STIGs RMF Controls Compare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

Browse STIGs
Search
RMF Controls
Compare Versions

Resources

About
Release Notes
VPAT
DISA STIG Library

STIGs updated 2 hours ago

Powered by Pylon

© 2026 Beacon Cloud Solutions, Inc. All rights reserved.

← AC-23 — Data Mining Protection

CCI-002346

Definition

Employ organization-defined data mining prevention techniques for organization-defined data storage objects to protect against unauthorized data mining.

Parent Control

AC-23Data Mining ProtectionAccess Control

Linked STIG Checks (55)

V-237042CAT IITo protect against data mining, the A10 Networks ADC must detect and prevent SQL and other code injection attacks launched against data storage objects, including, at a minimum, databases, database records, queries, and fields.A10 Networks ADC ALG Security Technical Implementation Guide V-237043CAT IITo protect against data mining, the A10 Networks ADC must detect and prevent code injection attacks launched against application objects including, at a minimum, application URLs and application code.A10 Networks ADC ALG Security Technical Implementation Guide V-237044CAT IITo protect against data mining, the A10 Networks ADC providing content filtering must prevent SQL injection attacks launched against data storage objects, including, at a minimum, databases, database records, and database fields.A10 Networks ADC ALG Security Technical Implementation Guide V-76403CAT IITo protect against data mining, Kona Site Defender providing content filtering must prevent code injection attacks from being launched against data storage objects, including, at a minimum, databases, database records, queries, and fields.Akamai KSD Service Impact Level 2 ALG Security Technical Implementation Guide V-76405CAT IITo protect against data mining, Kona Site Defender providing content filtering must prevent code injection attacks launched against application objects including, at a minimum, application URLs and application code.Akamai KSD Service Impact Level 2 ALG Security Technical Implementation Guide V-76407CAT IITo protect against data mining, Kona Site Defender providing content filtering must prevent SQL injection attacks launched against data storage objects, including, at a minimum, databases, database records, and database fields.Akamai KSD Service Impact Level 2 ALG Security Technical Implementation Guide V-204980CAT IITo protect against data mining, the ALG providing content filtering must prevent code injection attacks from being launched against data storage objects, including, at a minimum, databases, database records, queries, and fields.Application Layer Gateway Security Requirements Guide V-204981CAT IITo protect against data mining, the ALG providing content filtering must prevent code injection attacks launched against application objects including, at a minimum, application URLs and application code.Application Layer Gateway Security Requirements Guide V-204982CAT IITo protect against data mining, the ALG providing content filtering must prevent SQL injection attacks launched against data storage objects, including, at a minimum, databases, database records, and database fields.Application Layer Gateway Security Requirements Guide V-222423CAT IIApplication data protection requirements must be identified and documented.Application Security and Development Security Technical Implementation Guide V-237385CAT IITo protect against data mining, the CA API Gateway providing content filtering must prevent code injection attacks from being launched against data storage objects, including, at a minimum, databases, database records, queries, and fields.CA API Gateway ALG Security Technical Implementation Guide V-237386CAT IITo protect against data mining, the CA API Gateway providing content filtering must prevent code injection attacks launched against application objects including, at a minimum, application URLs and application code.CA API Gateway ALG Security Technical Implementation Guide V-237387CAT IITo protect against data mining, the CA API Gateway providing content filtering must prevent SQL injection attacks launched against data storage objects, including, at a minimum, databases, database records, and database fields.CA API Gateway ALG Security Technical Implementation Guide V-237560CAT IITo help detect unauthorized data mining, the DBN-6300 must detect code injection attacks launched against data storage objects, including, at a minimum, databases, database records, queries, and fields.DBN-6300 IDPS Security Technical Implementation Guide V-237561CAT IITo protect against unauthorized data mining, the DBN-6300 must monitor for and detect SQL injection attacks launched against data storage objects, including, at a minimum, databases, database records, and database fields.DBN-6300 IDPS Security Technical Implementation Guide V-214508CAT IITo protect against data mining, the BIG-IP ASM module must be configured to prevent code injection attacks from being launched against data storage objects, including, at a minimum, databases, database records, queries, and fields when providing content filtering to virtual servers.F5 BIG-IP Application Security Manager Security Technical Implementation Guide V-214509CAT IITo protect against data mining, the BIG-IP ASM module must be configured to prevent code injection attacks launched against application objects, including, at