General Cyber Exchange Announcements
Nothing Found
Sorry, no posts matched your criteria
SRGs/STIGs Announcements
DISA releases the Dell OS10 Switch Security Technical Implementation Guide
The Defense Information Systems Agency recently approved the Dell OS10 Switch Security Technical Implementation Guide (STIG), which is effective immediately upon release.
Customers who possess a Common Access Card that has valid Department of Defense certificates can obtain the STIG from the DOD Cyber Exchange website at https://cyber.mil/stigs/downloads/. The STIG is also available on the Cyber Exchange public site at https://public.cyber.mil/stigs/downloads.
Users who are unable to find and download the guide or other content can report their issue to the Cyber Exchange web team at dod.cyberexchange@mail.mil. Individuals who have further questions related to STIG content should email the DISA STIG customer support desk at disa.stig_spt@mail.mil.
Request for comments - DISA releases draft Canonical Ubuntu 22.04 STIG SCAP benchmark snapshot for review
The Defense Information Systems Agency recently released the draft Canonical Ubuntu 22.04 Security Technical Implementation Guide (STIG) Security Content Automation Protocol (SCAP) benchmark snapshot for review.
The draft benchmark is a snapshot of SCAP content developed for the technology and does not include the full spectrum of content expected to be included in the final release of the benchmark.
Customers who possess a Common Access Card that has valid Department of Defense certificates can submit comments and/or recommended changes to the draft benchmark snapshot by 21 January 2025 on the comment matrix spreadsheet, which is located with the benchmark at https://cyber.mil/stigs/downloads/.
The draft benchmark snapshot and comment matrix are also available on the Cyber Exchange public site at https://public.cyber.mil/stigs/downloads.
Please limit comments and recommendations in the comment matrix to those that address the benchmark. Questions regarding the manual STIG should be sent to dod.cyberexchange@mail.mil.
Please email comments to disa.stig_spt@mail.mil and include the title and version of the benchmark in the subject line.
Users who are unable to find and download these files or other content can report their issue to the Cyber Exchange web team at dod.cyberexchange@mail.mil.
DISA releases the CloudLinux Alma Linux OS 9 Security Technical Implementation Guide
The Defense Information Systems Agency recently approved the CloudLinux Alma Linux OS 9 Security Technical Implementation Guide (STIG), which is effective immediately upon release.
Customers who possess a Common Access Card that has valid Department of Defense certificates can obtain the STIG from the DOD Cyber Exchange website at https://cyber.mil/stigs/downloads/. The STIG is also available on the Cyber Exchange public site at https://public.cyber.mil/stigs/downloads.
Users who are unable to find and download the guide or other content can report their issue to the Cyber Exchange web team at dod.cyberexchange@mail.mil. Individuals who have further questions related to STIG content should email the DISA STIG customer support desk at disa.stig_spt@mail.mil.
Request for comments - DISA releases the draft Microsoft Entra ID STIG for review
The Defense Information Systems Agency recently released the draft Microsoft Entra ID Security Technical Implementation Guide (STIG) for review.
Customers who possess a Common Access Card that has valid Department of Defense certificates can submit comments and/or recommended changes to the draft STIG by 12 December 2024 on the comment matrix spreadsheet, which is located with the STIG/SRG at https://cyber.mil/stigs/downloads/.
The draft STIG and comment matrix are also available on the Cyber Exchange public site at https://public.cyber.mil/stigs/downloads.
Please email comments to disa.stig_spt@mail.mil and include the title and version of the STIG in the subject line.
Users who are unable to find and download these files or other content can report their issue to the Cyber Exchange web team at dod.cyberexchange@mail.mil.
DISA releases the Anduril NixOS Security Technical Implementation Guide
The Defense Information Systems Agency recently approved the Anduril NixOS Security Technical Implementation Guide (STIG), which is effective immediately upon release.
Customers who possess a Common Access Card that has valid Department of Defense certificates can obtain the STIG from the DOD Cyber Exchange website at https://cyber.mil/stigs/downloads/. The STIG is also available on the Cyber Exchange public site at https://public.cyber.mil/stigs/downloads.
Users who are unable to find and download the guide or other content can report their issue to the Cyber Exchange web team at dod.cyberexchange@mail.mil. Individuals who have further questions related to STIG content should email the DISA STIG customer support desk at disa.stig_spt@mail.mil.
