STIG

STIG Update – STIG Viewer Version 2.9

May 9, 2019 by Leave a Comment

STIG Update – STIG Viewer Version 2.9
DISA has released STIG Viewer Version 2.9. This latest version of STIG Viewer is available at https://iase.disa.mil/stigs/Pages/index.aspx.

Updates in Version 2.9 include the following additions:
– NIST SP 800-53 revision 4 control IDs to CSV exports of STIGs and Checklists
– Status to Checklist filters.
– Ability to create filtered Checklists from STIG filter results.
– Ability to filter on STIG names to the top of the STIGs list
– FQDN (fully-qualified domain name) to Checklist CSV export.

For all STIG related questions, please contact the DISA STIG Customer Support Desk: disa.stig_spt@mail.mil

STIG Update – April 2019 Quarterly Release

May 7, 2019 by Leave a Comment

STIG Update – April 2019 Quarterly Release
DISA has released the following updated Security Guidance, Security
Readiness Review Scripts and Benchmarks:

Unclassified Application STIGs : http://iase.disa.mil/stigs/app-security/Pages/index.aspx
Adobe Acrobat Professional Document Cloud (DC) Classic STIG, Version 1, Release 2
Citrix XenDesktop 7.x Delivery Controller STIG, Version 1, Release 2
Citrix XenDesktop 7.x License Server STIG, Version 1, Release 2
Citrix XenDesktop 7.x Windows Virtual Delivery Agent (VDA) STIG, Version 1, Release 2
McAfee VirusScan 8.8 Managed Client STIG, Version 5, Release 20
McAfee VSEL 1.9/2.0 Local Client STIG, Version 1, Release 4
McAfee VSEL 1.9/2.0 Managed Client STIG, Version 1, Release 4
Microsoft DotNet Framework 4.0 STIG, Version 1, Release 7
Microsoft Exchange 2010 Edge Transport Server STIG, Version 1, Release 5
Microsoft Exchange 2013 Edge Transport Server STIG, Version 1, Release 5
Microsoft Exchange 2013 Mailbox Server STIG, Version 1, Release 4
Microsoft Exchange 2016 Edge Transport Server STIG, Version 1, Release 2
Microsoft IIS 7.0 STIG, Version 1, Release 18
Microsoft IIS 8.5 Server STIG, Version 1, Release 7
Microsoft IIS 8.5 Site STIG, Version 1, Release 7
Microsoft Internet Explorer 11 STIG, Version 1, Release 17
Microsoft Office System 2013 STIG, Version 1, Release 8
Microsoft SQL Server 2016 Database STIG, Version 1, Release 4
Microsoft SQL Server 2016 Instance STIG, Version 1, Release 5
Microsoft Windows Defender Antivirus STIG, Version 1, Release 5
Mozilla FireFox STIG, Version 4, Release 25
PostgreSQL 9.x STIG, Version 1, Release 5
Web Server SRG, Version 2, Release 3

Unclassified Network STIGs and SRGs: http://iase.disa.mil/stigs/net_perimeter/Pages/index.aspx
BIND 9.x STIG, Version 1, Release 6
IBM MaaS360 with Watson MDM v10.x STIG, Version 1, Release 2
Infoblox 7.x DNS STIG, Version 1, Release 7
Network Infrastructure Policy STIG, Version 9, Release 8
Network WLAN STIG, Version 6, Release 15
Router SRG, Version 3, Release 2
Voice Video Endpoint SRG, Version 1, Release 9
Voice Video over Internet Protocol STIG, Version 3, Release 14
Voice Video Services Policy STIG, Version 3, Release 16

