General Cyber Exchange Announcements
SRGs/STIGs Announcements
DISA releases Canonical Ubuntu 22.04 STIG with Chef
The Defense Information Systems Agency recently released the Canonical Ubuntu 22.04 Security Technical Implementation Guide with Chef. This content is published as a resource to assist in the application of security guidance to systems.
Customers who possess a Common Access Card that has valid Department of Defense certificates can obtain the file from the DOD Cyber Exchange website at https://cyber.mil/stigs/supplemental-automation-content/. The file is also available on the Cyber Exchange public site at https://public.cyber.mil/stigs/supplemental-automation-content/.
Users who are unable to find and download the content can report their issue to the Cyber Exchange web team at dod.cyberexchange@mail.mil. Individuals who have further questions related to STIG content should email the DISA STIG customer support desk at disa.stig_spt@mail.mil.
DISA releases Canonical Ubuntu 22.04 STIG with Ansible
The Defense Information Systems Agency recently released the Canonical Ubuntu 22.04 Security Technical Implementation Guide with Ansible. This content is published as a resource to assist in the application of security guidance to systems.
Customers who possess a Common Access Card that has valid Department of Defense certificates can obtain the file from the DOD Cyber Exchange website at https://cyber.mil/stigs/supplemental-automation-content/. The file is also available on the Cyber Exchange public site at https://public.cyber.mil/stigs/supplemental-automation-content/.
Users who are unable to find and download the content can report their issue to the Cyber Exchange web team at dod.cyberexchange@mail.mil. Individuals who have further questions related to STIG content should email the DISA STIG customer support desk at disa.stig_spt@mail.mil.
Request for comments - DISA releases the draft Application Programming Interface Security Requirements Guide for review
The Defense Information Systems Agency recently released the draft API SRG for review.
Customers who possess a Common Access Card that has valid Department of Defense certificates can submit comments and/or recommended changes to the draft SRG by 12 June 2025 on the comment matrix spreadsheet, which is located with the SRG at https://cyber.mil/stigs/downloads/.
The draft SRG and comment matrix are also available on the Cyber Exchange public site at https://public.cyber.mil/stigs/downloads.
Please email comments to disa.stig_spt@mail.mil and include the title and version of the SRG in the subject line.
Users who are unable to find and download these files or other content can report their issue to the Cyber Exchange web team at dod.cyberexchange@mail.mil.
DISA releases the Samsung Android 15 BYOAD Security Technical Implementation Guide
The Defense Information Systems Agency recently approved the Samsung Android 15 BYOAD STIG, which is effective immediately upon release.
Customers who possess a Common Access Card that has valid Department of Defense certificates can obtain the STIG from the DOD Cyber Exchange website at https://cyber.mil/stigs/downloads/. The STIG is also available on the Cyber Exchange public site at https://public.cyber.mil/stigs/downloads.
Users who are unable to find and download the guide or other content can report their issue to the Cyber Exchange web team at dod.cyberexchange@mail.mil. Individuals who have further questions related to STIG content should email the DISA STIG customer support desk at disa.stig_spt@mail.mil.
DISA releases the Microsoft Intune (Desktop & Mobile) Security Technical Implementation Guide
The Defense Information Systems Agency recently approved the Microsoft Intune (Desktop & Mobile) STIG, which is effective immediately upon release.
Customers who possess a Common Access Card that has valid Department of Defense certificates can obtain the STIG from the DOD Cyber Exchange website at https://cyber.mil/stigs/downloads/. The STIG is also available on the Cyber Exchange public site at https://public.cyber.mil/stigs/downloads.
Users who are unable to find and download the guide or other content can report their issue to the Cyber Exchange web team at dod.cyberexchange@mail.mil. Individuals who have further questions related to STIG content should email the DISA STIG customer support desk at disa.stig_spt@mail.mil.
DISA releases the Honeywell Android 13 Security Technical Implementation Guide
The Defense Information Systems Agency recently approved the Honeywell Android 13 STIG, which is effective immediately upon release.
Customers who possess a Common Access Card that has valid Department of Defense certificates can obtain the STIG from the DOD Cyber Exchange website at https://cyber.mil/stigs/downloads/. The STIG is also available on the Cyber Exchange public site at https://public.cyber.mil/stigs/downloads.
