Release Notes
- Made the spreadsheet import skip blank rows
- Added terminaltables back to core XSS image
- Removed link to server logs, all logs have moved to journald
- Increase /var/tmp size recommendations
- Added psql helper wrapper
- Updated to 800-53 rev 5.2
- Updated machine spreadsheet importing to allow more columns and a bit more flexiblity, along with updating associated docs
- Corrected an issue related to fixed TLS certificates and ownership.
- When using fixed TLS certificates, no longer use internal certificate cache.
- Corrected next/prev buttons not working on scan item analysis
- Fixed starting some internal Python helpers (anything using python-run)
- Greatly increased the speed of updating scan item automatic analysis in the background. For automated scans, this should make it far less likely your server gets stuck waiting for work to complete in the background
- Added a CLI flag to enable CPU profiling of Xylok, to assist with investigating performance issues in the future.
- Increased shared memory allocated for Postgres
- Instalation documentation updates
- Fixed an issue with consolidating PP data that was causing some recommendations to not be properly propogated in the API (and consequently the UI)
- Fixed issue with the All Machines page causing machines to appear on multiple pages under certain sorting conditions
- Updated overlay loading to not include invalid controls, even if the overlay sources lists them. This will fix the DAF baseline not loading on the web frontend
- Removed the technical rater, it was no longer being maintained and does not fit the typical RMF analysis flow
- Upgraded to Go 1.25.6
- Imported DISA’s Jan 2026 compilation
- Added post-processing to the following benchmarks:
- vmw_vsphere_7-0_vami_stig
- vmw_vsphere_7-0_vca_sts_stig
- Solaris 11 SPARC post-processing
- Benchmarks with generated interview questions now marked as ready.
- If a document is no longer available on-disk, remove the path from the database
- Added pgcli back to image
- Corrected post-processing inclusion in base image
- Created interview questions for all benchmarks that did not contain existing check content.
- Added full post-processing for the following benchmarks:
- vmw_vsphere_7-0_vca_postgresql_stig
- vmw_vsphere_7-0_vca_rhttpproxy_stig
- Added post processing for some CISCO firewall stigs
- Updated interview questions for the following SRGs:
- application_server_srg
- central_log_server_srg
- dns_srg
- idps_srg
- network_device_management_srg
- router_srg
- traditional_security_checklist
- web_server_srg
- Made minor changes to RHEL 8 benchmark to better handle comments in configuration files
- Completed updates to post-processing to reflect changes in collection due to DISA quarterly scrape.
- Solaris 11 x86 postprocessing fix
- Fixed an issue with Podman 5.6 that caused the container to be unable to start. See https://github.com/containers/podman/issues/27107
- Prevent interactive jobs (like updating scan item AA) from appearing on the tasks page
- Corrected issue with running web and workers, with both using the same uv cache
- Upgraded to Go 1.25.5
- Failed tasks show in task monitor correctly
- CRA fixes for RMF rev 5
-
Imported Oct 2025 STIG release
-
Marked latest sunset benchmarks
-
Modified automatic collection to better determine Firefox install location on *nix
-
Updated commands for Splunk 8 to better capture required data.
-
Processed command changes from the DISA Oct 2025 quarterly update release for the following benchmarks:
- application_security_development_stig
- can_ubuntu_22-04_lts_stig
- can_ubuntu_24-04_stig
- cisco_ios_router_rtr_stig
- cisco_ios_switch_rtr_stig
- cisco_ios-xe_router_rtr_stig
- cisco_ios_xe_switch_rtr_stig
- cisco_ios-xr_router_rtr_stig
- cisco_nx-os_switch_ndm_stig
- cloudlinux_almalinux_os_9_stig
- iis_10-0_site_stig
- mariadb_enterprise_10-x_stig
- microsoft_windows_11_stig
- ms_office_365_proplus_stig
- ms_sql_server_2022_instance_stig
- ms_windows_10_stig
- ms_windows_server_2022_stig
- rhel_8_stig
- rhel_9_stig
- tomcat_application_server_9_stig
- toss_4_stig
- traditional_security_checklist
- windows_server_2019_stig
-
Updates to ESXi runner to make loading of the powercli environment less verbose
-
Update ESXi/vCenter environment to always include Xylok shipped PowerCLI modules
-
Completed commands for VMware vSphere 7 vCenter STIG
- eMASS TR export in the format expected by an eMASS rev 5 package
- The ability to individually clear tasks in the task monitor. Fewer background requests through the use of server-sent events
- Several changes to the way background tasks are handled as we continue to expand the new API
- When importing a benchmark archive, we no longer require the user to interact with the task. We now export benchmark bundles so that the CUI and regular benchmarks can be independently imported in either order without removing each other’s benchmarks. For our CUI users, you don’t have to worry about the order of installation and CUI-bundle updating!
