DISA recently released the following Security Guidance, Security Readiness Review Scripts, and Benchmarks that have been updated to comply with NIST 800-53 Rev. 5: 

Note: The previous version of all STIGs updated for Rev. 5 will be retained in the Sunset – Rev 4 section of Cyber Exchange.  

 

Unclassified Application STIGs:  

https://cyber.mil/stigs/downloads/?_dl_facet_stigs=app-security  

https://public.cyber.mil/stigs/downloads/?_dl_facet_stigs=app-security 

 

Apache Server 2.4 Unix Server STIG 

Apache Server 2.4 Windows Server STIG 

Apache Tomcat Application Server 9 STIG – Ver 3, Rel 1 

Application Security and Development STIG – Ver 6, Rel 1 

Application Server SRG – Ver 4, Rel 1 

Container Platform SRG – Ver 2, Rel 1 

Crunchy Data PostgreSQL STIG – Ver 3, Rel 1 

Database SRG – Ver 4, Rel 1 

EnterpriseDB Postgres Advanced Server (EPAS) STIG – Ver 2, Rel 1 

Kubernetes STIG – Ver 2, Rel 1 

MariaDB Enterprise 10.x STIG – Ver 2, Rel 1 

MarkLogic Server v9 STIG – Ver 3, Rel 1 

Microsoft Azure SQL Database STIG – Ver 2, Rel 1 

Microsoft Edge STIG – Ver 2, Rel 1 

Microsoft Exchange 2019 STIG 

Microsoft IIS 10.0 Server STIG 

Microsoft Office 365 ProPlus STIG – Ver 3, Rel 1 

Microsoft SQL Server 2016 STIG 

Mirantis Kubernetes Engine STIG – Ver 2, Rel 1 

Oracle Database 12c STIG – Ver 3, Rel 1 

Oracle MySQL 8.0 STIG – Ver 2, Rel 1 

Palo Alto Networks Prisma Cloud Compute STIG – Ver 2, Rel 1 

Rancher Government Solutions Multi-Cluster Manager STIG – Ver 2, Rel 1 

Rancher Government Solutions RKE2 STIG – Ver 2, Rel 1 

Red Hat Ansible Automation Controller STIG 

Red Hat OpenShift Container Platform 4.12 STIG – Ver 2, Rel 1 

Redis Enterprise 6.x STIG – Ver 2, Rel 1 

Tanium 7.x STIG – Ver 2, Rel 1 

Tanium 7.x TanOS STIG 

Web Server SRG – Ver 4, Rel 1 

 

Unclassified Mobility STIGs and SRGs:  

https://cyber.mil/stigs/downloads/?_dl_facet_stigs=mobility
https://public.cyber.mil/stigs/downloads/?_dl_facet_stigs=mobility 

Apple iOS/iPadOS 16 STIG – Ver 2, Rel 1 

Apple iOS/iPadOS 17 STIG – Ver 2, Rel 1 

Google Android 13 STIG 

Google Android 14 STIG 

Ivanti MobileIron Core MDM Server STIG – Ver 2, Rel 1 

Ivanti MobileIron Sentry 9.x STIG 

Jamf Pro v10.x EMM STIG – Ver 3, Rel 1 

Samsung Android OS 13 with Knox 3.x STIG 

Samsung Android OS 14 with Knox 3.x STIG 

Unified Endpoint Management Server SRG 

 

Unclassified Network STIGs and SRGs:  

https://cyber.mil/stigs/downloads/?_dl_facet_stigs=network-perimeter-wireless  

https://public.cyber.mil/stigs/downloads/?_dl_facet_stigs=network-perimeter-wireless 

 

