General Cyber Exchange Announcements
SRGs/STIGs Announcements
DISA releases the Okta IDaaS Security Technical Implementation Guide
The Defense Information Systems Agency recently approved the Okta IDaaS STIG, which is effective immediately upon release.
Customers who possess a Common Access Card that has valid Department of Defense certificates can obtain the STIG from the DOD Cyber Exchange website at https://cyber.mil/stigs/downloads/. The STIG is also available on the Cyber Exchange public site at https://public.cyber.mil/stigs/downloads.
Users who are unable to find and download the guide or other content can report their issue to the Cyber Exchange web team at dod.cyberexchange@mail.mil. Individuals who have further questions related to STIG content should email the DISA STIG customer support desk at disa.stig_spt@mail.mil.
GPO and Intune Policy Update
Note: This quarter, the pre-built Intune STIG Policies normally included within the GPO package have been placed in a separate package, called Intune Policy, for enhanced visibility.
Group Policy Objects and Intune Policies have been updated for April 2025. Refer to the Change Log document included in the zip file for additional information.
The DISA Risk Management Executive posts the GPOs and Intune Policies for use by system administrators to ease the burden in securing systems within their environment.
The GPOs and Intune Policies can be found on the Cyber Exchange website on the Group Policy Objects tab:
- DOD Cyber Exchange – https://cyber.mil/stigs/gpo/ (Common Access Card required).
- DOD Cyber Exchange Public – https://public.cyber.mil/stigs/gpo/.
List of GPOs:
Office Products
- Access 2016
- Excel 2016
- Office 2019-M365 Apps
- Office System 2016
- OneDrive for Business 2016
- Outlook 2016
- PowerPoint 2016
- Project 2016
- Publisher 2016
- Skype for Business 2016
- Visio 2016
- Word 2016
Browsers
- Edge
- Google Chrome
- Internet Explorer 11
- Mozilla Firefox
Antivirus
- Microsoft Defender Antivirus
Adobe Acrobat
- Adobe Acrobat Pro DC Continuous
- Adobe Acrobat Reader DC Continuous
Operating Systems
- Windows 10
- Windows 11
- Windows Firewall
- Windows Server 2016 (MS and DC)
- Windows Server 2019 (MS and DC)
- Windows Server 2022
List of Intune Policies:
Office Products
- Office 2019-M365 Apps
- OneDrive for Business 2016
Browsers
- Edge
- Google Chrome
- Internet Explorer 11
- Mozilla Firefox
Antivirus
- Microsoft Defender Antivirus
Adobe Acrobat
- Adobe Acrobat Pro DC Continuous
- Adobe Acrobat Reader DC Continuous
Operating Systems
- Windows 10
- Windows 11
Assistance
For issues accessing files, email the Cyber Exchange web team at dod.cyberexchange@mail.mil.
For questions related to STIG content, email the DISA STIG Customer Support Desk at disa.stig_spt@mail.mil.
DISA releases the Oracle Linux 9 Security Technical Implementation Guide
The Defense Information Systems Agency recently approved the Oracle Linux 9 Security Technical Implementation Guide, which is effective immediately upon release.
Customers who possess a Common Access Card that has valid Department of Defense certificates can obtain the STIG from the DOD Cyber Exchange website at https://cyber.mil/stigs/downloads/. The STIG is also available on the Cyber Exchange public site at https://public.cyber.mil/stigs/downloads.
Users who are unable to find and download the guide or other content can report their issue to the Cyber Exchange web team at dod.cyberexchange@mail.mil. Individuals who have further questions related to STIG content should email the DISA STIG customer support desk at disa.stig_spt@mail.mil.
DISA recently released the following updated Security Guidance, Security Readiness Review Scripts, and Benchmarks.
Note: The STIGs converted to NIST SP 800-53 Rev. 5 CCIs in previous quarters have been updated to include the deprecated Rev. 4 CCIs to ensure all vulnerabilities are captured in eMASS.