- Corrected head tool selection for Solaris scripts
- Correct scripts not generating if ‘required for data collection’ questions haven’t been answered
- Several CCI rating update issues
- Corrected ordering of technical items on CCI rater
- Fixed an issue with Podman 5.6 that caused the container to be unable to start. See https://github.com/containers/podman/issues/27107
- Finished MariaDB post processing.
- Two changes to RHEL8 benchmark checks to reduce amount of data generated.
- Small fixes to address excessive time needed to run the find command on network mounted directories.
- Added output limits on a per-command basis to Powershell and POSIX
- Update Linux Powershell environment to v7.4.13
This quick release only affects users using the RMF rev 5 setting.
- XSS-147: If an overlay doesn’t exist for a client, still load the controls successfully
- XSS-148: Added Space Platform Overlay to RMF rev 5
- FilePortal API cleaned up and documented, allowing for easier automating of updates if desired by end users.
- Added hooks for loading cmd and script headers in Powershell and POSIX environments
- Some fixes to file permissions corrections during XSS startup
- Allow scan analysis loading to load checks even if they’re tombstoned
- No longer run commands if the associated check has been removed
- MSSQL Instance and Database 22 postprocessing
- Benchmark commands added for splunk_enterprise_8-x_for_linux_stig. Commands now use Splunk Enterprise REST API.
- More Ubuntu 22.04 PP updates
- Additions to the Cisco ASA benchmark post-processing
- Added CLI subcommand to display control selection for a given CIA/overlay set
- If no CIA level is specified, default to not including any controls (unless specified by overlays)
- Added CMMC overlay
- Updated to 2025-09-19 CCI list
- Documented the file portal API and added features to make automating updates if desired by end users.
- See https://downloads.xylok.io/docs
- For an example script, contact support!
- Fixed CCI rater not being able to search and use other client in comparison mode
- Cleaned up installing dependencies for Svelte in CI
- Fixed bugs with two commands in RHEL 9 benchmark.
- Added post-processing for new Google Chrome benchmark checks.
- Fixed bugs in a small number of RHEL8 benchmark commands.
- Improvements to our RMF 800-53 Rev 5 support
- All the RMF rev 5 overlays have been updated with the latest versions available
- eMASS TR building in Rev 5
- Changes to finding AP values for controls to work better with RMF rev 5
- Added BASH and Ansible automated scan examples
- Added ability to import machines via an XLSX spreadsheet
- Scan copy answers page is much better
- Moved to using Go 1.25 CORS protection
- Prevent bad DISA categories for checks from stopping scan score from being generated
- Correctly enable PP test API (if allowed by license)
- Fixed documentation not building in all cases
- Corrected building the advanced collector in the installer and added additional SBOM information
- Bug fix to JRE8 Unix benchmark.
- Improvements to Ubuntu 22.04 postprocessing
- First half of MariaDB post processing completed
- Commands added for MS SQL Server 2022 Instance benchmark.
