Tag Archives: disa

STIG Update – April 2019 Quarterly Release

STIG Update – April 2019 Quarterly Release
DISA has released the following updated Security Guidance, Security
Readiness Review Scripts and Benchmarks:

Unclassified Application STIGs : http://iase.disa.mil/stigs/app-security/Pages/index.aspx
Adobe Acrobat Professional Document Cloud (DC) Classic STIG, Version 1, Release 2
Citrix XenDesktop 7.x Delivery Controller STIG, Version 1, Release 2
Citrix XenDesktop 7.x License Server STIG, Version 1, Release 2
Citrix XenDesktop 7.x Windows Virtual Delivery Agent (VDA) STIG, Version 1, Release 2
McAfee VirusScan 8.8 Managed Client STIG, Version 5, Release 20
McAfee VSEL 1.9/2.0 Local Client STIG, Version 1, Release 4
McAfee VSEL 1.9/2.0 Managed Client STIG, Version 1, Release 4
Microsoft DotNet Framework 4.0 STIG, Version 1, Release 7
Microsoft Exchange 2010 Edge Transport Server STIG, Version 1, Release 5
Microsoft Exchange 2013 Edge Transport Server STIG, Version 1, Release 5
Microsoft Exchange 2013 Mailbox Server STIG, Version 1, Release 4
Microsoft Exchange 2016 Edge Transport Server STIG, Version 1, Release 2
Microsoft IIS 7.0 STIG, Version 1, Release 18
Microsoft IIS 8.5 Server STIG, Version 1, Release 7
Microsoft IIS 8.5 Site STIG, Version 1, Release 7
Microsoft Internet Explorer 11 STIG, Version 1, Release 17
Microsoft Office System 2013 STIG, Version 1, Release 8
Microsoft SQL Server 2016 Database STIG, Version 1, Release 4
Microsoft SQL Server 2016 Instance STIG, Version 1, Release 5
Microsoft Windows Defender Antivirus STIG, Version 1, Release 5
Mozilla FireFox STIG, Version 4, Release 25
PostgreSQL 9.x STIG, Version 1, Release 5
Web Server SRG, Version 2, Release 3

Unclassified Network STIGs and SRGs: http://iase.disa.mil/stigs/net_perimeter/Pages/index.aspx
BIND 9.x STIG, Version 1, Release 6
IBM MaaS360 with Watson MDM v10.x STIG, Version 1, Release 2
Infoblox 7.x DNS STIG, Version 1, Release 7
Network Infrastructure Policy STIG, Version 9, Release 8
Network WLAN STIG, Version 6, Release 15
Router SRG, Version 3, Release 2
Voice Video Endpoint SRG, Version 1, Release 9
Voice Video over Internet Protocol STIG, Version 3, Release 14
Voice Video Services Policy STIG, Version 3, Release 16

Unclassified Operating System STIGs and Overviews: http://iase.disa.mil/stigs/os/Pages/index.aspx
Active Directory Domain STIG, Version 2, Release 13
Apple OS X 10.3 (Sierra) STIG, Version 1, Release 2
Canonical Ubuntu 16.04 LTS STIG, Version 1, Release 2
Microsoft Windows Server 2008 DC STIG, Version 6, Release 43
Microsoft Windows Server 2008 MS STIG, Version 6, Release 42
Microsoft Windows Server 2008 R2 DC STIG, Version 1, Release 30
Microsoft Windows Server 2008 R2 MS STIG, Version 1, Release 29
Microsoft Windows Server 2012/2012 R2 DC STIG, Version 2, Release 16
Microsoft Windows Server 2012/2012 R2 MS STIG, Version 2, Release 15
Microsoft Windows Server 2016 STIG, Version 1, Release 8
Oracle Linux 6 STIG, Version 1, Release 15
Red Hat Enterprise Linux 6 STIG, Version 1, Release 22
Red Hat Enterprise Linux 7 STIG, Version 2, Release 3
Solaris 11 SPARC STIG, Version 1, Release 17
Solaris 11 x86 STIG, Version 1, Release 17
SUSE Enterprise Linux 12 STIG, Version 1, Release 2
z/OS ACF2 STIG, Version 6, Release 40
z/OS RACF STIG, Version 6, Release 40
z/OS TSS STIG, Version 6, Release 40

FOUO HBSS STIGs: https://iase.disa.mil/stigs/hbss/Pages/index.aspx
HBSS ePO 5.3/5.9 STIG Version 1, Release 17
HBSS HIP 8 Firewall STIG Version 1, Release 12
HBSS HIP 8 STIG Version 4, Release 22
HBSS Remote Console STIG Version 4, Release 17
McAfee ENS 10.x STIG Version 1, Release 3

