NIST 800-53 Rev 5
424 controls available
SC-23moderatehigh
Session Authenticity
System and Communications Protection
Control Statement
Protect the authenticity of communications sessions.
Discussion
Protecting session authenticity addresses communications protection at the session level, not at the packet level. Such protection establishes grounds for confidence at both ends of communications sessions in the ongoing identities of other parties and the validity of transmitted information. Authenticity protection includes protecting against "man-in-the-middle" attacks, session hijacking, and the insertion of false information into sessions.
- Framework
- NIST SP 800-53 Rev 5
- Family
- System and Communications Protection
- Baselines
- moderate, high
Related Frameworks
2 paths across 2 frameworks
Related Frameworks
NIST 800-1711 mapping
3.13.15
1.00
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
CCI1 mapping
CCI-001184
1.00
- DISA · 2025-01-23 · disa_cci_list · equivalent
Related STIGs
167 STIGs reach this control through 7 CCIs. Expand a row to see the responsible NICE and O*NET roles.
Operating System — Desktop
6 STIGs
Operating System — Desktop
6 STIGsMicrosoft Windows 11 Security Technical Implementation Guide
V2R72026-02-122 of 262 findings match
M2
Microsoft Windows 11 Security Technical Implementation Guide
22025-05-152 of 258 findings match
M2
Apple macOS 14 (Sonoma) Security Technical Implementation Guide
22024-12-041 of 155 findings match
M1
Apple macOS 15 (Sequoia) Security Technical Implementation Guide
V1R72026-02-061 of 160 findings match
M1
Apple macOS 15 (Sequoia) Security Technical Implementation Guide
12025-05-051 of 161 findings match
M1
Apple macOS 26 (Tahoe) Security Technical Implementation Guide
V1R22026-02-111 of 160 findings match
M1
Operating System — Server
16 STIGs
Operating System — Server
16 STIGsHPE 3PAR StoreServ 3.3.x Security Technical Implementation Guide
V2R12024-08-275 of 30 findings match
M5
Microsoft Windows Server Domain Name System (DNS) Security Technical Implementation Guide
22025-02-254 of 83 findings match
H1M3
Microsoft Windows Server Domain Name System (DNS) Security Technical Implementation Guide
V2R42026-02-234 of 81 findings match
H1M3
Canonical Ubuntu 20.04 LTS Security Technical Implementation Guide
22025-05-161 of 172 findings match
M1
Canonical Ubuntu 22.04 LTS Security Technical Implementation Guide
V2R82026-02-061 of 188 findings match
M1
Canonical Ubuntu 22.04 LTS Security Technical Implementation Guide
22025-05-161 of 187 findings match
M1
Canonical Ubuntu 24.04 LTS Security Technical Implementation Guide
V1R52026-02-061 of 194 findings match
M1
Canonical Ubuntu 24.04 LTS Security Technical Implementation Guide
12025-05-161 of 194 findings match
M1
Show 8 more STIGs in this category →Hide additional STIGs
Cloud Linux AlmaLinux OS 9 Security Technical Implementation Guide
V1R62026-02-271 of 439 findings match
M1
CloudLinux AlmaLinux OS 9 Security Technical Implementation Guide
12025-05-221 of 445 findings match
M1
General Purpose Operating System Security Requirements Guide
32024-12-041 of 198 findings match
M1
General Purpose Operating System Security Requirements Guide
V3R32025-09-221 of 203 findings match
M1
IBM AIX 7.x Security Technical Implementation Guide
V3R22026-02-061 of 283 findings match
M1
IBM AIX 7.x Security Technical Implementation Guide
32024-08-161 of 283 findings match
M1
Oracle Linux 9 Security Technical Implementation Guide
12025-05-081 of 456 findings match
M1
Oracle Linux 9 Security Technical Implementation Guide
V1R52026-02-171 of 448 findings match
M1
Operating System — Mainframe
5 STIGs
Operating System — Mainframe
5 STIGszOS WebSphere MQ for ACF2 Security Technical Implementation Guide
V7R22025-09-271 of 17 findings match
M1
zOS WebSphere MQ for RACF Security Technical Implementation Guide
V7R32025-09-271 of 17 findings match
M1
zOS WebSphere MQ for TSS Security Technical Implementation Guide
V7R22025-09-281 of 17 findings match
