DISA STIG/NSA Security Configuration Guides Compliance Checklist Auditing and Monitoring
The NNT STIG Solution - Non-Stop STIG Compliance
NNT offers a totally comprehensive library of system benchmarks including the complete Department of Defense (DoD) library of Security Technical Implementation Guides (STIGS) as recommended by the Defense Information Systems Agency (DISA).
Using intelligent automation and reporting technology these guides can easily be applied to all appropriate systems with remediation and real time monitoring to ensure these standards prevail at all times.
This approach provides easy adoption and continuous, real-time monitoring of STIG compliance, reporting any drift within seconds of changes occurring to ensure the integrity and protection of your systems remains in place at all times. These guides may be tailored to suit individual or organizational preferences and intelligent change control allows you to monitor and report on all unauthorized changes to systems even those outside of your STIG guidelines for the ultimate last line in cyber security defense.
For each STIG Benchmark we provide the official manual STIG which gives detailed guidance for manually auditing and assessing a system for compliance with published STIG configuration settings. However any STIG content can be imported into NNT Change Tracker Gen 7 R2 to provide an automated, estate-wide STIG audit of all systems – ask us for a demo to show you!.
In accordance with DOD directives regarding IA-enabled IT devices (such as DoDD 8500.1), DISA and the NSA - via the Defense IA program - provide security configuration guidelines known as Security Technical Implementation Guides or STIGs.
Did you know? In May of 2012, the Commander of the US Cyber Command and Director of NSA announced that he believed adoption of the CIS Controls was a good foundation for effective cybersecurity, and that they are an excellent example of how public and private sector organizations can voluntarily come together to improve security. His endorsement was the result of NSAs investment over the period of a year of some of its top talent vetting the CIS Controls to be certain they reflected the actual risks faced by industrial and government systems.