-
#### Description of problem:
`sshd_set_keepalive` is misaligned with DISA's `xccdf_mil.disa.stig_rule_SV-257995r970703_rule`.
Content uses distributed config and puts it to different file than DISA …
-
Sometimes an XCCDF rule contains different requirements based on the target platform, and it would be useful to be able to select a single check-content-ref to perform based on the outcome of XCCDF's …
-
### Is your feature request related to a problem? Please describe.
There is no DISA STIG for Ubuntu 24.04, yet.
### Describe the solution you'd like
Why would you drop support for 22.04 before 24.0…
-
In the NIWC developed SCAP Compliance Checker (SCC) application, we are using the rule-result 'message' with level of 'info' to convey the failure details from the check system. We have convinced res…
-
Is the expectation that multiple benchmarks will be included in a single MPS, or will there be multiple MPS claims, each with their benchmark (e.g. an array of MPS claims).
-
...and how they relate to controls.
https://public.cyber.mil/stigs/
afeld updated
5 years ago
-
**Question**
There has been multiple changes to the DISA stig for RHEL9, but the last update is from April this year. Since then we are on V2R2 which since then has removed 12 Stigs going from 462 to…
-
#### Description of problem:
The rule logind_session_timeout is misaligned with DISA. It passes with ComplianceAsCode but fails with DISA content.
The problem seems to be that the DISA's prose to …
-
The ruleType allows for an impact-metric element for representing a CVSS 2.0 base vector. The element has been marked as deprecated as the “property was found to be of little use in the anticipated X…
-
Presently XCCDF’s check processing picks the first check with a matching selector and a supported system and explicitly does not allow “backtracking” to another available check in the event first cann…