Question: is there an up-to-date version for elastic 7.x?

mitre / elasticsearch-stig-baseline

This InSpec compliance profile implement the ElasticSearch Security Technical Implementation Guide (STIG) - (Draft) in an automated way to provide security best-practice tests around ElasticSearch with X-pack server and system settings in a production environment.

Other

5 stars 1 forks source link

Question: is there an up-to-date version for elastic 7.x? #3

Open rbeers opened 3 years ago

rbeers commented 3 years ago

We need to stig our 7.x elasticsearch docker instance and came across this repo. Will it work with 7.x versions?

gayleb commented 3 years ago

Since there are changes in 800-53 (now r4 or r5), the DISA Application Server SRG and Elasticsearch is now on 7.x, it is unlikely that this will work with your 7.x version. You may find some helpful information in Elastic's product documentation located here, however we do not have STIG-based hardening guidance available for implementing to DISA SRG requirements.