NIST 800-53 Rev 5
424 controls available
IA-5(1)lowmoderatehigh
Password-based Authentication
Identification and Authentication
Control Statement
For password-based authentication:
Discussion
Password-based authentication applies to passwords regardless of whether they are used in single-factor or multi-factor authentication. Long passwords or passphrases are preferable over shorter passwords. Enforced composition rules provide marginal security benefits while decreasing usability. However, organizations may choose to establish certain rules for password generation (e.g., minimum character length for long passwords) under certain circumstances and can enforce this requirement in IA-5(1)(h). Account recovery can occur, for example, in situations when a password is forgotten. Cryptographically protected passwords include salted one-way cryptographic hashes of passwords. The list of commonly used, compromised, or expected passwords includes passwords obtained from previous breach corpuses, dictionary words, and repetitive or sequential characters. The list includes context-specific words, such as the name of the service, username, and derivatives thereof.
- Framework
- NIST SP 800-53 Rev 5
- Family
- Identification and Authentication
- Baselines
- low, moderate, high
Related Frameworks
35 paths across 2 frameworks
Related Frameworks
NIST 800-1714 mappings
3.5.10
1.00
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
3.5.7
1.00
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
3.5.8
1.00
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
3.5.9
1.00
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
CCI31 mappings
CCI-000192
1.00
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-000193
1.00
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-000194
1.00
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-000195
1.00
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-000196
1.00
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-000197
1.00
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-000198
1.00
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-000199
1.00
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-000200
1.00
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-000205
1.00
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-001611
1.00
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-001612
1.00
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-001613
1.00
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-001614
1.00
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-001615
1.00
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-001616
1.00
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-001617
1.00
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-001618
1.00
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-001619
1.00
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-002041
1.00
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-004057
1.00
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-004058
1.00
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-004059
1.00
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-004060
1.00
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-004061
1.00
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-004062
1.00
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-004063
1.00
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-004064
1.00
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-004065
1.00
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-004066
1.00
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-004067
1.00
- DISA · 2025-01-23 · disa_cci_list · equivalent
Related STIGs
302 STIGs reach this control through 101 CCIs. Expand a row to see the responsible NICE and O*NET roles.
Operating System — Desktop
7 STIGs
Operating System — Desktop
7 STIGsMicrosoft Windows 10 Security Technical Implementation Guide
32025-02-2514 of 261 findings match
H2M12
Microsoft Windows 11 Security Technical Implementation Guide
V2R72026-02-1212 of 262 findings match
H2M10
Microsoft Windows 11 Security Technical Implementation Guide
22025-05-1512 of 258 findings match
H2M10
Apple macOS 14 (Sonoma) Security Technical Implementation Guide
22024-12-0411 of 155 findings match
H2M9
Apple macOS 15 (Sequoia) Security Technical Implementation Guide
V1R72026-02-0611 of 160 findings match
H2M9
Apple macOS 15 (Sequoia) Security Technical Implementation Guide
12025-05-0511 of 161 findings match
H2M9
Apple macOS 26 (Tahoe) Security Technical Implementation Guide
V1R22026-02-1111 of 160 findings match
H2M9
Operating System — Server
47 STIGs