- Updates for RHEL 8
- Updates for Kubernetes
- Updates for SLES 15
- Updates for TOSS 4
- Updates for RHEL9
- Updates for AlamLinux 9
- Added commands for MS SQL 2022 Database benchmark
- Command bug fix for MS SQL 2016 Database benchmark
- RHEL 7 updates
- DISA July 2025 updates applied to following benchmarks:
- can_ubuntu_22-04_lts_stig
- rh_ansible_automation_controller_app_server_stig
- active_directory_forest
- can_ubuntu_24-04_stig
- cisco_asa_ndm_stig
- cisco_ios_router_ndm_stig
- cisco_ios_switch_ndm_stig
- cisco_ios-xe_router_ndm_stig
- cisco_ios-xe_router_rtr_stig
- cisco_ios_xe_switch_l2s_stig
- cisco_ios_xe_switch_ndm_stig
- cisco_ios_xe_switch_rtr_stig
- cisco_ios-xr_router_ndm_stig
- cisco_nx-os_switch_ndm_stig
- google_chrome_current_windows
- ms_dot_net_framework
- ms_edge_stig
- iis_10-0_server_stig
- iis_10-0_site_stig
- ms_sql_server_2016_database_stig
- ms_sql_server_2016_instance_stig
- microsoft_windows_11_stig
- hbss_agent_handler
- hbss_policyauditor
- hbss_rogue_sensor
- ess_epo_5-3_5-9_stig
- ess_mcafee_agent_stig
- mcafee_ens_10-x_stig
- Updated CCI list for 2025-08-19 (minimal changes, they changed some CCI’s technical/policy status and removed one control reference)
- Fixed CCI rater not getting correct client ID
- Corrected scan items loading slowly if no matches are found
- Corrected issue with scan item not loading by ID when non-matching filter was applied. XSS-124
- Migrated to Go version 1.25.1
- Fixed CRA not including inherited controls in compliant count for summary report
- Installer fixes and test container updates
- Fixed skip-backup flag in installer, making it actually work
- Apply correct SELinux labels to the passthrough and backup directories
- Log more version info in the installer
- Latest version of mcafee_application_control_8-x_stig marked ready
- Latest version of ms_windows_server_2022_stig marked ready
- Latest version of solaris_11_sparc_stig marked ready
- Latest version of solaris_11_x86_stig marked ready
- Latest version of vmw_vsphere_8-0_vcenter_stig marked ready
- Latest version of windows_paw_stig marked ready
- AlmaLinux 9 updates, added commands and PP
- Kubernetes updates
- Following changes made to NSX-T and NSX 4.X benchmarks
- Small modifications to collectors to better capture info for benchmarks
- Built out majority of automated post-processing
- Added post-processing for VMware NSX-T Tier0 Router benchmark.
- Imported Oracle 12c manually, DISA is missing it in their compilation but still show it as valid on their site
- Merged Red Hat OpenShift 4.12 with new 4.x STIG
- XSS-104: Added a ‘conflicted CCI’ search to the control rater
- CRA updates:
- XSS-80: Added classification section to the CRA which allows the user to specify how to mark most parts of the report
- XSS-88: Include eMASS system ID on the title page of CRA
- Advanced collector improvements:
- Users must now specify the OS of each target, unless the target is the local box. Local OSes should generally be detected, let us know if they are not properly found.
- Added subcommand for getting information on available OSes for manually-specified OSes in the advanced collector
- The advanced collector now can handle the shell commands on *nix and Windows
- Installer improvements
- Fixed an issue with unknown client RMF levels not loading properly through the API
- CCI and control rater updates
- Fixed bug with Control Rating rebuilding when not all CCIs have been completed
- Fixed CCI rater bug that made the search focus control group initially
- Fixed link from Control Rater to CCI Rater individual CCIs
- XSS-105: Fixed CRA control status total table to reflect correct number of compliant controls, rather than counting NAs in the compliant total
- XSS-98: When CCI rater comments are cleared, correctly update them in the database
- CRA: Align control table mid headers to the left
- XSS-94: CRA now embeds documents properly again
- XSS-40: Fixed CRA items not initializing with their default in the actual report data, which led to the report generating with incorrect data (for checkboxes and selects)
- XSS-89: Added warning to logs subcommand if the user isn’t root
- Removed JSNlog for logging JS errors on the front, we never look at them anyway
- Fixed bad quote in documentation
- Command detail view now loads tombsoned commands
- Changed all placeholder commands in NSX benchmarks to correctly named collector rather than ‘direct cli’
- Interview runner added to advanced collector
- Fixes for NSX collectors
- XSS-96: Added import module helper for Powershell scripts
- XSS-90: Made MySQL runner produce script in base64, following the example of Postgres
- Moved MariaDB to use same escaping as MySQL
- Updates to Microsoft Windows 10 STIG benchmark.
