STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 7 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.

NIST 800-53 Controls

Browse 1205 security and privacy controls across 28 families.

Each control is linked to DISA CCI identifiers and STIG checks. Search for fast lookup by control ID or CCI.

Control Families

All Controls1205
AC Access Control143AP Authority and Purpose2AR Accountability, Audit, and Risk Management8AT Awareness and Training17AU Audit and Accountability66CA Assessment, Authorization, and Monitoring31CM Configuration Management66CP Contingency Planning51DI Data Quality and Integrity5DM Data Minimization and Retention6IA Identification and Authentication74IP Individual Participation and Redress6IR Incident Response42MA Maintenance30MP Media Protection26PE Physical and Environmental Protection59PL Planning16PM Program Management37PS Personnel Security18PT PII Processing and Transparency21RA Risk Assessment25SA System and Services Acquisition145SC System and Communications Protection159SE Security2SI System and Information Integrity116SR Supply Chain Risk Management27TR Transparency5UL Use Limitation2

SC — System and Communications Protection

51 base controls

SC-1Policy and Procedures25 CCIs
SC-2Separation of System and User Functionality1 CCIs
SC-3Security Function Isolation2 CCIs
SC-4Information in Shared System Resources1 CCIs
SC-5Denial-of-Service Protection6 CCIs
SC-6System and Communications Protection4 CCIs
SC-7Boundary Protection6 CCIs
SC-8Transmission Confidentiality and Integrity2 CCIs
SC-9System and Communications Protection1 CCIs
SC-10Network Disconnect2 CCIs
SC-11Trusted Path4 CCIs
SC-12Cryptographic Key Establishment and Management17 CCIs
SC-13Cryptographic Protection4 CCIs
SC-14System and Communications Protection1 CCIs
SC-15Collaborative Computing Devices and Applications3 CCIs
SC-16Transmission of Security and Privacy Attributes6 CCIs
SC-17Public Key Infrastructure Certificates3 CCIs
SC-18Mobile Code6 CCIs
SC-19Voice over Internet Protocol5 CCIs
SC-20Secure Name/Address Resolution Service (Authoritative Source)4 CCIs
SC-21Secure Name/Address Resolution Service (Recursive or Caching Resolver)5 CCIs
SC-22Architecture and Provisioning for Name/Address Resolution Service2 CCIs
SC-23Session Authenticity1 CCIs
SC-24Fail in Known State5 CCIs
SC-25Thin Nodes2 CCIs
SC-26Honeypots1 CCIs
SC-27Platform-Independent Applications2 CCIs
SC-28Protection of Information at Rest2 CCIs
SC-29Heterogeneity2 CCIs
SC-30Concealment and Misdirection5 CCIs
SC-31Covert Channel Analysis3 CCIs
SC-32System Partitioning4 CCIs
SC-33System and Communications Protection1 CCIs
SC-34Non-Modifiable Executable Programs4 CCIs
SC-35External Malicious Code Identification1 CCIs
SC-36Distributed Processing and Storage4 CCIs
SC-37Out-of-Band Channels4 CCIs
SC-38Operations Security2 CCIs
SC-39Process Isolation1 CCIs
SC-40Wireless Link Protection3 CCIs
SC-41Port and I/O Device Access3 CCIs
SC-42Sensor Capability and Data6 CCIs
SC-43Usage Restrictions5 CCIs
SC-44Detonation Chambers2 CCIs
SC-45System Time Synchronization1 CCIs
SC-46Cross Domain Policy Enforcement1 CCIs
SC-47Alternate Communications Paths1 CCIs
SC-48Sensor Relocation4 CCIs
SC-49Hardware-Enforced Separation and Policy Enforcement2 CCIs
SC-50Software-Enforced Separation and Policy Enforcement2 CCIs
Page 1 of 2Next