content
RHEL7-STIG
Our great sponsors
content | RHEL7-STIG | |
---|---|---|
7 | 2 | |
2,082 | 281 | |
3.0% | 0.0% | |
10.0 | 8.2 | |
about 14 hours ago | 5 days ago | |
Shell | YAML | |
GNU General Public License v3.0 or later | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
content
- Oracle linux CIS benchmark
-
FIPS 140 and MacOS
For starters there's an entire NIST project for macOS Security Compliance - https://github.com/usnistgov/macos_security this will make your life a million times easier to meet a lot of the technical controls required for compliance. Nothing like this really exists for Windows or Linux(closest is Compliance As Code https://github.com/ComplianceAsCode/content)
- Ansible for automation/ hardening.
- I wrote a Script to bring firefox into dISA STIG compliance on RHEL 7 & 8 systems.
- hardening a RHEL8 VM using OpenSCAP and DISA STIG
-
CIS Benchmarking Git Community
I haven't used this in a while but take a look at ComplianceAsCode it is attempting to apply controls for each of the different benchmarks on different OSes. It might have what you are looking for, plus you can always contribute back any changes you make to help others.
- ComplianceAsCode/content: Security automation content in SCAP, OSCAL, Bash, Ansible, and other formats
RHEL7-STIG
-
Adding RHEL 7 STIGs to a playbook
Hello, I am in school and can't seem to get the help I need so I figured it would be worth asking here. I'm trying to add DISA STIGs to a playbook that deploys DigitalOcean droplets, to harden the droplets. I was told to just "copy and paste" them into my playbook from https://github.com/ansible-lockdown/RHEL7-STIG/blob/devel/tasks/fix-cat1.yml which would be fine but my formatting is off and no matter what I've done I'm still getting error messages. I thought it might be worth a shot to ask if anyone had any additional resources to help me better understand how to add these to my playbook.
-
My org will soon be using Ansible, because of me
I have been using this to start the AMI baseline https://github.com/ansible-lockdown/RHEL7-STIG
What are some alternatives?
flake8-bandit - Automated security testing using bandit and flake8.
RHEL8-CIS - Ansible role for Red Hat 8 CIS Baseline
hardening - Hardening Ubuntu. Systemd edition.
CentOS7-CIS - Ansible CentOS 7 - CIS Benchmark Hardening Script
AMDH - Android Mobile Device Hardening
openwrt-config - Ansible playbook library for automated configuring of OpenWrt.
ansible-role-rhel8-stig - DISA STIG for Red Hat Enterprise Linux 8 - Ansible role generated from ComplianceAsCode Project
UBUNTU18-CIS - CIS Baseline Ansible Role for Ubuntu 18
ansible-role-hardening - Ansible role to apply a security baseline. Systemd edition.
UBUNTU20-CIS - Ansible role for Ubuntu 2004 CIS Baseline
lunasec - LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/
RHCA-study-notes - Red Hat Certified Architect personal study notes.