On 3/2/22 10:54, Jeremiah C. Foster wrote:
Cannot speak for it's provenance, but there's this; 
https://github.com/hardenedlinux/STIG-4-Debian

Jeremiah,

Thanks, that actually looks like more of an SRR (System Readiness Review[0]) 
evaluation checker for applicable STIGs.

As it states, it uses the RHEL7 STIG as a baseline for the tests.

While old (2017), it might still prove useful if it can identify CAT I issues 
quickly with few false negatives as a *starting point*

--stephen
[0] i think DISA stopped making these scripts due to the burden of keeping them 
upto date.   3rd parties now do that for $$$$

Reply via email to