U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Checklist Program

National Checklist Program

NCP

Checklist Repository

The National Checklist Program (NCP), defined by the NIST SP 800-70, is the U.S. government repository of publicly available security checklists (or benchmarks) that provide detailed low level guidance on setting the security configuration of operating systems and applications.

NCP provides metadata and links to checklists of various formats including checklists that conform to the Security Content Automation Protocol (SCAP). SCAP enables validated security products to automatically perform configuration checking using NCP checklists. For more information relating to the NCP please visit the information page or the glossary of terms.
Please note that the current search fields have been adjusted to reflect NIST SP 800-70 Revision 4.

Search for Checklists using the fields below. The keyword search will search across the name, and summary.

There are 845 matching records. Displaying matches 301 through 320.

Name (Version) Target Authority Last Modified Resources
Jamf Pro v10.x EMM STIG (Ver 3, Rel 1) Jamf Pro 10.0.0
 Defense Information Systems Agency
 08/07/2024 Standalone XCCDF 1.1.4 - Jamf Pro v10.x EMM STIG - Ver 3, Rel 1
Crunchy Data PostgreSQL STIG (Ver 3, Rel 1) CrunchyData PostgreSQL
 Defense Information Systems Agency
 08/07/2024 Standalone XCCDF 1.1.4 - Crunchy Data PostgreSQL STIG - Ver 3, Rel 1
HPE 3PAR StoreServ OS STIG (Y24M01) HPE 3PAR StoreServ 3.2.x
 Defense Information Systems Agency
 08/06/2024 Standalone XCCDF 1.1.4 - HPE 3PAR StoreServ OS STIG
NIST National Checklist for Verizon Intelligent API powered by Mission IT (1.0) Verizon Intelligent API
 Mission IT
 07/22/2024 Machine-Readable Format - OpenControl content for Verizon Intelligent API
SUSE Linux Enterprise Server (SLES) v11 for System z STIG (Version 1, Release 12) Novell SUSE Enterprise Linux Server 11
 Defense Information Systems Agency
 06/10/2024 Standalone XCCDF 1.1.4 - SLES V11 for System z STIG - Ver 1, Rel 12
VMWare Horizon 7.13 STIG (Y24M04) VMWare Horizon
 Defense Information Systems Agency
 06/10/2024 Standalone XCCDF 1.1.4 - Sunset - VMware Horizon 7.13 STIG
Google Android 13 BYOAD STIG (Y24 M04) Google Android 13
 Defense Information Systems Agency
 06/10/2024 Standalone XCCDF 1.1.4 - Google Android 13 BYOAD STIG
BIND 9.x STIG (Ver 2, Rel 3) BIND 9.x
 Defense Information Systems Agency
 06/10/2024 Standalone XCCDF 1.1.4 - BIND 9.x STIG - Ver 2, Rel 3
CIS Oracle Solaris 11.1 Benchmark (1.0.0) Oracle Solaris 11.1
 Center for Internet Security (CIS)
 06/10/2024 Prose - CIS Oracle Solaris 11.1 Benchmark v1.0.0
CIS Google Container-Optimized OS Benchmark (1.2.0) Google Container-Optimized OS
 Center for Internet Security (CIS)
 06/10/2024 Prose - CIS Google Container-Optimized OS Benchmark v1.2.0
Google Cloud Platform Foundations Benchmark (3.0.0) Google Cloud Platform
 Center for Internet Security (CIS)
 05/07/2024 Prose - Google Cloud Platform Foundations Benchmark
Big Sur Guidance (Revision 7.0) Apple macOS 11.0 (Big Sur)
 NIST, macOS Security Compliance Project
 04/30/2024 SCAP 1.3 Content - Big Sur Guidance Revision 7.0
CIS IBM WebSphere Liberty Benchmark (1.0.0) IBM WebSphere Liberty
 Center for Internet Security (CIS)
 04/30/2024 Prose - CIS IBM WebSphere Liberty Benchmark v1.0.0
CIS Ubuntu Linux 16.04 LTS Benchmark (2.0.0) Canonical Ubuntu 16.04 LTS (Long Term Support)
 Center for Internet Security (CIS)
 04/30/2024 Prose - CIS Ubuntu Linux 16.04 LTS Benchmark v2.0.0
CIS IBM Cloud Foundations Benchmark (1.1.0) IBM Cloud CLI
 Center for Internet Security (CIS)
 04/30/2024 Prose - CIS IBM Cloud Foundations Benchmark v1.1.0
CIS Oracle Solaris 11.4 Benchmark (1.1.0) Oracle Solaris 11.4
 Center for Internet Security (CIS)
 04/30/2024 Prose - CIS Oracle Solaris 11.4 Benchmark v1.1.0
Vanguard Compliance Manager z/OS RACF Checklist for completing a manual SRR Audit for Stig (6.59-13) IBM z/OS Version 2, Release 4
IBM z/OS Version 2, Release 5
 Vanguard Integrity Professionals, Inc.
 04/30/2024 ZIP - Vanguard z/OS RACF Checklist 6.59/13 PDF version
CIS Microsoft Windows 10 Enterprise Release 1909 Benchmark (1.8.1) Microsoft Windows 10 1909
 Center for Internet Security (CIS)
 04/30/2024 Prose - CIS Microsoft Windows 10 Enterprise Release 1909 Benchmark v1.8.1
CIS Microsoft Windows 10 Enterprise Release 2004 Benchmark (1.9.1) Microsoft Windows 10 2004
 Center for Internet Security (CIS)
 04/30/2024 Prose - CIS Microsoft Windows 10 Enterprise Release 2004 Benchmark v1.9.1
CIS SOPHOS XG Firewall v18 Benchmark (1.0.0) Sophos XG Firewall 18.0
 Center for Internet Security (CIS)
 04/30/2024 Prose - CIS SOPHOS XG Firewall v18 Benchmark v1.0.0
* This checklist is still undergoing review for inclusion into the NCP.