Application Layer Gateway SRG – Ver 2, Rel 1 

Arista MLS EOS 4.2x STIG 

Authentication, Authorization, and Accounting Services (AAA) SRG – Ver 2, Rel 1 

Central Log Server SRG – Ver 3, Rel 1 

Cisco ASA STIG 

Cisco IOS Router STIG 

Cisco IOS Switch STIG 

Cisco IOS XE Router STIG 

Cisco IOS XE Switch STIG 

Cisco IOS XR Router STIG 

Cisco ISE STIG 

Cisco NX OS Switch STIG 

Domain Name System (DNS) SRG – Ver 4, Rel 1 

Firewall SRG – Ver 3, Rel 1 

Forescout STIG 

HPE 3PAR StoreServ OS STIG 

HPE Nimble Storage Array STIG – Ver 2, Rel 1 

Intrusion Detection and Prevention System Technology SRG – Ver 3, Rel 1 

Ivanti Connect Secure STIG 

Juniper EX Series Switches STIG 

Juniper Router STIG 

Juniper SRX Services Gateway STIG 

Layer 2 Switch SRG – Ver 3, Rel 1 

Microsoft Windows Server Domain Name System STIG – Ver 2, Rel 1 

NetApp ONTAP DSC 9.x STIG – Ver 2, Rel 1 

Network Device Management SRG – Ver 5, Rel 1 

Palo Alto Networks STIG 

Riverbed NetProfiler STIG – Ver 2, Rel 1 

Router SRG – Ver 5, Rel 1 

SDN Controller SRG – Ver 2, Rel 1 

Splunk Enterprise 7.x for Windows STIG – Ver 3, Rel 1 

Splunk Enterprise 8.x for Linux STIG – Ver 2, Rel 1 

Trend Micro TippingPoint STIG 

Virtual Private Network (VPN) SRG – Ver 3, Rel 1 

 

Unclassified Operating System STIGs and Overviews:  

https://cyber.mil/stigs/downloads/?_dl_facet_stigs=operating-systems 

https://public.cyber.mil/stigs/downloads/?_dl_facet_stigs=operating-systems 

 

Apple macOS 14 (Sonoma) STIG – Ver 2, Rel 1 

Canonical Ubuntu 22.04 LTS STIG – Ver 2, Rel 1 

General Purpose Operating System SRG – Ver 3, Rel 1 

IBM Hardware Management Console (HMC) STIG 

IBM z/OS STIG 

Mainframe Product SRG – Ver 3, Rel 1 

Microsoft Windows 10 STIG – Ver 3, Rel 1 

Microsoft Windows 11 STIG – Ver 2, Rel 1 

Microsoft Windows PAW STIG – Ver 3, Rel 1 

Microsoft Windows Server 2019 STIG – Ver 3, Rel 1 

Microsoft Windows Server 2022 STIG – Ver 2, Rel 1 

Nutanix AOS 5.20.x STIG 

Oracle Linux 8 STIG – Ver 2, Rel 1 

Red Hat Enterprise Linux 9 STIG – Ver 2, Rel 1 

Solaris 11 SPARC STIG – Ver 3, Rel 1 

Solaris 11 x86 STIG – Ver 3, Rel 1 

SUSE Linux Enterprise Server 15 STIG – Ver 2, Rel 1 

Tri-Lab Operating System Stack (TOSS) 4 STIG – Ver 2, Rel 1 

Virtual Machine Manager SRG – Ver 2, Rel 1 

z/OS SRR Scripts – Ver 6, Rel 61 

zOS ACF2 Products – Ver 6, Rel 61 

zOS RACF2 Products – Ver 6, Rel 61 

zOS TSS Products – Ver 6, Rel 61 

 

Sunset:  

https://cyber.mil/stigs/downloads/?_dl_facet_stigs=sunset 

https://public.cyber.mil/stigs/downloads/?_dl_facet_stigs=sunset 

 

Sunset – A10 Networks ADC STIG 

Sunset – Apple macOS 12 STIG – Ver 1, Rel 9 

Sunset – Arista MultiLayer Switch DCS 7000 Series STIG 

Sunset – CA API Gateway STIG 

Sunset – Canonical Ubuntu 18.04 LTS STIG – Ver 2, Rel 15 

Sunset – DBN 6300 STIG 

Sunset – Docker Enterprise 2.x Linux/Unix STIG – Ver 2, Rel 2 

Sunset – EDB Postgres Advanced Server v11 on Windows STIG – Ver 2, Rel 4 

Sunset – ForeScout CounterACT ALG STIG – Ver 1, Rel 3 

Sunset – ForeScout CounterACT NDM STIG – Ver 1, Rel 2 

Sunset – Google Android 12 STIG 

Sunset – IBM MQ Appliance V9-0 STIG 

Sunset – Microsoft Access 2010 STIG – Ver 1, Rel 11 

Sunset – Microsoft Access 2013 STIG – Ver 1, Rel 7 

Sunset – Microsoft Android 11 STIG 

Sunset – Microsoft Excel 2010 STIG – Ver 1, Rel 12 

Sunset – Microsoft Excel 2013 STIG – Ver 1, Rel 8 

Sunset – Microsoft Exchange 2013 STIG 

Sunset – Microsoft InfoPath 2010 STIG – Ver 1, Rel 12 

Sunset – Microsoft InfoPath 2013 STIG – Ver 1, Rel 6 

Sunset – Microsoft Lync 2013 STIG – Ver 1, Rel 5 

Sunset – Microsoft Office System 2010 STIG – Ver 1, Rel 13 

Sunset – Microsoft Office System 2013 STIG – Ver 2, Rel 2 

Sunset – Microsoft PowerPoint 2010 STIG – Ver 1, Rel 11 

Sunset – Microsoft PowerPoint 2013 STIG – Ver 1, Rel 7 

Sunset – Microsoft Project 2010 STIG – Ver 1, Rel 10 

Sunset – Microsoft Project 2013 STIG – Ver 1, Rel 5 

Sunset – Microsoft Publisher 2010 STIG – Ver 1, Rel 12 

Sunset – Microsoft Publisher 2013 STIG – Ver 1, Rel 6 

Sunset – Microsoft SQL Server 2014 STIG 

Sunset – Microsoft Visio 2013 STIG – Ver 1, Rel 5 

Sunset – Microsoft Windows 2012 Server Domain Name System STIG – Ver 2, Rel 7 

Sunset – Microsoft Word 2010 STIG – Ver 1, Rel 12 

Sunset – Microsoft Word 2013 STIG – Ver 1, Rel 7 

Sunset – MongoDB 3.x STIG – Ver 2, Rel 3 

Sunset – MongoDB 4.x STIG – Ver 1, Rel 4 

Sunset – Motorola Solutions Android 11 COBO STIG – Ver 1, Rel 3 

Sunset – Oracle Database 11.2g STIG – Ver 2, Rel 5 

Sunset – PostgreSQL 9.x STIG – Ver 2, Rel 5 

Sunset – Red Hat Enterprise Linux 7 STIG – Ver 3, Rel 15 

Sunset – Riverbed Steelhead CX v8 STIG 

Sunset – Samsung Android 11 Knox 3.x STIG 

Sunset – Samsung Android 12 KPE 3.x STIG 

Sunset – VMware Workspace ONE13:54 UEM STIG – Ver 2, Rel 2 

 

Rev. 4 Sunset:  

https://cyber.mil/stigs/downloads/?_dl_facet_stigs=sunset 

https://public.cyber.mil/stigs/downloads/?_dl_facet_stigs=sunset 

 

Rev. 4 Sunset – Apache Server 2.4 Unix STIG 

Rev. 4 Sunset – Apache Server 2.4 Windows STIG 

Rev. 4 Sunset – Apache Tomcat Application Server 9 STIG – Ver 2, Rel 7 

Rev. 4 Sunset – Apple iOS/iPadOS 16 STIG – Ver 1, Rel 13 

Rev. 4 Sunset – Apple iOS/iPadOS 17 STIG – Ver 1, Rel 1 

Rev. 4 Sunset – Apple macOS 14 (Sonoma) STIG – Ver 1, Rel 2 

Rev. 4 Sunset – Application Layer Gateway SRG – Ver 1, Rel 2 

Rev. 4 Sunset – Application Security and Development STIG – Ver 5, Rel 3 

Rev. 4 Sunset – Application Server SRG – Ver 3, Rel 4 

Rev. 4 Sunset – Arista MLS EOS 4.2x STIG 

Rev. 4 Sunset – Authentication, Authorization, and Accounting Services (AAA) SRG – Ver 1, Rel 2 