a minimum, application URLs and application code when providing content filtering to virtual servers.F5 BIG-IP Application Security Manager Security Technical Implementation Guide V-214510CAT IITo protect against data mining, The BIG-IP ASM module must be configured to prevent SQL injection attacks launched against data storage objects, including, at a minimum, databases, database records, and database fields when providing content filtering to virtual servers.F5 BIG-IP Application Security Manager Security Technical Implementation Guide V-215773CAT IITo protect against data mining, the BIG-IP Core implementation must be configured to prevent code injection attacks from being launched against data storage objects, including, at a minimum, databases, database records, queries, and fields when providing content filtering to virtual servers.F5 BIG-IP Local Traffic Manager Security Technical Implementation Guide V-215774CAT IITo protect against data mining, the BIG-IP Core implementation providing content filtering must be configured to prevent code injection attacks from being launched against application objects, including, at a minimum, application URLs and application code.F5 BIG-IP Local Traffic Manager Security Technical Implementation Guide V-215775CAT IITo protect against data mining, the BIG-IP Core implementation providing content filtering must be configured to prevent SQL injection attacks from being launched against data storage objects, including, at a minimum, databases, database records, and database fields.F5 BIG-IP Local Traffic Manager Security Technical Implementation Guide V-266140CAT IITo protect against data mining, the F5 BIG-IP appliance providing content filtering must prevent code injection attacks from being launched against data storage objects, including, at a minimum, databases, database records, queries, and fields.F5 BIG-IP TMOS ALG Security Technical Implementation Guide V-266141CAT IITo protect against data mining, the F5 BIG-IP appliance providing content filtering must prevent code injection attacks launched against application objects including, at a minimum, application URLs and application code.F5 BIG-IP TMOS ALG Security Technical Implementation Guide V-266142CAT IITo protect against data mining, the F5 BIG-IP appliance providing content filtering must prevent SQL injection attacks launched against data storage objects, including, at a minimum, databases, database records, and database fields.F5 BIG-IP TMOS ALG Security Technical Implementation Guide V-65243CAT IITo protect against data mining, the DataPower Gateway providing content filtering must prevent code injection attacks from being launched against data storage objects, including, at a minimum, databases, database records, queries, and fields.IBM DataPower ALG Security Technical Implementation Guide V-65245CAT IITo protect against data mining, the DataPower Gateway providing content filtering must prevent code injection attacks launched against application objects including, at a minimum, application URLs and application code.IBM DataPower ALG Security Technical Implementation Guide V-65247CAT IITo protect against data mining, the DataPower Gateway providing content filtering must prevent SQL injection attacks launched against data storage objects, including, at a minimum, databases, database records, and database fields.IBM DataPower ALG Security Technical Implementation Guide V-55397CAT IITo protect against unauthorized data mining, the IDPS must prevent code injection attacks launched against data storage objects, including, at a minimum, databases, database records, queries, and fields.Intrusion Detection and Prevention Systems (IDPS) Security Requirements Guide V-55399CAT IITo protect against unauthorized data mining, the IDPS must prevent code injection attacks launched against application objects including, at a minimum, application URLs and application code.Intrusion Detection and Prevention Systems (IDPS) Security Requirements Guide V-55401CAT IITo protect against unauthorized data mining, the IDPS must prevent SQL injection attacks launched against data storage objects, including, at a minimum, databases, database records, and database fields.Intrusion Detection and Prevention Systems (IDPS) Security Requirements Guide V-206895CAT IITo protect against unauthorized data mining, the IPS must prevent code injection attacks launched against data storage objects, including, at a minimum, databases, database records, queries, and fields.Intrusion Detection and Prevention Systems Security Requirements Guide V-206896CAT IITo protect against unauthorized data mining, the IPS must prevent code injection attacks launched against application objects including, at a minimum, application URLs and application code.Intrusion Detection and Prevention Systems Security Requirements Guide V-206897CAT IITo protect against unauthorized data mining, the IPS must prevent SQL injection attacks launched against data storage objects, including, at a minimum, databases, database records, and database fields.Intrusion Detection and Prevention Systems Security Requirements Guide V-66407CAT IITo protect against unauthorized data mining, the Juniper Networks SRX Series Gateway IDPS must prevent code injection attacks launched against data storage objects, including, at a minimum, databases, database records, queries, and fields.Juniper SRX SG IDPS Security Technical