M1
zOS WebsphereMQ for ACF2 Security Technical Implementation Guide
72025-02-241 of 17 findings match
M1
zOS WebsphereMQ for RACF Security Technical Implementation Guide
72025-06-241 of 17 findings match
M1
Network Device
36 STIGs
Network Device
36 STIGsVirtual Private Network (VPN) Security Requirements Guide
V3R42025-09-107 of 92 findings match
H1M6
Virtual Private Network (VPN) Security Requirements Guide
32024-12-197 of 82 findings match
H1M6
F5 BIG-IP TMOS ALG Security Technical Implementation Guide
V1R22025-06-096 of 37 findings match
M2L4
Application Layer Gateway Security Requirements Guide
22024-12-045 of 155 findings match
M5
Application Layer Gateway Security Requirements Guide
V2R32025-09-155 of 160 findings match
M5
Domain Name System (DNS) Security Requirements Guide
V4R22025-12-194 of 119 findings match
M4
Domain Name System (DNS) Security Requirements Guide
42024-07-024 of 118 findings match
M4
IBM DataPower ALG Security Technical Implementation Guide
V1R12016-01-214 of 65 findings match
M4
Show 28 more STIGs in this category →Hide additional STIGs
Cisco ACI Router Security Technical Implementation Guide
12025-06-183 of 45 findings match
M3
Dell OS10 Switch Router Security Technical Implementation Guide
V1R22026-03-043 of 42 findings match
M3
Dell OS10 Switch Router Security Technical Implementation Guide
12024-12-113 of 42 findings match
M3
Infoblox 7.x DNS Security Technical Implementation Guide
22020-12-103 of 67 findings match
M3
Infoblox 8.x DNS Security Technical Implementation Guide
V1R22025-03-113 of 71 findings match
M3
Network Device Management Security Requirements Guide
V5R32025-02-113 of 104 findings match
M3
Network Device Management Security Requirements Guide
V5R42025-09-103 of 105 findings match
M3
Router Security Requirements Guide
V5R22025-09-103 of 123 findings match
M3
Router Security Requirements Guide
52024-05-283 of 108 findings match
M3
RUCKUS ICX Router Security Technical Implementation Guide
V1R12025-06-033 of 81 findings match
M3
Cisco ASA VPN Security Technical Implementation Guide
V2R22024-08-222 of 41 findings match
H1M1
Enterprise Voice, Video, and Messaging Session Management Security Requirements Guide
V1R22025-12-302 of 60 findings match
H1M1
Enterprise Voice, Video, and Messaging Session Management Security Requirements Guide
12024-03-112 of 61 findings match
H1M1
Juniper SRX Services Gateway VPN Security Technical Implementation Guide
V3R22024-12-202 of 28 findings match
H1M1
Symantec ProxySG ALG Security Technical Implementation Guide
V1R32020-03-272 of 66 findings match
H1M1
Akamai KSD Service Impact Level 2 ALG Security Technical Implementation Guide
V1R12017-09-151 of 33 findings match
H1
Cisco ACI Router Security Technical Implementation Guide
V1R22025-12-111 of 26 findings match
M1
Cisco ISE NDM Security Technical Implementation Guide
V2R32025-12-111 of 53 findings match
M1
Cisco ISE NDM Security Technical Implementation Guide
22024-09-101 of 53 findings match
M1
Enterprise Voice, Video, and Messaging Endpoint Security Requirements Guide
V1R32025-10-011 of 47 findings match
M1
Enterprise Voice, Video, and Messaging Endpoint Security Requirements Guide
12024-08-021 of 47 findings match
M1
F5 BIG-IP TMOS DNS Security Technical Implementation Guide
V1R12024-09-091 of 12 findings match
H1
F5 BIG-IP TMOS VPN Security Technical Implementation Guide
V1R12024-09-091 of 12 findings match
H1
F5 NGINX Security Technical Implementation Guide
V1R12026-01-071 of 32 findings match
M1
Fortinet FortiGate Firewall NDM Security Technical Implementation Guide
V1R52025-11-191 of 60 findings match
M1
Fortinet FortiGate Firewall NDM Security Technical Implementation Guide
12023-06-011 of 60 findings match
M1
IBM DataPower Network Device Management Security Technical Implementation Guide
V1R22017-10-051 of 64 findings match
M1
Palo Alto Networks ALG Security Technical Implementation Guide
V3R42025-03-121 of 50 findings match
M1
Database
16 STIGs
Database
16 STIGsDatabase Security Requirements Guide
