No announcement yet.

STIGS- Security Technical Implementation Guides

  • Filter
  • Time
  • Show
Clear All
new posts

  • STIGS- Security Technical Implementation Guides

    Anyone can download a template of the STIGS and test in a lab environment and determine what settings they may consider deploying in their environment. These configurations can greatly harden your Windows Environment, but DO test before deploying in production: I had deployed these in my personal lab a couple years ago and almost locked myself out as the STIGS renamed my administrator account. I import these into GPO's, and have signed up for email updates for when new releases are published, perhaps something to check out but please test prior to implementing! For example, the use FIPS 140-2 encryption only can break some legacy products that you may be using in your environment.

  • #2
    These are great to use, even the non-GPO ones. You can get STIGS for tons of things. This was really helpful for our project of controlling browsers like Chrome and Firefox.
    Frank McGovern
    Founder - TheIKE, Blue Team Con


    • #3
      What would you recommend for open source scanning of compliance to windows STIGS? Last I tried, openscap only did Linux for the most part; some experimental features for windows but not reliable nor extensive. There are windows installers but if recall correctly, the versions of windows it could scan were extremely limited.