STIGs RMF Controls Compare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

Browse STIGs
Search
RMF Controls
Compare Versions

Resources

About
Release Notes
VPAT
DISA STIG Library

STIGs updated 4 hours ago

Powered by Pylon

© 2026 Beacon Cloud Solutions, Inc. All rights reserved.

← AC-2 (11) — Account Management

CCI-002145

Definition

Enforce organization-defined circumstances and/or usage conditions for organization-defined system accounts.

Parent Control

AC-2 (11)Account ManagementAccess Control

Linked STIG Checks (13)

V-256842CAT IICompliance Guardian must provide automated mechanisms for supporting account management functions.AvePoint Compliance Guardian Security Technical Implementation Guide V-276012CAT IAx-OS must have no local accounts for the user interface.Axonius Federal Systems Ax-OS Security Technical Implementation Guide V-257291CAT IIThe container platform must enforce organization-defined circumstances and/or usage conditions for organization-defined accounts.Container Platform Security Requirements Guide V-270910CAT IIDragos Platform must use an Identity Provider (IDP) for authentication and authorization processes.Dragos Platform 2.x Security Technical Implementation Guide V-260020CAT IIThe Enterprise Voice, Video, and Messaging Session Manager must be configured to restrict Enterprise Voice, Video, and Messaging Session Manager access outside of operational hours.Enterprise Voice, Video, and Messaging Session Management Security Requirements Guide V-223937CAT IIThe number of CA-TSS control ACIDs must be justified and properly assigned.IBM z/OS TSS Security Technical Implementation Guide V-223938CAT IIThe number of CA-TSS ACIDs with MISC9 authority must be justified.IBM z/OS TSS Security Technical Implementation Guide V-260909CAT IIMKE must be configured to integrate with an Enterprise Identity Provider.Mirantis Kubernetes Engine Security Technical Implementation Guide V-253523CAT IIAccess to Prisma Cloud Compute must be managed based on user need and least privileged using external identity providers for authentication and grouping to role-based assignments when possible.Palo Alto Networks Prisma Cloud Compute Security Technical Implementation Guide V-257292CAT IIRancher MCM must enforce organization-defined circumstances and/or usage conditions for organization-defined accounts.Rancher Government Solutions Multi-Cluster Manager Security Technical Implementation Guide V-257543CAT IOpenShift must use FIPS validated LDAP or OpenIDConnect.Red Hat OpenShift Container Platform 4.x Security Technical Implementation Guide V-254093CAT IInnoslate must use multifactor authentication for network access to privileged and non-privileged accounts.SPEC Innovations Innoslate 4.x Security Technical Implementation Guide V-269574CAT IXylok Security Suite must use a centralized user management solution.Xylok Security Suite 20.x Security Technical Implementation Guide