Rev. 4 Sunset – Canonical Ubuntu 22.04 LTS STIG – Ver 1, Rel 1 

Rev. 4 Sunset – Central Log Server SRG – Ver 2, Rel 2 

Rev. 4 Sunset – Cisco ASA STIG 

Rev. 4 Sunset – Cisco IOS Router STIG 

Rev. 4 Sunset – Cisco IOS Switch STIG 

Rev. 4 Sunset – Cisco IOS XE Router STIG 

Rev. 4 Sunset – Cisco IOS XE Switch STIG 

Rev. 4 Sunset – Cisco IOS XR Router STIG 

Rev. 4 Sunset – Cisco ISE STIG 

Rev. 4 Sunset – Cisco NX OS Switch STIG 

Rev. 4 Sunset – Container Platform SRG – Ver 1, Rel 5 

Rev. 4 Sunset – Crunchy Data PostgreSQL STIG – Ver 2, Rel 2 

Rev. 4 Sunset – Database SRG – Ver 3, Rel 4 

Rev. 4 Sunset – Domain Name System (DNS) SRG – Ver 3, Rel 1 

Rev. 4 Sunset – EnterpriseDB Postgres Advanced Server (EPAS) STIG – Ver 1, Rel 1 

Rev. 4 Sunset – Firewall SRG – Ver 2, Rel 3 

Rev. 4 Sunset – Forescout STIG 

Rev. 4 Sunset – General Purpose Operating System SRG – Ver 2, Rel 7 

Rev. 4 Sunset – Google Android 13 STIG – Ver 1, Rel 1 

Rev. 4 Sunset – Google Android 14 STIG 

Rev. 4 Sunset – HPE 3PAR StoreServ OS STIG 

Rev. 4 Sunset – HPE Nimble Storage Array STIG – Ver 1, Rel 2 

Rev. 4 Sunset – IBM Hardware Management Console (HMC) STIG 

Rev. 4 Sunset – IBM z/OS STIG 

Rev. 4 Sunset – Intrusion Detection and Prevention System Technology SRG – Ver 2, Rel 6 