DISA releases the Samsung Android OS 15 with Knox 3.x Security Technical Implementation Guide
The Defense Information Systems Agency recently approved the Samsung Android OS 15 with Knox 3.x Security Technical Implementation Guide (STIG) which is effective immediately upon release.
Customers who possess a Common Access Card that has valid Department of Defense certificates can obtain the STIG from the DOD Cyber Exchange website at https://cyber.mil/stigs/downloads/. The STIG is also available on the Cyber Exchange public site at https://public.cyber.mil/stigs/downloads.
Users who are unable to find and download the guide or other content can report their issue to the Cyber Exchange web team at dod.cyberexchange@mail.mil. Individuals who have further questions related to STIG content should email the DISA STIG customer support desk at disa.stig_spt@mail.mil.
DISA releases the HPE Aruba Networking AOS Security Technical Implementation Guide
The Defense Information Systems Agency recently approved the HPE Aruba Networking AOS Security Technical Implementation Guide (STIG), which is effective immediately upon release.
Customers who possess a Common Access Card that has valid Department of Defense certificates can obtain the STIG from the DOD Cyber Exchange website at https://cyber.mil/stigs/downloads/. The STIG is also available on the Cyber Exchange public site at https://public.cyber.mil/stigs/downloads.
Users who are unable to find and download the guide or other content can report their issue to the Cyber Exchange web team at dod.cyberexchange@mail.mil. Individuals who have further questions related to STIG content should email the DISA STIG customer support desk at disa.stig_spt@mail.mil.
DISA releases the HYCU Protégé Security Technical Implementation Guide
The Defense Information Systems Agency recently approved the HYCU Protégé Security Technical Implementation Guide (STIG), which is effective immediately upon release.
Customers who possess a Common Access Card that has valid Department of Defense certificates can obtain the STIG from the DOD Cyber Exchange website at https://cyber.mil/stigs/downloads/. The STIG is also available on the Cyber Exchange public site at https://public.cyber.mil/stigs/downloads.
Users who are unable to find and download the guide or other content can report their issue to the Cyber Exchange web team at dod.cyberexchange@mail.mil. Individuals who have further questions related to STIG content should email the DISA STIG customer support desk at disa.stig_spt@mail.mil.
GPO Update
Group Policy Objects (GPOs) have been updated for October 2024. Refer to the Change Log document included in the zip file for additional information.
The DISA Risk Management Executive posts the GPOs for use by system administrators to ease the burden in securing systems within their environment.
The GPOs can be found on the Cyber Exchange website on the Group Policy Objects tab:
- DOD Cyber Exchange – https://cyber.mil/stigs/gpo/ (Common Access Card required).
- DOD Cyber Exchange Public – https://public.cyber.mil/stigs/gpo/.
List of GPOs currently in the package:
Office Products
- Access 2013
- Access 2016
- Excel 2013
- Excel 2016
- InfoPath 2013
- Lync 2013
- Office 2019-M365 Apps
- Office System 2013
- Office System 2016
- OneDrive for Business 2016
- Outlook 2013
- Outlook 2016
- PowerPoint 2013
- PowerPoint 2016
- Project 2013
- Project 2016
- Publisher 2013
- Publisher 2016
- Skype for Business 2016
- Visio 2013
- Visio 2016
- Word 2013
- Word 2016
Browsers
- Edge
- Google Chrome
- Internet Explorer 11
- Mozilla Firefox
Antivirus
- Windows Defender AV
Adobe Acrobat
- Adobe Acrobat Pro DC Continuous
- Adobe Acrobat Reader DC Continuous
Operating Systems
- Windows 10
- Windows 11
- Windows Firewall
- Windows 2012 R2 DC
- Windows 2012 R2 MS
- Windows Server 2016 (MS and DC)
- Windows Server 2019 (MS and DC)
- Windows Server 2022
Assistance
For issues accessing files, email the Cyber Exchange web team at dod.cyberexchange@mail.mil.
For questions related to STIG content, email the DISA STIG Customer Support Desk at disa.stig_spt@mail.mil.
STIG Update
Note: All STIGs converted to NIST SP 800-53 Rev. 5 CCIs for Q3 (July 2024) were updated to include the deprecated Rev. 4 CCIs to ensure all vulnerabilities are captured in eMASS. STIGs with Rev. 4 reversions that had no other changes for the quarter did not increment in release number. All new STIG releases will be Rev. 5 only.