- MySQL postprocessing
- Added commands for VMware vSphere 8.0 vCenter STIG
- Updates to Microsoft Windows 11 STIG benchmark.
- XSS-95: Added VMWare.vSphere.SsoAdmin utilities for use by ESXi scripts
- Updated PostgreSQL 9.x benchmark commands to address issue referencing environmental variables.
- Updated MariaDB 10.x benchmark commands to address issues running unattended.
- Apache Tomcat postprocessing completed
- Made MySQL CLI run with no buffering for better output
- RHEL 9 fixes
- RHEL 8 PP fixes
-
Numerous installer fixes:
- XYL-12919: Make sure systemd unit uses an correct absolute path with no extra slashes
- XSS-26: Handling install and run permissions better
- XSS-26: Correct issue about an invalid file descriptor during installation
- XSS-70: Create 99-xylok.conf file to override namespaces set in 99-sysctl.conf
- XSS-54: When a command fails during installation, show its output as an error
- XSS-78 and XSS-79: Default to Docker when available and ensure Docker 1.13 works properly on RHEL 7.9, matching a customer’s configuration
- If fapolicyd can’t be notified of database changes, don’t fail the install
- Giant message if Podman runs out of disk space and updated free space recommendations in documentation
-
Advanced collector now supports NSX. As part of this, the configuration file has changed:
- XSS-65: Moved to HCL for configuration and made the format far more flexible to allow the collector to target multiple devices at once
- NSX collectors bundled in
- XSS-62: fixed misspelling in the results file
- Benchmarks are now saved into the advanced collector, allowing it to use the benchmark questions to help fill in configuration data for the user
- Updated documentation to reflect the new advanced collector usage and included a fixed default signing key for results
-
XSS-50: MAD for 800-53 rev 5 bundled
-
XSS-51: Control set is now shown next to Xylok version
-
XSS-5: Run podman system migrate if requested during container monitoring, allowing a system which shutdown improperly (or had podman upgraded) to continue working without manual user intervention.
- XSS-82: No longer delete controls.json after 3 days of the server running
- XSS-71: Fixed go.mod and go.sum showing for collector in docs
- XSS-46: Default new benchmarks to being not-protected and detect ‘fouo’/‘cui’ in the benchmark ID to make them protected. Corrected existing benchmarks to match DISA’s CUI markings
- Fixed bedit benchmark add-interviews not actually writing out the command with the correct interview and OS tags
- Cleaned up file name on portal for license download
- Ubuntu 24.04 postprocessing
- ALMALINUX 8 updates and interview questions
- RHEL 8 STIG updates PP
- Benchmarks complete with advanced collectors for the following:
- VMware NSX-T Manager NDM
- VMware NSX-T SDN Controller
- VMware NSX-T Tier-0 Gateway Router
- VMware NSX-T Tier-1 Gateway Router
- VMware NSX 4.x Manager NDM
- VMware NSX 4.x Distributed Firewall
- VMware NSX 4.x Tier-0 Gateway Firewall
- VMware NSX 4.x Tier-0 Gateway Router
- VMware NSX 4.x Tier-1 Gateway Firewall
- VMware NSX 4.x Tier-1 Gateway Router
- Finished all post processing for Apache Server 2-4 unix and updated test cases
- SLES15 PP
- Windows 10 PP
- Windows Server 2016 PP
- Windows Server 2019 PP
- Primary server (the one being run directly under systemd) will now output all dependency logs, rather than having to search /var/log/xylok for them
- Logs all appear under journald as a result, integrating with any centralized logging already in place for that system
- Standard
journalctl -u xylokcan be used to examine the logs - Logs default to JSON format when run under systemd
- For nice parsing and filtering of the JSON, use
/opt/xylok/xylok logs --help
- XSS-41: Fixed visual display issue with related controls on the CCI rater
- XSS-43: Removed usage of -MaskInput in Powershell scripts
- XSS-42: fixed client ID usage in document selector
- XSS-39 - Fixed loading statuses filter in API
- XSS-37: Added import-data subcommand to XSS and corrected import-data.sh script to use it
- XSS-38: Added flag to installer to set read-only status and respect the READONLY setting again
- toss4 post processing complete
- Removed debugging from start.sh
- Updates for RHEL 8 and 9
- Updated Microsoft Windows 11 STIG v2r3
- Microsoft Office 365 ProPlus STIG v3r3
- Microsoft Windows 10 STIG v3r4
- Windows Server 2022 v2r4
- Microsoft IIS 10.0 Server STIG v3r3
- Microsoft IIS 10.0 Site STIG v2r11
- Windows Domain Name System (DNS) STIG v2r3 (ms_windows_server_2022_dns_stig)
- Mozilla Firefox STIG v6r6
- Added winserver-powershell OS tag to IIS 10.0 STIGs to enable collection with Windows Server 2025
- Added rhel OS tag to Mozilla Firefox STIG to enable collection with RHEL 9.