FOUO Network STIGS: http://iase.disa.mil/stigs/net_perimeter/Pages/index.aspx
Joint Regional Security Stack STIG Version 1, Release 5

Benchmarks: http://iase.disa.mil/stigs/scap/Pages/index.aspx
Microsoft Internet Explorer 11 STIG Benchmark, Version 1, Release 13
Microsoft Windows 2008 DC STIG Benchmark, Version 6, Release 43
Microsoft Windows 2008 MS STIG Benchmark, Version 6, Release 43
Microsoft Windows 2008 R2 DC STIG Benchmark, Version 1, Release 31
Microsoft Windows 2008 R2 MS STIG Benchmark, Version 1, Release 32
Microsoft Windows 2012 and 2012 R2 DC STIG Benchmark, Version 2, Release 16
Microsoft Windows 2012 and 2012 R2 MS STIG Benchmark, Version 2, Release 15
Microsoft Windows Defender Antivirus STIG Benchmark, Version 1, Release 2
Microsoft Windows Server 2016 STIG Benchmark, Version 1, Release 9
Red Hat Enterprise Linux 6 STIG Benchmark, Version 1, Release 23
Red Hat Enterprise Linux 7 STIG Benchmark, Version 2, Release 3
Solaris 11/SPARC STIG Benchmark, Version 1, Release 11
Solaris 11/X86 STIG Benchmark, Version 1, Release 11

IBM DB2 V10.5 LUW STIG Version 1

STIG Update – IBM DB2 V10.5 LUW STIG Version 1
DISA has released the IBM DB2 V10.5 LUW STIG Version 1. The requirements of the STIG become effective immediately.

The STIG is available on IASE at http://iase.disa.mil/stigs/app-security/database/Pages/index.aspx

For all STIG related questions, please contact the DISA STIG Customer Support Desk: disa.stig_spt@mail.mil

Backbone Transport Services (BTS) Policy STIG Version 3 and Microsoft Windows Privileged Access Workstation (PAW) STIG Version 1

STIG Update – Backbone Transport Services (BTS) Policy STIG Version 3 and Microsoft Windows Privileged Access Workstation (PAW) STIG Version 1
DISA has released the BTS Policy Security Technical Implementation Guide (STIG) Version 3. The requirements of the STIG become effective immediately. The STIG is available at https://iase.disa.mil/stigs/Pages/index.aspx.

DISA Risk Management Executive has released the Microsoft Windows Privileged Access Workstation (PAW) STIG Version 1. The requirements of the STIG become effective immediately. The STIG is available at https://iase.disa.mil/stigs/Pages/index.aspx.

For all STIG related questions, please contact the DISA STIG Customer Support Desk: disa.stig_spt@mail.mil

AndroidForWork knox samsung stig

DISA has released the Samsung Android OS 7 (with Knox 2.x) STIG Version 1

STIG Update – DISA has released the Samsung Android OS 7 (with Knox 2.x) STIG Version 1
DISA has released the Samsung Android OS 7 (with Knox 2.x) STIG Version 1. The requirements of the STIG become effective immediately. The STIG is available at https://iase.disa.mil/stigs/mobility/Pages/index.aspx.

For all STIG related questions, please contact the DISA STIG Customer Support Desk: disa.stig_spt@mail.mil

Microsoft Windows Defender Antivirus STIG V1R2

STIG Update – Microsoft Windows Defender Antivirus STIG V1R2
DISA Risk Management Executive has updated the Microsoft Windows Defender Antivirus Security Technical Implementation Guide (STIG) Version 1 Release 2. The requirements of the STIG become effective immediately. The STIG is available on IASE at https://iase.disa.mil/stigs/app-security/antivirus/Pages/index.aspx.

For all STIG related questions, please contact the DISA STIG Customer Support Desk: disa.stig_spt@mail.mil

DISA will no longer support the following Security Guidance

STIG Update – DISA will no longer support the following Security Guidance


The following STIGs are no longer supported as of 27 Oct 2017 and have been removed from their existing page. They now can be found at: https://iase.disa.mil/stigs/sunset/Pages/index.aspx:

BlackBerry for the OS 7 STIG – Ver 2, Rel 11
Good for Enterprise 8.x STIG – Ver 1, Rel 2
Microsoft Access 2007 STIG – Ver 4, Rel 15
Microsoft Excel 2007 STIG – Ver 4, Rel 13
Microsoft Infopath 2007 STIG – Ver 4, Rel 13
Microsoft Office System 2007 STIG – Ver 4, Rel 16
Microsoft Outlook 2007 STIG – Ver 4, Rel 16
Microsoft PowerPoint 2007 STIG – Ver 4, Rel 16
Microsoft Word 2007 STIG – Ver 4, Rel 15