General Cyber Exchange Announcements

Nothing Found

Sorry, no posts matched your criteria

SRGs/STIGs Announcements

DISA releases the Dell OS10 Switch Security Technical Implementation Guide

The Defense Information Systems Agency recently approved the Dell OS10 Switch Security Technical Implementation Guide (STIG), which is effective immediately upon release.

Customers who possess a Common Access Card that has valid Department of Defense certificates can obtain the STIG from the DOD Cyber Exchange website at https://cyber.mil/stigs/downloads/. The STIG is also available on the Cyber Exchange public site at https://public.cyber.mil/stigs/downloads.

Users who are unable to find and download the guide or other content can report their issue to the Cyber Exchange web team at dod.cyberexchange@mail.mil. Individuals who have further questions related to STIG content should email the DISA STIG customer support desk at disa.stig_spt@mail.mil.

Request for comments - DISA releases draft Canonical Ubuntu 22.04 STIG SCAP benchmark snapshot for review

The Defense Information Systems Agency recently released the draft Canonical Ubuntu 22.04 Security Technical Implementation Guide (STIG) Security Content Automation Protocol (SCAP) benchmark snapshot for review.

The draft benchmark is a snapshot of SCAP content developed for the technology and does not include the full spectrum of content expected to be included in the final release of the benchmark.

Customers who possess a Common Access Card that has valid Department of Defense certificates can submit comments and/or recommended changes to the draft benchmark snapshot by 21 January 2025 on the comment matrix spreadsheet, which is located with the benchmark at https://cyber.mil/stigs/downloads/.

The draft benchmark snapshot and comment matrix are also available on the Cyber Exchange public site at https://public.cyber.mil/stigs/downloads.

Please limit comments and recommendations in the comment matrix to those that address the benchmark. Questions regarding the manual STIG should be sent to dod.cyberexchange@mail.mil.

Please email comments to disa.stig_spt@mail.mil and include the title and version of the benchmark in the subject line.

Users who are unable to find and download these files or other content can report their issue to the Cyber Exchange web team at dod.cyberexchange@mail.mil.

DISA releases the CloudLinux Alma Linux OS 9 Security Technical Implementation Guide

The Defense Information Systems Agency recently approved the CloudLinux Alma Linux OS 9 Security Technical Implementation Guide (STIG), which is effective immediately upon release. 

 

Customers who possess a Common Access Card that has valid Department of Defense certificates can obtain the STIG from the DOD Cyber Exchange website at https://cyber.mil/stigs/downloads/. The STIG is also available on the Cyber Exchange public site at https://public.cyber.mil/stigs/downloads. 

 

Users who are unable to find and download the guide or other content can report their issue to the Cyber Exchange web team at dod.cyberexchange@mail.mil. Individuals who have further questions related to STIG content should email the DISA STIG customer support desk at disa.stig_spt@mail.mil. 

Request for comments - DISA releases the draft Microsoft Entra ID STIG for review   

The Defense Information Systems Agency recently released the draft Microsoft Entra ID Security Technical Implementation Guide (STIG) for review.

Customers who possess a Common Access Card that has valid Department of Defense certificates can submit comments and/or recommended changes to the draft STIG by 12 December 2024 on the comment matrix spreadsheet, which is located with the STIG/SRG at https://cyber.mil/stigs/downloads/.

The draft STIG and comment matrix are also available on the Cyber Exchange public site at https://public.cyber.mil/stigs/downloads.

Please email comments to disa.stig_spt@mail.mil and include the title and version of the STIG in the subject line.

Users who are unable to find and download these files or other content can report their issue to the Cyber Exchange web team at dod.cyberexchange@mail.mil.

DISA releases the Anduril NixOS Security Technical Implementation Guide

The Defense Information Systems Agency recently approved the Anduril NixOS Security Technical Implementation Guide (STIG), which is effective immediately upon release.

Customers who possess a Common Access Card that has valid Department of Defense certificates can obtain the STIG from the DOD Cyber Exchange website at https://cyber.mil/stigs/downloads/. The STIG is also available on the Cyber Exchange public site at https://public.cyber.mil/stigs/downloads.

Users who are unable to find and download the guide or other content can report their issue to the Cyber Exchange web team at dod.cyberexchange@mail.mil. Individuals who have further questions related to STIG content should email the DISA STIG customer support desk at disa.stig_spt@mail.mil.

