General Cyber Exchange Announcements

Nothing Found

Sorry, no posts matched your criteria

SRGs/STIGs Announcements

DISA releases the Microsoft Defender for Endpoint Security Technical Implementation Guide    

The Defense Information Systems Agency recently approved the Microsoft Defender for Endpoint STIG, which is effective immediately upon release. 

 

Customers who possess a Common Access Card that has valid Department of Defense certificates can obtain the STIG from the DOD Cyber Exchange website at https://cyber.mil/stigs/downloads/. The STIG is also available on the Cyber Exchange public site at https://public.cyber.mil/stigs/downloads. 

 

Users who are unable to find and download the guide or other content can report their issue to the Cyber Exchange web team at dod.cyberexchange@mail.mil. Individuals who have further questions related to STIG content should email the DISA STIG customer support desk at disa.stig_spt@mail.mil. 

DISA releases the Arctic Wolf CylanceON-PREM Security Technical Implementation Guide

The Defense Information Systems Agency recently approved the Arctic Wolf CylanceON-PREM STIG, which is effective immediately upon release. 

 

Customers who possess a Common Access Card that has valid Department of Defense certificates can obtain the STIG from the DOD Cyber Exchange website at https://cyber.mil/stigs/downloads/. The STIG is also available on the Cyber Exchange public site at https://public.cyber.mil/stigs/downloads. 

 

Users who are unable to find and download the guide or other content can report their issue to the Cyber Exchange web team at dod.cyberexchange@mail.mil. Individuals who have further questions related to STIG content should email the DISA STIG customer support desk at disa.stig_spt@mail.mil. 

 

DISA releases out-of-cycle Apple iOS/iPad OS 18 STIG update

The Defense Information Systems Agency has released an out-of-cycle update for the Apple iOS/iPad OS 18 Security Technical Implementation Guide, which becomes effective immediately upon release. 

 

Customers who possess a Common Access Card that has valid Department of Defense certificates can obtain the files from the DOD Cyber Exchange website at https://cyber.mil/stigs/downloads/. The files are also available on the Cyber Exchange public site at https://public.cyber.mil/stigs/downloads.  

 

Users who are unable to find and download the files can report their issue to the Cyber Exchange web team at dod.cyberexchange@mail.mil. Individuals who have further questions related to STIG content should email the DISA STIG customer support desk at disa.stig_spt@mail.mil. 

DISA releases the RUCKUS ICX Security Technical Implementation Guide

The Defense Information Systems Agency recently approved the RUCKUS ICX STIG, which is effective immediately upon release. 

 

Customers who possess a Common Access Card that has valid Department of Defense certificates can obtain the STIG from the DOD Cyber Exchange website at https://cyber.mil/stigs/downloads/. The STIG is also available on the Cyber Exchange public site at https://public.cyber.mil/stigs/downloads. 

 

Users who are unable to find and download the guide or other content can report their issue to the Cyber Exchange web team at dod.cyberexchange@mail.mil. Individuals who have further questions related to STIG content should email the DISA STIG customer support desk at disa.stig_spt@mail.mil. 

DISA Releases the Cisco Application Centric Infrastructure Security Technical Implementation Guide

The Defense Information Systems Agency recently approved the Cisco ACI STIG, which is effective immediately upon release. 

 

Customers who possess a Common Access Card that has valid Department of Defense certificates can obtain the STIG from the DOD Cyber Exchange website at https://cyber.mil/stigs/downloads/. The STIG is also available on the Cyber Exchange public site at https://public.cyber.mil/stigs/downloads. 

 

Users who are unable to find and download the guide or other content can report their issue to the Cyber Exchange web team at dod.cyberexchange@mail.mil. Individuals who have further questions related to STIG content should email the DISA STIG customer support desk at disa.stig_spt@mail.mil. 

 

DISA releases the Microsoft SQL Server 2022 Security Technical Implementation Guide

The Defense Information Systems Agency recently approved the Microsoft SQL Server 2022 STIG, which is effective immediately upon release. 

 

Customers who possess a Common Access Card that has valid Department of Defense certificates can obtain the STIG from the DOD Cyber Exchange website at https://cyber.mil/stigs/downloads/. The STIG is also available on the Cyber Exchange public site at https://public.cyber.mil/stigs/downloads. 

 

Users who are unable to find and download the guide or other content can report their issue to the Cyber Exchange web team at dod.cyberexchange@mail.mil. Individuals who have further questions related to STIG content should email the DISA STIG customer support desk at disa.stig_spt@mail.mil. 

DISA releases out-of-cycle Apple iOS/iPad OS 18 STIG update

The Defense Information Systems Agency has released an out-of-cycle update for the Apple iOS/iPad OS 18 Security Technical Implementation Guide, which becomes effective immediately upon release.

