-
Since DISA has now been phasing out the old docs and moving to a new catalog system for V2's, having the legacy ID is a great way to cross reference to what you may already have. I've altered you __i…
-
During installation of RHEL8, when a security policy is selected, and then the policy is changes to a different one, it seems that list of excluded packages is not reset.
See discussion in https://…
-
#### Description of problem:
harden_sshd_ciphers_opensshserver_conf_crypto_policy is misaligned with DISA
#### Details:
The SSG's rule checks for a specific list of ciphers. It fails because it f…
-
### 🎛 Description
🙋 feature request?
Controls with nested OR logic result in nested `describe.one` blocks which are not supported in Inspec.
### 🤔 Replication Case
Sample control definitio…
-
#### Description of problem:
The rule `display_login_attempts` is is aligned with DISA.
#### SCAP Security Guide Version:
2568bef
### Operating System
RHEL7
#### Steps to Reproduce:
1…
-
I just looked up CCI-001336 (training record retention) and the STIG Rules annotated at the bottom are just not right. portmap/rpcbind settings... these have nothing to do with training record retenti…
-
#### Description of problem:
* `disa-content-alignment-remediations Ansible`
* `disa-content-alignment-remediations Ansible (GUI)`
* `disa-content-alignment-remediations Bash`
* `disa-content-alig…
-
#### Description of problem:
SSG content passes, but DISA content fails.
DISA content checks only for `/etc/pam.d/password-auth: pam_pwhistory.so has remember set to 5 or greater`
Filepath | P…
-
Some policies are written which to not clearly define the exact requirement to be verified, but state things such as "verify that the database owner matches system documentation". Without the ability…
-
InSpec Profile Baselines
----
The MITRE InSpec Team has been working with
Dev-Sec Project
( www.place.io )
The devsec project is the open source community building inspec profiles that are best-…