DISA recently released the following updated Security Guidance, Security Readiness Review Scripts, and Benchmarks:
Unclassified Application STIGs :
https://cyber.mil/stigs/downloads/?_dl_facet_stigs=app-security
https://public.cyber.mil/stigs/downloads/?_dl_facet_stigs=app-security
CA IDMS STIG – Ver 2, Rel 1
Database SRG – Ver 4, Rel 2
Google Chrome Current Windows STIG – Ver 2, Rel 10
IBM WebSphere Liberty Server STIG – Ver 2, Rel 1
JBoss Enterprise Application Platform 6.3 STIG – Ver 2, Rel 5
Kubernetes STIG – Ver 2, Rel 2
MariaDB Enterprise 10.x STIG – Ver 2, Rel 2
MarkLogic Server v9 STIG – Ver 3, Rel 2
Microsoft Azure SQL Database STIG – Ver 2, Rel 2
Microsoft Edge STIG – Ver 2, Rel 2
Microsoft Exchange 2019 STIG
Microsoft IIS 10.0 STIG
MS SQL Server 2016 STIG
Oracle Database 12c STIG – Ver 3, Rel 2
Oracle MySQL 8.0 STIG – Ver 2, Rel 2
Rancher Government Solutions RKE2 STIG – Ver 2, Rel 2
Red Hat Ansible Automation Controller STIG
Redis Enterprise 6.x STIG – Ver 2, Rel 2
Web Server SRG – Ver 4, Rel 2
Unclassified Mobility STIGs and SRGs:
https://cyber.mil/stigs/downloads/?_dl_facet_stigs=mobility
https://public.cyber.mil/stigs/downloads/?_dl_facet_stigs=mobility
ISEC7 Sphere STIG – Ver 3, Rel 1
Ivanti EPMM Server STIG – Ver 3, Rel 1
Ivanti Sentry 9.x STIG
Unclassified Network STIGs and SRGs:
https://cyber.mil/stigs/downloads/?_dl_facet_stigs=network-perimeter-wireless
https://public.cyber.mil/stigs/downloads/?_dl_facet_stigs=network-perimeter-wireless
Cisco ASA STIG
Cisco IOS Router STIG
Cisco IOS Switch STIG
Cisco IOS XE Router STIG
Cisco IOS XE Switch STIG
Cisco IOS XR Router STIG
Cisco ISE STIG
Cisco NX OS Switch STIG
Enterprise Voice, Video, and Messaging SRG
Forescout STIG
Ivanti Connect Secure STIG
Juniper EX Series Switches STIG
Juniper SRX Services Gateway STIG
NetApp ONTAP DSC 9.x STIG – Ver 2, Rel 2
Network Device Management SRG – Ver 5, Rel 2
Network Infrastructure Policy STIG – Ver 10, Rel 7
Palo Alto Networks STIG
Trend Micro TippingPoint STIG
Virtual Private Network (VPN) SRG – Ver 3, Rel 2
Unclassified Operating System STIGs and Overviews:
https://cyber.mil/stigs/downloads/?_dl_facet_stigs=operating-systems
https://public.cyber.mil/stigs/downloads/?_dl_facet_stigs=operating-systems
Apple macOS 14 (Sonoma) STIG – Ver 2, Rel 2
Canonical Ubuntu 20.04 LTS STIG – Ver 2, Rel 1
Canonical Ubuntu 22.04 LTS STIG – Ver 2, Rel 2
IBM AIX 7.x STIG – Ver 3, Rel 1
IBM Hardware Management Console (HMC) STIG – Ver 2, Rel 1
IBM z/OS STIG
Mainframe Product SRG – Ver 3, Rel 2
Oracle Linux 7 STIG – Ver 3, Rel 1
Oracle Linux 8 STIG – Ver 2, Rel 2
Red Hat Enterprise Linux 8 STIG – Ver 2, Rel 1
Red Hat Enterprise Linux 9 STIG – Ver 2, Rel 2
SUSE Linux Enterprise Server 12 STIG – Ver 3, Rel 1
SUSE Linux Enterprise Server 15 STIG – Ver 2, Rel 2
z/OS ACF2 Products – Ver 6, Rel 62
z/OS RACF Products – Ver 6, Rel 62
z/OS SRR Scripts – Ver 6, Rel 62
z/OS TSS Products – Ver 6, Rel 62
Unclassified Uncategorized STIGs:
https://public.cyber.mil/stigs/downloads/
https://cyber.mil/stigs/downloads
Traditional Security Checklist – Ver 2, Rel 6
Benchmarks:
https://cyber.mil/stigs/downloads/?_dl_facet_stigs=scap
https://public.cyber.mil/stigs/downloads/?_dl_facet_stigs=scap
Canonical Ubuntu 18.04 LTS STIG Benchmark – Ver 2, Rel 11
