If anyone has ever had to work with STIG requirements, especially DISA STIGs, you will understand the pain of going through the checklists verifying and configuring settings for sometimes hundreds of line items! SCAP can help with some STIG lists in identifying items that need attention but it still takes manually correcting hundreds of items. Now imagine do this to every server in your farm!
I am currently working on a STIG Tool which will both check/verify all items on the STIG checklists … and provide the ability to selectively or automatically fix each item on the checklist. You can literally reduce time required to STIG a system from hours or days to a matter of minutes.
This can save huge amounts of man hours and resources which could be used for other projects, all while increasing the security posture of your network.
Anyone interested?
submitted by /u/jcholder
[link] [comments]
The post STIG/PCI compliance tool appeared first on How to Code .NET.