DISA releases the Samsung Android OS 15 with Knox 3.x Security Technical Implementation Guide

The Defense Information Systems Agency recently approved the Samsung Android OS 15 with Knox 3.x Security Technical Implementation Guide (STIG) which is effective immediately upon release. 

 

Customers who possess a Common Access Card that has valid Department of Defense certificates can obtain the STIG from the DOD Cyber Exchange website at https://cyber.mil/stigs/downloads/. The STIG is also available on the Cyber Exchange public site at https://public.cyber.mil/stigs/downloads. 

 

Users who are unable to find and download the guide or other content can report their issue to the Cyber Exchange web team at dod.cyberexchange@mail.mil. Individuals who have further questions related to STIG content should email the DISA STIG customer support desk at disa.stig_spt@mail.mil. 

DISA releases the HPE Aruba Networking AOS Security Technical Implementation Guide

The Defense Information Systems Agency recently approved the HPE Aruba Networking AOS Security Technical Implementation Guide (STIG), which is effective immediately upon release.

Customers who possess a Common Access Card that has valid Department of Defense certificates can obtain the STIG from the DOD Cyber Exchange website at https://cyber.mil/stigs/downloads/. The STIG is also available on the Cyber Exchange public site at https://public.cyber.mil/stigs/downloads.

Users who are unable to find and download the guide or other content can report their issue to the Cyber Exchange web team at dod.cyberexchange@mail.mil. Individuals who have further questions related to STIG content should email the DISA STIG customer support desk at disa.stig_spt@mail.mil.

DISA releases the HYCU Protégé Security Technical Implementation Guide

The Defense Information Systems Agency recently approved the HYCU Protégé Security Technical Implementation Guide (STIG), which is effective immediately upon release. 

 

Customers who possess a Common Access Card that has valid Department of Defense certificates can obtain the STIG from the DOD Cyber Exchange website at https://cyber.mil/stigs/downloads/. The STIG is also available on the Cyber Exchange public site at https://public.cyber.mil/stigs/downloads. 

 

Users who are unable to find and download the guide or other content can report their issue to the Cyber Exchange web team at dod.cyberexchange@mail.mil. Individuals who have further questions related to STIG content should email the DISA STIG customer support desk at disa.stig_spt@mail.mil. 

GPO Update

Group Policy Objects (GPOs) have been updated for October 2024. Refer to the Change Log document included in the zip file for additional information. 

 

The DISA Risk Management Executive posts the GPOs for use by system administrators to ease the burden in securing systems within their environment. 

 

The GPOs can be found on the Cyber Exchange website on the Group Policy Objects tab: 

 

List of GPOs currently in the package: 

 

Office Products 

  • Access 2013 
  • Access 2016 
  • Excel 2013 
  • Excel 2016 
  • InfoPath 2013 
  • Lync 2013 
  • Office 2019-M365 Apps 
  • Office System 2013 
  • Office System 2016 
  • OneDrive for Business 2016 
  • Outlook 2013 
  • Outlook 2016 
  • PowerPoint 2013 
  • PowerPoint 2016 
  • Project 2013 
  • Project 2016 
  • Publisher 2013 
  • Publisher 2016 
  • Skype for Business 2016 
  • Visio 2013 
  • Visio 2016 
  • Word 2013 
  • Word 2016 

 

Browsers 

  • Edge 
  • Google Chrome 
  • Internet Explorer 11  
  • Mozilla Firefox 

 

Antivirus 

  • Windows Defender AV 

 

Adobe Acrobat 

  • Adobe Acrobat Pro DC Continuous 
  • Adobe Acrobat Reader DC Continuous 

 

Operating Systems 

  • Windows 10 
  • Windows 11 
  • Windows Firewall 
  • Windows 2012 R2 DC 
  • Windows 2012 R2 MS 
  • Windows Server 2016 (MS and DC) 
  • Windows Server 2019 (MS and DC) 
  • Windows Server 2022 

 

Assistance 

For issues accessing files, email the Cyber Exchange web team at dod.cyberexchange@mail.mil. 

 

For questions related to STIG content, email the DISA STIG Customer Support Desk at disa.stig_spt@mail.mil. 