Unclassified Application STIGs:
https://cyber.mil/stigs/downloads/?_dl_facet_stigs=app-security
Apache Server 2.4 Unix STIG
Apache Server 2.4 Windows STIG
Apache Tomcat Application Server 9 STIG – Ver 3, Rel 2
Application Security and Development STIG – Ver 6, Rel 3
Application Server SRG – Ver 4, Rel 3
IBM WebSphere Liberty Server STIG – Ver 2, Rel 2
JBoss Enterprise Application Platform 6.3 STIG – Ver 2, Rel 6
Kubernetes STIG – Ver 2, Rel 3
Microsoft DotNet Framework 4.0 STIG – Ver 2, Rel 6
Microsoft IIS 10.0 STIG
Microsoft Office 365 ProPlus STIG – Ver 3, Rel 3
Microsoft SQL Server 2016 STIG
Oracle Database 12c STIG – Ver 3, Rel 4
Tanium 7.x TanOS STIG
Tanium 7.x STIG – Ver 2, Rel 2
Web Server SRG – Ver 4, Rel 3
Unclassified Mobility STIGs and SRGs:
https://cyber.mil/stigs/downloads/?_dl_facet_stigs=mobility
Apple iOS/iPadOS 18 STIG – Ver 1, Rel 3
Unclassified Network STIGs and SRGs:
https://cyber.mil/stigs/downloads/?_dl_facet_stigs=network-perimeter-wireless
Arista MLS EOS 4.X STIG
Cisco IOS Router STIG
Cisco IOS Switch STIG
Cisco IOS XE Router STIG
Cisco IOS XE Switch STIG
Cisco IOS XR Router STIG
Cisco NX OS Switch STIG
Infoblox 8.x DNS STIG – Ver 1, Rel 2
Juniper EX Series Switches STIG
Layer 2 Switch SRG – Ver 3, Rel 2
Microsoft Windows Server Domain Name System STIG – Ver 2, Rel 3
Mozilla Firefox STIG – Ver 6, Rel 6
Network Device Management SRG – Ver 5, Rel 3
Palo Alto Networks STIG
Splunk Enterprise 8.x for Linux STIG – Ver 2, Rel 2
Trend Micro TippingPoint STIG
Unclassified Operating System STIGs:
https://cyber.mil/stigs/downloads/?_dl_facet_stigs=operating-systems
Apple macOS 15 (Sequoia) STIG – Ver 1, Rel 3
Canonical Ubuntu 20.04 LTS STIG – Ver 2, Rel 2
Canonical Ubuntu 22.04 LTS STIG – Ver 2, Rel 4
CloudLinux AlmaLinux OS 9 STIG – Ver 1, Rel 2
IBM z/OS STIG
IBM zSecure Suite STIG – Ver 1, Rel 3
Microsoft Windows 10 STIG – Ver 3, Rel 4
Microsoft Windows 11 STIG – Ver 2, Rel 3
Microsoft Windows Server 2019 STIG – Ver 3, Rel 4
Microsoft Windows Server 2022 STIG – Ver 2, Rel 4
Oracle Linux 7 STIG – Ver 3, Rel 2
Oracle Linux 8 STIG – Ver 2, Rel 4
Red Hat Enterprise Linux 8 STIG – Ver 2, Rel 3
Red Hat Enterprise Linux 9 STIG – Ver 2, Rel 4
SUSE Linux Enterprise Server 15 STIG – Ver 2, Rel 4
VMware vSphere 7.0 STIG
VMware vSphere 8.0 STIG
z/OS ACF2 Products
z/OS RACF Products
z/OS SRR Scripts
z/OS TSS Products STIG
Sunset STIGs:
https://cyber.mil/stigs/downloads/?_dl_facet_stigs=sunset
Sunset – Microsoft SCOM STIG – Ver 1, Rel 2
Sunset – Tanium 7.0 STIG – Ver 2, Rel 1
Sunset – Tanium 7.3 STIG – Ver 2, Rel 3
Benchmarks:
https://cyber.mil/stigs/downloads/?_dl_facet_stigs=scap
Canonical Ubuntu 20.04 LTS STIG SCAP Benchmark – Ver 2, Rel 3
Canonical Ubuntu 22.04 LTS STIG SCAP Benchmark – Ver 2, Rel 2
Kubernetes STIG SCAP Benchmark – Ver 2, Rel 3
