General Cyber Exchange Announcements

Supplemental Automation Content has been updated for July 2020

This content leverages Configuration Management tools to enforce STIG requirements. These tools allow for customization and use a STIG-centric approach.

The Supplemental Automation Content can be found on the Cyber Exchange website on the Supplemental Automation Content tab located at:
https://cyber.mil/stigs/supplemental-automation-content/

For users who do not have a CAC that has DoD Certificates, the Supplemental Automation Content is also available from:
https://public.cyber.mil/stigs/supplemental-automation-content/

McAfee Home Use Solutions

McAfee has announced a “Work from Home (WFH)” program that provides free access to their Total Protection solution for 60-days. Under McAfee WFH, anyone can download their premier anti-virus and secure virtual private networking solutions to better protect their systems in response to the heightened mission need to support telework requirements. Click here to learn more about McAfee’s corporate Work from Home program.

The DoD Home Use program provides an annual subscription to McAfee’s Internet Security product for approved DoD employees via this website: https://www.disa.mil/Cybersecurity/Network-Defense/Antivirus/Home-Use.

SRGs/STIGs Announcements

DISA Has Released the Zebra Android 10 STIG

DISA has released the Zebra Android 10 Security Technical Implementation Guide (STIG). The requirements of the STIG become effective immediately.

Customers who have a CAC that has DoD Certificates can obtain the STIG at https://cyber.mil/stigs/downloads/.

For those who do not have a CAC that has DoD Certificates, the STIG is also available from https://public.cyber.mil/stigs/downloads/.

If you are unable to find and download the content, please report broken link issues to the DoD Cyber Exchange Web team at dod.cyberexchange@mail.mil. For all questions related to the STIG content, please contact the DISA STIG Customer Support Desk at disa.stig_spt@mail.mil.

DISA Has Released the Draft Cisco IOS-XE Router STIG Benchmarks for Review

DISA has released the Draft Cisco IOS-XE Router NDM and RTR Security Technical Implementation Guide (STIG) Benchmarks for review.

Customers who have a CAC that has DoD Certificates can submit comments, recommended changes, and/or additions to the draft benchmarks by 07 June 2021 on the Comment Matrix spreadsheets, located with the benchmarks at https://cyber.mil/stigs/downloads and https://cyber.mil/stigs/scap.

For those who do not have a CAC that has DoD Certificates, the Comment Matrix spreadsheets are located with the benchmarks at https://public.cyber.mil/stigs/downloads/ and https://public.cyber.mil/stigs/scap.

If you are unable to find and download the content, please report broken link issues to the DoD Cyber Exchange Web team at dod.cyberexchange@mail.mil. For all questions related to the benchmark content, please contact the DISA STIG Customer Support Desk at disa.stig_spt@mail.mil.

Comments should be sent via email to disa.stig_spt@mail.mil. Please include the title and version of the benchmark in the subject line of your email.

STIG Update - DISA Has Released an Updated Layer 2 Switch SRG

DISA has released the Layer 2 Switch Security Requirements Guide (SRG), Version 2, Release 1.

No requirements have been changed. This new release contains an updated identifier (2913) and renumbered Groups (V-numbers) and Rules (SV-numbers) due to DISA’s migration to a new content management system.

Customers who have a CAC that has DoD Certificates can obtain the SRG at https://cyber.mil/stigs/downloads/.

For those who do not have a CAC that has DoD Certificates, the SRG is also available from https://public.cyber.mil/stigs/downloads/.

If you are not able to find and download the content, please report broken link issues to the DoD Cyber Exchange Web team at dod.cyberx@mail.mil. For all questions related to the STIG content, please contact the DISA STIG Customer Support Desk at disa.stig_spt@mail.mil.

DISA has released the Microsoft System Center Operations Manager (SCOM)

Customers who have a CAC that has DoD Certificates can obtain the STIG at https://cyber.mil/stigs/downloads/.

For those who do not have a CAC that has DoD Certificates, the STIG is also available from https://public.cyber.mil/stigs/downloads/.

If you are unable to find and download the content, please report broken link issues to the DoD Cyber Exchange Web team at dod.cyberexchange@mail.mil. For all questions related to the STIG content, please contact the DISA STIG Customer Support Desk at disa.stig_spt@mail.mil.

DISA has released the latest STIG Applicability Guides for Linux, Mac, and Windows

The purpose of this tool is to assist the SRG/STIG user community in determining what SRGs and/or STIGs apply to a particular situation or information system and to create a fully formatted document containing a “collection” of SRGs and STIGs applicable to the situation being addressed.

The SRG/STIG Applicability Guide is updated periodically to address the most recent new SRG/STIG releases and sunset products.

Customers who have a CAC that has DoD Certificates can obtain the files at https://cyber.mil/stigs/downloads/.

For those who do not have a CAC that has DoD Certificates, the files are also available from https://public.cyber.mil/stigs/downloads/.

If you are not able to find and download the content, please report broken link issues to the DoD Cyber Exchange Web team at dod.cyberexchange@mail.mil. For all questions related to the guide content, please contact the DISA STIG Customer Support Desk at disa.stig_spt@mail.mil.

STIG Update - DISA Has Released Red Hat Enterprise Linux 8 with Ansible

DISA has released Red Hat Enterprise Linux 8 with Ansible.

