Closed CyanDot closed 5 years ago
I can only give you a sort of non-answer answer. DISA is aware of the project and we reviewed the goals of the project with the STIG team leadership. This is an OSS community driven project, but maintained by a few Microsoft Services Consultants as a way to apply an additional layer of PowerShell automation on top of existing DISA supported STIG requirements and solutions. The STIG's are just a list of configuration items and we simply convert those manual tasks into a DSC composite resource with some standard business logic in front of it.
As far as approval goes, PowerSTIG is a PowerShell module. That being said, the project is deployed in DoD enterprises and I am not aware of a PowerShell module approval process. As with any software, DISA provided or otherwise, you should evaluate it to see if it fits in with your organizations people, process, and tools.
I hope that answers your question, sort of. I am more than happy to talk about any concerns that you have that we can share back with the community to make the project even better.
Thank for for the timely response.
Do you have any PowerPoint, or other presentations that I can show to management here?
I took the contents from a PowerPoint I had and put the content into a markdown file here to get you started.
Perfect, thanks! Another question. If an organization wanted to use PowerStig, but not send the system out to the field with PowerStig installed, is there a way to do that? Do you just need PowerStig on the machine that is configuring the other systems?
The PowerSTIG module only generates the MOF and it not required to be installed on the target node. That being said the MOF depends on the DSC resources to audit and configure the node. The list of DSC resources that are required to be installed on the target node under the system module path are listed in the module manifest.
Thanks again! That is all I have for now. If you want, you can close the issue.
Hi:
Does PowerStig have any kind of DISA authorization yet? Is PowerStig approved to run on DOD systems yet?
Thank you.