Microsoft DotNet Framework 4.0 STIG SCAP Benchmark – Ver 2, Rel 6
Microsoft Office 365 ProPlus STIG SCAP Benchmark – Ver 3, Rel 4
Microsoft Windows 10 STIG SCAP Benchmark – Ver 3, Rel 4
Microsoft Windows 11 STIG SCAP Benchmark – Ver 2, Rel 3
Microsoft Windows Server 2019 STIG SCAP Benchmark – Ver 3, Rel 4
Microsoft Windows Server 2022 STIG SCAP Benchmark – Ver 2, Rel 4
Mozilla Firefox for Linux STIG SCAP Benchmark – Ver 6, Rel 5
Mozilla Firefox for Windows STIG SCAP Benchmark – Ver 6, Rel 6
Oracle Linux 8 STIG SCAP Benchmark – Ver 2, Rel 4
Red Hat Enterprise Linux 8 STIG SCAP Benchmark – Ver 2, Rel 3
Red Hat Enterprise Linux 9 STIG SCAP Benchmark – Ver 2, Rel 4
SUSE Linux Enterprise Server 15 STIG SCAP Benchmark – Ver 2, Rel 4
Supplemental Automation Content:
https://cyber.mil/stigs/supplemental-automation-content/
Oracle Linux 8 STIG for Ansible – Ver 2, Rel 4
Red Hat Enterprise Linux 8 STIG for Ansible – Ver 2, Rel 3
Red Hat Enterprise Linux 9 STIG for Ansible – Ver 2, Rel 4
SUSE Linux Enterprise Server 15 for Ansible – Ver 2, Rel 4
CUI ESS STIGs:
https://cyber.mil/stigs/downloads/?_dl_facet_stigs=ess
ESS ePO 5.x STIG – Ver 3, Rel 4
Trellix ENS 10.x STIG – Ver 3, Rel 4
DISA releases the Motorola Solutions Android 13 Security Technical Implementation Guide
The Defense Information Systems Agency recently approved the Motorola Solutions Android 13 STIG, which is effective immediately upon release.
Customers who possess a Common Access Card that has valid Department of Defense certificates can obtain the STIG from the DOD Cyber Exchange website at https://cyber.mil/stigs/downloads/. The STIG is also available on the Cyber Exchange public site at https://public.cyber.mil/stigs/downloads.
Users who are unable to find and download the guide or other content can report their issue to the Cyber Exchange web team at dod.cyberexchange@mail.mil. Individuals who have further questions related to STIG content should email the DISA STIG customer support desk at disa.stig_spt@mail.mil.
DISA releases the Microsoft Entra ID Security Technical Implementation Guide
The Defense Information Systems Agency recently approved the Microsoft Entra ID Security Technical Implementation Guide (STIG), which is effective immediately upon release.
Customers who possess a Common Access Card that has valid Department of Defense certificates can obtain the STIG from the DOD Cyber Exchange website at https://cyber.mil/stigs/downloads/. The STIG is also available on the Cyber Exchange public site at https://public.cyber.mil/stigs/downloads.
Users who are unable to find and download the guide or other content can report their issue to the Cyber Exchange web team at dod.cyberexchange@mail.mil. Individuals who have further questions related to STIG content should email the DISA STIG customer support desk at disa.stig_spt@mail.mil.