Operating System — Server
47 STIGsRed Hat Enterprise Linux 10 Security Technical Implementation Guide
V1R12026-03-1134 of 434 findings match
H5M29
CloudLinux AlmaLinux OS 9 Security Technical Implementation Guide
12025-05-2228 of 445 findings match
H7M21
Oracle Linux 9 Security Technical Implementation Guide
12025-05-0828 of 456 findings match
H1M27
Oracle Linux 9 Security Technical Implementation Guide
V1R52026-02-1728 of 448 findings match
H1M27
Cloud Linux AlmaLinux OS 9 Security Technical Implementation Guide
V1R62026-02-2727 of 439 findings match
H7M20
Red Hat Enterprise Linux 9 Security Technical Implementation Guide
22025-05-1427 of 450 findings match
H1M26
Red Hat Enterprise Linux 9 Security Technical Implementation Guide
V2R82026-02-0527 of 446 findings match
H1M26
IBM AIX 7.x Security Technical Implementation Guide
V3R22026-02-0623 of 283 findings match
H16M7
Show 39 more STIGs in this category →Hide additional STIGs
IBM AIX 7.x Security Technical Implementation Guide
32024-08-1623 of 283 findings match
H16M7
Oracle Linux 8 Security Technical Implementation Guide
22025-05-1321 of 374 findings match
M16L5
Red Hat Enterprise Linux 8 Security Technical Implementation Guide
V2R72026-02-0521 of 366 findings match
M21
Red Hat Enterprise Linux 8 Security Technical Implementation Guide
22025-05-1421 of 369 findings match
M21
SUSE Linux Enterprise Micro (SLEM) 5 Security Technical Implementation Guide
V1R42026-02-1021 of 208 findings match
H3M18
SUSE Linux Enterprise Micro (SLEM) 5 Security Technical Implementation Guide
12025-05-0821 of 210 findings match
H3M18
Oracle Linux 7 Security Technical Implementation Guide
32025-05-0820 of 243 findings match
H1M19
Oracle Linux 8 Security Technical Implementation Guide
V2R82026-02-1320 of 375 findings match
M15L5
General Purpose Operating System Security Requirements Guide
32024-12-0419 of 198 findings match
H2M17
General Purpose Operating System Security Requirements Guide
V3R32025-09-2219 of 203 findings match
H2M17
SUSE Linux Enterprise Server 15 Security Technical Implementation Guide
V2R72026-02-1919 of 214 findings match
H2M17
SUSE Linux Enterprise Server 15 Security Technical Implementation Guide
22025-05-1419 of 216 findings match
H2M17
Microsoft Windows Server 2019 Security Technical Implementation Guide
32025-05-2318 of 275 findings match
H4M14
Microsoft Windows Server 2019 Security Technical Implementation Guide
V3R82026-02-1218 of 282 findings match
H4M14
Microsoft Windows Server 2022 Security Technical Implementation Guide
22025-05-1518 of 275 findings match
H4M14
Microsoft Windows Server 2022 Security Technical Implementation Guide
V2R82026-02-1318 of 282 findings match
H4M14
Amazon Linux 2023 Security Technical Implementation Guide
V1R32026-02-2717 of 187 findings match
H1M16
Canonical Ubuntu 20.04 LTS Security Technical Implementation Guide
22025-05-1617 of 172 findings match
H3M4L10
Canonical Ubuntu 22.04 LTS Security Technical Implementation Guide
22025-05-1617 of 187 findings match
H2M13L2
Canonical Ubuntu 22.04 LTS Security Technical Implementation Guide
V2R82026-02-0616 of 188 findings match
H2M13L1
Canonical Ubuntu 24.04 LTS Security Technical Implementation Guide
V1R52026-02-0616 of 194 findings match
H2M13L1
Canonical Ubuntu 24.04 LTS Security Technical Implementation Guide
12025-05-1616 of 194 findings match
H2M13L1
Microsoft Windows Server 2025 Security Technical Implementation Guide
V1R12026-02-2016 of 284 findings match
H3M13
SUSE Linux Enterprise Server 12 Security Technical Implementation Guide
32025-05-1416 of 211 findings match
M16
Anduril NixOS Security Technical Implementation Guide
V1R22025-08-1914 of 103 findings match
H2M12
Anduril NixOS Security Technical Implementation Guide
12024-10-2514 of 104 findings match
H2M12
Tri-Lab Operating System Stack (TOSS) 4 Security Technical Implementation Guide
V2R52026-02-1914 of 226 findings match
M14
Tri-Lab Operating System Stack (TOSS) 4 Security Technical Implementation Guide
22025-05-0814 of 226 findings match
M14
Solaris 11 SPARC Security Technical Implementation Guide
V3R52026-02-1910 of 217 findings match
M10
Solaris 11 SPARC Security Technical Implementation Guide
32025-05-0510 of 217 findings match
M10
Solaris 11 X86 Security Technical Implementation Guide
V3R52026-02-1910 of 216 findings match
M10
Solaris 11 X86 Security Technical Implementation Guide
32025-05-0510 of 216 findings match
M10
Microsoft Windows Server Domain Name System (DNS) Security Technical Implementation Guide
22025-02-256 of 83 findings match
M6
Microsoft Windows Server Domain Name System (DNS) Security Technical Implementation Guide
V2R42026-02-235 of 81 findings match
M5
