U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Checklist Program

National Checklist Program

NCP

Checklist Repository

The National Checklist Program (NCP), defined by the NIST SP 800-70, is the U.S. government repository of publicly available security checklists (or benchmarks) that provide detailed low level guidance on setting the security configuration of operating systems and applications.

NCP provides metadata and links to checklists of various formats including checklists that conform to the Security Content Automation Protocol (SCAP). SCAP enables validated security products to automatically perform configuration checking using NCP checklists. For more information relating to the NCP please visit the information page or the glossary of terms.
Please note that the current search fields have been adjusted to reflect NIST SP 800-70 Revision 4.

Search for Checklists using the fields below. The keyword search will search across the name, and summary.

There are 829 matching records. Displaying matches 401 through 420.

Name (Version) Target Authority Last Modified Resources
SEL-2740S STIG (Ver 1 Rel 1) SEL Inc SEL-2740S
 Defense Information Systems Agency
 07/15/2019 Standalone XCCDF 1.1.4 - SEL-2740S STIG Ver 1 Rel 1
SharePoint 2010 (2010) Microsoft SharePoint Server 2010
 National Security Agency
 12/12/2018 Standalone XCCDF 1.1.4 - SharePoint 2010 Secure Configuration Benchmark
Sharepoint 2013 (Version 2, Release 4) Microsoft Sharepoint Server 2013
 Defense Information Systems Agency
 04/24/2025 Standalone XCCDF 1.1.4 - Microsoft SharePoint 2013 STIG - Ver 2, Rel 4
Sharepoint Designer 2013 STIG (Version 1, Release 3) Microsoft SharePoint Designer 2013
 Defense Information Systems Agency
 04/24/2025 Standalone XCCDF 1.1.4 - Microsoft Sharepoint Designer 2013 STIG - Ver 1, Rel 3
SPEC Innovations Innoslate 4.x STIG (Ver 1, Rel 1) SPEC Innovations Innoslate 4.x STIG
 Defense Information Systems Agency
 11/15/2022 Standalone XCCDF 1.1.4 - SPEC Innovations Innoslate 4.x STIG - Ver 1, Rel 1
Splunk Enterprise 7.x for Windows STIG (Ver 3, Rel 1) Splunk Enterprise 7.0
 Defense Information Systems Agency
 08/08/2024 Standalone XCCDF 1.1.4 - Splunk Enterprise 7.x for Windows STIG - Ver 3, Rel 1
Splunk Enterprise 8.x for Linux (Ver 2, Rel 2) Splunk Enterprise 8.0.0
 Defense Information Systems Agency
 04/09/2025 Standalone XCCDF 1.1.4 - Splunk Enterprise 8.x for Linux STIG - Ver 2, Rel 2
SQL Server 2012 STIG (Version 1, Release 20) Microsoft SQL Server 2012
 Defense Information Systems Agency
 02/19/2020 Standalone XCCDF 1.1.4 - Sunset - Microsoft SQL Server 2012 STIG - Ver 1, Rel 20
Sun Ray 4 Security Checklist (Version 1 Release 2) Oracle Sun Ray Software 4.0
Oracle Sun Ray Software 5.2
Oracle Sun Ray Virtual Display Client 2
Oracle Sun Ray Virtual Display Client 270
Oracle Sun Ray Virtual Display Client 3
Oracle Sun Ray Virtual Display Client 3 Plus
Oracle Sun Ray Virtual Display Client 3i
 Defense Information Systems Agency
 05/16/2018 Standalone XCCDF 1.1.4 - Sun Ray 4 Security Checklist - Version 1, Release 2
Sunset - Samsung Android OS9 Knox 3.x STIG (Y22M07) Samsung Android OS 9.0
 Defense Information Systems Agency
 08/01/2022 Standalone XCCDF 1.1.4 - Sunset - Samsung Android OS9 Knox 3.x STIG
Sunset - Video Services Policy STIG (Version 1, Release 12) PolyCom CMA 5000
 Defense Information Systems Agency
 10/14/2022 Standalone XCCDF 1.1.4 - Sunset - Video Services Policy STIG - Ver 1, Rel 12
SUSE Linux Enterprise Micro 5 STIG (Ver 1, Rel 1) SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Micro 5.3
SUSE Linux Enterprise Micro 5.4
SUSE Linux Enterprise Micro 5.5
 Defense Information Systems Agency
 09/23/2024 Standalone XCCDF 1.1.4 - SUSE Linux Enterprise Micro 5 STIG - Ver 1, Rel 1
SUSE Linux Enterprise Server (SLES) 15 STIG for Ansible (Ver 2, Rel 4) SUSE Enterprise Linux 15
 Defense Information Systems Agency
 04/09/2025 Standalone XCCDF 1.1.4 - SUSE Linux Enterprise Server 15 for Ansible - Ver 2, Rel 4
SUSE Linux Enterprise Server (SLES) v11 for System z STIG (Version 1, Release 12) Novell SUSE Enterprise Linux Server 11
 Defense Information Systems Agency
 06/10/2024 Standalone XCCDF 1.1.4 - SLES V11 for System z STIG - Ver 1, Rel 12
Symantec Endpoint Protection 12.1 Local Client STIG (Version 1, Release 3) Symantec Endpoint Protection 12.1
 Defense Information Systems Agency
 09/11/2019 Standalone XCCDF 1.1.4 - Sunset - Symantec Endpoint Protection 12.1 Local Client STIG - Ver 1, Rel 3
Symantec Endpoint Protection 12.1 Managed Client STIG (Version 1, Release 4) Symantec Endpoint Protection 12.1
 Defense Information Systems Agency
 09/12/2019 Standalone XCCDF 1.1.4 - Sunset - Symantec Endpoint Protection 12.1 Managed Client STIG - Ver 1, Rel 4
Symantec Endpoint Protection 12.1 STIG (Version 1, Release 3) Symantec Endpoint Protection 12.1
 Defense Information Systems Agency
 04/15/2019 Standalone XCCDF 1.1.4 - Symantec Endpoint Protection 12.1 STIG Version 1, Release 3
Symantec ProxySG STIG (Ver 1 Rel 2) Symantec ProxySG
 Defense Information Systems Agency
 04/24/2020 Standalone XCCDF 1.1.4 - Symantec ProxySG STIG
Tanium 6.5 STIG (Version 1, Release 3) TANIUM 6.5
 Defense Information Systems Agency
 04/24/2020 Standalone XCCDF 1.1.4 - Sunset Tanium 6.5 STIG - Ver 1, Rel 3
Tanium 7.0 STIG (Ver 2, Rel 1) Tanium 7.0
 Defense Information Systems Agency
 04/09/2025 Standalone XCCDF 1.1.4 - Sunset - Tanium 7.0 STIG - Ver 2, Rel 1
* This checklist is still undergoing review for inclusion into the NCP.