The SCC team is pleased to announce the release of SCC 5.10.2, which contains:
- Update SCAP content based on NIWC content for DISA Q1 2025 release of STIG manuals
- Updated internal dependencies such as libxml2, OpenSSH, OpenSSL
- Several minor bugfixes
Available from Cyber Exchange in the next week or two at:
DISA releases STIG Viewer 3.5.1
The Defense Information Systems Agency recently released the Security Technical Implementation Guide (STIG) Viewer 3.5.1. This update includes refreshed software dependencies to enhance performance and stability. There are no changes to functionality.
Customers who possess a Common Access Card that has valid Department of Defense certificates can obtain the files from the DOD Cyber Exchange website at https://cyber.mil/stigs/downloads/. The files are also available on the Cyber Exchange public site at https://public.cyber.mil/stigs/downloads.
Users who are unable to find and download the content can report their issue to the Cyber Exchange web team at dod.cyberexchange@mail.mil. Individuals who have further questions related to STIG content should email the DISA STIG customer support desk at disa.stig_spt@mail.mil.
Request for comments - DISA releases the draft Microsoft Defender for Endpoint STIG for review
The Defense Information Systems Agency recently released the draft Microsoft Defender for Endpoint Security Technical Implementation Guide (STIG) for review.
Customers who possess a Common Access Card that has valid Department of Defense certificates can submit comments and/or recommended changes to the draft STIG by 15 April 2025 on the comment matrix spreadsheet, which is located with the STIG at https://cyber.mil/stigs/downloads/.
The draft STIG and comment matrix are also available on the Cyber Exchange public site at https://public.cyber.mil/stigs/downloads.
Please email comments to disa.stig_spt@mail.mil and include the title and version of the STIG in the subject line.
Users who are unable to find and download these files or other content can report their issue to the Cyber Exchange web team at dod.cyberexchange@mail.mil.
Request for comments - DISA releases the draft BIND 9.x V3 STIG for review
The Defense Information Systems Agency recently released the draft BIND 9.x version 3 Security Technical Implementation Guide (STIG) for review.
Customers who possess a Common Access Card that has valid Department of Defense certificates can submit comments and/or recommended changes to the draft STIG by 08 April 2025 on the comment matrix spreadsheet, which is located with the STIG at https://cyber.mil/stigs/downloads/.
The draft STIG and comment matrix are also available on the Cyber Exchange public site at https://public.cyber.mil/stigs/downloads.
Please email comments to disa.stig_spt@mail.mil and include the title and version of the STIG in the subject line.
Users who are unable to find and download these files or other content can report their issue to the Cyber Exchange web team at dod.cyberexchange@mail.mil.
DISA recently released the following updated Security Guidance, Security Readiness Review Scripts, and Benchmarks.
Note: The STIGs converted to NIST SP 800-53 Rev. 5 CCIs in previous quarters have been updated to include the deprecated Rev. 4 CCIs to ensure all vulnerabilities are captured in eMASS.
