STIG

Ansible Role for the DISA STIG

Ansible and our security partner, the MindPoint Group have teamed up to provide a complete, tested, and trusted Ansible Role for the DISA STIG. With this Role, IT admins can easily:

  • Deploy new systems that are compliant to the DISA STIG.
  • Audit and validate DISA STIG compliance on existing systems.
  • Coupled with Ansible Tower, schedule routine checks across entire server inventories.

Not an Ansible user yet, but challenged by the need to remain STIG compliant? Getting started with Ansible is easy.

Access the STIG role through Ansible Galaxy.

 

Interested in staying updated on the work that MindPoint Group and Ansible are doing with automated STIG roles? Sign up for updates below. 

ansible_line_short_grey

Current STIG Role Features

OS Support - Supports RHEL 6 and variants today, with more Linux and Windows versions coming soon.

Vulneratbility Category Detection and Correction

As of 26 Feb 2015:

  • CAT 1 (High): 100%
  • CAT 2 (Medium): 91%
  • CAT 3 (Low): 82%

The Role does not automatically correct every finding as some are build-time (i.e. partitioning requirements) that are not safe to automatically remediate in a generic fashion.

Secure - Every committed update to the STIG project is reviewed by the Ansible and MindPoint Group teams, and results of the Role application are run through an automated testing gauntlet involving the use of OpenSCAP and STIGMA. The current status of the roles is viewable in the ansible-lockdown README.

Community - Like all OpenSource projects, the more users and contributors to the project, the better the result and functionality will be. Want to particpate?

Free and Open - Like Ansible Core, the STIG role is provided free-of-charge, however many customers find that the STIG role plus Ansible Tower provide unprecedented benefits and capabilities when applying and managing STIG compliance across a large set of systems. For deeper level assistance with your IT Security posture, MindPointGroup is Ansible’s recommendation.

Interested in staying updated on the work that MindPoint Group and Ansible are doing with automated STIG roles? Sign up for updates now.

Get started with the Ansible STIG Role
Visit our Ansible Tower information page to learn more or get a free 30-day trial

To get a quote, please contact our Government Sales Team