U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Checklist Program

National Checklist Program

NCP

Checklist Repository

The National Checklist Program (NCP), defined by the NIST SP 800-70, is the U.S. government repository of publicly available security checklists (or benchmarks) that provide detailed low level guidance on setting the security configuration of operating systems and applications.

NCP provides metadata and links to checklists of various formats including checklists that conform to the Security Content Automation Protocol (SCAP). SCAP enables validated security products to automatically perform configuration checking using NCP checklists. For more information relating to the NCP please visit the information page or the glossary of terms.

Search for Checklists using the fields below. The keyword search will search across the name, and summary.

There are 879 matching records. Displaying matches 441 through 460.

Name (Version) Target Authority Last Modified Resources
Sunset - Splunk Enterprise 8.x for Linux (Ver 2, Rel 3) Splunk Enterprise 8.0.0
 Defense Information Systems Agency
 08/20/2025 Standalone XCCDF 1.1.4 - Sunset - Splunk Enterprise 8.x for Linux STIG - Ver 2, Rel 3
Standalone XCCDF 1.1.4 - Splunk Enterprise 8.x for Linux STIG - Ver 2, Rel 2
Sunset - Video Services Policy STIG (Version 1, Release 12) PolyCom CMA 5000
 Defense Information Systems Agency
 10/14/2022 Standalone XCCDF 1.1.4 - Sunset - Video Services Policy STIG - Ver 1, Rel 12
SUSE Linux Enterprise Micro 5 STIG (Ver 1, Rel 3) SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Micro 5.3
SUSE Linux Enterprise Micro 5.4
SUSE Linux Enterprise Micro 5.5
 Defense Information Systems Agency
 01/23/2026 Standalone XCCDF 1.1.4 - SUSE Linux Enterprise Micro 5 STIG - Ver 1, Rel 3
SUSE Linux Enterprise Server (SLES) 15 STIG for Ansible (Ver 2, Rel 6) SUSE Linux Enterprise Server 15
 Defense Information Systems Agency
 01/23/2026 Standalone XCCDF 1.1.4 - SUSE Linux Enterprise Server 15 for Ansible - Ver 2, Rel 6
SUSE Linux Enterprise Server (SLES) v11 for System z STIG (Version 1, Release 12) Novell SUSE Enterprise Linux Server 11
 Defense Information Systems Agency
 12/11/2025 Standalone XCCDF 1.1.4 - SLES V11 for System z STIG - Ver 1, Rel 12
Symantec Edge SWG STIG (Y25M11) Symantec Edge SWG
 Defense Information Systems Agency
 02/03/2026 Standalone XCCDF 1.1.4 - Symantec Edge SWG STIG
Symantec Endpoint Protection 12.1 Local Client STIG (Version 1, Release 3) Symantec Endpoint Protection 12.1
 Defense Information Systems Agency
 09/11/2019 Standalone XCCDF 1.1.4 - Sunset - Symantec Endpoint Protection 12.1 Local Client STIG - Ver 1, Rel 3
Symantec Endpoint Protection 12.1 Managed Client STIG (Version 1, Release 4) Symantec Endpoint Protection 12.1
 Defense Information Systems Agency
 09/12/2019 Standalone XCCDF 1.1.4 - Sunset - Symantec Endpoint Protection 12.1 Managed Client STIG - Ver 1, Rel 4
Symantec Endpoint Protection 12.1 STIG (Version 1, Release 3) Symantec Endpoint Protection 12.1
 Defense Information Systems Agency
 04/15/2019 Standalone XCCDF 1.1.4 - Symantec Endpoint Protection 12.1 STIG Version 1, Release 3
Symantec ProxySG STIG (Ver 1 Rel 2) Symantec ProxySG
 Defense Information Systems Agency
 04/24/2020 Standalone XCCDF 1.1.4 - Symantec ProxySG STIG
Tanium 6.5 STIG (Version 1, Release 3) TANIUM 6.5
 Defense Information Systems Agency
 04/24/2020 Standalone XCCDF 1.1.4 - Sunset Tanium 6.5 STIG - Ver 1, Rel 3
Tanium 7.0 STIG (Ver 2, Rel 1) Tanium 7.0
 Defense Information Systems Agency
 06/02/2025 Standalone XCCDF 1.1.4 - Sunset - Tanium 7.0 STIG - Ver 2, Rel 1
Tanium 7.3 STIG (Ver 2, Rel 3) Tanium 7.3
 Defense Information Systems Agency
 04/09/2025 Standalone XCCDF 1.1.4 - Sunset - Tanium 7.3 STIG - Ver 2, Rel 3
Tanium 7.x on TanOS STIG (Y25M04) Tanium 7.x
 Defense Information Systems Agency
 04/09/2025 Standalone XCCDF 1.1.4 - Tanium 7.x TanOS STIG
Tanium 7.x STIG (Ver 2, Rel 3) Tanium 7.x
 Defense Information Systems Agency
 01/22/2026 Standalone XCCDF 1.1.4 - Tanium 7.x STIG - Ver 2, Rel 3
Trellix Application Control 8.x STIG (Ver 3, Rel 2) Trellix Application and Change Control
 Defense Information Systems Agency
 01/22/2026 Standalone XCCDF 1.1.4 - Trellix Application Control 8.x STIG - Ver 3, Rel 2
Trend Micro Deep Security 9.x STIG (Version 2, Release 1) Trend Micro Deep Security
 Defense Information Systems Agency
 01/26/2024 Standalone XCCDF 1.1.4 - Sunset - Trend Micro Deep Security 9.x STIG - Ver 2, Rel 1
Trend Micro TippingPoint STIG (Y25M04) Trend Micro TippingPoint
 Defense Information Systems Agency
 04/09/2025 Standalone XCCDF 1.1.4 - Trend MicroTippingPoint STIG
Tri-Lab Operating System Stack (TOSS) 5 STIG (Ver 1, Rel 1) Tri-Lab Operating System Stack (TOSS)
 Defense Information Systems Agency
 04/07/2026 Standalone XCCDF 1.1.4 - Tri-Lab Operating System Stack (TOSS) 5 STIG - Ver
Vanguard Configuration Manager z/OS RACF Checklist for completing a manual SRR Audit for Stig (6.36) IBM z/OS Version 2, Release 1
IBM z/OS Version 2, Release 2
 Vanguard Integrity Professionals, Inc.
 03/08/2024 Standalone XCCDF 1.1.4 - Vanguard z/OS RACF Checklist 6.36(XML version)
ZIP - Vanguard z/OS RACF Checklist 6.36(PDF version)
* This checklist is still undergoing review for inclusion into the NCP.