NetApp ONTAP DSC 9.x Security Technical Implementation Guide
22024-08-225 of 29 findings match
M5
NetApp ONTAP DSC 9.x Security Technical Implementation Guide
V2R32025-12-085 of 29 findings match
M5
HPE 3PAR SSMC Operating System Security Technical Implementation Guide
V2R12024-08-272 of 14 findings match
M2
HPE 3PAR StoreServ 3.3.x Security Technical Implementation Guide
V2R12024-08-272 of 30 findings match
H1M1
HPE 3PAR StoreServ 3.2.x Security Technical Implementation Guide
V2R12021-11-231 of 19 findings match
M1
Operating System — Mainframe
11 STIGs
Operating System — Mainframe
11 STIGsMainframe Product Security Requirements Guide
V3R42025-09-1022 of 194 findings match
M22
Mainframe Product Security Requirements Guide
32024-12-0522 of 193 findings match
M22
IBM z/OS ACF2 Security Technical Implementation Guide
92025-06-2415 of 226 findings match
H1M14
IBM z/OS ACF2 Security Technical Implementation Guide
V9R82026-03-0915 of 225 findings match
H1M14
IBM z/OS TSS Security Technical Implementation Guide
V9R82026-03-0912 of 230 findings match
H1M11
IBM z/OS TSS Security Technical Implementation Guide
92025-06-2412 of 231 findings match
H1M11
IBM z/OS RACF Security Technical Implementation Guide
V9R82026-03-0911 of 222 findings match
H1M10
IBM z/OS RACF Security Technical Implementation Guide
92025-06-2411 of 224 findings match
H1M10
Show 3 more STIGs in this category →Hide additional STIGs
IBM zVM Using CA VM:Secure Security Technical Implementation Guide
V2R22022-08-317 of 77 findings match
H1M6
IBM Hardware Management Console (HMC) Security Technical Implementation Guide
V2R12024-06-243 of 35 findings match
M3
CA IDMS Security Technical Implementation Guide
V2R12024-09-132 of 74 findings match
M1L1
Operating System — Mobile
36 STIGs
Operating System — Mobile
36 STIGsApple iOS/iPadOS 18 Security Technical Implementation Guide
12025-06-305 of 92 findings match
H1M3L1
Apple iOS/iPadOS 18 Security Technical Implementation Guide
V2R22025-12-015 of 92 findings match
H1M3L1
Apple iOS/iPadOS 26 Security Technical Implementation Guide
V1R22025-12-015 of 92 findings match
H1M3L1
Apple visionOS 2 Security Technical Implementation Guide
V1R12025-09-304 of 50 findings match
H1M3
Apple visionOS 26 Security Technical Implementation Guide
V1R12026-03-104 of 51 findings match
H1M3
Samsung Android 16 COBO Security Technical Implementation Guide
V1R32026-02-063 of 45 findings match
M2L1
Samsung Android 16 COPE Security Technical Implementation Guide
V1R22026-02-113 of 48 findings match
M2L1
Samsung Android OS 14 with Knox 3.x COBO Security Technical Implementation Guide
22024-12-063 of 36 findings match
M2L1
Show 28 more STIGs in this category →Hide additional STIGs
Samsung Android OS 14 with Knox 3.x COPE Security Technical Implementation Guide
22024-12-063 of 39 findings match
M2L1
Samsung Android OS 15 with Knox 3.x COBO Security Technical Implementation Guide
12024-12-103 of 37 findings match
M2L1
Samsung Android OS 15 with Knox 3.x COPE Security Technical Implementation Guide
12024-12-103 of 40 findings match
M2L1
Google Android 14 COBO Security Technical Implementation Guide
V2R42026-02-062 of 38 findings match
M2
Google Android 14 COBO Security Technical Implementation Guide
22024-12-042 of 30 findings match
M2
Google Android 14 COPE Security Technical Implementation Guide
22024-12-042 of 35 findings match
M2
Google Android 14 COPE Security Technical Implementation Guide
V2R42026-02-122 of 43 findings match
M2
Google Android 15 COBO Security Technical Implementation Guide
V1R42026-02-062 of 44 findings match
M2
Google Android 15 COBO Security Technical Implementation Guide
12024-12-052 of 36 findings match
M2
Google Android 15 COPE Security Technical Implementation Guide
V1R42026-02-122 of 47 findings match
M2
Google Android 15 COPE Security Technical Implementation Guide
12024-12-052 of 39 findings match
M2
Google Android 16 COBO Security Technical Implementation Guide
V1R22026-02-062 of 42 findings match
M2
Google Android 16 COPE Security Technical Implementation Guide
V1R22026-02-122 of 45 findings match
M2
Honeywell Android 13 COBO Security Technical Implementation Guide
V1R12025-05-072 of 32 findings match
M2
Honeywell Android 13 COPE Security Technical Implementation Guide
V1R12025-05-072 of 36 findings match
M2
Samsung Android 14 MDFPP 3.3 BYOAD Security Technical Implementation Guide
12024-02-212 of 25 findings match
M2
Samsung Android 15 MDFPP 3.3 BYOAD Security Technical Implementation Guide
12025-04-292 of 26 findings match
M2
Samsung Android OS 13 with Knox 3.x COBO Security Technical Implementation Guide
22024-12-062 of 30 findings match
M1L1
