Skip to content
Log In

App SRG: Application Server Security Requirements Guide

This Application Server Security Requirements Guide (SRG) addresses the software framework used to create an application-server implementation, without regard to what the application functions are. The framework is comprised of services such as data connection services, security, transaction support, load balancing, management, and APIs to extend the application server. Specific software technologies used within the application server, e.g., web server, database, auditing system, etc., must meet the requirements for the specific technology SRG and/or STIG.

Scheme
public.cyber.mil /stigs/downloads/
Published by
DoD Cyber Exchange (sponsored by DISA: Defense Information Systems Agency)

  • SRG-APP-000190-CTR-000500

    The application must terminate all network connections associated with a communications session at the end of the session, or as follows: for in-ba...
    Show

  • SRG-APP-000233-CTR-000585

    The container platform runtime must isolate security functions from non-security functions.
    Show

  • SRG-APP-000243-CTR-000600

    The container platform must prevent unauthorized and unintended information transfer via shared system resources.
    Show

  • SRG-APP-000290-CTR-000670

    The container platform must use cryptographic mechanisms to protect the integrity of audit tools.
    Show

  • SRG-APP-000291-CTR-000675

    The container platform must notify system administrators (SAs) and the information system security officer (ISSO) when accounts are created.
    Show

  • SRG-APP-000292-CTR-000680

    The container platform must notify system administrators (SAs) and the information system security officer (ISSO) when accounts are modified.
    Show

  • SRG-APP-000293-CTR-000685

    The container platform must notify system administrators and ISSO for account disabling actions.
    Show

  • SRG-APP-000294-CTR-000690

    The container platform must notify system administrators and ISSO for account removal actions.
    Show

  • SRG-APP-000319-CTR-000745

    The container platform must automatically audit account-enabling actions.
    Show

  • SRG-APP-000320-CTR-000750

    The container platform must notify the system administrator (SA) and information system security officer (ISSO) of account enabling actions.
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules