NCP

Checklist Repository

The National Checklist Program (NCP), defined by the NIST SP 800-70, is the U.S. government repository of publicly available security checklists (or benchmarks) that provide detailed low level guidance on setting the security configuration of operating systems and applications.

NCP provides metadata and links to checklists of various formats including checklists that conform to the Security Content Automation Protocol (SCAP). SCAP enables validated security products to automatically perform configuration checking using NCP checklists. For more information relating to the NCP please visit the information page or the glossary of terms.
Please note that the current search fields have been adjusted to reflect NIST SP 800-70 Revision 4.

Search for Checklists using the fields below. The keyword search will search across the name, and summary.

Checklist Type:

Authority:

Target:

Order By:

Content Type:

Tool Compatibility:

Keyword:

There are 847 matching records. Displaying matches 1 through 20.

Name (Version)	Target	Authority	Last Modified	Resources
Red Hat Enterprise Linux 8 STIG (Ver 2, Rel 4)	Red Hat Enterprise Linux 8.0	Defense Information Systems Agency	11/24/2025	SCAP 1.2 Content - Sunset - Red Hat Enterprise Linux 8 STIG Benchmark - Ver 1, Rel 12 SCAP 1.3 Content - Red Hat Enterprise Linux 8 STIG SCAP Benchmark - Ver 2, Rel 4 Automated Content - SCC 5.12.1 Windows Automated Content - SCC 5.12.1 MacOS ARM64 Automated Content - SCC 5.12.1 RHEL 7/Oracle Linux 7/SLES12/SLES 15 x86 64 Automated Content - SCC 5.12.1 RHEL 8/Oracle Linux 8 Aarch64 Automated Content - SCC 5.12.1 RHEL 8/Oracle Linux 8 x86 64 Automated Content - SCC 5.12.1 RHEL 9/Oracle Linux 9 Aarch64 Automated Content - SCC 5.12.1 RHEL 9/Oracle Linux 9 x86 64 Automated Content - SCC 5.12.1 Ubuntu 18/20 AMD64 Automated Content - SCC 5.12.1 Ubuntu 20/Raspios-bulleye Aarch64 Automated Content - SCC 5.12.1 Ubuntu 22/24 AMD64 Automated Content - SCC 5.12.1 Ubuntu 22/24 ARM64 Standalone XCCDF 1.1.4 - Red Hat Enterprise Linux 8 STIG for Chef - Ver 1, Rel 13 Standalone XCCDF 1.1.4 - Red Hat Enterprise Linux 8 STIG - Ver 2, Rel 4 Standalone XCCDF 1.1.4 - Red Hat Enterprise Linux 8 STIG for Ansible - Ver 2, Rel 4
Red Hat Enterprise Linux 7 STIG (Ver 3, Rel 15)	Red Hat Enterprise Linux 7.0	Defense Information Systems Agency	11/24/2025	SCAP 1.3 Content - Sunset - Red Hat Enterprise Linux 7 STIG Benchmark - Ver 3, Rel 15 Automated Content - SCC 5.12.1 Windows Automated Content - SCC 5.12.1 MacOS ARM64 Automated Content - SCC 5.12.1 RHEL 7/Oracle Linux 7/SLES12/SLES 15 x86 64 Automated Content - SCC 5.12.1 RHEL 8/Oracle Linux 8 Aarch64 Automated Content - SCC 5.12.1 RHEL 8/Oracle Linux 8 x86 64 Automated Content - SCC 5.12.1 RHEL 9/Oracle Linux 9 Aarch64 Automated Content - SCC 5.12.1 RHEL 9/Oracle Linux 9 x86 64 Automated Content - SCC 5.12.1 Ubuntu 18/20 AMD64 Automated Content - SCC 5.12.1 Ubuntu 20/Raspios-bulleye Aarch64 Automated Content - SCC 5.12.1 Ubuntu 22/24 AMD64 Automated Content - SCC 5.12.1 Ubuntu 22/24 ARM64 Standalone XCCDF 1.1.4 - Sunset - Red Hat Enterprise Linux 7 STIG for Ansible - Ver 3, Rel 14 Standalone XCCDF 1.1.4 - Sunset - Red Hat Enterprise Linux 7 STIG - Ver 3, Rel 15 Standalone XCCDF 1.1.4 - Sunset - Red Hat Enterprise Linux 7 STIG for Chef - Ver 3, Rel 8
Tri-Lab Operating System Stack (TOSS) 4 STIG Benchmark (Ver 2, Rel 3)	Tri-Lab Operating System Stack (TOSS)	Defense Information Systems Agency	11/24/2025	SCAP 1.2 Content - Sunset - TOSS 4 STIG Benchmark - Ver 1, Rel 3 SCAP 1.3 Content - Tri-Lab Operating System Stack (TOSS) 4 STIG Benchmark - Ver 2, Rel 3 Standalone XCCDF 1.1.4 - Rev. 4 Sunset - Tri-Lab Operating System Stack (TOSS) 4 STIG - Ver 1, Rel 3 Standalone XCCDF 1.1.4 - Tri-Lab Operating System Stack (TOSS) 4 STIG - Ver 2, Rel 2
Microsoft Windows Defender Antivirus STIG (Ver 2, Rel 6)	Microsoft Windows Defender	Defense Information Systems Agency	11/24/2025	SCAP 1.2 Content - Microsoft Defender Antivirus STIG Benchmark - Ver 2, Rel 5 Automated Content - SCC 5.12.1 Windows GPOs - Group Policy Objects (GPOs) - July 2025 Intune Policies - Intune Policy - July 2025 Standalone XCCDF 1.1.4 - Microsoft Defender Antivirus STIG - Ver 2, Rel 6
Cisco IOS Switch STIG (Y25M07)	Cisco IOS	Defense Information Systems Agency	11/20/2025	Automated Content - SCC 5.12.1 Windows Automated Content - SCC 5.12.1 MacOS ARM64 Automated Content - SCC 5.12.1 RHEL 7/Oracle Linux 7/SLES12/SLES 15 x86 64 Automated Content - SCC 5.12.1 RHEL 8/Oracle Linux 8 Aarch64 Automated Content - SCC 5.12.1 RHEL 8/Oracle Linux 8 x86 64 Automated Content - SCC 5.12.1 RHEL 9/Oracle Linux 9 x86 64 Automated Content - SCC 5.12.1 Solaris 11 i386 Automated Content - SCC 5.12.1 Solaris 11 SPARC Automated Content - SCC 5.12.1 Ubuntu 18/20 AMD64 Automated Content - SCC 5.12.1 Ubuntu 20/Raspios-bulleye Aarch64 Automated Content - SCC 5.12.1 Ubuntu 22/24 AMD64 Automated Content - SCC 5.12.1 Ubuntu 22/24 ARM64 Standalone XCCDF 1.1.4 - Rev. 4 Sunset - Cisco IOS Switch STIG Standalone XCCDF 1.1.4 - Cisco IOS Switch STIG
Cisco IOS XE Router STIG (Y25M07)	Cisco IOS XE	Defense Information Systems Agency	11/18/2025	SCAP 1.3 Content - Cisco IOS XE Router NDM STIG Benchmark - Ver 3, Rel 3 SCAP 1.3 Content - Cisco IOS XE Router RTR STIG Benchmark - Ver 3, Rel 3 Automated Content - Cisco IOS XE Router NDM RTR STIG for Ansible - Ver 2, Rel 3 Automated Content - SCC 5.12.1 Windows Automated Content - SCC 5.12.1 MacOS ARM64 Automated Content - SCC 5.12.1 RHEL 7/Oracle Linux 7/SLES12/SLES 15 x86 64 Automated Content - SCC 5.12.1 RHEL 8/Oracle Linux 8 Aarch64 Automated Content - SCC 5.12.1 RHEL 9/Oracle Linux 9 x86 64 Automated Content - SCC 5.12.1 Solaris 11 i386 Automated Content - SCC 5.12.1 Solaris 11 SPARC Automated Content - SCC 5.12.1 Ubuntu 18/20 AMD64 Automated Content - SCC 5.12.1 Ubuntu 20/Raspios-bulleye Aarch64 Automated Content - SCC 5.12.1 Ubuntu 22/24 AMD64 Automated Content - SCC 5.12.1 Ubuntu 22/24 ARM64 Standalone XCCDF 1.1.4 - Cisco IOS XE Router STIG