Unclassified Operating System STIGs and Overviews: http://iase.disa.mil/stigs/os/Pages/index.aspx
Active Directory Domain STIG, Version 2, Release 13
Apple OS X 10.3 (Sierra) STIG, Version 1, Release 2
Canonical Ubuntu 16.04 LTS STIG, Version 1, Release 2
Microsoft Windows Server 2008 DC STIG, Version 6, Release 43
Microsoft Windows Server 2008 MS STIG, Version 6, Release 42
Microsoft Windows Server 2008 R2 DC STIG, Version 1, Release 30
Microsoft Windows Server 2008 R2 MS STIG, Version 1, Release 29
Microsoft Windows Server 2012/2012 R2 DC STIG, Version 2, Release 16
Microsoft Windows Server 2012/2012 R2 MS STIG, Version 2, Release 15
Microsoft Windows Server 2016 STIG, Version 1, Release 8
Oracle Linux 6 STIG, Version 1, Release 15
Red Hat Enterprise Linux 6 STIG, Version 1, Release 22
Red Hat Enterprise Linux 7 STIG, Version 2, Release 3
Solaris 11 SPARC STIG, Version 1, Release 17
Solaris 11 x86 STIG, Version 1, Release 17
SUSE Enterprise Linux 12 STIG, Version 1, Release 2
z/OS ACF2 STIG, Version 6, Release 40
z/OS RACF STIG, Version 6, Release 40
z/OS TSS STIG, Version 6, Release 40

FOUO HBSS STIGs: https://iase.disa.mil/stigs/hbss/Pages/index.aspx
HBSS ePO 5.3/5.9 STIG Version 1, Release 17
HBSS HIP 8 Firewall STIG Version 1, Release 12
HBSS HIP 8 STIG Version 4, Release 22
HBSS Remote Console STIG Version 4, Release 17
McAfee ENS 10.x STIG Version 1, Release 3

FOUO Network STIGS: http://iase.disa.mil/stigs/net_perimeter/Pages/index.aspx
Joint Regional Security Stack STIG Version 1, Release 5

Benchmarks: http://iase.disa.mil/stigs/scap/Pages/index.aspx
Microsoft Internet Explorer 11 STIG Benchmark, Version 1, Release 13
Microsoft Windows 2008 DC STIG Benchmark, Version 6, Release 43
Microsoft Windows 2008 MS STIG Benchmark, Version 6, Release 43
Microsoft Windows 2008 R2 DC STIG Benchmark, Version 1, Release 31
Microsoft Windows 2008 R2 MS STIG Benchmark, Version 1, Release 32
Microsoft Windows 2012 and 2012 R2 DC STIG Benchmark, Version 2, Release 16
Microsoft Windows 2012 and 2012 R2 MS STIG Benchmark, Version 2, Release 15
Microsoft Windows Defender Antivirus STIG Benchmark, Version 1, Release 2
Microsoft Windows Server 2016 STIG Benchmark, Version 1, Release 9
Red Hat Enterprise Linux 6 STIG Benchmark, Version 1, Release 23
Red Hat Enterprise Linux 7 STIG Benchmark, Version 2, Release 3
Solaris 11/SPARC STIG Benchmark, Version 1, Release 11
Solaris 11/X86 STIG Benchmark, Version 1, Release 11

STIG Update – Group Policy Objects (GPOs) for Security Technical Implementation Guides (STIGs) – April 2019

May 2, 2019 by Leave a Comment

STIG Update – Group Policy Objects (GPOs) for Security Technical Implementation Guides (STIGs) – April 2019
Group Policy Objects (GPOs) have been updated for April 2019. See the Change Log document included in the zip file for additional information.

DISA Risk Management Executive is posting the GPOs for use by system administrators to ease the burden in securing systems within their environment.

The GPOs can be found on IASE website on the Group Policy Objects tab located at this link: https://iase.disa.mil/stigs/gpo/Pages/index.aspx

List of GPOs currently in the package:
Office Products:
Adobe Acrobat Pro DC Classic
Office system 2013
Browsers:
Internet Explorer 11
Operating Systems:
Windows Server 2008 R2 MS
Windows Server 2008 R2 DC
Windows Server 2012 R2 MS
Windows Server 2012 R2 DC
Windows Server 2016 MS
Windows Server 2016 DC

AntiVirus:
Windows Defender AntiVirus

For all STIG related questions, please contact the DISA STIG Customer Support Desk: disa.stig_spt@mail.mil

System Administrator COS,co

April 18, 2019 by Leave a Comment

What to know more about how I get all these opportunities:
https://securitycompliance.thinkific.com

#systemadmin

Interested in this position?
Must-have *

-This position requires US Citizenship with a current DoD Secret Clearance
-4+ years of experience directly related to Linux System Administration in a sustainment environment; strong background in Red Hat Enterprise Linux (RHEL 5/6)

