STIGs Search Compare About

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

Browse STIGs
Search
Compare Versions

Resources

About
VPAT
DISA STIG Library

Powered by Pylon

© 2026 Beacon Cloud Solutions, Inc. All rights reserved.

← Back to STIGs

Trellix Application Control 8.x Security Technical Implementation Guide

Version

V3R2

Benchmark ID

McAfee_Application_Control_8-x_STIG

Total Checks

31

Tags

application

CAT I: 2CAT II: 29CAT III: 0

This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DOD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.

Export CKL Export CSV Export JSON

Checks (31)

V-213316MEDIUMA Trellix Application Control written policy must be documented to outline the organization-specific variables for application whitelisting.V-213317MEDIUMThe use of a Solidcore 8.x local Command Line Interface (CLI) Access Password must be documented in the organizations written policy.V-213318MEDIUMThe Solidcore client Command Line Interface (CLI) Access password complexity requirements must be documented in the organizations written policy.V-213319MEDIUMThe Solidcore client Command Line Interface (CLI) Access Password protection process must be documented in the organizations written policy.V-213320MEDIUMThe requirement for scheduled Solidcore client Command Line Interface (CLI) Access Password changes must be documented in the organizations written policy.V-213321MEDIUMThe process by which the Solidcore client Command Line Interface (CLI) Access Password is made available to administrators when needed must be documented in the organizations written policy.V-213322MEDIUMThe Trellix Application Control Options Advanced Threat Defense (ATD) settings, if being used, must be confined to the organizations enclave.V-213323MEDIUMThe configuration of features under Trellix Application Control Options policies Enforce feature control must be documented in the organizations written policy.V-213324MEDIUMThe organizations written policy must include a process for how whitelisted applications are deemed to be allowed.V-213325MEDIUMThe organizations written policy must include procedures for how often the whitelist of allowed applications is reviewed.V-213326MEDIUMThe Solidcore client must be enabled.V-213327HIGHThe Solidcore client Command Line Interface (CLI) must be in lockdown mode.V-213328HIGHThe Solidcore client Command Line Interface (CLI) Access Password must be changed from the default.V-213329MEDIUMThe organization-specific Rules policy must only include executable and dll files that are associated with applications as allowed by the organizations written policy.V-213330MEDIUMThe Trellix Application Control Options Reputation setting must be configured to use the Trellix Global Threat Intelligence (Trellix GTI) option.V-213331MEDIUMThe Trellix Application Control Options Reputation-Based Execution settings, if enabled, must be configured to allow Most Likely Trusted or Known Trusted only.V-213332MEDIUMThe Trellix Application Control Options Advanced Threat Defense (ATD) settings must not be enabled unless an internal ATD is maintained by the organization.V-213333MEDIUMThe Trellix Application Control Options Advanced Threat Defense (ATD) settings, if being used, must be configured to send all binaries with a reputation of Might be Trusted and below for analysis.V-213334MEDIUMThe Trellix Application Control Options Advanced Threat Defense (ATD) settings, if being used, must be configured to only send binaries with a size of 5MB or less.V-213336MEDIUMThe Trellix Application Control Options policy must be configured to disable Self-Approval.V-213337MEDIUMThe Trellix Application Control Options policy End User Notification, if configured by organization, must have all default variables replaced with the organization-specific data.V-213338MEDIUMThe Trellix Application Control Options policies Enforce feature control memory protection must be enabled.V-213339MEDIUMEnabled features under Trellix Application Control Options policies Enforce feature control must not be configured unless documented in written policy and approved by ISSO/ISSM.V-213340MEDIUMThe Trellix Application Control Options Inventory option must be configured to hide OS Files.V-213341MEDIUMThe Trellix Application Control Options Inventory interval option must be configured to pull inventory from endpoints on a regular basis not to exceed seven days.V-213342MEDIUMThe Trellix Applications Default Rules policy must be part of the effective rules policy applied to every endpoint.V-213343MEDIUMA copy of the Trellix Default Rules policy must be part of the effective rules policy applied to every endpoint.V-213344MEDIUMThe organization-specific Rules policies must be part of the effective rules policy applied to all endpoints.V-213345MEDIUMThe organization-specific Solidcore Client Policies must be created and applied to all endpoints.V-213346MEDIUMThe Throttling settings must be enabled and configured to settings according to organizations requirements.V-213347MEDIUMThe Solidcore Client Exception Rules must be documented in the organizations written policy.