Users who are unable to find and download the guide or other content can report their issue to the Cyber Exchange web team at dod.cyberexchange@mail.mil. Individuals who have further questions related to STIG content should email the DISA STIG customer support desk at disa.stig_spt@mail.mil.
DISA releases the Okta IDaaS Security Technical Implementation Guide
The Defense Information Systems Agency recently approved the Okta IDaaS STIG, which is effective immediately upon release.
Customers who possess a Common Access Card that has valid Department of Defense certificates can obtain the STIG from the DOD Cyber Exchange website at https://cyber.mil/stigs/downloads/. The STIG is also available on the Cyber Exchange public site at https://public.cyber.mil/stigs/downloads.
Users who are unable to find and download the guide or other content can report their issue to the Cyber Exchange web team at dod.cyberexchange@mail.mil. Individuals who have further questions related to STIG content should email the DISA STIG customer support desk at disa.stig_spt@mail.mil.
GPO and Intune Policy Update
Note: This quarter, the pre-built Intune STIG Policies normally included within the GPO package have been placed in a separate package, called Intune Policy, for enhanced visibility.
Group Policy Objects and Intune Policies have been updated for April 2025. Refer to the Change Log document included in the zip file for additional information.
The DISA Risk Management Executive posts the GPOs and Intune Policies for use by system administrators to ease the burden in securing systems within their environment.
The GPOs and Intune Policies can be found on the Cyber Exchange website on the Group Policy Objects tab:
- DOD Cyber Exchange – https://cyber.mil/stigs/gpo/ (Common Access Card required).
- DOD Cyber Exchange Public – https://public.cyber.mil/stigs/gpo/.
List of GPOs:
Office Products
- Access 2016
- Excel 2016
- Office 2019-M365 Apps
- Office System 2016
- OneDrive for Business 2016
- Outlook 2016
- PowerPoint 2016
- Project 2016
- Publisher 2016
- Skype for Business 2016
- Visio 2016
- Word 2016
Browsers
- Edge
- Google Chrome
- Internet Explorer 11
- Mozilla Firefox
Antivirus
- Microsoft Defender Antivirus
Adobe Acrobat
- Adobe Acrobat Pro DC Continuous
- Adobe Acrobat Reader DC Continuous
Operating Systems
- Windows 10
- Windows 11
- Windows Firewall
- Windows Server 2016 (MS and DC)
- Windows Server 2019 (MS and DC)
- Windows Server 2022
List of Intune Policies:
Office Products
- Office 2019-M365 Apps
- OneDrive for Business 2016
Browsers
- Edge
- Google Chrome
- Internet Explorer 11
- Mozilla Firefox
Antivirus
- Microsoft Defender Antivirus
Adobe Acrobat
- Adobe Acrobat Pro DC Continuous
- Adobe Acrobat Reader DC Continuous
Operating Systems
- Windows 10
- Windows 11
Assistance
For issues accessing files, email the Cyber Exchange web team at dod.cyberexchange@mail.mil.
For questions related to STIG content, email the DISA STIG Customer Support Desk at disa.stig_spt@mail.mil.
DISA releases the Oracle Linux 9 Security Technical Implementation Guide
The Defense Information Systems Agency recently approved the Oracle Linux 9 Security Technical Implementation Guide, which is effective immediately upon release.
Customers who possess a Common Access Card that has valid Department of Defense certificates can obtain the STIG from the DOD Cyber Exchange website at https://cyber.mil/stigs/downloads/. The STIG is also available on the Cyber Exchange public site at https://public.cyber.mil/stigs/downloads.
Users who are unable to find and download the guide or other content can report their issue to the Cyber Exchange web team at dod.cyberexchange@mail.mil. Individuals who have further questions related to STIG content should email the DISA STIG customer support desk at disa.stig_spt@mail.mil.
DISA recently released the following updated Security Guidance, Security Readiness Review Scripts, and Benchmarks.
Note: The STIGs converted to NIST SP 800-53 Rev. 5 CCIs in previous quarters have been updated to include the deprecated Rev. 4 CCIs to ensure all vulnerabilities are captured in eMASS.