-VMware Horizon, VApps, VMware vSphere Clusters and vCenter Servers
-Basic Network Administration knowledge utilizing CISCO
-Understanding of Storage Area Network concepts (SAN) and Network Attached Storage (NAS)
-Knowledge of patch management tools such as RPM and YUM package management, Red Hat Satellite.
-Experience in COTS/GOTS/FOSS software installations
-Background in applying STIG settings to each product or underlying OS

Plusses

-scripting languages such as Powershell and PowerCLI, Bash, Ruby, and Python
-automation tools such as Chef, Puppet, SaltStack
-Knowledge of storage systems such as EMC VNX
-Knowledge of Active Directory services, LDAP

Day-2-Day *

This position is responsible for troubleshooting, maintaining and implementing solutions to optimize the infrastructure operations. The candidate will be responsible for designs, implements, codes, tests, documents, and maintains systems integration solutions.

Job position for DIACAP Compliance Engineer at Tarrytown, NY

June 29, 2018 by Leave a Comment

Role: DIACAP Compliance Engineer
Location: Tarrytown, NY
Duration: 6+ months

Keywords: – STIG, TFS, DevOps, Windows Imaging WIX, MSI, PowerShell, Anti-Virus, Whitelisting

Job Description:
Background
Source code management (SCM) & DEVOPS team (Infrastructure Team) manages the entire continuous integration, continues development chain process of a global Engineering conglomerate.
Application is developed using Microsoft technology C#, C++, WPF, MVVM and custom control on Windows-7 platform. The backbone of the entire SCM is Microsoft TFS while the packaging strategy is utilizing MSI and WIX. The current build management is driven by customized XMAL with PowerShell usage. Now the plans are to move to VNEXT that provides flexibility as an orchestrator and allows better reporting, triggering and logging facility.
The Goal of this team is to make the entire infrastructure to be in compliant with DIACAP (DoD Information Assurance Certification and Accreditation) process

Expectations – The team is looking out for Engineers who can augment the current team and support on following tasks
This means the identified engineer needs experience in DIACAP process (not knowledge) on how the system could be transformed to be DIACAP compliant system.
• Experienced in the Security Technical Implementation Guide (STIG) that provides security guidance for .NET deployments in workstations or servers and focuses on the secure configuration of the .NET Common Language Runtime (CLR).
• Identify loopholes and open items as part of IIS 7.0 Web Server to ensure that the IIS 7.0 becomes STIG compliant and thus related request handling and filtering are done in control manner and encryption is applied for protocols or data exchange for HTTP, FTP or telnet and more of such tasks etc.
• Ensuring the basic need of McAfee VirusScan 8.8 Managed Client STIG that highly suggests to have antivirus to be monitoring 24*7 along with no possibility of stoppage of such services and availability of antivirus signed files almost every day
• Ensure security enablement in Microsoft Internet Explorer 11 client used on Windows-7 workstations like script execution, popup restrictions as needed and stoppage of unsigned ACTIVEX controls
• Experience in interpreting STIG scans that reflect results on periodic basis.
• Experience in working on adding check and controls in build management system that automates scans ensure STIG compliance.

Soft Skills
• Good Team Player
• Good Written and verbal communication skills
• Customer facing experience would be added advantage

www.enterprisesolutioninc.com Pradyut Bhattacharya
Enterprise Solution Inc.
500 E. Diehl Road, Suite 130, Naperville, IL 60563
Office: # 630-214-9485

STIG Update – DISA has released the Samsung Android OS 8 with KNOX 3.x Version 1 Release 1

June 25, 2018 by Leave a Comment

STIG Update – DISA has released the Samsung Android OS 8 with KNOX 3.x Version 1 Release 1
DISA has released the Samsung Android OS 8 with KNOX 3.x Version 1 Release 1. The requirements of the STIG become effective immediately. The STIG is available at https://iase.disa.mil/stigs/Pages/index.aspx.

For all STIG related questions, please contact the DISA STIG Customer Support Desk: disa.stig_spt@mail.mil

Update your subscriptions, modify your password or e-mail address, or stop subscriptions at any time on your Subscriber Preferences Page. You will need to use your email address to log in. If you have questions or problems with the subscription service, please visit subscriberhelp.govdelivery.com. All other inquiries can be directed to subscriptions@disa.mil.