Customers who have a CAC that has DoD Certificates can obtain the STIG at https://cyber.mil/stigs/downloads/.

For those who do not have a CAC that has DoD Certificates, the STIG is also available from https://public.cyber.mil/stigs/downloads/.

If you are unable to find and download the content, please report broken link issues to the DoD Cyber Exchange Web team at dod.cyberx@mail.mil. For all questions related to the package content, please contact the DISA STIG Customer Support Desk at disa.stig_spt@mail.mil.

STIG Update - DISA Has Released the Red Hat Enterprise Linux 8 STIG Benchmark

DISA has released the automated benchmark for the Red Hat Enterprise Linux 8 Security Technical Implementation Guide (STIG). The requirements of the benchmark become effective immediately.

Customers who have a CAC that has DoD Certificates can obtain the STIG at https://cyber.mil/stigs/downloads/.

For those who do not have a CAC that has DoD Certificates, the STIG is also available from https://public.cyber.mil/stigs/downloads/.

If you are unable to find and download the content, please report broken link issues to the DoD Cyber Exchange Web team at dod.cyberx@mail.mil. For all questions related to the benchmark content, please contact the DISA STIG Customer Support Desk at disa.stig_spt@mail.mil.

Group Policy Objects (GPOs) have been updated for April 2021

Group Policy Objects (GPOs) have been updated for April 2021. See the Change Log document included in the zip file for additional information.

DISA Risk Management Executive is posting the GPOs for use by system administrators to ease the burden in securing systems within their environment.

The GPOs can be found on Cyber Exchange website on the Group Policy Objects tab located at https://cyber.mil/stigs/gpo/. For users who do not have a CAC that has DoD Certificates, the GPO is also available from https://public.cyber.mil/stigs/gpo/.

List of GPOs currently in the package:

Office Products
Access 2013
Access 2016
Excel 2013
Excel 2016
InfoPath 2013
Lync 2013
Office 365 ProPlus
Office System 2013
Office System 2016
OneDrive for Business 2016
OneNote 2013
OneNote 2016
Outlook 2013
Outlook 2016
PowerPoint 2013
PowerPoint 2016
Project 2013
Project 2016
Publisher 2013
Publisher 2016
SharePoint 2010
SharePoint Designer 2013
Skype for Business 2016
Visio 2013
Visio 2016
Word 2013
Word 2016

Browsers
Google Chrome
Internet Explorer 11

Antivirus
Windows Defender AV

Adobe Acrobat
Adobe Acrobat Pro DC Classic
Adobe Acrobat Pro DC Continuous
Adobe Acrobat Reader DC Classic
Adobe Acrobat Reader DC Continuous

Operating Systems
Windows 10
Windows 8/8.1
Windows Firewall
Windows 2008 R2 DC
Windows 2008 R2 MS
Windows 2012 R2 DC
Windows 2012 R2 MS
Windows Server 2016 (MS and DC)
Windows Server 2019 (MS and DC)

DISA Has Released Microsoft Windows STIG Updates

DISA has released the following out-of-cycle Security Technical Implementation Guide (STIG) and benchmark updates:

Microsoft Windows 10 STIG – Ver 2, Rel 2
Microsoft Windows 2012 and 2012 R2 DC STIG- Ver 3, Rel 2
Microsoft Windows 2012 and 2012 R2 MS STIG – Ver 3, Rel 2
Microsoft Windows Defender Antivirus STIG – Ver 2, Rel 2
Microsoft Windows Server 2016 STIG – Ver 2, Rel 2
Microsoft Windows Server 2019 STIG – Ver 2, Rel 2
Microsoft Windows 10 STIG Benchmark – Ver 2, Rel 2

The requirements of the STIGs become effective immediately.

Customers who have a CAC that has DoD Certificates can obtain the files at https://cyber.mil/stigs/downloads/.

For those who do not have a CAC that has DoD Certificates, the files are also available from https://public.cyber.mil/stigs/downloads/.

If you are not able to find and download the content, please report broken link issues to the DoD Cyber Exchange Web team at dod.cyberx@mail.mil. For all questions related to the STIG content, please contact the DISA STIG Customer Support Desk at disa.stig_spt@mail.mil.

Supplemental Automation Content has been updated for April 2021

Supplemental Automation Content has been updated for April 2021.

This content leverages Configuration Management tools to enforce STIG requirements. These tools allow for customization and use a STIG-centric approach.

The Supplemental Automation Content can be found on the Cyber Exchange website on the Supplemental Automation Content tab located at: https://cyber.mil/stigs/supplemental-automation-content/. For users who do not have a CAC that has DoD Certificates, the Supplemental Automation Content is also available from https://public.cyber.mil/stigs/supplemental-automation-content/.

The following content has been updated:

Ansible Content:
Red Hat Enterprise Linux 7 STIG for Ansible – Ver 3, Rel 3
Canonical Ubuntu 18.04 LTS for Ansible – Ver 2, Rel 2

Chef Content:
Red Hat Enterprise Linux 7 STIG for Chef – Ver 3, Rel 3

PKI/PKE Announcements

New WCF CAs released - Certificate Bundle v5.11

The WCF PKI has recently deployed updated WCF Signing CAs 1-10. These new certificates are now available in the WCF PKI PKCS#7 Certificate Bundle v5.11.