National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

National Checklist Program Repository

The National Checklist Program (NCP), defined by the NIST SP 800-70, is the U.S. government repository of publicly available security checklists (or benchmarks) that provide detailed low level guidance on setting the security configuration of operating systems and applications.

NCP provides metadata and links to checklists of various formats including checklists that conform to the Security Content Automation Protocol (SCAP). SCAP enables validated security products to automatically perform configuration checking using NCP checklists. For more information relating to the NCP please visit the information page or the glossary of terms.
Please note that the current search fields have been adjusted to reflect NIST SP 800-70 Revision 4.

Search for Checklists using the fields below. The keyword search will search across the name, and summary.

There are 510 matching records. Displaying matches 121 through 140.


Name (Version) Target Authority Last Modified Resources
Google Chrome v23 Windows STIG (Version 1, Release 2) Google Chrome 23.0.1271.0 Defense Information Systems Agency 04/15/2019 Machine-Readable Format - Google Chrome v23 Windows Benchmark - Version 1, Release 2
Standalone XCCDF 1.1.4 - Google Chrome v23 Windows STIG Version 1, Release 2
FBI CJIS Compliance Profile for Red Hat Enterprise Linux 7 (RHEL7) (v0.1.31) Red Hat Enterprise Linux 7.0
Red Hat Enterprise Linux 7.1
Red Hat Enterprise Linux 7.2
Red Hat Enterprise Linux 7.3
Red Hat 12/04/2017 Machine-Readable Format - SCAP Datastream
Vanguard DB2 z/OS RACF Checklist (6.1) IBM OS390
IBM DB2 8.1
IBM RACF
IBM z/OS Version 1 Release 10
IBM z/OS Version 1 Release 11
IBM z/OS Version 1 Release 12
IBM Z/OS Version 1, Release 9
IBM z/OS Version 2.1
IBM z/OS Version 2, Release 1
Vanguard Integrity Professionals, Inc. 09/08/2017 Machine-Readable Format - Vanguards DB2 Checkslist for RACF on z/OS
OpenShift 3.x on Azure for Government (FedRAMP Moderate) (v1) Red Hat OpenShift Container Platform 3.5
Red Hat OpenShift Container Platform 3.6
Red Hat OpenShift Container Platform 3.7
Red Hat OpenShift Container Platform 3.8
Red Hat OpenShift Container Platform 3.9
Red Hat OpenShift Container Platform 3.10
Red Hat OpenShift Container Platform 3.11
Red Hat 10/18/2018 Security Template - Ansible Playbooks supporting the creation of either a multi-node full HA production cluster or a single node designed for exploration of OpenShift on Azure.
Security Template - OpenShift Container Platform 3.x on Azure for Government, FedRAMP Moderate SSP Template
Prose - Deploying Red Hat OpenShift Container Platform 3 on Microsoft Azure
FedRAMP Moderate for Red Hat OpenStack Platform 13 (v1) Red Hat OpenStack Platform 13.0 Red Hat 10/03/2018 Security Template - FedRAMP Moderate Template SSP for Red Hat OpenStack Platform 13
Security Template - NIST 800-53 Control Applicability Guide for Red Hat OpenStack Platform 13
FedRAMP Low for Red Hat Ansible Tower 3.2.x (v1) Red Hat Ansible Tower 3.2.6
Red Hat Ansible Tower 3.2.5
Red Hat Ansible Tower 3.2.4
Red Hat Ansible Tower 3.2.3
Red Hat Ansible Tower 3.2.2
Red Hat Ansible Tower 3.2.1
Red Hat Ansible Tower 3.2.0