Rev. 4 Sunset – Ivanti Connect Secure STIG 

Rev. 4 Sunset – Ivanti MobileIron Core MDM Server STIG – Ver 1, Rel 1 

Rev. 4 Sunset – Ivanti MobileIron Sentry 9.x STIG – Ver 1, Rel 1 

Rev. 4 Sunset – Jamf Pro v10.x EMM STIG – Ver 2, Rel 1 

Rev. 4 Sunset – Juniper EX Series Switches STIG 

Rev. 4 Sunset – Juniper Router STIG 

Rev. 4 Sunset – Juniper SRX Services Gateway STIG 

Rev. 4 Sunset – Kubernetes STIG – Ver 1, Rel 11 

Rev. 4 Sunset – Layer 2 Switch SRG – Ver 2, Rel 1 

Rev. 4 Sunset – Mainframe Product SRG – Ver 2, Rel 1 

Rev. 4 Sunset – MariaDB Enterprise 10.x STIG – Ver 1, Rel 3 

Rev. 4 Sunset – MarkLogic Server v9 STIG – Ver 2, Rel 2 

Rev. 4 Sunset – Microsoft Azure SQL Database STIG – Ver 1, Rel 2 

Rev. 4 Sunset – Microsoft Edge STIG – Ver 1, Rel 8 

Rev. 4 Sunset – Microsoft Exchange 2019 STIG 

Rev. 4 Sunset – Microsoft IIS 10.0 Server STIG 

Rev. 4 Sunset – Microsoft Office 365 ProPlus STIG – Ver 2, Rel 12 

Rev. 4 Sunset – Microsoft SQL Server 2016 STIG 

Rev. 4 Sunset – Microsoft Windows 10 STIG – Ver 2, Rel 9 

Rev. 4 Sunset – Microsoft Windows 11 STIG – Ver 1, Rel 6 

Rev. 4 Sunset – Microsoft Windows PAW STIG – Ver 2, Rel 3 

Rev. 4 Sunset – Microsoft Windows Server 2019 STIG – Ver 2, Rel 9 

Rev. 4 Sunset – Microsoft Windows Server 2022 STIG – Ver 1, Rel 5 

Rev. 4 Sunset – Microsoft Windows Server Domain Name System STIG – Ver 1, Rel 1 

Rev. 4 Sunset – Mirantis Kubernetes Engine STIG – Ver 1, Rel 1 

Rev. 4 Sunset – MS SQL Server 2016 STIG 

Rev. 4 Sunset – NetApp ONTAP DSC 9.x STIG – Ver 1, Rel 4 

Rev. 4 Sunset – Network Device Management SRG – Ver 5, Rel 1 

Rev. 4 Sunset – Nutanix AOS 5.20.x STIG – Ver, 1, Rel 1 

Rev. 4 Sunset – Oracle Database 12c STIG – Ver 2, Rel 9 

Rev. 4 Sunset – Oracle Linux 8 STIG – Ver 1, Rel 10 

Rev. 4 Sunset – Oracle MySQL 8.0 STIG – Ver 1, Rel 5 

Rev. 4 Sunset – Palo Alto Networks STIG 

Rev. 4 Sunset – Palo Alto Networks Prisma Cloud Compute STIG – Ver 1, Rel 3 

Rev. 4 Sunset – Rancher Government Solutions Multi-Cluster Manager STIG – Ver 1, Rel 3 

Rev. 4 Sunset – Rancher Government Solutions RKE2 STIG – Ver 1, Rel 5 

Rev. 4 Sunset – Red Hat Ansible Automation Controller STIG 

Rev. 4 Sunset – Red Hat Enterprise Linux 9 STIG – Ver 1, Rel 3 

Rev. 4 Sunset – Red Hat OpenShift Container Platform 4.12 STIG – Ver 1, Rel 1 

Rev. 4 Sunset – Redis Enterprise 6.x STIG – Ver 1, Rel 3 

Rev. 4 Sunset – Riverbed NetProfiler STIG – Ver 1, Rel 1 

Rev. 4 Sunset – Router SRG – Ver 4, Rel 3 

Rev. 4 Sunset – Samsung Android OS 13 with Knox 3.x STIG 

Rev. 4 Sunset – Samsung Android OS 14 with Knox 3.x STIG 

Rev. 4 Sunset – SDN Controller SRG – Ver 1, Rel 2 

Rev. 4 Sunset – Solaris 11 SPARC STIG – Ver 2, Rel 10 

Rev. 4 Sunset – Solaris 11 x86 STIG – Ver 2, Rel 10 

Rev. 4 Sunset – Splunk Enterprise 7.x for Windows STIG – Ver 2, Rel 4 

Rev. 4 Sunset – Splunk Enterprise 8.x for Linux STIG – Ver 1, Rel 5 

Rev. 4 Sunset – SUSE Linux Enterprise Server 15 STIG – Ver 1, Rel 13 

Rev. 4 Sunset – Tanium 7.x TanOS STIG – Ver 1, Rel 1 

Rev. 4 Sunset – Tanium 7.x STIG – Ver 1, Rel 2 

Rev. 4 Sunset – Trellix Application Control 8.x STIG – Ver 2, Rel 2 

Rev. 4 Sunset – Trend Micro TippingPoint STIG 

Rev. 4 Sunset – Tri-Lab Operating System Stack (TOSS) 4 STIG – Ver 1, Rel 3 

Rev. 4 Sunset – Unified Endpoint Management Server SRG 

Rev. 4 Sunset – Virtual Machine Manager SRG – Ver 1, Rel 3 

Rev. 4 Sunset – Virtual Private Network (VPN) SRG – Ver 2, Rel 6 

Rev. 4 Sunset – Web Server SRG – Ver 3, Rel 3 

 

