STIGhubSTIGhub
STIGsRMF ControlsCompare
STIGhub— A free STIG search and compliance tool·STIGs updated 3 days ago
Powered by Pylon·Privacy·Terms·© 2026 Beacon Cloud Solutions, Inc.
← All Controls

SC-23 (5)

System and Communications ProtectionRev 5system

Session Authenticity

Control Statement

Only allow the use of [Assignment: certificated authorities] for verification of the establishment of protected sessions.

Supplemental Guidance

Reliance on certificate authorities for the establishment of secure sessions includes the use of Transport Layer Security (TLS) certificates. These certificates, after verification by their respective certificate authorities, facilitate the establishment of protected sessions between web clients and web servers.

Related Controls (2)

SC-12SC-13

CCI Identifiers (2)

CCI-002469Defines the certificate authorities allowed to be used for verification of the establishment of protected sessions.CCI-002470Only allow the use of organization-defined certificate authorities for verification of the establishment of protected sessions.

Linked STIG Checks (147)

Across 116 STIGs. Click to expand.