Red Hat 11/19/2018 Security Template - FedRAMP Template for Red Hat Ansible Tower 3.x
Security Template - NIST 800-53 Control Applicability Guide for Red Hat Ansible Tower 3.2.x
Prose - Section 508 Voluntary Product Accessibility Template (VPAT) and Web Content Accessibility Guidelines (WCAG) 2.0 for Ansible Tower
NIST SP 800-43 (Update R1.2.3) Microsoft Windows 2000 NIST, Computer Security Division 09/12/2014 Security Template - The security template for the checklist entitled NIST 800-43.
Standalone XCCDF 1.1.4 - The XCCDF representation of the checklist entitled NIST SP 800-43.
Prose - The landing page for the NIST SP 800-43 checklist.
A10 Networks Application Delivery Controller (ADC) (Version 1) A10 Networks Application Delivery Controller Defense Information Systems Agency 06/04/2019 Standalone XCCDF 1.1.4 - A10 Networks Application Delivery Controller (ADC) ALG STIG Ver 1
Standalone XCCDF 1.1.4 - A10 Networks Application Delivery Controller (ADC) NDM STIG Ver 1
Active Directory Domain STIG (Ver 2, Rel 13) Microsoft Active Directory Defense Information Systems Agency 06/04/2019 Standalone XCCDF 1.1.4 - Active Directory Domain STIG - Ver 2, Rel 13
Active Directory Forest STIG (Ver 2, Rel 8) Microsoft Active Directory Defense Information Systems Agency 06/04/2019 Standalone XCCDF 1.1.4 - Active Directory Forest STIG - Ver 2, Rel 8
Adobe ColdFusion (Version 1, Release 4) Adobe ColdFusion Defense Information Systems Agency 06/17/2019 Standalone XCCDF 1.1.4 - Adobe ColdFusion 11 STIG - Ver 1, Rel 4
AirWatch MDM Software 6.5 STIG (Version 1, Release 3) AirWatch Mobile Device Management (MDM) Software 6.5 Defense Information Systems Agency 06/24/2019 Standalone XCCDF 1.1.4 - AirWatch MDM STIG - Ver 1, Rel 3
Akamai KSD Service IL2 STIG (Version 1) Akamai Kona Site Defender Service Impact Level 2 Defense Information Systems Agency 06/05/2019 Standalone XCCDF 1.1.4 - Akamai KSD Service IL2 ALG STIG Version 1
Standalone XCCDF 1.1.4 - Akamai KSD Service IL2 NDM STIG Version 1
Apache 2.0 STIG - UNIX (Version 1, Release 5) Apache HTTP Server 2.0 Defense Information Systems Agency 06/24/2019 Standalone XCCDF 1.1.4 - Apache 2.0 UNIX STIG - Ver 1, Rel 5
Apache 2.0 STIG - Windows (Version 1, Release 5) Apache HTTP Server 2.0 Defense Information Systems Agency 06/24/2019 Standalone XCCDF 1.1.4 - Apache 2.0 Windows STIG - Ver 1, Rel 5
Apache 2.2 STIG - UNIX (Version 1, Release 11) Apache HTTP Server 2.2 Defense Information Systems Agency 06/05/2019 Standalone XCCDF 1.1.4 - Apache 2.2 STIG UNIX - Ver 1, Rel 11
Apache 2.2 STIG - Windows (Version 1, Release 13) Apache HTTP Server 2.2 Defense Information Systems Agency 06/05/2019 Standalone XCCDF 1.1.4 - Apache 2.2 STIG Windows - Ver 1, Rel 13
Apache Server 2.4 UNIX STIG (Ver 1, Rel 1) Apache HTTP Server 2.4.0 Defense Information Systems Agency 07/15/2019 Standalone XCCDF 1.1.4 - Apache Server 2.4 UNIX STIG
Apache Server 2.4 Windows STIG (Ver 1, Rel 1) Apache HTTP Server 2.4.0 Defense Information Systems Agency 07/15/2019 Standalone XCCDF 1.1.4 - Apache Server 2.4 Windows STIG
Apple iOS 10 STIG (Version 1, Release 3) Apple iOS 10 Defense Information Systems Agency 06/24/2019 Standalone XCCDF 1.1.4 - Apple iOS 10 STIG - Ver 1, Rel 3
* This checklist is still undergoing review for inclusion into the NCP.