Benchmarks:  

https://cyber.mil/stigs/downloads/?_dl_facet_stigs=scap 

https://public.cyber.mil/stigs/downloads/?_dl_facet_stigs=scap 

 

Canonical Ubuntu 18.04 LTS STIG Benchmark – Ver 2, Rel 12 

Canonical Ubuntu 20.04 LTS STIG Benchmark – Ver 1, Rel 10 

Cisco IOS-XE Router NDM STIG Benchmark – Ver 3, Rel 1 

Cisco IOS-XE Router RTR STIG Benchmark – Ver 3, Rel 1 

Kubernetes STIG Benchmark – Ver 2, Rel 1 

Microsoft Edge STIG Benchmark – Ver 2, Rel 1 

Microsoft Windows 10 STIG Benchmark – Ver 3, Rel 1 

Microsoft Windows 11 STIG Benchmark – Ver 2, Rel 1 

Microsoft Windows Server 2016 STIG Benchmark – Ver 2, Rel 6 

Microsoft Windows Server 2019 STIG Benchmark – Ver 3, Rel 1 

Microsoft Windows Server 2022 STIG Benchmark – Ver 2, Rel 1 

Oracle Linux 8 STIG Benchmark – Ver 2, Rel 1 

Red Hat Enterprise Linux 7 STIG Benchmark – Ver 3, Rel 15 

Red Hat Enterprise Linux 8 STIG Benchmark – Ver 1, Rel 13 

Red Hat Enterprise Linux 9 STIG Benchmark – Ver 2, Rel 1 

Solaris 11 SPARC STIG SCAP Benchmark – Ver 3, Rel 1 

Solaris 11 x86 STIG SCAP Benchmark – Ver 3, Rel 1 

SUSE Linux Enterprise Server 15 Benchmark – Ver 2, Rel 1 

TOSS 4 STIG Benchmark – Ver 2, Rel 1 

 

Unclassified HBSS STIGs:  

https://public.cyber.mil/stigs/downloads/?_dl_facet_stigs=hbss  

 

Trellix Application Control 8.x STIG – Ver 3, Rel 1 

VMware recently released vSphere 8.0 Update 3. Revised STIG content for U3 will be released rapidly to provide STIG support for U3 deployments.

The VMware vSphere 8.0 STIG packages will be incremented to V2R1, which will include U3 updates, NIST Special Publication 800-53 Revision 5 Control Correlation Identifier updates, and any pending revisions for the July 2024 Quarterly Maintenance Release.

Existing deployments based on U2 should continue to use the current V1R1 package until they are upgraded to U3. The V1R1 package will remain on Cyber Exchange in its original, unaltered state until VMware halts support for U2. No maintenance will be performed on the VMware V1R1 STIGs.

The Defense Information Systems Agency recently approved the Crunchy Data Postgres 16 Security Technical Implementation Guide (STIG), which is effective immediately upon release.

Customers who possess a Common Access Card that has valid Department of Defense certificates can obtain the STIG from the DOD Cyber Exchange website at https://cyber.mil/stigs/downloads/. The STIG is also available on the Cyber Exchange public site at https://public.cyber.mil/stigs/downloads.

Users who are unable to find and download the guide or other content can report their issue to the Cyber Exchange web team at dod.cyberexchange@mail.mil. Individuals who have further questions related to STIG content should email the DISA STIG customer support desk at disa.stig_spt@mail.mil.