STIG Update

Note: All STIGs converted to NIST SP 800-53 Rev. 5 CCIs for Q3 (July 2024) were updated to include the deprecated Rev. 4 CCIs to ensure all vulnerabilities are captured in eMASS. STIGs with Rev. 4 reversions that had no other changes for the quarter did not increment in release number. All new STIG releases will be Rev. 5 only. 

 

DISA recently released the following updated Security Guidance, Security Readiness Review Scripts, and Benchmarks: 

Unclassified Application STIGs :   

https://cyber.mil/stigs/downloads/?_dl_facet_stigs=app-security  

https://public.cyber.mil/stigs/downloads/?_dl_facet_stigs=app-security 

 

CA IDMS STIG – Ver 2, Rel 1 

Database SRG – Ver 4, Rel 2 

Google Chrome Current Windows STIG – Ver 2, Rel 10 

IBM WebSphere Liberty Server STIG – Ver 2, Rel 1 

JBoss Enterprise Application Platform 6.3 STIG – Ver 2, Rel 5 

Kubernetes STIG – Ver 2, Rel 2 

MariaDB Enterprise 10.x STIG – Ver 2, Rel 2 

MarkLogic Server v9 STIG – Ver 3, Rel 2 

Microsoft Azure SQL Database STIG – Ver 2, Rel 2 

Microsoft Edge STIG – Ver 2, Rel 2 

Microsoft Exchange 2019 STIG 

Microsoft IIS 10.0 STIG 

MS SQL Server 2016 STIG 

Oracle Database 12c STIG – Ver 3, Rel 2 

Oracle MySQL 8.0 STIG – Ver 2, Rel 2 

Rancher Government Solutions RKE2 STIG – Ver 2, Rel 2 

Red Hat Ansible Automation Controller STIG 

Redis Enterprise 6.x STIG – Ver 2, Rel 2 

Web Server SRG – Ver 4, Rel 2 

 

Unclassified Mobility STIGs and SRGs:   

https://cyber.mil/stigs/downloads/?_dl_facet_stigs=mobility
https://public.cyber.mil/stigs/downloads/?_dl_facet_stigs=mobility 

ISEC7 Sphere STIG – Ver 3, Rel 1 

Ivanti EPMM Server STIG – Ver 3, Rel 1 

Ivanti Sentry 9.x STIG 

 

Unclassified Network STIGs and SRGs:   

https://cyber.mil/stigs/downloads/?_dl_facet_stigs=network-perimeter-wireless  

https://public.cyber.mil/stigs/downloads/?_dl_facet_stigs=network-perimeter-wireless 

 

Cisco ASA STIG 

Cisco IOS Router STIG 

Cisco IOS Switch STIG 

Cisco IOS XE Router STIG 

Cisco IOS XE Switch STIG 

Cisco IOS XR Router STIG 

Cisco ISE STIG 

Cisco NX OS Switch STIG 

Enterprise Voice, Video, and Messaging SRG 

Forescout STIG 

Ivanti Connect Secure STIG 

Juniper EX Series Switches STIG 

Juniper SRX Services Gateway STIG 

NetApp ONTAP DSC 9.x STIG – Ver 2, Rel 2 

Network Device Management SRG – Ver 5, Rel 2 

Network Infrastructure Policy STIG – Ver 10, Rel 7 

Palo Alto Networks STIG 

Trend Micro TippingPoint STIG 

Virtual Private Network (VPN) SRG – Ver 3, Rel 2 

 

Unclassified Operating System STIGs and Overviews:   

https://cyber.mil/stigs/downloads/?_dl_facet_stigs=operating-systems 

https://public.cyber.mil/stigs/downloads/?_dl_facet_stigs=operating-systems 

 

Apple macOS 14 (Sonoma) STIG – Ver 2, Rel 2 

Canonical Ubuntu 20.04 LTS STIG – Ver 2, Rel 1 

Canonical Ubuntu 22.04 LTS STIG – Ver 2, Rel 2 

IBM AIX 7.x STIG – Ver 3, Rel 1 

IBM Hardware Management Console (HMC) STIG – Ver 2, Rel 1 

IBM z/OS STIG 

Mainframe Product SRG – Ver 3, Rel 2 

Oracle Linux 7 STIG – Ver 3, Rel 1 

Oracle Linux 8 STIG – Ver 2, Rel 2 

Red Hat Enterprise Linux 8 STIG – Ver 2, Rel 1 

Red Hat Enterprise Linux 9 STIG – Ver 2, Rel 2 

SUSE Linux Enterprise Server 12 STIG – Ver 3, Rel 1 

SUSE Linux Enterprise Server 15 STIG – Ver 2, Rel 2 

z/OS ACF2 Products – Ver 6, Rel 62 

z/OS RACF Products – Ver 6, Rel 62 

z/OS SRR Scripts – Ver 6, Rel 62 

z/OS TSS Products – Ver 6, Rel 62 

 

