Mission and Overview
NVD is the U.S. government repository of standards based vulnerability management data. This data enables automation of vulnerability management, security measurement, and compliance (e.g. FISMA).
Resource Status
NVD contains:

Last updated: 11/21/2014 2:17:59 PM

CVE Publication rate: 17.33

Email List

NVD provides four mailing lists to the public. For information and subscription instructions please visit NVD Mailing Lists

Workload Index
Vulnerability Workload Index: 7.78
About Us
NVD is a product of the NIST Computer Security Division and is sponsored by the Department of Homeland Security's National Cyber Security Division. It supports the U.S. government multi-agency (OSD, DHS, NSA, DISA, and NIST) Information Security Automation Program. It is the U.S. government content repository for the Security Content Automation Protocol (SCAP).

National Checklist Program Repository

 

The National Checklist Program (NCP), defined by the NIST SP 800-70 Rev. 2, is the U.S. government repository of publicly available security checklists (or benchmarks) that provide detailed low level guidance on setting the security configuration of operating systems and applications. NCP is migrating its repository of checklists to conform to the Security Content Automation Protocol (SCAP). SCAP enables standards based security tools to automatically perform configuration checking using NCP checklists. For more information relating to the NCP please visit the information page or the glossary of terms.

Search for Checklist using the fields below. The keyword search will search across the name, and summary.


There are 254 matching records. Displaying matches 1 through 20.
Tier Target Product Product Category Authority Last Modified Date Checklist Name (Version) Resources
IV
  • Microsoft Internet Explorer 7
  • Web Browser
USGCB/TIS 03/28/2014 USGCB Internet Explorer 7 (2.0.x.0)
IV
  • Microsoft Internet Explorer 8
  • Web Browser
USGCB/TIS 02/20/2014 USGCB Internet Explorer 8 (1.2.x.0)
IV
  • Microsoft Windows 7
  • Microsoft Windows 7 x86 (32-bit)
  • Microsoft Windows 7 x64 (64-bit)
  • Operating System
USGCB/TIS 09/12/2014 USGCB Windows 7 (1.2.x.0)
IV
  • Microsoft Windows 7
  • Microsoft Windows 7 32-bit (X86)
  • Microsoft Windows 7 64-bit (X64)
  • Operating System
USGCB/TIS 03/28/2014 USGCB Windows 7 Firewall (1.2.x.0)
IV
  • Microsoft Windows Vista
  • Operating System
USGCB/TIS 03/28/2014 USGCB Windows Vista (2.0.x.0)
IV
  • Microsoft Windows Vista
  • Operating System
USGCB/TIS 03/28/2014 USGCB Windows Vista Firewall (2.0.x.0)
IV
  • Microsoft Windows XP Pro Service Pack 3
  • Microsoft Windows XP Pro Service Pack 2
  • Operating System
USGCB/TIS 03/28/2014 USGCB Windows XP Firewall (2.0.x.0)
IV
  • Microsoft Windows XP Pro SP2
  • Microsoft Windows XP Service Pack 3
  • Operating System
USGCB/TIS 03/28/2014 USGCB Windows XP (2.0.x.0)
III
  • Adobe Acrobat Reader
  • Desktop Application
National Security Agency 09/05/2014 Adobe Acrobat Reader X Secure Configuration Benchmark (10.1.1)
III
  • HP HP-UX 11.23
  • Operating System
Defense Information Systems Agency 05/28/2014 HP-UX 11.23 STIG (Version 1, Release 4)
III*
  • HP HP-UX 11.31
  • Operating System
Defense Information Systems Agency 11/02/2014 HP-UX 11.31 STIG (Version 1, Release 5)
III
  • IBM AIX 5.3
  • Operating System
Defense Information Systems Agency 05/28/2014 AIX 5.3 STIG (Version 1, Release 2)
III*
  • IBM AIX 6.1
  • Operating System
Defense Information Systems Agency 11/02/2014 AIX 6.1 STIG (Version 1, Release 3)
III
  • IBM Tivoli Identity Manager 4.6
  • Identity Management
National Security Agency, MITRE 07/11/2011 IBM Tivoli Identity Manager Security Guide (4.6)
III
  • Microsoft .NET Framework 4.0
  • Application Server
Defense Information Systems Agency 03/28/2014 Microsoft .NET Framework 4 (Version 1, Release 2)
III
  • Microsoft Outlook 2007
  • Microsoft Word 2007
  • Microsoft Office 2007
  • Microsoft Access 2007
  • Microsoft Excel 2007
  • Microsoft Infopath 2007
  • Microsoft PowerPoint 2007
  • Microsoft Visio 2007
  • Desktop Application
  • Office Suite
Defense Information Systems Agency 02/20/2014 Microsoft Office 2007 STIG (Version 4, Release 1)
III
  • Microsoft Windows Defender
  • Microsoft Internet Explorer
  • Microsoft Windows Mail
  • Microsoft Windows Media Player
  • Microsoft Windows Server 2008
  • Malware
  • Web Browser
  • Desktop Application
  • Operating System
Defense Information Systems Agency 09/04/2014 Windows Server 2008 STIG (Version 6, Release 1.28)
III
  • Microsoft Windows Vista
  • Microsoft Internet Explorer
  • Operating System
  • Web Browser
Defense Information Systems Agency 08/29/2014 Microsoft Windows Vista STIG (Version 6 Release 1.36)
III*
  • Microsoft Internet Explorer 10
  • Web Browser
Defense Information Systems Agency 10/31/2014 Internet Explorer 10 STIG (Version 1 Release 6)
III*
  • Microsoft Internet Explorer 8
  • Web Browser
Defense Information Systems Agency 11/02/2014 Internet Explorer 8 STIG (Version 1, Release 15)
* This checklist is still undergoing review for inclusion into the NCP at this tier ranking.