Unclassified Application STIGs:
https://cyber.mil/stigs/downloads/?_dl_facet_stigs=app-security
https://public.cyber.mil/stigs/downloads/?_dl_facet_stigs=app-security
Apache Server 2.4 Unix STIG
Apache Server 2.4 Windows STIG
Application Security and Development STIG – Ver 6, Rel 2
Application Server SRG – Ver 4, Rel 2
Container Platform SRG – Ver 2, Rel 2
Database SRG – Ver 4, Rel 3
Dragos Platform 2.x STIG – Ver 1, Rel 2
MariaDB Enterprise 10.x STIG – Ver 2, Rel 3
Microsoft .Net Framework 4.0 STIG – Ver 2, Rel 5
Microsoft Exchange 2016 STIG
Microsoft Exchange 2019 STIG
Microsoft Office 365 ProPlus STIG – Ver 3, Rel 2
Microsoft Office System 2016 STIG – Ver 2, Rel 4
Microsoft SharePoint 2013 STIG – Ver 2, Rel 4
Microsoft SQL Server 2016 STIG
Oracle Database 12c STIG – Ver 3, Rel 3
Palo Alto Networks Prisma Cloud Compute STIG – Ver 2, Rel 2
Rancher Government Solutions RKE2 STIG – Ver 2, Rel 3
Red Hat OpenShift Container Platform 4.12 STIG – Ver 2, Rel 2
Unclassified Mobility STIGs and SRGs:
https://cyber.mil/stigs/downloads/?_dl_facet_stigs=mobility
https://public.cyber.mil/stigs/downloads/?_dl_facet_stigs=mobility
Apple iOS/iPadOS 18 STIG – Ver 1, Rel 2
Google Android 13 STIG
Google Android 14 STIG
Google Android 15 STIG
Samsung Android OS 13 with Knox 3.x STIG
Samsung Android OS 14 with Knox 3.x STIG
Samsung Android OS 15 with Knox 3.x STIG
Unified Endpoint Management Server SRG
Unclassified Network STIGs and SRGs:
https://cyber.mil/stigs/downloads/?_dl_facet_stigs=network-perimeter-wireless
https://public.cyber.mil/stigs/downloads/?_dl_facet_stigs=network-perimeter-wireless
Application Layer Gateway SRG – Ver 2, Rel 2
Authentication, Authorization, and Accounting Services (AAA) SRG – Ver 2, Rel 2
Central Log Server SRG – Ver 3, Rel 2
Cisco IOS Router STIG
Cisco IOS Switch STIG
Cisco IOS XE Router STIG
Cisco NX OS Switch STIG
Firewall SRG – Ver 3, Rel 2
Forescout STIG
Intrusion Detection and Prevention System Technology SRG – Ver 3, Rel 2
Juniper Router STIG
Juniper SRX Services Gateway STIG
Palo Alto Networks STIG
Virtual Private Network (VPN) SRG – Ver 3, Rel 3
VMware NSX 4.x STIG
Unclassified Operating System STIGs:
https://cyber.mil/stigs/downloads/?_dl_facet_stigs=operating-systems
https://public.cyber.mil/stigs/downloads/?_dl_facet_stigs=operating-systems
Apple macOS 14 (Sonoma) STIG – Ver 2, Rel 3
Apple macOS 15 (Sequoia) STIG – Ver 1, Rel 2
Canonical Ubuntu 22.04 LTS STIG – Ver 2, Rel 3
General Purpose Operating System SRG – Ver 3, Rel 2
IBM z/OS STIG
IBM zSecure Suite STIG – Ver 1, Rel 2
Mainframe Product SRG – Ver 3, Rel 3
Microsoft Windows 10 STIG – Ver 3, Rel 3
Microsoft Windows Server 2022 STIG – Ver 2, Rel 3
Oracle Linux 8 STIG – Ver 2, Rel 3
Red Hat Enterprise Linux 8 STIG – Ver 2, Rel 2
Red Hat Enterprise Linux 9 STIG – Ver 2, Rel 3
Solaris 11 SPARC STIG – Ver 3, Rel 2
Solaris 11 x86 STIG – Ver 3, Rel 2
SUSE Linux Enterprise Server 12 STIG – Ver 3, Rel 2
SUSE Linux Enterprise Server 15 STIG – Ver 2, Rel 3
Virtual Machine Manager SRG – Ver 2, Rel 2
VMware vSphere 7.0 STIG