Samsung Android OS 13 with Knox 3.x COPE Security Technical Implementation Guide
22024-12-062 of 30 findings match
M1L1
Zebra Android 13 COBO Security Technical Implementation Guide
V1R12024-12-112 of 31 findings match
M2
Zebra Android 13 COPE Security Technical Implementation Guide
V1R12024-12-112 of 35 findings match
M2
Zebra Technologies Android 14 COBO Security Technical Implementation Guide
V1R12026-02-222 of 38 findings match
M2
Zebra Technologies Android 14 COPE Security Technical Implementation Guide
V1R12026-02-222 of 43 findings match
M2
Google Android 13 BYOAD Security Technical Implementation Guide
12024-02-061 of 23 findings match
M1
Google Android 13 COBO Security Technical Implementation Guide
22024-12-041 of 31 findings match
M1
Google Android 13 COPE Security Technical Implementation Guide
22024-12-041 of 36 findings match
M1
Google Android 14 MDFPP 3.3 BYOAD Security Technical Implementation Guide
V1R22025-08-191 of 23 findings match
M1
Google Android 14 MDFPP 3.3 BYOAD Security Technical Implementation Guide
12024-02-201 of 23 findings match
M1
Network Device
76 STIGs
Network Device
76 STIGsAAA Services Security Requirements Guide
V2R22024-12-0421 of 77 findings match
H4M17
Domain Name System (DNS) Security Requirements Guide
42024-07-0217 of 118 findings match
M17
Domain Name System (DNS) Security Requirements Guide
V4R22025-12-1916 of 119 findings match
M16
Network Device Management Security Requirements Guide
V5R32025-02-1114 of 104 findings match
H4M10
Network Device Management Security Requirements Guide
V5R42025-09-1014 of 105 findings match
H4M10
Symantec Edge SWG NDM Security Technical Implementation Guide
V1R22026-02-2512 of 30 findings match
H1M11
HP FlexFabric Switch NDM Security Technical Implementation Guide
V1R42025-06-1211 of 79 findings match
M11
Riverbed NetIM OS Security Technical Implementation Guide
V1R12025-10-0210 of 154 findings match
H2M8
Show 68 more STIGs in this category →Hide additional STIGs
Virtual Private Network (VPN) Security Requirements Guide
V3R42025-09-1010 of 92 findings match
M10
Virtual Private Network (VPN) Security Requirements Guide
32024-12-1910 of 82 findings match
M10
Dell OS10 Switch NDM Security Technical Implementation Guide
V1R12024-12-119 of 39 findings match
H2M7
HPE Aruba Networking AOS NDM Security Technical Implementation Guide
V1R12024-10-299 of 37 findings match
H2M7
F5 BIG-IP TMOS NDM Security Technical Implementation Guide
V1R22025-06-128 of 29 findings match
H1M7
Fortinet FortiGate Firewall NDM Security Technical Implementation Guide
V1R52025-11-198 of 60 findings match
H1M7
Fortinet FortiGate Firewall NDM Security Technical Implementation Guide
12023-06-018 of 60 findings match
H1M7
IBM DataPower Network Device Management Security Technical Implementation Guide
V1R22017-10-058 of 64 findings match
M8
Ivanti Connect Secure NDM Security Technical Implementation Guide
V2R32025-09-098 of 29 findings match
H2M6
Ivanti Connect Secure NDM Security Technical Implementation Guide
22024-09-168 of 29 findings match
H2M6
Juniper EX Series Switches Network Device Management Security Technical Implementation Guide
V2R42025-12-108 of 56 findings match
H1M7
Juniper EX Series Switches Network Device Management Security Technical Implementation Guide
22025-03-078 of 56 findings match
H1M7
Akamai KSD Service Impact Level 2 NDM Security Technical Implementation Guide
V1R12017-09-157 of 24 findings match
M7
Cisco IOS Router NDM Security Technical Implementation Guide
V3R72026-02-257 of 43 findings match
H1M6
Cisco IOS Router NDM Security Technical Implementation Guide
32025-05-197 of 43 findings match
H1M6
Cisco IOS Switch NDM Security Technical Implementation Guide
V3R72026-02-257 of 43 findings match
H1M6
Cisco IOS Switch NDM Security Technical Implementation Guide
32025-05-197 of 43 findings match
H1M6
Cisco IOS XE Router NDM Security Technical Implementation Guide
V3R72026-02-117 of 42 findings match
H1M6
Cisco IOS XE Router NDM Security Technical Implementation Guide
32025-05-167 of 42 findings match
H1M6
Cisco IOS XE Switch NDM Security Technical Implementation Guide
V3R62026-03-047 of 42 findings match
H1M6
Cisco IOS XE Switch NDM Security Technical Implementation Guide
32025-05-197 of 42 findings match
H1M6
Cisco ISE NDM Security Technical Implementation Guide
V2R32025-12-117 of 53 findings match
H1M6
Cisco ISE NDM Security Technical Implementation Guide
22024-09-107 of 53 findings match
H1M6
Juniper SRX Services Gateway NDM Security Technical Implementation Guide
V3R32024-12-207 of 68 findings match
H1M6
Palo Alto Networks NDM Security Technical Implementation Guide
V3R32025-03-127 of 34 findings match
M7
BIND 9.x Security Technical Implementation Guide