V4R52026-02-264 of 142 findings match
M4
Database Security Requirements Guide
42024-12-044 of 142 findings match
M4
Crunchy Data Postgres 16 Security Technical Implementation Guide
V1R22026-02-273 of 111 findings match
M3
Crunchy Data Postgres 16 Security Technical Implementation Guide
12024-06-173 of 111 findings match
M3
Crunchy Data PostgreSQL Security Technical Implementation Guide
V3R12024-08-273 of 113 findings match
M3
MariaDB Enterprise 10.x Security Technical Implementation Guide
V2R52026-03-023 of 107 findings match
M3
MariaDB Enterprise 10.x Security Technical Implementation Guide
22024-12-053 of 110 findings match
M3
Redis Enterprise 6.x Security Technical Implementation Guide
V2R22024-09-043 of 71 findings match
M3
Show 8 more STIGs in this category →Hide additional STIGs
EnterpriseDB Postgres Advanced Server (EPAS) Security Technical Implementation Guide
V2R12024-08-272 of 118 findings match
M2
IBM DB2 V10.5 LUW Security Technical Implementation Guide
V2R12023-06-112 of 93 findings match
M2
MarkLogic Server v9 Security Technical Implementation Guide
V3R22024-09-042 of 80 findings match
M2
MongoDB Enterprise Advanced 7.x Security Technical Implementation Guide
V1R12024-09-272 of 50 findings match
M2
MongoDB Enterprise Advanced 8.x Security Technical Implementation Guide
V1R12026-02-202 of 55 findings match
M2
Oracle MySQL 8.0 Security Technical Implementation Guide
V2R22024-09-042 of 100 findings match
M2
MS SQL Server 2016 Instance Security Technical Implementation Guide
32025-06-111 of 101 findings match
M1
VMware vSphere 8.0 vCenter Appliance PostgreSQL Security Technical Implementation Guide
V1R12023-10-291 of 20 findings match
M1
Web / Application Server
30 STIGs
Web / Application Server
30 STIGsWeb Server Security Requirements Guide
V4R42025-09-1011 of 126 findings match
H1M10
Web Server Security Requirements Guide
42025-02-1211 of 124 findings match
H1M10
Application Security and Development Security Technical Implementation Guide
62025-02-1210 of 286 findings match
H2M8
Application Security and Development Security Technical Implementation Guide
V6R42025-09-0910 of 286 findings match
H2M8
Apache Server 2.4 Windows Server Security Technical Implementation Guide
32025-02-126 of 54 findings match
M6
Apache Server 2.4 Windows Site Security Technical Implementation Guide
22025-02-126 of 36 findings match
M6
Application Server Security Requirements Guide
V4R42025-09-106 of 137 findings match
H1M5
Application Server Security Requirements Guide
42025-02-116 of 128 findings match
H1M5
Show 22 more STIGs in this category →Hide additional STIGs
Apache Server 2.4 UNIX Server Security Technical Implementation Guide
V3R22024-12-044 of 47 findings match
H1M3
Apache Server 2.4 UNIX Server Security Technical Implementation Guide
32024-12-044 of 47 findings match
H1M3
Apache Server 2.4 Windows Server Security Technical Implementation Guide
V3R42026-02-253 of 49 findings match
M3
Apache Tomcat Application Server 9 Security Technical Implementation Guide
V3R42026-02-253 of 79 findings match
M2L1
Apache Tomcat Application Server 9 Security Technical Implementation Guide
32025-02-113 of 82 findings match
M2L1
Adobe ColdFusion Security Technical Implementation Guide
V1R12025-12-192 of 84 findings match
H1M1
Apache Server 2.4 UNIX Site Security Technical Implementation Guide
V2R62025-02-122 of 27 findings match
M2
Application Programming Interface (API) Security Requirements Guide
V1R12025-09-242 of 65 findings match
M2
IBM WebSphere Traditional V9.x Security Technical Implementation Guide
V2R12026-02-262 of 77 findings match
M2
IBM WebSphere Traditional V9.x Security Technical Implementation Guide
12018-08-242 of 76 findings match
M2
Microsoft Exchange 2016 Edge Transport Server Security Technical Implementation Guide
V2R62024-12-062 of 68 findings match
M2
Microsoft Exchange 2019 Edge Server Security Technical Implementation Guide
V2R22024-12-062 of 68 findings match
M2
Microsoft IIS 10.0 Server Security Technical Implementation Guide