Customers who possess a Common Access Card that has valid Department of Defense certificates can obtain the files from the DOD Cyber Exchange website at https://cyber.mil/stigs/downloads/. The files are also available on the Cyber Exchange public site at https://public.cyber.mil/stigs/downloads.

Users who are unable to find and download the files can report their issue to the Cyber Exchange web team at dod.cyberexchange@mail.mil. Individuals who have further questions related to STIG content should email the DISA STIG customer support desk at disa.stig_spt@mail.mil.

Request for comments - DISA releases draft Canonical Ubuntu 24.04 STIG SCAP benchmark snapshot for review

The Defense Information Systems Agency recently released the draft Canonical Ubuntu 24.04 Security Technical Implementation Guide (STIG) Security Content Automation Protocol (SCAP) benchmark snapshot for review.

The draft benchmark is a snapshot of SCAP content developed for the technology and does not include the full spectrum of content expected to be included in the final release of the benchmark.

Customers who possess a Common Access Card with valid Department of Defense certificates can submit comments and/or recommended changes to the draft benchmark snapshot on the comment matrix spreadsheet by 23 July 2025. The spreadsheet is located with the benchmark at https://cyber.mil/stigs/downloads/.

The draft benchmark snapshot and comment matrix are also available on the Cyber Exchange public site at https://public.cyber.mil/stigs/downloads.

Please limit comments and recommendations in the comment matrix to those that address the benchmark. Questions regarding the manual STIG should be sent to dod.cyberexchange@mail.mil.

Please email comments to disa.stig_spt@mail.mil and include the title and version of the benchmark in the subject line.

Users who are unable to find and download these files or other content can report their issue to the Cyber Exchange web team at dod.cyberexchange@mail.mil.

DISA releases Canonical Ubuntu 22.04 STIG with Chef

The Defense Information Systems Agency recently released the Canonical Ubuntu 22.04 Security Technical Implementation Guide with Chef. This content is published as a resource to assist in the application of security guidance to systems. 

 

Customers who possess a Common Access Card that has valid Department of Defense certificates can obtain the file from the DOD Cyber Exchange website at https://cyber.mil/stigs/supplemental-automation-content/. The file is also available on the Cyber Exchange public site at https://public.cyber.mil/stigs/supplemental-automation-content/. 

 

Users who are unable to find and download the content can report their issue to the Cyber Exchange web team at dod.cyberexchange@mail.mil. Individuals who have further questions related to STIG content should email the DISA STIG customer support desk at disa.stig_spt@mail.mil. 

DISA releases Canonical Ubuntu 22.04 STIG with Ansible

The Defense Information Systems Agency recently released the Canonical Ubuntu 22.04 Security Technical Implementation Guide with Ansible. This content is published as a resource to assist in the application of security guidance to systems.

Customers who possess a Common Access Card that has valid Department of Defense certificates can obtain the file from the DOD Cyber Exchange website at https://cyber.mil/stigs/supplemental-automation-content/. The file is also available on the Cyber Exchange public site at https://public.cyber.mil/stigs/supplemental-automation-content/.

Users who are unable to find and download the content can report their issue to the Cyber Exchange web team at dod.cyberexchange@mail.mil. Individuals who have further questions related to STIG content should email the DISA STIG customer support desk at disa.stig_spt@mail.mil.

Request for comments - DISA releases the draft Application Programming Interface Security Requirements Guide for review

The Defense Information Systems Agency recently released the draft API SRG for review.  

 

Customers who possess a Common Access Card that has valid Department of Defense certificates can submit comments and/or recommended changes to the draft SRG by 12 June 2025 on the comment matrix spreadsheet, which is located with the SRG at https://cyber.mil/stigs/downloads/.  

 

The draft SRG and comment matrix are also available on the Cyber Exchange public site at https://public.cyber.mil/stigs/downloads.  

 

Please email comments to disa.stig_spt@mail.mil and include the title and version of the SRG in the subject line. 

 

Users who are unable to find and download these files or other content can report their issue to the Cyber Exchange web team at dod.cyberexchange@mail.mil. 

DISA releases the Samsung Android 15 BYOAD Security Technical Implementation Guide

The Defense Information Systems Agency recently approved the Samsung Android 15 BYOAD STIG, which is effective immediately upon release. 

 

Customers who possess a Common Access Card that has valid Department of Defense certificates can obtain the STIG from the DOD Cyber Exchange website at https://cyber.mil/stigs/downloads/. The STIG is also available on the Cyber Exchange public site at https://public.cyber.mil/stigs/downloads. 

 

Users who are unable to find and download the guide or other content can report their issue to the Cyber Exchange web team at dod.cyberexchange@mail.mil. Individuals who have further questions related to STIG content should email the DISA STIG customer support desk at disa.stig_spt@mail.mil. 

PKI/PKE Announcements