-
While PowerStig is able to audit and configure many STIG rules, it leaves out rules that can only be audited and not changed (for example "WN10-00-000005 - Domain-joined systems must use Windows 10 En…
-
## Description of problem:
Under RHEL9, I noticed that net.ipv4.conf.default.rp_filter was being flagged as failing when in fact the value set was correct. This appears to be down to the setting ap…
-
**NEW**
- [ ] RHEL-06-000534 V-97229 `fips=1` in the kernel cmdline
- [ ] RHEL-06-000244 V-97231 FIPS compliant MACs in sshd_config
**UPDATED**
- [x] RHEL-06-000078 thru RHEL-06-000099 `sysctl -…
-
This is STIG violation and as we know not good practice especially since it is in clear text. we can use the same approach that geoserver does and write the username password in a separate file and en…
-
**What would you like to be added**:
I'd like to be able to use a pre-built FIPS version of the AL2 EKS AMI provided by Amazon; AFAIK the spec for this is described in this [blog](https://aws.ama…
-
Hi There,
FIPS is the U.S. government standard of security for cryptography.
No place in this project have indication whether or not it support FIPS for communication with target devices.
will …
-
While the xrdp server supports FIPS mode. In xrdp-keygen only the MD5 digest is used, this causes openSSL internal error in FIPS mode.
To enforce FIPS we need to implemented a FIPS compatible digest …
-
### Is your feature request related to a problem? Please describe.
UDS-core incorporates Keycloak as the default IdP. The HNCD team has obtained an Elastic STIG directly from Elastic (not yet availab…
-
With Microsoft's replacement of EMET by a combination of Windows Defender Exploit Guard (exploit mitigations) and Windows Defender Application Control (module loading controls) on Windows 10, EMET was…
-
|Wazuh version|Component|Install type|Install method|Platform|
|---|---|---|---|---|
| 5.0 | All | Manager/Agent | Packages/Sources | All |
## Description
The idea of this epic is to reorganiz…