V3R72026-02-262 of 40 findings match
M2
Microsoft IIS 10.0 Server Security Technical Implementation Guide
32025-06-112 of 43 findings match
M2
Microsoft IIS 10.0 Site Security Technical Implementation Guide
V2R152026-02-262 of 44 findings match
M2
Microsoft IIS 10.0 Site Security Technical Implementation Guide
22025-06-092 of 43 findings match
M2
Apache Server 2.4 Windows Site Security Technical Implementation Guide
V2R32026-02-251 of 16 findings match
M1
JBoss Enterprise Application Platform 6.3 Security Technical Implementation Guide
V2R62025-02-201 of 67 findings match
M1
Microsoft Exchange 2016 Mailbox Server Security Technical Implementation Guide
V2R62023-12-181 of 64 findings match
M1
Microsoft Exchange 2019 Mailbox Server Security Technical Implementation Guide
V2R32025-05-141 of 66 findings match
H1
Red Hat Ansible Automation Controller Web Server Security Technical Implementation Guide
V2R32025-11-201 of 28 findings match
M1
Red Hat Ansible Automation Controller Web Server Security Technical Implementation Guide
22024-08-271 of 28 findings match
M1
Virtualization / Container
23 STIGs
Virtualization / Container
23 STIGsKubernetes Security Technical Implementation Guide
V2R62026-02-1216 of 92 findings match
M16
Kubernetes Security Technical Implementation Guide
22025-05-1616 of 94 findings match
M16
Container Platform Security Requirements Guide
V2R42025-09-101 of 188 findings match
H1
Container Platform Security Requirements Guide
22025-05-151 of 187 findings match
H1
Nutanix Acropolis Application Server Security Technical Implementation Guide
V1R12026-02-241 of 31 findings match
M1
Red Hat OpenShift Container Platform 4.x Security Technical Implementation Guide
22025-05-151 of 83 findings match
H1
Red Hat OpenShift Container Platform 4.x Security Technical Implementation Guide
V2R52025-12-041 of 83 findings match
H1
Virtual Machine Manager Security Requirements Guide
22024-12-061 of 193 findings match
M1
Show 15 more STIGs in this category →Hide additional STIGs
Virtual Machine Manager Security Requirements Guide
V2R32025-09-101 of 198 findings match
M1
VMware vSphere 7.0 vCenter Appliance UI Security Technical Implementation Guide
V1R22023-06-151 of 33 findings match
M1
VMware vSphere 7.0 vCenter Security Technical Implementation Guide
V1R32023-12-211 of 57 findings match
M1
VMware vSphere 8.0 vCenter Appliance ESX Agent Manager (EAM) Security Technical Implementation Guide
V1R12023-10-291 of 34 findings match
M1
VMware vSphere 8.0 vCenter Appliance ESX Agent Manager (EAM) Security Technical Implementation Guide
V2R22024-12-161 of 34 findings match
M1
VMware vSphere 8.0 vCenter Appliance Lookup Service Security Technical Implementation Guide
V1R12023-10-291 of 34 findings match
M1
VMware vSphere 8.0 vCenter Appliance Lookup Service Security Technical Implementation Guide
V2R12024-07-111 of 34 findings match
M1
VMware vSphere 8.0 vCenter Appliance Perfcharts Security Technical Implementation Guide
V2R12024-07-111 of 33 findings match
M1
VMware vSphere 8.0 vCenter Appliance Perfcharts Security Technical Implementation Guide
V1R12023-10-291 of 33 findings match
M1
VMware vSphere 8.0 vCenter Appliance Secure Token Service (STS) Security Technical Implementation Guide
V2R12024-07-111 of 33 findings match
M1
VMware vSphere 8.0 vCenter Appliance Secure Token Service (STS) Security Technical Implementation Guide
V1R12023-10-291 of 33 findings match
M1
VMware vSphere 8.0 vCenter Appliance User Interface (UI) Security Technical Implementation Guide
V2R12024-07-111 of 33 findings match
M1
VMware vSphere 8.0 vCenter Appliance User Interface (UI) Security Technical Implementation Guide
V1R12023-10-291 of 33 findings match
M1
VMware vSphere 8.0 vCenter Security Technical Implementation Guide
V1R12023-10-111 of 65 findings match
M1
VMware vSphere 8.0 vCenter Security Technical Implementation Guide
V2R32025-06-091 of 67 findings match
M1
Cloud / Identity Service
2 STIGs
Cloud / Identity Service
