skip to Main Content
  • Content Types

  • Content Types

  • Topics

  • The Case for Revolutionizing STIG Policy Automation

    The Department of Defense (DoD) protects its 15,000 networks by defining, implementing, and auditing “best
    practices” for installation and maintenance of its information technology resources. The Defense Information
    Systems Agency (DISA) develops and publishes policy, in the form of the Security Technical Information Guides
    (STIGs). While significant advances have been made in the areas of threat definition and vulnerability assessment,
    little progress has been made in automating the arduous tasks of creating and maintaining STIG policy execution on
    all of the thousands of servers operated in the DoD

    Download PDF

    Share This: