Checklist Repository
The National Checklist Program (NCP), defined by the NIST
SP 800-70, is the U.S. government repository of publicly available
security checklists (or benchmarks) that provide detailed low level
guidance on setting the security configuration of operating systems
and applications.
NCP provides metadata and links to checklists of various formats
including checklists that conform to the Security
Content Automation Protocol (SCAP). SCAP enables validated
security products to automatically perform configuration checking
using NCP checklists. For more information relating to the NCP please
visit the information page or
the glossary of terms.
Search for Checklists using the fields below. The keyword
search will search across the name, and summary.
There are 868
matching records. Displaying matches 121 through 140.
| Name (Version) |
Target |
Authority |
Last Modified |
Resources |
| SUSE Linux Enterprise Server (SLES) v11 for System z STIG (Version 1, Release 12) |
Novell SUSE Enterprise Linux Server 11
|
Defense Information Systems Agency
|
12/11/2025 |
Standalone XCCDF 1.1.4 - SLES V11 for System z STIG - Ver 1, Rel 12
|
| IBM DataPower STIG (Ver 1, Rel 2) |
IBM DataPower
|
Defense Information Systems Agency
|
12/11/2025 |
Standalone XCCDF 1.1.4 - IBM DataPower STIG ALG STIG Ver 1
Standalone XCCDF 1.1.4 - IBM DataPower NDM STIG - Ver 1, Rel 2
|
| Anduril NixOS STIG (Ver 1, Rel 2) |
Anduril NixOS
|
Defense Information Systems Agency
|
12/05/2025 |
Standalone XCCDF 1.1.4 - Anduril NixOS STIG - Ver 1, Rel 2
|
| BIND 9.x STIG (Ver 3, Rel 1) |
BIND 9.x
|
Defense Information Systems Agency
|
12/05/2025 |
Standalone XCCDF 1.1.4 - BIND 9.x STIG - Ver 3, Rel 1
|
| CIS IBM Cloud Foundations Benchmark (2.0.0) |
IBM Cloud CLI
|
Center for Internet Security (CIS)
|
12/05/2025 |
Prose - CIS IBM Cloud Foundations Benchmark v2.0.0
|
| Microsoft .NET Framework 4 (Version 2, Release 7) |
Microsoft .NET Framework 4.0
|
Defense Information Systems Agency
|
12/01/2025 |
SCAP 1.3 Content - Microsoft DotNet Framework 4.0 STIG SCAP Benchmark - Ver 2, Rel 7
Automated Content - SCC 5.12.1 Windows
Standalone XCCDF 1.1.4 - Microsoft DotNet Framework 4.0 STIG - Ver 2, Rel 7
|
| CIS Oracle MySQL Enterprise Edition 8.0 Benchmark (v1.5.0) |
Oracle MySQL Enterprise Edition 8.0
|
Center for Internet Security (CIS)
|
12/01/2025 |
Prose - CIS Oracle MySQL Enterprise Edition 8.0 Benchmark v1.5.0
|
| CIS Oracle Database 19c Benchmark (2.0.0) |
Oracle Database 19c
|
Center for Internet Security (CIS)
|
12/01/2025 |
Prose - CIS Oracle Database Server 19c Benchmark v2.0.0
|
| CIS Oracle Database 23ai Benchmark (1.1.0) |
Oracle Database 23ai
|
Center for Internet Security (CIS)
|
12/01/2025 |
Prose - CIS Oracle Database Server 23ai Benchmark v1.1.0
|
| CIS IBM Db2 11 Benchmark (1.2.0) |
IBM Db2
|
Center for Internet Security (CIS)
|
12/01/2025 |
Prose - CIS IBM Db2 11 Benchmark v1.2.0
|
| Microsoft Windows Server Domain Name System STIG (Ver 2, Rel 3) |
Microsoft Active Directory
|
Defense Information Systems Agency
|
12/01/2025 |
Automated Content - SCC 5.12.1 Windows
Standalone XCCDF 1.1.4 - Microsoft Windows Server DNS STIG - Ver 2, Rel 3
|
| Canonical Ubuntu 18.04 LTS STIG (Ver 2, Rel 15) |
Canonical Ubuntu Linux 18.04 LTS
|
Defense Information Systems Agency
|
12/01/2025 |
SCAP 1.2 Content - Sunset - Canonical Ubuntu 18.04 LTS STIG Benchmark - Ver 2, Rel 11
SCAP 1.3 Content - Sunset - Canonical Ubuntu 18.04 LTS STIG Benchmark - Ver 2, Rel 12
Automated Content - SCC 5.12.1 Ubuntu 18/20 AMD64
Automated Content - SCC 5.12.1 Ubuntu 20/Raspios-bulleye Aarch64
Automated Content - SCC 5.12.1 Ubuntu 22/24 AMD64
Automated Content - SCC 5.12.1 Ubuntu 22/24 ARM64
Standalone XCCDF 1.1.4 - Sunset - Canonical Ubuntu 18.04 LTS STIG - Ver 2, Rel 15
|
| Tahoe Guidance (Revision 1.0) |
Apple macOS (Tahoe) 26.0.0
|
NIST, macOS Security Compliance Project
|
11/14/2025 |
ZIP - Tahoe Guidance, Revision 1.0
|
| Arctic Wolf CylanceON-PREM (Ver 1, Rel 1) |
Arctic Wolf CylanceON-PREM
|
Defense Information Systems Agency
|
09/29/2025 |
Standalone XCCDF 1.1.4 - Arctic Wolf CylanceON-PREM - Ver 1, Rel 1
|
| Sequoia Guidance (Revision 3.0) |
Apple MacOS 15.0
|
NIST, macOS Security Compliance Project
|
09/23/2025 |
ZIP - Sequoia Guidance, Revision 3.0
|
| iOS/iPadOS 18 Guidance (Revision 3.0) |
Apple iPhone OS 18.0
|
NIST, macOS Security Compliance Project
|
09/17/2025 |
ZIP - iOS/iPadOS 18 Guidance, Revision 3.0
|
| RUCKUS ICX STIG (Y25M05) |
RUCKUS ICX 7150
RUCKUS ICX 7550
RUCKUS ICX 7850
RUCKUS ICX 8100
RUCKUS ICX 8200
|
Defense Information Systems Agency
|
09/15/2025 |
Standalone XCCDF 1.1.4 - RUCKUS ICX STIG
|
| CIS DigitalOcean Foundations Benchmark (1.0.0) |
DigitalOcean
|
Center for Internet Security (CIS)
|
09/08/2025 |
Prose - CIS DigitalOcean Foundations Benchmark v1.0.0
|
| Vanguard Compliance Manager z/OS RACF Checklist for completing a automated SRR Audit for Stig (6.43) |
IBM z/OS Version 2, Release 2
IBM z/OS Version 2, Release 3
IBM z/OS Version 2, Release 4
IBM z/OS Version 2, Release 5
|
Vanguard Integrity Professionals, Inc.
|
09/08/2025 |
ZIP - Vanguard z/OS RACF Checklist 6.43(For Z/OS V2R2 release)
ZIP - Vanguard z/OS RACF Checklist 6.43(For Z/OS V2R3 release)
ZIP - Vanguard z/OS RACF Checklist 6.43(For Z/OS V2R4 release)
|
| Arista MLS EOS 4.x STIG (Y25M07) |
Arista Multi-Layer Switch Extensible Operating System (MLS EOS) 4.2
|
Defense Information Systems Agency
|
09/02/2025 |
Standalone XCCDF 1.1.4 - Arista MLS EOS 4.X STIG
|
* This checklist is still undergoing review for
inclusion into the NCP.
) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
