National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

National Checklist Program Repository

The National Checklist Program (NCP), defined by the NIST SP 800-70, is the U.S. government repository of publicly available security checklists (or benchmarks) that provide detailed low level guidance on setting the security configuration of operating systems and applications.

NCP provides metadata and links to checklists of various formats including checklists that conform to the Security Content Automation Protocol (SCAP). SCAP enables validated security products to automatically perform configuration checking using NCP checklists. For more information relating to the NCP please visit the information page or the glossary of terms.
Please note that the current search fields have been adjusted to reflect NIST SP 800-70 Revision 4.

Search for Checklists using the fields below. The keyword search will search across the name, and summary.

There are 533 matching records. Displaying matches 121 through 140.


Name (Version) Target Product Category Authority Last Modified Resources
FedRAMP Low for Red Hat Ansible Tower 3.2.x (v1) Red Hat Ansible Tower 3.2.6
Red Hat Ansible Tower 3.2.5
Red Hat Ansible Tower 3.2.4
Red Hat Ansible Tower 3.2.3
Red Hat Ansible Tower 3.2.2
Red Hat Ansible Tower 3.2.1
Red Hat Ansible Tower 3.2.0
Red Hat 08/21/2018 Security Template - FedRAMP Template for Red Hat Ansible Tower 3.x
Security Template - NIST 800-53 Control Applicability Guide for Red Hat Ansible Tower 3.2.x
NIST 800-53/FISMA Applicability Guide for Red Hat OpenShift 3.x (v1) Red Hat OpenShift Container Platform 3.5
Red Hat OpenShift Container Platform 3.6
Red Hat OpenShift Container Platform 3.7
Red Hat OpenShift Container Platform 3.8
Red Hat OpenShift Container Platform 3.9
Red Hat OpenShift Container Platform 3.10
Red Hat 08/30/2018 Security Template - NIST 800-53/FISMA Control Applicability Guide for Red Hat OpenShift 3.x
NIST SP 800-43 (Update R1.2.3) Microsoft Windows 2000 Operating System NIST, Computer Security Division 09/12/2014 Security Template - The security template for the checklist entitled NIST 800-43.
Standalone XCCDF 1.1.4 - The XCCDF representation of the checklist entitled NIST SP 800-43.
Prose - The landing page for the NIST SP 800-43 checklist.
A10 Networks Application Delivery Controller (ADC) (Version 1) A10 Networks Application Delivery Controller Network Switch Defense Information Systems Agency 03/30/2018 Standalone XCCDF 1.1.4 - A10 Networks Application Delivery Controller (ADC) ALG STIG Version 1
Standalone XCCDF 1.1.4 - A10 Networks Application Delivery Controller (ADC) NDM STIG Version 1
Active Directory Domain STIG (Ver 2, Rel 10) Microsoft Active Directory Directory Service Defense Information Systems Agency 08/24/2018 Standalone XCCDF 1.1.4 - Active Directory Domain STIG - Ver 2, Rel 10
Active Directory Forest STIG (Ver 2, Rel 8) Microsoft Active Directory Directory Service Defense Information Systems Agency 08/27/2018 Standalone XCCDF 1.1.4 - Active Directory Forest STIG - Ver 2, Rel 8
Adobe Acrobat Pro XI STIG (Version 1) Adobe Acrobat Pro XI Desktop Application Defense Information Systems Agency 02/16/2018 Standalone XCCDF 1.1.4 - Adobe Acrobat Pro XI STIG - Ver 1, Rel 2
Adobe ColdFusion (Version 1, Release 4) Adobe ColdFusion Desktop Application Defense Information Systems Agency 03/16/2018 Standalone XCCDF 1.1.4 - Adobe ColdFusion 11 STIG - Ver 1, Rel 4
AirWatch MDM Software 6.5 STIG (Version 1, Release 2) AirWatch Mobile Device Management (MDM) Software 6.5 Mobile Solution Defense Information Systems Agency 08/15/2017 Standalone XCCDF 1.1.4 - AirWatch MDM Software 6.5 STIG Version 1, Release 2
Akamai KSD Service IL2 STIG (Version 1) Akamai Kona Site Defender Service Impact Level 2 Firewall Defense Information Systems Agency 03/30/2018 Standalone XCCDF 1.1.4 - Akamai KSD Service IL2 ALG STIG Version 1
Standalone XCCDF 1.1.4 - Akamai KSD Service IL2 NDM STIG Version 1
Apache 2.0 STIG - UNIX (Version 1, Release 4) Apache HTTP Server 2.0 Web Server Defense Information Systems Agency 08/15/2017 Standalone XCCDF 1.1.4 - Apache 2.0 STIG - UNIX - Version 1, Release 4
Apache 2.0 STIG - Windows (Version 1, Release 4) Apache HTTP Server 2.0 Web Server Defense Information Systems Agency 08/15/2017 Standalone XCCDF 1.1.4 - Apache 2.0 STIG - Windows Version 1, Release 4
Apache 2.2 STIG - UNIX (Version 1, Release 10) Apache HTTP Server 2.2 Web Server Defense Information Systems Agency 08/24/2018 Standalone XCCDF 1.1.4 - Apache 2.2 STIG UNIX - Ver 1, Rel 10
Apache 2.2 STIG - Windows (Version 1, Release 12) Apache HTTP Server 2.2 Web Server Defense Information Systems Agency 11/27/2017 Standalone XCCDF 1.1.4 - Apache 2.2 STIG Windows - Ver 1, Rel 12
Apple iOS 10 STIG (Version 1, Release 3) Apple iOS 10 Operating System Defense Information Systems Agency 08/01/2017 Standalone XCCDF 1.1.4 - Apple iOS 10 STIG - Ver 1, Rel 3
Apple iOS 11 STIG (Ver 1, Rel 3) Apple iOS 11 Operating System Defense Information Systems Agency 08/24/2018 Standalone XCCDF 1.1.4 - Apple iOS 11 STIG - Ver 1, Rel 3
Apple iOS 6 STIG (Version 1, Release 2) Apple iPhone OS 6.0
Apple iPhone OS 6.0.1
Apple iPhone OS 6.0.2
Apple iPhone OS 6.1
Apple iPhone 4s
Apple iPhone 5
Apple iPad2
Apple iPad Mini
Operating System
Handheld Device
Defense Information Systems Agency 08/15/2017 Standalone XCCDF 1.1.4 - Apple iOS 6 STIG, Version 1, Release 2
Apple iOS 7 STIG (Version 1 Release 2) Apple iPhone OS 7.0 Operating System Defense Information Systems Agency 08/15/2017 Standalone XCCDF 1.1.4 - Apple iOS 7 STIG Version 1 Release 2
APPLE iOS 8 INTERIM SECURITY CONFIGURATION GUIDE (ISCG) (Version 1, Release 1) Apple iPhone OS 8.0 Operating System Defense Information Systems Agency 08/15/2017 Standalone XCCDF 1.1.4 - APPLE iOS 8 INTERIM SECURITY CONFIGURATION GUIDE (ISCG)
Apple OSX 10.10 (Yosemite) Workstation (STIG) (Version 1, Release 5) Apple OS X 10.10 Defense Information Systems Agency 08/01/2017 Standalone XCCDF 1.1.4 - Apple OS X 10.10 Workstation STIG - Ver 1, Rel 5
* This checklist is still undergoing review for inclusion into the NCP.