Unclassified Application STIGs:
https://cyber.mil/stigs/downloads/?_dl_facet_stigs=app-security
Apache Server 2.4 Unix STIG
Apache Server 2.4 Windows STIG
Apache Tomcat Application Server 9 STIG – Ver 3, Rel 2
Application Security and Development STIG – Ver 6, Rel 3
Application Server SRG – Ver 4, Rel 3
IBM WebSphere Liberty Server STIG – Ver 2, Rel 2
JBoss Enterprise Application Platform 6.3 STIG – Ver 2, Rel 6
Kubernetes STIG – Ver 2, Rel 3
Microsoft DotNet Framework 4.0 STIG – Ver 2, Rel 6
Microsoft IIS 10.0 STIG
Microsoft Office 365 ProPlus STIG – Ver 3, Rel 3
Microsoft SQL Server 2016 STIG
Oracle Database 12c STIG – Ver 3, Rel 4
Tanium 7.x TanOS STIG
Tanium 7.x STIG – Ver 2, Rel 2
Web Server SRG – Ver 4, Rel 3
Unclassified Mobility STIGs and SRGs:
https://cyber.mil/stigs/downloads/?_dl_facet_stigs=mobility
Apple iOS/iPadOS 18 STIG – Ver 1, Rel 3
Unclassified Network STIGs and SRGs:
https://cyber.mil/stigs/downloads/?_dl_facet_stigs=network-perimeter-wireless
Arista MLS EOS 4.X STIG
Cisco IOS Router STIG
Cisco IOS Switch STIG
Cisco IOS XE Router STIG
Cisco IOS XE Switch STIG
Cisco IOS XR Router STIG
Cisco NX OS Switch STIG
Infoblox 8.x DNS STIG – Ver 1, Rel 2
Juniper EX Series Switches STIG
Layer 2 Switch SRG – Ver 3, Rel 2
Microsoft Windows Server Domain Name System STIG – Ver 2, Rel 3
Mozilla Firefox STIG – Ver 6, Rel 6
Network Device Management SRG – Ver 5, Rel 3
Palo Alto Networks STIG
Splunk Enterprise 8.x for Linux STIG – Ver 2, Rel 2
Trend Micro TippingPoint STIG
Unclassified Operating System STIGs:
https://cyber.mil/stigs/downloads/?_dl_facet_stigs=operating-systems
Apple macOS 15 (Sequoia) STIG – Ver 1, Rel 3
Canonical Ubuntu 20.04 LTS STIG – Ver 2, Rel 2
Canonical Ubuntu 22.04 LTS STIG – Ver 2, Rel 4
CloudLinux AlmaLinux OS 9 STIG – Ver 1, Rel 2
IBM z/OS STIG
IBM zSecure Suite STIG – Ver 1, Rel 3
Microsoft Windows 10 STIG – Ver 3, Rel 4
Microsoft Windows 11 STIG – Ver 2, Rel 3
Microsoft Windows Server 2019 STIG – Ver 3, Rel 4
Microsoft Windows Server 2022 STIG – Ver 2, Rel 4
Oracle Linux 7 STIG – Ver 3, Rel 2
Oracle Linux 8 STIG – Ver 2, Rel 4
Red Hat Enterprise Linux 8 STIG – Ver 2, Rel 3
Red Hat Enterprise Linux 9 STIG – Ver 2, Rel 4
SUSE Linux Enterprise Server 15 STIG – Ver 2, Rel 4
VMware vSphere 7.0 STIG
VMware vSphere 8.0 STIG
z/OS ACF2 Products
z/OS RACF Products
z/OS SRR Scripts
z/OS TSS Products STIG
Sunset STIGs:
https://cyber.mil/stigs/downloads/?_dl_facet_stigs=sunset
Sunset – Microsoft SCOM STIG – Ver 1, Rel 2
Sunset – Tanium 7.0 STIG – Ver 2, Rel 1
Sunset – Tanium 7.3 STIG – Ver 2, Rel 3
Benchmarks:
https://cyber.mil/stigs/downloads/?_dl_facet_stigs=scap
Canonical Ubuntu 20.04 LTS STIG SCAP Benchmark – Ver 2, Rel 3
Canonical Ubuntu 22.04 LTS STIG SCAP Benchmark – Ver 2, Rel 2
Kubernetes STIG SCAP Benchmark – Ver 2, Rel 3
Microsoft DotNet Framework 4.0 STIG SCAP Benchmark – Ver 2, Rel 6
Microsoft Office 365 ProPlus STIG SCAP Benchmark – Ver 3, Rel 4
Microsoft Windows 10 STIG SCAP Benchmark – Ver 3, Rel 4
Microsoft Windows 11 STIG SCAP Benchmark – Ver 2, Rel 3
Microsoft Windows Server 2019 STIG SCAP Benchmark – Ver 3, Rel 4
Microsoft Windows Server 2022 STIG SCAP Benchmark – Ver 2, Rel 4
