DISA STIG/NSA Security Configuration Guides Compliance Checklist Auditing and Monitoring

The NNT STIG Solution - Non-Stop STIG Compliance

NNT offers a totally comprehensive library of system benchmarks including the complete Department of Defense (DoD) library of Security Technical Implementation Guides (STIGS) as recommended by the Defense Information Systems Agency (DISA).

Using intelligent automation and reporting technology these guides can easily be applied to all appropriate systems with remediation and real time monitoring to ensure these standards prevail at all times.

This approach provides easy adoption and continuous, real-time monitoring of STIG compliance, reporting any drift within seconds of changes occurring to ensure the integrity and protection of your systems remains in place at all times. These guides may be tailored to suit individual or organizational preferences and intelligent change control allows you to monitor and report on all unauthorized changes to systems even those outside of your STIG guidelines for the ultimate last line in cyber security defense.

Disa Stig Logo
Download DISA STIG Reports
 

For each STIG Benchmark we provide the official manual STIG which gives detailed guidance for manually auditing and assessing a system for compliance with published STIG configuration settings. However any STIG content can be imported into NNT Change Tracker Gen 7 R2 to provide an automated, estate-wide STIG audit of all systems – ask us for a demo to show you!.

 
DISA STIG Backgrounder

In accordance with DOD directives regarding IA-enabled IT devices (such as DoDD 8500.1), DISA and the NSA - via the Defense IA program - provide security configuration guidelines known as Security Technical Implementation Guides or STIGs.

The intent of DoDD 8500.1 is as follows

"All DoD information systems shall maintain an appropriate level of confidentiality, integrity, authentication, non-repudiation, and availability that reflect a balance among the importance and sensitivity of the information and information assets; documented threats and vulnerabilities; the trustworthiness of users and interconnecting systems; the impact of impairment or destruction to the DoD information system; and cost effectiveness"

In other words, all Information Assurance systems must be hardened.

The breadth and depth of STIG content provide comprehensive guidance to prevent security breaches through vulnerability mitigation. STIG checklists are provided in SCAP format and a full list of STIGs is available from the Information Assurance Support Environment here

Various vulnerability scanners can be used to assess compliance with a STIG, including the SCAP Compliance Checker (SCC) developed by the Space and Naval Warfare (SPAWAR) Systems Center Atlantic. However, all scanning solutions suffer from the same limitations in that scan results are only valid at the time of scanning.To detect any drift from the STIG requires a new full scan of all settings which is both time and resource intensive.

Furthermore, scanning for compliance with a STIG gives only one measure of security - changes to system files requires a more widespread file integrity monitoring operation which is an even more time and resource extensive function for a scanner to perform (even though most STIG scanning solutions do not even provide the option for this type of FIM test).

Did you know? In May of 2012, the Commander of the US Cyber Command and Director of NSA announced that he believed adoption of the CIS Controls was a good foundation for effective cybersecurity, and that they are an excellent example of how public and private sector organizations can voluntarily come together to improve security. His endorsement was the result of NSAs investment over the period of a year of some of its top talent vetting the CIS Controls to be certain they reflected the actual risks faced by industrial and government systems.

NNT Suite of Products

change tracker gen7r2 logo

Combine industry leading Device Hardening, File Integrity Monitoring, Change Control, Configuration Management & Compliance Management into one easy to use solution that can scale to the most demanding environments!

fastcloud logo

Automatically evaluate and verify the authenticity of file changes in real-time with NNT FAST™ (File Approved-Safe Technology) Integrity Assurance.

log tracker logo logo

Comprehensive and easy to use security information & event log management with intelligent & self-learning correlation technology to highlight potentially harmful activity in seconds.

vulnerability tracker logo

Continuously scan and identify vulnerabilities with unparalleled accuracy and efficiency, protecting your IT assets on premises, in the cloud and mobile endpoints.

USA Offices
NNT logo New Net Technologies LLC
Naples
Suite #10115, 9128 Strada Place
Naples, Florida, 34108
Atlanta
1175 Peachtree St NE
Atlanta, Georgia, 30361.

Tel: (844) 898-8358
email [email protected]
UK Office
NNT logo New Net Technologies Ltd
Rivers Lodge, West Common
Harpenden, Hertfordshire
AL5 2JD

Tel: 01582 287310
email [email protected]
CIS benchmarking SEWP Cybersecurity 500Sans Institute Now Certified IBM Security
Copyright 2020, New Net Technologies LLC. All rights reserved. 
NNT and Change Tracker are registered trademarks of New Net Technologies LLC.
All other product, company names and trademarks are the property of their respective owners.