[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Compiled list (STIG for Debian)

On 3/2/22 10:54, Jeremiah C. Foster wrote:
Cannot speak for it's provenance, but there's this; https://github.com/hardenedlinux/STIG-4-Debian


Thanks, that actually looks like more of an SRR (System Readiness Review[0]) evaluation checker for applicable STIGs.

As it states, it uses the RHEL7 STIG as a baseline for the tests.

While old (2017), it might still prove useful if it can identify CAT I issues quickly with few false negatives as a *starting point*

[0] i think DISA stopped making these scripts due to the burden of keeping them upto date.   3rd parties now do that for $$$$

Reply to: