-
Notifications
You must be signed in to change notification settings - Fork 7
Home
Follow the steps on the Get Started page for a step-by-step guide to implement StigRepo and automate your STIG Compliance!
The StigRepo module accelerates cloud readiness and system hardening through building a repository to automate and customize configurations that are compliant with Security Technical Implementation Guides (STIGs) owned and released by the Defense Information Systems Agency (DISA). StigRepo identifies the systems in your Active Directory and/or Azure environment, identifies which software needs to be secured according to STIG requirements/recommendations, builds a customizable infrastructure as code (IaC) repository that leverages PowerSTIG### to automate enforcement and/or monitoring of STIG compliance ensuring your systems remain secured and even generating documentation to report compliance through STIG Checklists.
StigRepo organizes the repository to deploy and document STIGs using the folders listed below:
- Systems: Folders for each identified Organizational Unit in Active Directory and a Powershell Data file for each identified system.
- Configurations: Dynamic PowerSTIG Configurations for that are customized by parameters provided within system data files.
- Artifacts: Consumable items produced by StigRepo. StigRepo produces DscConfigs, MOFS, and STIG Checklists out of the box.
- Resources: Dependencies leveraged by StigRepo to generate System Data and Artifacts. StigRepo comes with required Modules, StigData files, and a Wiki to be used within Azure DevOps/Github out of the box.