Google Chrome Browser STIG for Windows (Version 2, Release 11)	Google Chrome	Defense Information Systems Agency	11/18/2025	SCAP 1.3 Content - Google Chrome STIG Benchmark - Ver 2, Rel 11 Automated Content - SCC 5.12.1 Windows GPOs - Group Policy Objects (GPOs) - July 2025 Intune Policies - Intune Policy - July 2025 Standalone XCCDF 1.1.4 - Google Chrome STIG - Ver 2, Rel 11
Canonical Ubuntu 22.04 LTS STIG (Ver 2, Rel 5)	Canonical Ubuntu 22.04 LTS	Defense Information Systems Agency	11/18/2025	SCAP 1.3 Content - Canonical Ubuntu 22.04 LTS STIG SCAP Benchmark - Ver 2, Rel 4 Automated Content - SCC 5.12.1 Windows Automated Content - SCC 5.12.1 MacOS ARM64 Automated Content - SCC 5.12.1 RHEL 7/Oracle Linux 7/SLES12/SLES 15 x86 64 Automated Content - SCC 5.12.1 RHEL 8/Oracle Linux 8 Aarch64 Automated Content - SCC 5.12.1 RHEL 8/Oracle Linux 8 x86 64 Automated Content - SCC 5.12.1 RHEL 9/Oracle Linux 9 Aarch64 Automated Content - SCC 5.12.1 RHEL 9/Oracle Linux 9 x86 64 Automated Content - SCC 5.12.1 Ubuntu 18/20 AMD64 Automated Content - SCC 5.12.1 Ubuntu 20/Raspios-bulleye Aarch64 Automated Content - SCC 5.12.1 Ubuntu 22/24 AMD64 Automated Content - SCC 5.12.1 Ubuntu 22/24 ARM64 Standalone XCCDF 1.1.4 - Rev. 4 Sunset - Canonical Ubuntu 22.04 LTS STIG - Ver 1, Rel 1 Standalone XCCDF 1.1.4 - Canonical Ubuntu 22.04 LTS STIG - Ver 2, Rel 5 Standalone XCCDF 1.1.4 - Canonical Ubuntu 22.04 LTS STIG for Ansible - Ver 2, Rel 5 Standalone XCCDF 1.1.4 - Canonical Ubuntu 22.04 LTS STIG for Chef - Ver 2, Rel 5
Cisco IOS Router STIG (Y25M07)	Cisco IOS	Defense Information Systems Agency	11/18/2025	Automated Content - SCC 5.12.1 Windows Automated Content - SCC 5.12.1 MacOS ARM64 Automated Content - SCC 5.12.1 RHEL 7/Oracle Linux 7/SLES12/SLES 15 x86 64 Automated Content - SCC 5.12.1 RHEL 8/Oracle Linux 8 Aarch64 Automated Content - SCC 5.12.1 RHEL 8/Oracle Linux 8 x86 64 Automated Content - SCC 5.12.1 RHEL 9/Oracle Linux 9 x86 64 Automated Content - SCC 5.12.1 Solaris 11 i386 Automated Content - SCC 5.12.1 Solaris 11 SPARC Automated Content - SCC 5.12.1 Ubuntu 18/20 AMD64 Automated Content - SCC 5.12.1 Ubuntu 20/Raspios-bulleye Aarch64 Automated Content - SCC 5.12.1 Ubuntu 22/24 AMD64 Automated Content - SCC 5.12.1 Ubuntu 22/24 ARM64 Standalone XCCDF 1.1.4 - Cisco IOS Router STIG
Oracle Linux 8 STIG (Ver 2, Rel 5)	Oracle Linux 8.0	Defense Information Systems Agency	11/18/2025	SCAP 1.2 Content - Sunset - Oracle Linux 8 STIG Benchmark - Ver 1, Rel 8 SCAP 1.3 Content - Oracle Linux 8 STIG SCAP Benchmark - Ver 2, Rel 5 Automated Content - SCC 5.12.1 Windows Automated Content - SCC 5.12.1 MacOS ARM64 Automated Content - SCC 5.12.1 RHEL 7/Oracle Linux 7/SLES12/SLES 15 x86 64 Automated Content - SCC 5.12.1 RHEL 8/Oracle Linux 8 Aarch64 Automated Content - SCC 5.12.1 RHEL 8/Oracle Linux 8 x86 64 Automated Content - SCC 