STIGs RMF Controls Compare

STIGhub— A free STIG search and compliance tool·STIGs updated 3 days ago

Powered by Pylon·Privacy·Terms·© 2026 Beacon Cloud Solutions, Inc.

← IA-8 (2) — Acceptance of External Authenticators

CCI-004083

Definition

Accept only external credentials that are NIST compliant.

Parent Control

IA-8 (2)Acceptance of External AuthenticatorsIdentification and Authentication

Linked STIG Checks (9)

V-222559CAT IIThe application must accept Federal Identity, Credential, and Access Management (FICAM)-approved third-party credentials.Application Security and Development Security Technical Implementation Guide V-204808CAT IIThe application server must accept Federal Identity, Credential, and Access Management (FICAM)-approved third-party credentials.Application Server Security Requirements Guide V-276012CAT IAx-OS must have no local accounts for the user interface.Axonius Federal Systems Ax-OS Security Technical Implementation Guide V-263657CAT IIThe operating system must accept only external credentials that are NIST-compliant.General Purpose Operating System Security Requirements Guide V-205576CAT IIThe Mainframe Product must accept Federal Identity, Credential, and Access Management (FICAM)-approved third-party credentials.Mainframe Product Security Requirements Guide V-279443CAT IINutanix AOS must accept Federal Identity, Credential, and Access Management (FICAM)-approved third-party credentials.Nutanix Acropolis Application Server Security Technical Implementation Guide V-282768CAT IITOSS 5 must accept only external credentials that are NIST compliant.Tri-Lab Operating System Stack (TOSS) 5 Security Technical Implementation Guide V-264322CAT IIThe VMM must accept only external credentials that are NIST-compliant.Virtual Machine Manager Security Requirements Guide V-269574CAT IXylok Security Suite must use a centralized user management solution.Xylok Security Suite 20.x Security Technical Implementation Guide