V3R22026-02-256 of 73 findings match
M6
Cisco ASA NDM Security Technical Implementation Guide
V2R42025-12-086 of 47 findings match
M6
Cisco ASA NDM Security Technical Implementation Guide
22025-05-196 of 47 findings match
M6
HPE Nimble Storage Array NDM Security Technical Implementation Guide
V2R12024-06-206 of 20 findings match
M6
Application Layer Gateway Security Requirements Guide
22024-12-045 of 155 findings match
M5
Application Layer Gateway Security Requirements Guide
V2R32025-09-155 of 160 findings match
M5
BIND 9.x Security Technical Implementation Guide
22024-02-155 of 70 findings match
H2M3
Cisco ASA VPN Security Technical Implementation Guide
V2R22024-08-225 of 41 findings match
H1M4
F5 NGINX Security Technical Implementation Guide
V1R12026-01-075 of 32 findings match
M5
Juniper Router NDM Security Technical Implementation Guide
V3R22024-12-055 of 49 findings match
M5
Trend Micro TippingPoint NDM Security Technical Implementation Guide
V2R32025-03-105 of 30 findings match
M5
Cisco NX OS Switch NDM Security Technical Implementation Guide
V3R22024-09-104 of 42 findings match
M4
Cisco NX OS Switch NDM Security Technical Implementation Guide
32025-05-194 of 42 findings match
M4
IBM DataPower ALG Security Technical Implementation Guide
V1R12016-01-214 of 65 findings match
M4
Riverbed NetProfiler Security Technical Implementation Guide
V2R12024-08-274 of 25 findings match
H1M3
Enterprise Voice, Video, and Messaging Session Management Security Requirements Guide
V1R22025-12-303 of 60 findings match
M3
Enterprise Voice, Video, and Messaging Session Management Security Requirements Guide
12024-03-113 of 61 findings match
M3
F5 BIG-IP TMOS ALG Security Technical Implementation Guide
V1R22025-06-093 of 37 findings match
H2M1
HPE Aruba Networking AOS VPN Security Technical Implementation Guide
V1R12024-10-293 of 21 findings match
H1M2
Infoblox 8.x DNS Security Technical Implementation Guide
V1R22025-03-113 of 71 findings match
H2M1
Network WLAN AP-IG Management Security Technical Implementation Guide
V7R22023-09-133 of 19 findings match
M3
Riverbed NetIM NDM Security Technical Implementation Guide
V1R12025-09-293 of 15 findings match
M2L1
Symantec ProxySG ALG Security Technical Implementation Guide
V1R32020-03-273 of 66 findings match
M3
Symantec ProxySG NDM Security Technical Implementation Guide
V1R22019-12-203 of 32 findings match
H1M2
Cisco ACI NDM Security Technical Implementation Guide
V1R22025-12-112 of 26 findings match
M2
Cisco ACI NDM Security Technical Implementation Guide
12025-06-132 of 26 findings match
M2
Enterprise Voice, Video, and Messaging Endpoint Security Requirements Guide
V1R32025-10-012 of 47 findings match
H1M1
Enterprise Voice, Video, and Messaging Endpoint Security Requirements Guide
12024-08-022 of 47 findings match
H1M1
HPE Alletra Storage ArcusOS Network Device Management Security Technical Implementation Guide
V1R12026-03-032 of 19 findings match
M2
Infoblox 7.x DNS Security Technical Implementation Guide
22020-12-102 of 67 findings match
M2
Network WLAN AP-NIPR Management Security Technical Implementation Guide
V7R22023-09-132 of 18 findings match
M2
Network WLAN Bridge Management Security Technical Implementation Guide
V7R22023-09-132 of 18 findings match
M2
Network WLAN Controller Management Security Technical Implementation Guide
V7R22023-09-182 of 18 findings match
M2
Palo Alto Networks Prisma Cloud Compute Security Technical Implementation Guide
22024-12-062 of 31 findings match
M2
Arista MLS EOS 4.X NDM Security Technical Implementation Guide
V2R22025-02-201 of 21 findings match
M1
F5 BIG-IP TMOS VPN Security Technical Implementation Guide
V1R12024-09-091 of 12 findings match
H1
Ivanti Connect Secure VPN Security Technical Implementation Guide
V2R22025-09-091 of 15 findings match
M1
Ivanti Connect Secure VPN Security Technical Implementation Guide
22024-06-101 of 15 findings match
M1
Network WLAN AP-NIPR Platform Security Technical Implementation Guide
V7R32023-02-131 of 11 findings match
M1
Palo Alto Networks ALG Security Technical Implementation Guide
V3R42025-03-121 of 50 findings match
M1
Palo Alto Networks Prisma Cloud Compute Security Technical Implementation Guide
V2R32026-02-131 of 31 findings match
M1
RUCKUS ICX NDM Security Technical Implementation Guide
V1R12025-05-281 of 25 findings match
M1
Symantec Edge SWG ALG Security Technical Implementation Guide
V1R12025-12-161 of 15 findings match
M1
Database
25 STIGs
Database
25 STIGsDatabase Security Requirements Guide
V4R52026-02-2615 of 142 findings match
H4M11
Database Security Requirements Guide
42024-12-0415 of 142 findings match
H4M11
Oracle Database 19c Security Technical Implementation Guide