2 STIGsOkta Identity as a Service (IDaaS) Security Technical Implementation Guide
12025-05-061 of 24 findings match
M1
Okta Identity as a Service (IDaaS) Security Technical Implementation Guide
V1R22025-11-191 of 29 findings match
M1
Endpoint Security Management
21 STIGs
Endpoint Security Management
21 STIGsUnified Endpoint Management Server Security Requirements Guide
22024-12-0910 of 137 findings match
H4M6
Unified Endpoint Management Server Security Requirements Guide
V2R42025-09-1010 of 138 findings match
H4M6
Tanium 7.x Application on TanOS Security Technical Implementation Guide
V2R22025-02-112 of 75 findings match
M2
Unified Endpoint Management Agent Security Requirements Guide
V2R12025-10-032 of 14 findings match
M2
Unified Endpoint Management Agent Security Requirements Guide
12020-12-142 of 14 findings match
M2
Axonius Federal Systems Ax-OS Security Technical Implementation Guide
V1R22025-11-251 of 16 findings match
H1
BlackBerry Enterprise Mobility Server 2.x Security Technical Implementation Guide
V1R32020-05-151 of 23 findings match
M1
BlackBerry Enterprise Mobility Server 3.x Security Technical Implementation Guide
V1R22023-05-171 of 27 findings match
M1
Show 13 more STIGs in this category →Hide additional STIGs
Central Log Server Security Requirements Guide
V3R42026-02-121 of 127 findings match
M1
Central Log Server Security Requirements Guide
32024-12-041 of 125 findings match
M1
Dragos Platform 2.x Security Technical Implementation Guide
V1R62026-02-181 of 19 findings match
M1
Dragos Platform 2.x Security Technical Implementation Guide
12025-05-151 of 19 findings match
M1
HYCU Protege Security Technical Implementation Guide
V1R22026-03-041 of 55 findings match
M1
HYCU Protege Security Technical Implementation Guide
12024-10-291 of 55 findings match
M1
ISEC7 Sphere Security Technical Implementation Guide
V3R12024-08-201 of 34 findings match
M1
Ivanti EPMM Server Security Technical Implementation Guide
V3R12024-07-301 of 26 findings match
M1
Ivanti Sentry 9.x ALG Security Technical Implementation Guide
V3R12024-09-251 of 32 findings match
M1
Ivanti Sentry 9.x NDM Security Technical Implementation Guide
V3R12024-09-251 of 26 findings match
M1
Tanium 7.x Security Technical Implementation Guide
V2R32025-05-141 of 98 findings match
M1
Xylok Security Suite 20.x Security Technical Implementation Guide
V1R22025-12-041 of 19 findings match
M1
Xylok Security Suite 20.x Security Technical Implementation Guide
12024-12-131 of 19 findings match
M1
Productivity Application
9 STIGs
Productivity Application
9 STIGsAdobe Acrobat Professional DC Continuous Track Security Technical Implementation Guide
V2R12021-06-222 of 23 findings match
L2
Adobe Acrobat Reader DC Continuous Track Security Technical Implementation Guide
V2R12021-06-222 of 26 findings match
L2
Microsoft DotNet Framework 4.0 Security Technical Implementation Guide
V2R82026-02-122 of 16 findings match
M2
Microsoft DotNet Framework 4.0 Security Technical Implementation Guide
22025-05-162 of 16 findings match
M2
Microsoft Office 365 ProPlus Security Technical Implementation Guide
V3R52026-02-122 of 139 findings match
M2
Microsoft Office 365 ProPlus Security Technical Implementation Guide
32025-03-052 of 138 findings match
M2
AvePoint Compliance Guardian Security Technical Implementation Guide
V1R12023-02-211 of 10 findings match
M1
AvePoint DocAve 6 Security Technical Implementation Guide
V1R22022-08-241 of 9 findings match
M1
Show 1 more STIG in this category →Hide additional STIGs
Soaring Software Solutions TCMax 9.x Security Technical Implementation Guide
V1R12026-03-051 of 17 findings match
H1
Uncategorized
3 STIGs
Uncategorized
3 STIGsMicrosoft SharePoint 2013 Security Technical Implementation Guide
22024-12-103 of 37 findings match
H3
Microsoft Internet Explorer 11 Security Technical Implementation Guide
22023-12-012 of 137 findings match
M2
Microsoft Skype for Business 2016 Security Technical Implementation Guide
12016-11-022 of 3 findings match
M2