-
I just looked up CCI-001336 (training record retention) and the STIG Rules annotated at the bottom are just not right. portmap/rpcbind settings... these have nothing to do with training record retenti…
-
We applied DoD DISA STIGs hardening settings for Chrome v2r4 in our environment and ANDI no longer seems to works. When clicking on ANDI there is no response, no pop-up errors/prompts or warning messa…
-
**Is your feature request related to a problem? Please describe.**
For larger environments, being able to use the Findings dashboard and click details to see a full list of 'NR' items would be help…
-
Design center seems like a good place for the stigs.
-
Collection Grants are being reimplemented. The reimplementation will more clearly distinguish Collection Privileges and Collection Access.
Collection Roles will enable sets of Collection Privileges…
-
https://public.cyber.mil/stigs/downloads/
-
**The issue**
Google/Chrome, Mozilla/Firefox and Apple/Safari all allow MV3 webextensions defining both `background.service_worker` and `background.script` in the manifest. In such cases browser wi…
-
Sometimes an XCCDF rule contains different requirements based on the target platform, and it would be useful to be able to select a single check-content-ref to perform based on the outcome of XCCDF's …
-
You mention that these scripts are based off the RedHat STIGs as well as general application/OS guidelines.
Why aren't you using the UNIX SRG that is the basis for the Redhat STIG?
http://iase.disa.…
-
I've started work here: https://github.com/pburkholder/inspec-stigs, can't really call it a WIP, but it's a start.
There seem to be 400 Controls for Win2012 Member Server, 250 of which are registry k…