V1R52026-02-259 of 96 findings match
H2M7
Oracle Database 19c Security Technical Implementation Guide
12025-06-249 of 96 findings match
H2M7
MariaDB Enterprise 10.x Security Technical Implementation Guide
V2R52026-03-028 of 107 findings match
H4M4
MariaDB Enterprise 10.x Security Technical Implementation Guide
22024-12-058 of 110 findings match
H4M4
Oracle MySQL 8.0 Security Technical Implementation Guide
V2R22024-09-047 of 100 findings match
H3M4
EnterpriseDB Postgres Advanced Server (EPAS) Security Technical Implementation Guide
V2R12024-08-276 of 118 findings match
H4M2
Show 17 more STIGs in this category →Hide additional STIGs
Redis Enterprise 6.x Security Technical Implementation Guide
V2R22024-09-046 of 71 findings match
H1M5
Crunchy Data Postgres 16 Security Technical Implementation Guide
V1R22026-02-275 of 111 findings match
H3M2
Crunchy Data Postgres 16 Security Technical Implementation Guide
12024-06-175 of 111 findings match
H3M2
Crunchy Data PostgreSQL Security Technical Implementation Guide
V3R12024-08-275 of 113 findings match
H3M2
MarkLogic Server v9 Security Technical Implementation Guide
V3R22024-09-045 of 80 findings match
H2M3
Microsoft Azure SQL Managed Instance Security Technical Implementation Guide
V1R12025-10-075 of 84 findings match
H2M3
Microsoft SQL Server 2022 Instance Security Technical Implementation Guide
V1R42026-02-255 of 79 findings match
H4M1
Microsoft SQL Server 2022 Instance Security Technical Implementation Guide
12025-05-305 of 80 findings match
H4M1
MongoDB Enterprise Advanced 8.x Security Technical Implementation Guide
V1R12026-02-205 of 55 findings match
H3M2
MS SQL Server 2016 Instance Security Technical Implementation Guide
V3R62025-12-085 of 84 findings match
H4M1
MS SQL Server 2016 Instance Security Technical Implementation Guide
32025-06-115 of 101 findings match
H4M1
MongoDB Enterprise Advanced 7.x Security Technical Implementation Guide
V1R12024-09-274 of 50 findings match
H3M1
VMware vSphere 7.0 vCenter Appliance PostgreSQL Security Technical Implementation Guide
V1R22023-06-153 of 20 findings match
H2M1
VMware vSphere 8.0 vCenter Appliance PostgreSQL Security Technical Implementation Guide
V1R12023-10-293 of 20 findings match
H2M1
VMware vSphere 8.0 vCenter Appliance PostgreSQL Security Technical Implementation Guide
V2R22025-02-122 of 18 findings match
H1M1
IBM DB2 V10.5 LUW Security Technical Implementation Guide
V2R12023-06-111 of 93 findings match
M1
Microsoft Azure SQL Database Security Technical Implementation Guide
V2R32025-06-111 of 76 findings match
M1
Web / Application Server
29 STIGs
Web / Application Server
29 STIGsApplication Security and Development Security Technical Implementation Guide
62025-02-1219 of 286 findings match
H6M13
Application Security and Development Security Technical Implementation Guide
V6R42025-09-0919 of 286 findings match
H6M13
Web Server Security Requirements Guide
V4R42025-09-1013 of 126 findings match
M13
Web Server Security Requirements Guide
42025-02-1213 of 124 findings match
M13
Adobe ColdFusion Security Technical Implementation Guide
V1R12025-12-198 of 84 findings match
M8
Application Server Security Requirements Guide
V4R42025-09-108 of 137 findings match
M8
Application Server Security Requirements Guide
42025-02-118 of 128 findings match
M8
IBM WebSphere Traditional V9.x Security Technical Implementation Guide
V2R12026-02-267 of 77 findings match
H3M4
Show 21 more STIGs in this category →Hide additional STIGs
IBM WebSphere Traditional V9.x Security Technical Implementation Guide
12018-08-247 of 76 findings match
H3M4
Apache Tomcat Application Server 9 Security Technical Implementation Guide
32025-02-115 of 82 findings match
H2M3
Application Programming Interface (API) Security Requirements Guide
V1R12025-09-245 of 65 findings match
M5
IBM WebSphere Liberty Server Security Technical Implementation Guide
22025-02-115 of 29 findings match
H3M2
IBM WebSphere Liberty Server Security Technical Implementation Guide
V2R42026-02-265 of 30 findings match
H3M2
JBoss Enterprise Application Platform 6.3 Security Technical Implementation Guide
V2R62025-02-205 of 67 findings match
M5
Apache Tomcat Application Server 9 Security Technical Implementation Guide
V3R42026-02-254 of 79 findings match
H2M2
Apache Server 2.4 UNIX Site Security Technical Implementation Guide
V2R62025-02-122 of 27 findings match
M2
Apache Server 2.4 Windows Server Security Technical Implementation Guide
V3R42026-02-252 of 49 findings match
M2
Apache Server 2.4 Windows Server Security Technical Implementation Guide
32025-02-122 of 54 findings match
M2
Apache Server 2.4 Windows Site Security Technical Implementation Guide