Implementation Guide V-66407CAT IITo protect against unauthorized data mining, the Juniper Networks SRX Series Gateway IDPS must prevent code injection attacks launched against data storage objects, including, at a minimum, databases, database records, queries, and fields.Juniper SRX SG IDPS Security Technical Implementation Guide V-66409CAT IITo protect against unauthorized data mining, the Juniper Networks SRX Series Gateway IDPS must prevent code injection attacks launched against application objects, including, at a minimum, application URLs and application code.Juniper SRX SG IDPS Security Technical Implementation Guide V-66409CAT IITo protect against unauthorized data mining, the Juniper Networks SRX Series Gateway IDPS must prevent code injection attacks launched against application objects, including, at a minimum, application URLs and application code.Juniper SRX SG IDPS Security Technical Implementation Guide V-66411CAT IITo protect against unauthorized data mining, the Juniper Networks SRX Series Gateway IDPS must prevent SQL injection attacks launched against data storage objects, including, at a minimum, databases, database records, and database fields.Juniper SRX SG IDPS Security Technical Implementation Guide V-66411CAT IITo protect against unauthorized data mining, the Juniper Networks SRX Series Gateway IDPS must prevent SQL injection attacks launched against data storage objects, including, at a minimum, databases, database records, and database fields.Juniper SRX SG IDPS Security Technical Implementation Guide V-214620CAT IITo protect against unauthorized data mining, the Juniper Networks SRX Series Gateway IDPS must prevent code injection attacks launched against data storage objects, including, at a minimum, databases, database records, queries, and fields.Juniper SRX Services Gateway IDPS Security Technical Implementation Guide V-214621CAT IITo protect against unauthorized data mining, the Juniper Networks SRX Series Gateway IDPS must prevent code injection attacks launched against application objects, including, at a minimum, application URLs and application code.Juniper SRX Services Gateway IDPS Security Technical Implementation Guide V-214622CAT IITo protect against unauthorized data mining, the Juniper Networks SRX Series Gateway IDPS must prevent SQL injection attacks launched against data storage objects, including, at a minimum, databases, database records, and database fields.Juniper SRX Services Gateway IDPS Security Technical Implementation Guide V-228856CAT IITo protect against data mining, the Palo Alto Networks security platform must detect and prevent SQL and other code injection attacks launched against data storage objects, including, at a minimum, databases, database records, queries, and fields.Palo Alto Networks ALG Security Technical Implementation Guide V-228857CAT IITo protect against data mining, the Palo Alto Networks security platform must detect and prevent code injection attacks launched against application objects including, at a minimum, application URLs and application code.Palo Alto Networks ALG Security Technical Implementation Guide V-207700CAT IITo protect against unauthorized data mining, the Palo Alto Networks security platform must detect and prevent SQL and other code injection attacks launched against data storage objects, including, at a minimum, databases, database records, queries, and fields.Palo Alto Networks IDPS Security Technical Implementation Guide V-207701CAT IITo protect against unauthorized data mining, the Palo Alto Networks security platform must detect and prevent code injection attacks launched against application objects including, at a minimum, application URLs and application code.Palo Alto Networks IDPS Security Technical Implementation Guide V-241010CAT IIThe Tanium SQL database must be installed on a separate system.Tanium 7.0 Security Technical Implementation Guide V-241011CAT IIThe Tanium SQL server must be dedicated to the Tanium database.Tanium 7.0 Security Technical Implementation Guide V-234071CAT IIThe Tanium database(s) must be installed on a separate system.Tanium 7.3 Security Technical Implementation Guide V-234072CAT IIThe Tanium application database must be dedicated to only the Tanium application.Tanium 7.3 Security Technical Implementation Guide V-253832CAT IIThe Tanium database(s) must be installed on a separate system.Tanium 7.x Security Technical Implementation Guide V-253833CAT IIThe Tanium application database must be dedicated to only the Tanium application.Tanium 7.x Security Technical Implementation Guide V-242167CAT IITo protect against unauthorized data mining, the TPS must prevent code injection attacks launched against data storage objects, including, at a minimum, databases, database records, queries, and fields.Trend Micro TippingPoint IDPS Security Technical Implementation Guide V-242168CAT IITo protect against unauthorized data mining, the TPS must prevent code injection attacks launched against application objects including, at a minimum, application URLs and application code.Trend Micro TippingPoint IDPS Security Technical Implementation Guide V-242169CAT IITo protect against unauthorized data mining, the TPS must prevent SQL injection attacks launched against data storage objects, including, at a minimum, databases, database records, and database fields.Trend Micro TippingPoint IDPS Security Technical Implementation Guide