National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

National Checklist Program Repository

The National Checklist Program (NCP), defined by the NIST SP 800-70, is the U.S. government repository of publicly available security checklists (or benchmarks) that provide detailed low level guidance on setting the security configuration of operating systems and applications.

NCP provides metadata and links to checklists of various formats including checklists that conform to the Security Content Automation Protocol (SCAP). SCAP enables validated security products to automatically perform configuration checking using NCP checklists. For more information relating to the NCP please visit the information page or the glossary of terms.
Please note that the current search fields have been adjusted to reflect NIST SP 800-70 Revision 4.

Search for Checklists using the fields below. The keyword search will search across the name, and summary.

There are 134 matching records. Displaying matches 1 through 20.


Name (Version) Target Authority Last Modified Resources
Apache Benchmark for Unix, Levels I and II (Version 2.1) Apache HTTP Server 2.0
Apache HTTP Server 1.3
Center for Internet Security (CIS) 07/31/2019 Prose - Center for Internet Security Benchmark for Apache Web Server v2.1
CIS Apache Cassandra 3.11 Benchmark (1.0.0) Apache Cassandra 3.11 Center for Internet Security (CIS) 06/04/2019 Prose - CIS Apache Cassandra 3.11 Benchmark v1.0.0
CIS Apache Tomcat 7 Benchmark (1.1.0) Apache Tomcat Center for Internet Security (CIS) 08/13/2019 Prose - CIS Apache Tomcat 7 Benchmark v1.1.0
CIS Apache Tomcat 8 Benchmark (1.0.1) Apache Tomcat Center for Internet Security (CIS) 08/13/2019 Prose - CIS Apache Tomcat 8 Benchmark v1.0.1
CIS Apple iOS 10 Benchmark (2.0.0) Apple iOS 10 Center for Internet Security (CIS) 06/27/2017 Prose - CIS Apple iOS 10 Benchmark v2.0.0
CIS Apple iOS 9 Benchmark (1.0.0) Apple iPhone Center for Internet Security (CIS) 07/26/2019 Prose - CIS Apple iOS 9 Benchmark v1.0.0
CIS Apple macOS 10.13 Benchmark (1.0.0) Apple macOS 10.13 Center for Internet Security (CIS) 06/14/2019 Prose - CIS Apple macOS 10.13 Benchmark v1.0.0
CIS Apple OS X 10.8 Benchmark (1.1.0) Apple Mac OS X 10.8.0 Center for Internet Security (CIS) 07/26/2019 Prose - CIS Apple OS X 10.8 Benchmark v1.1.0
CIS Apple OS X 10.9 Benchmark (1.0.0) Apple OS X 10.9 Center for Internet Security (CIS) 07/26/2019 Prose - CIS Apple OSX 10.9 Benchmark v1.0.0
CIS BIND Benchmark (v2.0.0) ISC Bind 9.3.1
ISC Bind 9.2.4
Center for Internet Security (CIS) 07/26/2019 Prose - CIS BIND Benchmark v2.0.0
CIS CentOS Linux 6 Benchmark (1.0.0) CentOS Linux 6 Center for Internet Security (CIS) 07/26/2019 Prose - CIS CentOS Linux 6 Benchmark v1.0.0
CIS Cisco ASA, FWSM, and PIX Benchmark (v2.0.0) Cisco PIX Firewall 535
Cisco Firewall Services Module
Cisco PIX 500 Security Appliance
Cisco PIX ASA
Cisco PIX Firewall 501
Cisco PIX Firewall 506
Cisco PIX 506E Firewall Security Appliance
Cisco PIX Firewall 515
Cisco PIX 515E Firewall Security Appliance
Cisco PIX Firewall 520
Cisco PIX Firewall 525
Center for Internet Security (CIS) 07/26/2019 Prose - CIS Cisco ASA, FWSM, and PIX Benchmark v2.0.0
CIS Cisco IOS 15 Benchmark (4.0.0) Cisco IOS 15 Center for Internet Security (CIS) 07/26/2019 Prose - CIS Cisco IOS 15 Benchmark v4.0.0
CIS Cisco IOS Benchmark (v3.0.0) Cisco IOS Center for Internet Security (CIS) 08/13/2019 Prose - CIS Cisco IOS Benchmark v3.0.0
CIS Debian Benchmark (v1.0.0) Debian Linux Center for Internet Security (CIS) 07/26/2019 Prose - CIS Debian Benchmark v1.0.0
CIS Debian Linux 9 Benchmark (1.0.0) Debian Linux 9.0 Center for Internet Security (CIS) 01/28/2019 Prose - CIS Debian Linux 8 Benchmark
CIS Debian Linux 8 Benchmark (2.0.0) Debian Linux 8.0 Center for Internet Security (CIS) 02/04/2019 Prose - CIS Debian Linux 8 Benchmark
CIS Docker 1.11.0 Benchmark (1.0.0) Docker 1.11.0 Center for Internet Security (CIS) 07/26/2019 Prose - CIS Docker 1.11.0 Benchmark v1.0.0
CIS Docker 1.13.0 Benchmark (1.0.0) Docker 1.13.0 Center for Internet Security (CIS) 07/26/2019 Prose - CIS Docker 1.13.0 Benchmark v1.0.0
CIS Exchange Server 2003 Benchmark (v1.0.0) Microsoft Exchange Server 2003 Center for Internet Security (CIS) 07/26/2019 Prose - CIS Exchange Server 2003 Benchmark v1.0.0
* This checklist is still undergoing review for inclusion into the NCP.