22025-02-122 of 36 findings match
M2
HPE 3PAR SSMC Web Server Security Technical Implementation Guide
V2R12024-05-302 of 19 findings match
M2
Red Hat Ansible Automation Controller Application Server Security Technical Implementation Guide
V2R42025-11-202 of 16 findings match
M2
Red Hat Ansible Automation Controller Application Server Security Technical Implementation Guide
22025-05-232 of 16 findings match
M2
Apache Server 2.4 UNIX Server Security Technical Implementation Guide
V3R22024-12-041 of 47 findings match
M1
Apache Server 2.4 UNIX Server Security Technical Implementation Guide
32024-12-041 of 47 findings match
M1
Apache Server 2.4 Windows Site Security Technical Implementation Guide
V2R32026-02-251 of 16 findings match
M1
Microsoft IIS 10.0 Site Security Technical Implementation Guide
V2R152026-02-261 of 44 findings match
M1
Microsoft IIS 10.0 Site Security Technical Implementation Guide
22025-06-091 of 43 findings match
M1
Red Hat Ansible Automation Controller Web Server Security Technical Implementation Guide
V2R32025-11-201 of 28 findings match
M1
Red Hat Ansible Automation Controller Web Server Security Technical Implementation Guide
22024-08-271 of 28 findings match
M1
Virtualization / Container
30 STIGs
Virtualization / Container
30 STIGsContainer Platform Security Requirements Guide
V2R42025-09-1021 of 188 findings match
H1M20
Container Platform Security Requirements Guide
22025-05-1521 of 187 findings match
H1M20
Virtual Machine Manager Security Requirements Guide
22024-12-0619 of 193 findings match
M19
Virtual Machine Manager Security Requirements Guide
V2R32025-09-1019 of 198 findings match
M19
VMware vSphere 7.0 vCenter Appliance Photon OS Security Technical Implementation Guide
V1R42024-12-1613 of 113 findings match
M13
VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 Security Technical Implementation Guide
V2R12024-07-1113 of 106 findings match
H2M11
VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 Security Technical Implementation Guide
V1R12023-10-2913 of 104 findings match
H2M11
Nutanix Acropolis GPOS Security Technical Implementation Guide
V1R12026-02-2412 of 106 findings match
H2M10
Show 22 more STIGs in this category →Hide additional STIGs
VMware vSphere 7.0 vCenter Security Technical Implementation Guide
V1R32023-12-219 of 57 findings match
H1M8
VMware vSphere 8.0 vCenter Security Technical Implementation Guide
V1R12023-10-119 of 65 findings match
H1M8
VMware vSphere 8.0 vCenter Security Technical Implementation Guide
V2R32025-06-099 of 67 findings match
H1M8
VMware NSX 4.x Manager NDM Security Technical Implementation Guide
V1R22024-12-136 of 28 findings match
M6
Nutanix Acropolis Application Server Security Technical Implementation Guide
V1R12026-02-243 of 31 findings match
M3
Kubernetes Security Technical Implementation Guide
V2R62026-02-122 of 92 findings match
H2
Kubernetes Security Technical Implementation Guide
22025-05-162 of 94 findings match
H2
VMware NSX-T Manager NDM Security Technical Implementation Guide
V1R32023-06-222 of 23 findings match
M2
VMware vSphere 7.0 ESXi Security Technical Implementation Guide
V1R42025-02-112 of 75 findings match
M2
VMware vSphere 7.0 VAMI Security Technical Implementation Guide
V1R22023-06-152 of 28 findings match
M2
VMware vSphere 7.0 vCenter Appliance RhttpProxy Security Technical Implementation Guide
V1R12023-02-212 of 8 findings match
M2
VMware vSphere 8.0 ESXi Security Technical Implementation Guide
V2R32025-02-112 of 76 findings match
M2
VMware vSphere 8.0 ESXi Security Technical Implementation Guide
V1R12023-10-112 of 73 findings match
M2
Mirantis Kubernetes Engine Security Technical Implementation Guide
V2R12024-08-271 of 44 findings match
H1
Rancher Government Solutions RKE2 Security Technical Implementation Guide
V2R62026-02-131 of 21 findings match
M1
Rancher Government Solutions RKE2 Security Technical Implementation Guide
22024-12-201 of 24 findings match
M1
Red Hat OpenShift Container Platform 4.x Security Technical Implementation Guide
22025-05-151 of 83 findings match
M1
Red Hat OpenShift Container Platform 4.x Security Technical Implementation Guide
V2R52025-12-041 of 83 findings match
M1
VMware vSphere 8.0 vCenter Appliance Envoy Security Technical Implementation Guide
V1R12023-10-291 of 5 findings match
M1
VMware vSphere 8.0 vCenter Appliance Envoy Security Technical Implementation Guide
V2R12024-07-111 of 5 findings match
M1
VMware vSphere 8.0 vCenter Appliance Management Interface (VAMI) Security Technical Implementation Guide
V2R12024-07-111 of 22 findings match
M1
VMware vSphere 8.0 vCenter Appliance Management Interface (VAMI) Security Technical Implementation Guide
