U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Checklist Program

National Checklist Program

NCP

Checklist Repository

The National Checklist Program (NCP), defined by the NIST SP 800-70, is the U.S. government repository of publicly available security checklists (or benchmarks) that provide detailed low level guidance on setting the security configuration of operating systems and applications.

NCP provides metadata and links to checklists of various formats including checklists that conform to the Security Content Automation Protocol (SCAP). SCAP enables validated security products to automatically perform configuration checking using NCP checklists. For more information relating to the NCP please visit the information page or the glossary of terms.
Please note that the current search fields have been adjusted to reflect NIST SP 800-70 Revision 4.

Search for Checklists using the fields below. The keyword search will search across the name, and summary.

There are 838 matching records. Displaying matches 281 through 300.

Name (Version) Target Authority Last Modified Resources
CA API Gateway STIG (Y24M07) COMPUTER ASSOCIATES (CA) APPLICATION PROGRAMMING INTERFACE (API) GATEWAY
 Defense Information Systems Agency
 08/08/2024 Standalone XCCDF 1.1.4 - Sunset - CA API Gateway STIG
Arista Multilayer Switch (MLS) DCS-7000 Series (Y24M07) Arista Multilayer Switch (MLS) DCS-7050T
 Defense Information Systems Agency
 08/08/2024 Standalone XCCDF 1.1.4 - Sunset - Arista MultiLayer Switch DCS 7000 Series STIG
A10 Networks Application Delivery Controller (ADC) (Y24M07) A10 Networks Application Delivery Controller
 Defense Information Systems Agency
 08/08/2024 Standalone XCCDF 1.1.4 - Sunset - A10 Networks ADC STIG
Splunk Enterprise 7.x for Windows STIG (Ver 3, Rel 1) Splunk Enterprise 7.0
 Defense Information Systems Agency
 08/08/2024 Standalone XCCDF 1.1.4 - Splunk Enterprise 7.x for Windows STIG - Ver 3, Rel 1
Rancher Government Solutions Multi-Cluster Manager STIG (Ver 2, Rel 1) Kubernetes
 Defense Information Systems Agency
 08/08/2024 Standalone XCCDF 1.1.4 - Rancher Government Solutions Multi-Cluster Manager STIG - Ver 2, Rel 1
Riverbed NetProfiler STIG (Ver 2, Rel 1) Riverbed NetProfiler
 Defense Information Systems Agency
 08/08/2024 Standalone XCCDF 1.1.4 - Riverbed NetProfiler STIG - Ver 2, Rel 1
Microsoft Windows Privileged Access Workstation (PAW) STIG (Ver 3, Rel 1) Microsoft Windows Dedicated Administrative Workstation
 Defense Information Systems Agency
 08/07/2024 Standalone XCCDF 1.1.4 - Microsoft Windows PAW STIG - Ver 3, Rel 1
Trellix Application Control 8.x STIG (Ver 3, Rel 1) Trellix Application and Change Control
 Defense Information Systems Agency
 08/07/2024 Standalone XCCDF 1.1.4 - Trellix Application Control 8.x STIG - Ver 3, Rel 1
Jamf Pro v10.x EMM STIG (Ver 3, Rel 1) Jamf Pro 10.0.0
 Defense Information Systems Agency
 08/07/2024 Standalone XCCDF 1.1.4 - Jamf Pro v10.x EMM STIG - Ver 3, Rel 1
Crunchy Data PostgreSQL STIG (Ver 3, Rel 1) CrunchyData PostgreSQL
 Defense Information Systems Agency
 08/07/2024 Standalone XCCDF 1.1.4 - Crunchy Data PostgreSQL STIG - Ver 3, Rel 1
HPE 3PAR StoreServ OS STIG (Y24M01) HPE 3PAR StoreServ 3.2.x
 Defense Information Systems Agency
 08/06/2024 Standalone XCCDF 1.1.4 - HPE 3PAR StoreServ OS STIG
NIST National Checklist for Verizon Intelligent API powered by Mission IT (1.0) Verizon Intelligent API
 Mission IT
 07/22/2024 Machine-Readable Format - OpenControl content for Verizon Intelligent API
SUSE Linux Enterprise Server (SLES) v11 for System z STIG (Version 1, Release 12) Novell SUSE Enterprise Linux Server 11
 Defense Information Systems Agency
 06/10/2024 Standalone XCCDF 1.1.4 - SLES V11 for System z STIG - Ver 1, Rel 12
VMWare Horizon 7.13 STIG (Y24M04) VMWare Horizon
 Defense Information Systems Agency
 06/10/2024 Standalone XCCDF 1.1.4 - Sunset - VMware Horizon 7.13 STIG
Google Android 13 BYOAD STIG (Y24 M04) Google Android 13
 Defense Information Systems Agency
 06/10/2024 Standalone XCCDF 1.1.4 - Google Android 13 BYOAD STIG
BIND 9.x STIG (Ver 2, Rel 3) BIND 9.x
 Defense Information Systems Agency
 06/10/2024 Standalone XCCDF 1.1.4 - BIND 9.x STIG - Ver 2, Rel 3
CIS Oracle Solaris 11.1 Benchmark (1.0.0) Oracle Solaris 11.1
 Center for Internet Security (CIS)
 06/10/2024 Prose - CIS Oracle Solaris 11.1 Benchmark v1.0.0
CIS Google Container-Optimized OS Benchmark (1.2.0) Google Container-Optimized OS
 Center for Internet Security (CIS)
 06/10/2024 Prose - CIS Google Container-Optimized OS Benchmark v1.2.0
Google Cloud Platform Foundations Benchmark (3.0.0) Google Cloud Platform
 Center for Internet Security (CIS)
 05/07/2024 Prose - Google Cloud Platform Foundations Benchmark
Big Sur Guidance (Revision 7.0) Apple macOS 11.0 (Big Sur)
 NIST, macOS Security Compliance Project
 04/30/2024 SCAP 1.3 Content - Big Sur Guidance Revision 7.0
* This checklist is still undergoing review for inclusion into the NCP.