We need scripts to perform the following.
1. Harden of OS in accordance with the STIG.
2. Check compliance with the STIG indicating pass/fail, needs to be checked, Not applicable, or reason it cannot be set. The output needs to be acceptable as an artifact for the accreditation process.
3. Create the Checklist file which can be imported into the Vulnerator application.
hi....hope you are doing good.
being a Devsecops Engineer with 7+ years of experience, I am well versed with Scripting along with Security of it.
can you let me know if only RHEL would be used for STIG scan or even Ubuntu would be used??