V1R12023-10-291 of 24 findings match
M1
Cloud / Identity Service
4 STIGs
Cloud / Identity Service
4 STIGsOkta Identity as a Service (IDaaS) Security Technical Implementation Guide
12025-05-0610 of 24 findings match
M10
Okta Identity as a Service (IDaaS) Security Technical Implementation Guide
V1R22025-11-1910 of 29 findings match
M10
Cloud Computing Mission Owner Network Security Requirements Guide
V1R22024-12-202 of 9 findings match
H2
Microsoft Entra ID Security Technical Implementation Guide
V1R12025-03-172 of 10 findings match
M2
Endpoint Security Management
22 STIGs
Endpoint Security Management
22 STIGsCentral Log Server Security Requirements Guide
V3R42026-02-1221 of 127 findings match
H4M9L8
Central Log Server Security Requirements Guide
32024-12-0421 of 125 findings match
H4M9L8
Unified Endpoint Management Server Security Requirements Guide
22024-12-0917 of 137 findings match
H1M16
Unified Endpoint Management Server Security Requirements Guide
V2R42025-09-1017 of 138 findings match
H1M16
Jamf Pro v10.x EMM Security Technical Implementation Guide
V3R12024-08-279 of 29 findings match
M9
HYCU Protege Security Technical Implementation Guide
V1R22026-03-048 of 55 findings match
H1M7
HYCU Protege Security Technical Implementation Guide
12024-10-298 of 55 findings match
H1M7
Forescout Network Device Management Security Technical Implementation Guide
V2R32025-06-126 of 42 findings match
M5L1
Show 14 more STIGs in this category →Hide additional STIGs
Ivanti EPMM Server Security Technical Implementation Guide
V3R12024-07-306 of 26 findings match
M6
Ivanti Sentry 9.x NDM Security Technical Implementation Guide
V3R12024-09-255 of 26 findings match
M5
Tanium 7.x Application on TanOS Security Technical Implementation Guide
V2R22025-02-115 of 75 findings match
M5
Tanium 7.x Operating System on TanOS Security Technical Implementation Guide
V2R22025-02-114 of 31 findings match
H1M3
Trellix Application Control 8.x Security Technical Implementation Guide
V3R22025-06-094 of 31 findings match
M4
ISEC7 Sphere Security Technical Implementation Guide
V3R12024-08-203 of 34 findings match
M3
Ivanti Sentry 9.x ALG Security Technical Implementation Guide
V3R12024-09-252 of 32 findings match
M2
Samsung SDS EMM Security Technical Implementation Guide
V1R32022-06-102 of 23 findings match
M2
Tanium 7.x Security Technical Implementation Guide
V2R32025-05-142 of 98 findings match
M2
Unified Endpoint Management Agent Security Requirements Guide
V2R12025-10-032 of 14 findings match
M2
Unified Endpoint Management Agent Security Requirements Guide
12020-12-142 of 14 findings match
M2
Dragos Platform 2.x Security Technical Implementation Guide
V1R62026-02-181 of 19 findings match
M1
Dragos Platform 2.x Security Technical Implementation Guide
12025-05-151 of 19 findings match
M1
Forescout Network Access Control Security Technical Implementation Guide
V2R42025-06-121 of 26 findings match
H1
Productivity Application
12 STIGs
Productivity Application
12 STIGsSoaring Software Solutions TCMax 9.x Security Technical Implementation Guide
V1R12026-03-056 of 17 findings match
M6
Microsoft DotNet Framework 4.0 Security Technical Implementation Guide
V2R82026-02-125 of 16 findings match
M5
Microsoft DotNet Framework 4.0 Security Technical Implementation Guide
22025-05-165 of 16 findings match
M5
Microsoft Edge Security Technical Implementation Guide
V2R52026-02-252 of 61 findings match
M2
Microsoft Edge Security Technical Implementation Guide
22025-05-152 of 59 findings match
M2
Mozilla Firefox Security Technical Implementation Guide
V6R72025-11-252 of 34 findings match
M2
Mozilla Firefox Security Technical Implementation Guide
62025-02-112 of 34 findings match
M2
SPEC Innovations Innoslate 4.x Security Technical Implementation Guide
V1R12022-08-312 of 11 findings match
H2
Show 4 more STIGs in this category →Hide additional STIGs
AvePoint Compliance Guardian Security Technical Implementation Guide
V1R12023-02-211 of 10 findings match
H1
Google Chrome Current Windows Security Technical Implementation Guide
V2R112025-05-151 of 46 findings match
M1
Microsoft Office 365 ProPlus Security Technical Implementation Guide
V3R52026-02-121 of 139 findings match
M1
Microsoft Office 365 ProPlus Security Technical Implementation Guide
32025-03-051 of 138 findings match
M1
Uncategorized
3 STIGs
Uncategorized
3 STIGsSDN Using NV Security Technical Implementation Guide
12017-03-013 of 25 findings match
M3
Microsoft Internet Explorer 11 Security Technical Implementation Guide
22023-12-012 of 137 findings match
L2
Microsoft Outlook 2016 Security Technical Implementation Guide
22022-03-112 of 63 findings match
M2