U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Checklist Program

National Checklist Program

NCP

Checklist Repository

The National Checklist Program (NCP), defined by the NIST SP 800-70, is the U.S. government repository of publicly available security checklists (or benchmarks) that provide detailed low level guidance on setting the security configuration of operating systems and applications.

NCP provides metadata and links to checklists of various formats including checklists that conform to the Security Content Automation Protocol (SCAP). SCAP enables validated security products to automatically perform configuration checking using NCP checklists. For more information relating to the NCP please visit the information page or the glossary of terms.
Please note that the current search fields have been adjusted to reflect NIST SP 800-70 Revision 4.

Search for Checklists using the fields below. The keyword search will search across the name, and summary.

There are 805 matching records. Displaying matches 181 through 200.

Name (Version) Target Authority Last Modified Resources
Microsoft Excel 2016 STIG (Version 2, Release 1) Microsoft Excel 2016
 Defense Information Systems Agency
 06/10/2024 GPOs - Group Policy Objects (GPOs) - April 2024
Standalone XCCDF 1.1.4 - Microsoft Excel 2016 STIG - Ver 2, Rel 1
Google Android 13 BYOAD STIG (Y24 M04) Google Android 13
 Defense Information Systems Agency
 06/10/2024 Standalone XCCDF 1.1.4 - Google Android 13 BYOAD STIG
Apple macOS 13 STIG (Ver 1, Rel 4) Apple macOS 13.0 (Ventura)
 Defense Information Systems Agency
 06/10/2024 Standalone XCCDF 1.1.4 - Apple macOS 13 (Ventura) STIG - Ver 1, Rel 4
BIND 9.x STIG (Ver 2, Rel 3) BIND 9.x
 Defense Information Systems Agency
 06/10/2024 Standalone XCCDF 1.1.4 - BIND 9.x STIG - Ver 2, Rel 3
CIS Oracle Solaris 11.1 Benchmark (1.0.0) Oracle Solaris 11.1
 Center for Internet Security (CIS)
 06/10/2024 Prose - CIS Oracle Solaris 11.1 Benchmark v1.0.0
CIS Google Container-Optimized OS Benchmark (1.2.0) Google Container-Optimized OS
 Center for Internet Security (CIS)
 06/10/2024 Prose - CIS Google Container-Optimized OS Benchmark v1.2.0
Google Cloud Platform Foundations Benchmark (3.0.0) Google Cloud Platform
 Center for Internet Security (CIS)
 05/07/2024 Prose - Google Cloud Platform Foundations Benchmark
Big Sur Guidance (Revision 7.0) Apple macOS 11.0 (Big Sur)
 NIST, macOS Security Compliance Project
 04/30/2024 SCAP 1.3 Content - Big Sur Guidance Revision 7.0
CIS IBM WebSphere Liberty Benchmark (1.0.0) IBM WebSphere Liberty
 Center for Internet Security (CIS)
 04/30/2024 Prose - CIS IBM WebSphere Liberty Benchmark v1.0.0
CIS Ubuntu Linux 16.04 LTS Benchmark (2.0.0) Canonical Ubuntu 16.04 LTS (Long Term Support)
 Center for Internet Security (CIS)
 04/30/2024 Prose - CIS Ubuntu Linux 16.04 LTS Benchmark v2.0.0
CIS IBM Cloud Foundations Benchmark (1.1.0) IBM Cloud CLI
 Center for Internet Security (CIS)
 04/30/2024 Prose - CIS IBM Cloud Foundations Benchmark v1.1.0
CIS Oracle Solaris 11.4 Benchmark (1.1.0) Oracle Solaris 11.4
 Center for Internet Security (CIS)
 04/30/2024 Prose - CIS Oracle Solaris 11.4 Benchmark v1.1.0
Vanguard Compliance Manager z/OS RACF Checklist for completing a manual SRR Audit for Stig (6.59-13) IBM z/OS Version 2, Release 4
IBM z/OS Version 2, Release 5
 Vanguard Integrity Professionals, Inc.
 04/30/2024 ZIP - Vanguard z/OS RACF Checklist 6.59/13 PDF version
CIS Microsoft Windows 10 Enterprise Release 1909 Benchmark (1.8.1) Microsoft Windows 10 1909
 Center for Internet Security (CIS)
 04/30/2024 Prose - CIS Microsoft Windows 10 Enterprise Release 1909 Benchmark v1.8.1
CIS AWS Compute Services Benchmark (1.0.0) Amazon Web Services
 Center for Internet Security (CIS)
 04/30/2024 Prose - CIS AWS Compute Services Benchmark v1.0.0
CIS Microsoft Azure Foundations Benchmark (2.1.0) Microsoft Azure
 Center for Internet Security (CIS)
 04/30/2024 Prose - CIS Microsoft Azure Foundations Benchmark v2.1.0
CIS Microsoft Windows 10 Enterprise Release 2004 Benchmark (1.9.1) Microsoft Windows 10 2004
 Center for Internet Security (CIS)
 04/30/2024 Prose - CIS Microsoft Windows 10 Enterprise Release 2004 Benchmark v1.9.1
CIS SOPHOS XG Firewall v18 Benchmark (1.0.0) Sophos XG Firewall 18.0
 Center for Internet Security (CIS)
 04/30/2024 Prose - CIS SOPHOS XG Firewall v18 Benchmark v1.0.0
CIS Amazon Web Services Foundations Benchmark (3.0.0) Amazon Web Services
 Center for Internet Security (CIS)
 04/30/2024 Prose - CIS Amazon Web Services Foundations Benchmark v3.0.0
CIS Palo Alto Firewall 9 Benchmark (1.1.0) Palo Alto Networks PAN-OS 9.0.0
 Center for Internet Security (CIS)
 04/30/2024 Prose - CIS Palo Alto Firewall 9 Benchmark v1.1.0
* This checklist is still undergoing review for inclusion into the NCP.