STIGs Search Compare About

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

Browse STIGs
Search
Compare Versions

Resources

About
VPAT
DISA STIG Library

Powered by Pylon

© 2026 Beacon Cloud Solutions, Inc. All rights reserved.

← Back to STIGs

Microsoft Edge Security Technical Implementation Guide

Version

V2R5

Benchmark ID

MS_Edge_STIG

Total Checks

61

Tags

application

CAT I: 1CAT II: 50CAT III: 10

This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DOD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.

Export CKL Export CSV Export JSON

Checks (61)

V-235719LOWUser control of proxy settings must be disabled.V-235720MEDIUMBypassing Microsoft Defender SmartScreen prompts for sites must be disabled.V-235721MEDIUMBypassing of Microsoft Defender SmartScreen warnings about downloads must be disabled.V-235722LOWThe list of domains for which Microsoft Defender SmartScreen will not trigger warnings must be allowlisted if used.V-235723MEDIUMInPrivate mode must be disabled.V-235724MEDIUMBackground processing must be disabled.V-235725MEDIUMThe ability of sites to show pop-ups must be disabled.V-235726MEDIUMThe default search provider must be set to use an encrypted connection.V-235727LOWData Synchronization must be disabled.V-235728MEDIUMNetwork prediction must be disabled.V-235729MEDIUMSearch suggestions must be disabled.V-235730MEDIUMImporting of autofill form data must be disabled.V-235731LOWImporting of browser settings must be disabled.V-235732MEDIUMImporting of cookies must be disabled.V-235733MEDIUMImporting of extensions must be disabled.V-235734MEDIUMImporting of browsing history must be disabled.V-235735MEDIUMImporting of home page settings must be disabled.V-235736MEDIUMImporting of open tabs must be disabled.V-235737MEDIUMImporting of payment info must be disabled.V-235738MEDIUMImporting of saved passwords must be disabled.V-235739MEDIUMImporting of search engine settings must be disabled.V-235740MEDIUMImporting of shortcuts must be disabled.V-235741MEDIUMAutoplayAllowed must be set to disabled.V-235742MEDIUMWebUSB must be disabled.V-235743MEDIUMGoogle Cast must be disabled.V-235744MEDIUMWeb Bluetooth API must be disabled.V-235745MEDIUMAutofill for Credit Cards must be disabled.V-235746MEDIUMAutofill for addresses must be disabled.V-235747MEDIUMOnline revocation checks must be performed.V-235748MEDIUMPersonalization of ads, search, and news by sending browsing history to Microsoft must be disabled.V-235749MEDIUMSite tracking of a user’s location must be disabled.V-235750MEDIUMBrowser history must be saved.V-235751LOWEdge development tools must be disabled.V-235752LOWDownload restrictions must be configured.V-235753LOWURLs must be allowlisted for plugin use if used.V-235754MEDIUMExtensions installation must be blocklisted by default.V-235755LOWExtensions that are approved for use must be allowlisted if used.V-235756MEDIUMThe Password Manager must be disabled.V-235758HIGHThe version of Microsoft Edge running on the system must be a supported version.V-235760MEDIUMSite isolation for every site must be enabled.V-235761MEDIUMSupported authentication schemes must be configured.V-235763MEDIUMMicrosoft Defender SmartScreen must be enabled.V-235764MEDIUMMicrosoft Defender SmartScreen must be configured to block potentially unwanted apps.V-235765LOWThe download location prompt must be configured.V-235766MEDIUMTracking of browsing activity must be disabled.V-235767MEDIUMA website's ability to query for payment methods must be disabled.V-235768MEDIUMSuggestions of similar web pages in the event of a navigation error must be disabled.V-235769MEDIUMUser feedback must be disabled.V-235770MEDIUMThe collections feature must be disabled.V-235771MEDIUMThe Share Experience feature must be disabled.V-235772MEDIUMGuest mode must be disabled.V-235773MEDIUMRelaunch notification must be required.V-235774MEDIUMThe built-in DNS client must be disabled.V-246736MEDIUMUse of the QUIC protocol must be disabled.V-251694LOWThe list of domains media autoplay allows must be allowlisted if used.V-260465MEDIUMVisual Search must be disabled.V-260466MEDIUMCopilot must be disabled.V-260467MEDIUMSession only-based cookies must be enabled.V-266981MEDIUMFriendlyURLs must be disabled.V-279940MEDIUMAccess to Microsoft 365 Copilot writing assistance must be disabled.V-283439MEDIUMSpell checking provided by Microsoft Editor must be disabled.