DISA recently released the following updated Security Guidance: 

The automation portion of the April release will be held until the July maintenance release due to recent changes in automation processes and procedures, and upcoming changes to STIGs and SRGs from the fifth revision of the NIST SP 800-53. 

 

Unclassified Network STIGs and SRGs:   

https://cyber.mil/stigs/downloads/?_dl_facet_stigs=network-perimeter-wireless  

https://public.cyber.mil/stigs/downloads/?_dl_facet_stigs=network-perimeter-wireless 

 

BIND 9.x STIG – Ver 2, Rel 3 

Domain Name System (DNS) SRG – Ver 3, Rel 2 

Microsoft Windows 2012 Server Domain Name System STIG – Ver 2, Rel 6 

 

Unclassified Operating System STIGs and Overviews:   

https://cyber.mil/stigs/downloads/?_dl_facet_stigs=operating-systems 

https://public.cyber.mil/stigs/downloads/?_dl_facet_stigs=operating-systems 

 

Active Directory Domain STIG – Ver 3, Rel 4 

Microsoft Windows 10 STIG – Ver 2, Rel 9 

Microsoft Windows 11 STIG – Ver 1, Rel 6 

Microsoft Windows Server 2016 STIG – Ver 2, Rel 8 

Microsoft Windows Server 2019 STIG – Ver 2, Rel 9 

Microsoft Windows Server 2022 STIG – Ver 1, Rel 5 

 

Group Policy Objects (GPOs) have been updated for April 2024. Refer to the Change Log document included in the zip file for additional information. 

 

The DISA Risk Management Executive posts the GPOs for use by system administrators to ease the burden in securing systems within their environment. 

 

The GPOs can be found on the Cyber Exchange website on the Group Policy Objects tab: 

• DOD Cyber Exchange – https://cyber.mil/stigs/gpo/ (Common Access Card required). 
• DOD Cyber Exchange Public – https://public.cyber.mil/stigs/gpo/. 

 

List of GPOs currently in the package: 

 

Office Products 

• Access 2013 
• Access 2016 
• Excel 2013 
• Excel 2016 
• InfoPath 2013 
• Lync 2013 
• Office 2019-M365 Apps 
• Office System 2013 

• Office System 2016 
• OneDrive for Business 2016 
• Outlook 2013 
• Outlook 2016 
• PowerPoint 2013 
• PowerPoint 2016 
• Project 2013 
• Project 2016 
• Publisher 2013 
• Publisher 2016 
• Skype for Business 2016 
• Visio 2013 
• Visio 2016 
• Word 2013 
• Word 2016 

 

Browsers 

• Edge 
• Google Chrome 
• Internet Explorer 11  

• Mozilla Firefox 

 

Antivirus 

• Windows Defender AV 

 

Adobe Acrobat 

• Adobe Acrobat Pro DC Continuous 
• Adobe Acrobat Reader DC Continuous 

 

Operating Systems 

• Windows 10 
• Windows 11 
• Windows Firewall 
• Windows 2012 R2 DC 
• Windows 2012 R2 MS 
• Windows Server 2016 (MS and DC) 
• Windows Server 2019 (MS and DC) 
• Windows Server 2022 

 

Assistance 

For issues accessing files, email the Cyber Exchange web team at dod.cyberexchange@mail.mil. 

 

For questions related to STIG content, email the DISA STIG Customer Support Desk at disa.stig_spt@mail.mil. 

The Defense Information Systems Agency recently released the updated DOD Annex for Mobile Device Fundamental Protection Profile MDFPP V3.3, which becomes effective immediately.

Customers who possess a Common Access Card that has valid Department of Defense certificates can obtain the Annex from the DOD Cyber Exchange website at https://cyber.mil/stigs/niap/. The Annex is also available on the Cyber Exchange public site at https://public.cyber.mil/stigs/niap.

Users who are unable to find and download the content can report their issue to the Cyber Exchange web team at dod.cyberexchange@mail.mil. Individuals who have further questions related to Annex content should email the DISA STIG customer support desk at disa.stig_spt@mail.mil.