How STIG Compliance impacts your organization
The U.S. Department of Defense (DoD) protects its thousands of networks by defining and implementing best practices for the installation and maintenance of its information technology (IT) resources. The Defense Information Systems Agency (DISA) develops and publishes policy in the form of Security Technical Implementation Guides (STIGs), which are used when ‘hardening’ DoD and mission partner systems. While significant advances have been made in the areas of threat definition and vulnerability monitoring, little progress has been made in deploying automation to address the arduous task of implementing and maintaining STIG policy on the millions of systems that support the DoD.
The lack of STIG remediation automation results in…