5.12.1 RHEL 9/Oracle Linux 9 Aarch64 Automated Content - SCC 5.12.1 RHEL 9/Oracle Linux 9 x86 64 Automated Content - SCC 5.12.1 Ubuntu 18/20 AMD64 Automated Content - SCC 5.12.1 Ubuntu 20/Raspios-bulleye Aarch64 Automated Content - SCC 5.12.1 Ubuntu 22/24 AMD64 Automated Content - SCC 5.12.1 Ubuntu 22/24 ARM64 Standalone XCCDF 1.1.4 - Rev. 4 Sunset - Oracle Linux 8 STIG - Ver 1, Rel 10 Standalone XCCDF 1.1.4 - Oracle Linux 8 STIG - Ver 2, Rel 5 Standalone XCCDF 1.1.4 - Oracle Linux 8 STIG for Ansible - Ver 2, Rel 5
Tahoe Guidance (Revision 1.0)	Apple macOS (Tahoe) 26.0.0	NIST, macOS Security Compliance Project	11/14/2025	ZIP - Tahoe Guidance, Revision 1.0
Arctic Wolf CylanceON-PREM (Ver 1, Rel 1)	Arctic Wolf CylanceON-PREM	Defense Information Systems Agency	09/29/2025	Standalone XCCDF 1.1.4 - Arctic Wolf CylanceON-PREM - Ver 1, Rel 1
Microsoft Defender for Endpoint STIG (Version 1, Release 1)	Microsoft Windows Defender	Defense Information Systems Agency	09/24/2025	Standalone XCCDF 1.1.4 - Microsoft Defender for Endpoint STIG V1
Sequoia Guidance (Revision 3.0)	Apple MacOS 15.0	NIST, macOS Security Compliance Project	09/23/2025	ZIP - Sequoia Guidance, Revision 3.0
iOS/iPadOS 18 Guidance (Revision 3.0)	Apple iPhone OS 18.0	NIST, macOS Security Compliance Project	09/17/2025	ZIP - iOS/iPadOS 18 Guidance, Revision 3.0
RUCKUS ICX STIG (Y25M05)	RUCKUS ICX 7150 RUCKUS ICX 7550 RUCKUS ICX 7850 RUCKUS ICX 8100 RUCKUS ICX 8200	Defense Information Systems Agency	09/15/2025	Standalone XCCDF 1.1.4 - RUCKUS ICX STIG
CIS DigitalOcean Foundations Benchmark (1.0.0)	DigitalOcean	Center for Internet Security (CIS)	09/08/2025	Prose - CIS DigitalOcean Foundations Benchmark v1.0.0
Vanguard Compliance Manager z/OS RACF Checklist for completing a automated SRR Audit for Stig (6.43)	IBM z/OS Version 2, Release 2 IBM z/OS Version 2, Release 3 IBM z/OS Version 2, Release 4 IBM z/OS Version 2, Release 5	Vanguard Integrity Professionals, Inc.	09/08/2025	ZIP - Vanguard z/OS RACF Checklist 6.43(For Z/OS V2R2 release) ZIP - Vanguard z/OS RACF Checklist 6.43(For Z/OS V2R3 release) ZIP - Vanguard z/OS RACF Checklist 6.43(For Z/OS V2R4 release)
Canonical Ubuntu 18.04 LTS for Ansible (Version 2, Release 13)	Canonical Ubuntu 18.04 LTS for Ansible	Defense Information Systems Agency	09/03/2025	Automated Content - SCC 5.11 Ubuntu 18/20 AMD64 Automated Content - SCC 5.11 Ubuntu 20/Raspios-bulleye Aarch64 Automated Content - SCC 5.11 Ubuntu 22 AMD64 Standalone XCCDF 1.1.4 - Sunset - Canonical Ubuntu 18.04 LTS STIG for Ansible - Ver 2, Rel 13
Microsoft Entra ID STIG (Ver 1, Rel 1)	Microsoft Entra ID	Defense Information Systems Agency	09/03/2025	Standalone XCCDF 1.1.4 - Microsoft Entra ID STIG Ver 1, Rel 1

* This checklist is still undergoing review for inclusion into the NCP.

You are viewing this page in an unauthorized frame window.

Information Technology Laboratory

National Checklist Program

National Checklist Program

Checklist Repository