On 3/2/22 10:54, Jeremiah C. Foster wrote:
Cannot speak for it's provenance, but there's this; https://github.com/hardenedlinux/STIG-4-Debian
Jeremiah, Thanks, that actually looks like more of an SRR (System Readiness Review[0]) evaluation checker for applicable STIGs. As it states, it uses the RHEL7 STIG as a baseline for the tests. While old (2017), it might still prove useful if it can identify CAT I issues quickly with few false negatives as a *starting point* --stephen [0] i think DISA stopped making these scripts due to the burden of keeping them upto date. 3rd parties now do that for $$$$