VMware vSphere 8.0 STIG
z/OS ACF2 Products
z/OS RACF Products
z/OS SRR Scripts
z/OS TSS Products STIG
Unclassified Uncategorized STIGs:
https://public.cyber.mil/stigs/downloads/
https://cyber.mil/stigs/downloads
Cloud Computing SRG (also available at https://cyber.mil/dccs/dccs-documents/ and https://public.cyber.mil/dccs/dccs-documents/)
Sunset STIGs:
https://cyber.mil/stigs/downloads/?_dl_facet_stigs=sunset
https://public.cyber.mil/stigs/downloads/?_dl_facet_stigs=sunset
Sunset – Apple macOS 13 (Ventura) STIG – Ver 1, Rel 5
Sunset – F5 BIG-IP STIG
Sunset – IBM Aspera Platform 4.2 STIG – Ver 1, Rel 3
Sunset – McAfee Application Control 7.x STIG – Ver 1, Rel 4
Sunset – Microsoft Groove 2013 STIG – Ver 1, Rel 4
Sunset – Microsoft OneNote 2010 STIG – Ver 1, Rel 10
Sunset – Microsoft OneNote 2013 STIG – Ver 1, Rel 4
Sunset – Microsoft Outlook 2010 STIG – Ver 1, Rel 14
Sunset – Microsoft Outlook 2013 STIG – Ver 1, Rel 14
Sunset – Multifunction Device and Network Printers STIG – Ver 2, Rel 15
Sunset – Oracle HTTP Server 12.1.3 STIG – Ver 2, Rel 3
Sunset – Oracle WebLogic Server 12c STIG – Ver 2, Rel 2
Sunset – Storage Area Network STIG – Ver 2, Rel 5
Benchmarks:
https://cyber.mil/stigs/downloads/?_dl_facet_stigs=scap
https://public.cyber.mil/stigs/downloads/?_dl_facet_stigs=scap
Adobe Acrobat Reader DC Continuous Track STIG Benchmark – Ver 2, Rel 3
Canonical Ubuntu 20.04 LTS STIG Benchmark – Ver 2, Rel 2
Microsoft Office 365 ProPlus STIG Benchmark – Ver 3, Rel 3
Microsoft Windows 10 STIG Benchmark – Ver 3, Rel 3
Microsoft Windows 11 STIG Benchmark – Ver 2, Rel 3
Microsoft Windows Server 2019 STIG Benchmark – Ver 3, Rel 3
Microsoft Windows Server 2022 STIG Benchmark – Ver 2, Rel 3
Oracle Linux 8 STIG Benchmark – Ver 2, Rel 3
Red Hat Enterprise Linux 8 STIG Benchmark – Ver 2, Rel 2
Red Hat Enterprise Linux 9 STIG Benchmark – Ver 2, Rel 3
SUSE Linux Enterprise Server 12 STIG Benchmark – Ver 3, Rel 2
SUSE Linux Enterprise Server 15 STIG Benchmark – Ver 2, Rel 3
Supplemental Automation Content:
https://cyber.mil/stigs/supplemental-automation-content/
https://public.cyber.mil/stigs/supplemental-automation-content/
Oracle Linux 8 STIG for Ansible – Ver 2, Rel 3
Red Hat Enterprise Linux 8 STIG for Ansible – Ver 2, Rel 2
Red Hat Enterprise Linux 9 STIG for Ansible- Ver 2, Rel 3
SUSE Linux Enterprise Server 15 for Ansible – Ver 2, Rel 3
PKI/PKE Announcements
New ECA PKI CAs released
The ECA PKI has recently deployed IdenTrust ECA S24 and IdenTrust ECA Component S24 . These new certificates are now available in the ECA PKI PKCS#7 Certificate Bundle v5.12.
https://dl.dod.cyber.mil/wp-content/uploads//pki-pke/zip/unclass-certificates_pkcs7_ECA.zip
New DoD PKI CAs released
The DoD PKI has recently deployed new CAs including DOD ID and EMAIL CAs 78-81, DOD SW CAs 82-85 and DOD DERILITY CAs 5-6. These new certificates are now available in the DoD PKI PKCS#7 Certificate Bundle v5.14.
https://dl.dod.cyber.mil/wp-content/uploads/pki-pke/zip/unclass-certificates_pkcs7_DoD.zip
Nothing Found
Sorry, no posts matched your criteria