Canonical Ubuntu 20.04 LTS STIG SCAP Benchmark – Ver 2, Rel 2
Cisco IOS XE Router NDM STIG SCAP Benchmark – Ver 3, Rel 2
Cisco IOS XE Router RTR STIG SCAP Benchmark – Ver 3, Rel 2
Google Chrome Current Windows STIG SCAP Benchmark – Ver 2, Rel 10
Kubernetes STIG SCAP Benchmark – Ver 2, Rel 2
Microsoft Office 365 Pro Plus STIG SCAP Benchmark – Ver 3, Rel 2
Oracle Linux 7 STIG SCAP Benchmark – Ver 3, Rel 1
Oracle Linux 8 STIG SCAP Benchmark – Ver 2, Rel 2
Red Hat Enterprise Linux 8 STIG SCAP Benchmark – Ver 2, Rel 1
Red Hat Enterprise Linux 9 STIG SCAP Benchmark – Ver 2, Rel 2
SLES 12 STIG SCAP Benchmark – Ver 3, Rel 1
Solaris 11 SPARC STIG SCAP Benchmark – Ver 3, Rel 2
Solaris 11 x86 STIG SCAP Benchmark – Ver 3, Rel 2
SUSE Linux Enterprise Server 15 STIG SCAP Benchmark – Ver 2, Rel 2
Tri-Lab Operating System Stack (TOSS) 4 STIG SCAP Benchmark – Ver 2, Rel 2
DISA releases the Apple macOS 15 (Sequoia) Security Technical Implementation Guide
The Defense Information Systems Agency recently approved the Apple macOS 15 (Sequoia) Security Technical Implementation Guide (STIG) which is effective immediately upon release.
Customers who possess a Common Access Card that has valid Department of Defense certificates can obtain the STIG from the DOD Cyber Exchange website at https://cyber.mil/stigs/downloads/. The STIG is also available on the Cyber Exchange public site at https://public.cyber.mil/stigs/downloads.
Users who are unable to find and download the guide or other content can report their issue to the Cyber Exchange web team at dod.cyberexchange@mail.mil. Individuals who have further questions related to STIG content should email the DISA STIG customer support desk at disa.stig_spt@mail.mil.
DISA releases the Microsoft Intune Desktop Security Technical Implementation Guide
The Defense Information Systems Agency recently approved the Microsoft Intune Desktop Security Technical Implementation Guide (STIG), which is effective immediately upon release.
Customers who possess a Common Access Card that has valid Department of Defense certificates can obtain the STIG from the DOD Cyber Exchange website at https://cyber.mil/stigs/downloads/. The STIG is also available on the Cyber Exchange public site at https://public.cyber.mil/stigs/downloads.
Users who are unable to find and download the guide or other content can report their issue to the Cyber Exchange web team at dod.cyberexchange@mail.mil. Individuals who have further questions related to STIG content should email the DISA STIG customer support desk at disa.stig_spt@mail.mil.
PKI/PKE Announcements
DoD Approved External PKI Certificate Trust Chains - Version 11.2
This zip file contains certificate trust chains for DoD Approved External PKIs. DoD Approved External PKI Certificate Trust Chains – Version 11.2
DoD Approved External PKIs Master Document - Version 11.2
This document provides Certification Authority (CA) certificate trust chain and assurance level information for all Department of Defense (DoD) approved Public Key Infrastructures (PKIs). DoD Approved External PKIs Master Document – Version 11.2
New ECA PKI CAs Released
New WCF CAs released
The WCF PKI has recently deployed updated WCF Signing CAs 1-10. These new certificates are now available in the WCF PKI PKCS#7 Certificate Bundle v5.15.