Mozilla Firefox for Linux STIG SCAP Benchmark – Ver 6, Rel 5
Mozilla Firefox for Windows STIG SCAP Benchmark – Ver 6, Rel 6
Oracle Linux 8 STIG SCAP Benchmark – Ver 2, Rel 4
Red Hat Enterprise Linux 8 STIG SCAP Benchmark – Ver 2, Rel 3
Red Hat Enterprise Linux 9 STIG SCAP Benchmark – Ver 2, Rel 4
SUSE Linux Enterprise Server 15 STIG SCAP Benchmark – Ver 2, Rel 4
Supplemental Automation Content:
https://cyber.mil/stigs/supplemental-automation-content/
Oracle Linux 8 STIG for Ansible – Ver 2, Rel 4
Red Hat Enterprise Linux 8 STIG for Ansible – Ver 2, Rel 3
Red Hat Enterprise Linux 9 STIG for Ansible – Ver 2, Rel 4
SUSE Linux Enterprise Server 15 for Ansible – Ver 2, Rel 4
CUI ESS STIGs:
https://cyber.mil/stigs/downloads/?_dl_facet_stigs=ess
ESS ePO 5.x STIG – Ver 3, Rel 4
Trellix ENS 10.x STIG – Ver 3, Rel 4
DISA releases the Motorola Solutions Android 13 Security Technical Implementation Guide
The Defense Information Systems Agency recently approved the Motorola Solutions Android 13 STIG, which is effective immediately upon release.
Customers who possess a Common Access Card that has valid Department of Defense certificates can obtain the STIG from the DOD Cyber Exchange website at https://cyber.mil/stigs/downloads/. The STIG is also available on the Cyber Exchange public site at https://public.cyber.mil/stigs/downloads.
Users who are unable to find and download the guide or other content can report their issue to the Cyber Exchange web team at dod.cyberexchange@mail.mil. Individuals who have further questions related to STIG content should email the DISA STIG customer support desk at disa.stig_spt@mail.mil.
DISA releases the Microsoft Entra ID Security Technical Implementation Guide
The Defense Information Systems Agency recently approved the Microsoft Entra ID Security Technical Implementation Guide (STIG), which is effective immediately upon release.
Customers who possess a Common Access Card that has valid Department of Defense certificates can obtain the STIG from the DOD Cyber Exchange website at https://cyber.mil/stigs/downloads/. The STIG is also available on the Cyber Exchange public site at https://public.cyber.mil/stigs/downloads.
Users who are unable to find and download the guide or other content can report their issue to the Cyber Exchange web team at dod.cyberexchange@mail.mil. Individuals who have further questions related to STIG content should email the DISA STIG customer support desk at disa.stig_spt@mail.mil.
PKI/PKE Announcements
New ECA PKI CAs released
The ECA PKI has recently deployed IdenTrust ECA S24 and IdenTrust ECA Component S24 . These new certificates are now available in the ECA PKI PKCS#7 Certificate Bundle v5.12.
https://dl.dod.cyber.mil/wp-content/uploads//pki-pke/zip/unclass-certificates_pkcs7_ECA.zip
New DoD PKI CAs released
The DoD PKI has recently deployed new CAs including DOD ID and EMAIL CAs 78-81, DOD SW CAs 82-85 and DOD DERILITY CAs 5-6. These new certificates are now available in the DoD PKI PKCS#7 Certificate Bundle v5.14.
https://dl.dod.cyber.mil/wp-content/uploads/pki-pke/zip/unclass-certificates_pkcs7_DoD.zip
Nothing Found
Sorry, no posts matched your criteria