2 

Google Chrome Current Windows STIG – Ver 2, Rel 10 

IBM WebSphere Liberty Server STIG – Ver 2, Rel 1 

JBoss Enterprise Application Platform 6.3 STIG – Ver 2, Rel 5 

Kubernetes STIG – Ver 2, Rel 2 

MariaDB Enterprise 10.x STIG – Ver 2, Rel 2 

MarkLogic Server v9 STIG – Ver 3, Rel 2 

Microsoft Azure SQL Database STIG – Ver 2, Rel 2 

Microsoft Edge STIG – Ver 2, Rel 2 

Microsoft Exchange 2019 STIG 

Microsoft IIS 10.0 STIG 

MS SQL Server 2016 STIG 

Oracle Database 12c STIG – Ver 3, Rel 2 

Oracle MySQL 8.0 STIG – Ver 2, Rel 2 

Rancher Government Solutions RKE2 STIG – Ver 2, Rel 2 

Red Hat Ansible Automation Controller STIG 

Redis Enterprise 6.x STIG – Ver 2, Rel 2 

Web Server SRG – Ver 4, Rel 2 

 

Unclassified Mobility STIGs and SRGs:   

https://cyber.mil/stigs/downloads/?_dl_facet_stigs=mobility
https://public.cyber.mil/stigs/downloads/?_dl_facet_stigs=mobility 

ISEC7 Sphere STIG – Ver 3, Rel 1 

Ivanti EPMM Server STIG – Ver 3, Rel 1 

Ivanti Sentry 9.x STIG 

 

Unclassified Network STIGs and SRGs:   

https://cyber.mil/stigs/downloads/?_dl_facet_stigs=network-perimeter-wireless  

https://public.cyber.mil/stigs/downloads/?_dl_facet_stigs=network-perimeter-wireless 

 

Cisco ASA STIG 

Cisco IOS Router STIG 

Cisco IOS Switch STIG 

Cisco IOS XE Router STIG 

Cisco IOS XE Switch STIG 

Cisco IOS XR Router STIG 

Cisco ISE STIG 

Cisco NX OS Switch STIG 

Enterprise Voice, Video, and Messaging SRG 

Forescout STIG 

Ivanti Connect Secure STIG 

Juniper EX Series Switches STIG 

Juniper SRX Services Gateway STIG 

NetApp ONTAP DSC 9.x STIG – Ver 2, Rel 2 

Network Device Management SRG – Ver 5, Rel 2 

Network Infrastructure Policy STIG – Ver 10, Rel 7 

Palo Alto Networks STIG 

Trend Micro TippingPoint STIG 

Virtual Private Network (VPN) SRG – Ver 3, Rel 2 

 

Unclassified Operating System STIGs and Overviews:   

https://cyber.mil/stigs/downloads/?_dl_facet_stigs=operating-systems 

https://public.cyber.mil/stigs/downloads/?_dl_facet_stigs=operating-systems 

 

Apple macOS 14 (Sonoma) STIG – Ver 2, Rel 2 

Canonical Ubuntu 20.04 LTS STIG – Ver 2, Rel 1 

Canonical Ubuntu 22.04 LTS STIG – Ver 2, Rel 2 

IBM AIX 7.x STIG – Ver 3, Rel 1 

IBM Hardware Management Console (HMC) STIG – Ver 2, Rel 1 

IBM z/OS STIG 

Mainframe Product SRG – Ver 3, Rel 2 

Oracle Linux 7 STIG – Ver 3, Rel 1 

Oracle Linux 8 STIG – Ver 2, Rel 2 

Red Hat Enterprise Linux 8 STIG – Ver 2, Rel 1 

Red Hat Enterprise Linux 9 STIG – Ver 2, Rel 2 

SUSE Linux Enterprise Server 12 STIG – Ver 3, Rel 1 

SUSE Linux Enterprise Server 15 STIG – Ver 2, Rel 2 

z/OS ACF2 Products – Ver 6, Rel 62 

z/OS RACF Products – Ver 6, Rel 62 

z/OS SRR Scripts – Ver 6, Rel 62 

z/OS TSS Products – Ver 6, Rel 62 

 

Unclassified Uncategorized STIGs: 

https://public.cyber.mil/stigs/downloads/ 

https://cyber.mil/stigs/downloads 

 

Traditional Security Checklist – Ver 2, Rel 6 

 

Benchmarks:  

https://cyber.mil/stigs/downloads/?_dl_facet_stigs=scap 

https://public.cyber.mil/stigs/downloads/?_dl_facet_stigs=scap 

 

Canonical Ubuntu 18.04 LTS STIG Benchmark – Ver 2, Rel 11 

Canonical Ubuntu 20.04 LTS STIG SCAP Benchmark – Ver 2, Rel 2 

Cisco IOS XE Router NDM STIG SCAP Benchmark – Ver 3, Rel 2 

Cisco IOS XE Router RTR STIG SCAP Benchmark – Ver 3, Rel 2 

Google Chrome Current Windows STIG SCAP Benchmark – Ver 2, Rel 10 

Kubernetes STIG SCAP Benchmark – Ver 2, Rel 2 

Microsoft Office 365 Pro Plus STIG SCAP Benchmark – Ver 3, Rel 2 

Oracle Linux 7 STIG SCAP Benchmark – Ver 3, Rel 1 

Oracle Linux 8 STIG SCAP Benchmark – Ver 2, Rel 2 

Red Hat Enterprise Linux 8 STIG SCAP Benchmark – Ver 2, Rel 1 

Red Hat Enterprise Linux 9 STIG SCAP Benchmark – Ver 2, Rel 2 

SLES 12 STIG SCAP Benchmark – Ver 3, Rel 1 

Solaris 11 SPARC STIG SCAP Benchmark – Ver 3, Rel 2 

Solaris 11 x86 STIG SCAP Benchmark – Ver 3, Rel 2 

SUSE Linux Enterprise Server 15 STIG SCAP Benchmark – Ver 2, Rel 2 

Tri-Lab Operating System Stack (TOSS) 4 STIG SCAP Benchmark – Ver 2, Rel 2