Unclassified Uncategorized STIGs: 

https://public.cyber.mil/stigs/downloads/ 

https://cyber.mil/stigs/downloads 

 

Traditional Security Checklist – Ver 2, Rel 6 

 

Benchmarks:  

https://cyber.mil/stigs/downloads/?_dl_facet_stigs=scap 

https://public.cyber.mil/stigs/downloads/?_dl_facet_stigs=scap 

 

Canonical Ubuntu 18.04 LTS STIG Benchmark – Ver 2, Rel 11 

Canonical Ubuntu 20.04 LTS STIG SCAP Benchmark – Ver 2, Rel 2 

Cisco IOS XE Router NDM STIG SCAP Benchmark – Ver 3, Rel 2 

Cisco IOS XE Router RTR STIG SCAP Benchmark – Ver 3, Rel 2 

Google Chrome Current Windows STIG SCAP Benchmark – Ver 2, Rel 10 

Kubernetes STIG SCAP Benchmark – Ver 2, Rel 2 

Microsoft Office 365 Pro Plus STIG SCAP Benchmark – Ver 3, Rel 2 

Oracle Linux 7 STIG SCAP Benchmark – Ver 3, Rel 1 

Oracle Linux 8 STIG SCAP Benchmark – Ver 2, Rel 2 

Red Hat Enterprise Linux 8 STIG SCAP Benchmark – Ver 2, Rel 1 

Red Hat Enterprise Linux 9 STIG SCAP Benchmark – Ver 2, Rel 2 

SLES 12 STIG SCAP Benchmark – Ver 3, Rel 1 

Solaris 11 SPARC STIG SCAP Benchmark – Ver 3, Rel 2 

Solaris 11 x86 STIG SCAP Benchmark – Ver 3, Rel 2 

SUSE Linux Enterprise Server 15 STIG SCAP Benchmark – Ver 2, Rel 2 

Tri-Lab Operating System Stack (TOSS) 4 STIG SCAP Benchmark – Ver 2, Rel 2 

 

DISA releases the Apple macOS 15 (Sequoia) Security Technical Implementation Guide

The Defense Information Systems Agency recently approved the Apple macOS 15 (Sequoia) Security Technical Implementation Guide (STIG) which is effective immediately upon release.

Customers who possess a Common Access Card that has valid Department of Defense certificates can obtain the STIG from the DOD Cyber Exchange website at https://cyber.mil/stigs/downloads/. The STIG is also available on the Cyber Exchange public site at https://public.cyber.mil/stigs/downloads.

Users who are unable to find and download the guide or other content can report their issue to the Cyber Exchange web team at dod.cyberexchange@mail.mil. Individuals who have further questions related to STIG content should email the DISA STIG customer support desk at disa.stig_spt@mail.mil.

DISA releases the Microsoft Intune Desktop Security Technical Implementation Guide

The Defense Information Systems Agency recently approved the Microsoft Intune Desktop Security Technical Implementation Guide (STIG), which is effective immediately upon release. 

 

Customers who possess a Common Access Card that has valid Department of Defense certificates can obtain the STIG from the DOD Cyber Exchange website at https://cyber.mil/stigs/downloads/. The STIG is also available on the Cyber Exchange public site at https://public.cyber.mil/stigs/downloads. 

 

Users who are unable to find and download the guide or other content can report their issue to the Cyber Exchange web team at dod.cyberexchange@mail.mil. Individuals who have further questions related to STIG content should email the DISA STIG customer support desk at disa.stig_spt@mail.mil. 

PKI/PKE Announcements

New ECA PKI CAs Released

The ECA PKI has recently deployed ECA Root CA 5 and WidePoint ECA 9. These new certificates are now available in the ECA PKI PKCS#7 Certificate Bundle v5.10
/pki-pke/zip/unclass-certificates_pkcs7_ECA.zip
Update PKCS#7 certificate bundle with attached version and all references to include the updated version number.