- rhel 9 411070 command correction
Quick release to fix active directory settings not loading properly
- XYL-12333 - Add features v3 endpoint
- Added
goseclinting to our build process and corrected any flagged issues
- Added flag
ignore-lingeringto installer to allow bypassing any systemd lingering-enable issues - XYLOK-27: All AD and SMTP-associated settings should be correctly handled again
- Completed Ubuntu 24.04 benchmark commands.
Quick-turn release to cover some small issues found in the new installer.
- Remove link to v2 API
- FAPolicy updating during installation is more intelligent
- Server no longer creates mounts for the non-existent API server, suppressing an error found in docker logs
- Made installer handle SIGINT (ctrl-c) better
- Made linger only a warning on Docker-based systems
- Added some functionality to installer to fix up older systemd installations
- Make xylok.service unit depend on docker.socket as well as the service on Docker-based installs
- Reject amazonbot, correct robots.txt
There has been a significant change in the way Xylok runs itself and its container. Please let us know of any issues you encounter.
-
The installer has been entirely re-written to be more robust to small cahnges in install process, including partial (failed) installations.
- For more installation control, the “install” subcommand has had numerous flags added. See
./xylok-installer-v2025.05.1 install --helpfor the most up-to-date information. - A new “uninstall” subcommand has been added, which will easily remove all remanents of Xylok from your system.
- For more installation control, the “install” subcommand has had numerous flags added. See
-
The primary server (the proxy in front of many of Xylok’s dependencies) now runs OUTSIDE the container
- This server will now monitor the container and automatically load images and start/stop it as needed.
- The systemd service will be modified appropriately to account for this new configuration, including adding the ambient capability to bind to lower-levels ports.
- If you had modified
net.ipv4.ip_unprivileged_port_start,you should be able to remove that kernel setting. - If you use Docker, you may need to allow your Xylok ports through the firewall. Docker by default configures these rules automatically.
- Fixed CCI comparison, benchmark sunset column wasn’t being treated correctly in some services. Closes XYL-3735
- During installation, correctly check if xylok systemd service exists and try to confirm if the binary itself has been completely stopped
- Error about controls.json should no longer occur because it will always be built before the container starts
- Updated to Go 1.24.1
- BIND 9.x commands and post-processing implemented
- Maria DB implemented
- TOSS implemented
- Kubernetes implemented
- Added RHEL Ansible Automation Controller/Web STIGs commands and PP
- Updates to handle May compilation updates:
- apache_server_2-4_unix_site_stig
- application_security_development_stig
- cisco_ios-xe_router_ndm_stig
- cisco_ios-xr_router_ndm_stig
- cisco_ios_router_ndm_stig
- cisco_ios_switch_ndm_stig
- cisco_ios_xe_switch_ndm_stig
- cisco_nx-os_switch_ndm_stig
- ess_epo_5-3_5-9_stig
- layer_2_switch_srg
- mcafee_ens_10-x_stig
- microsoft_windows_11_stig
- moz_firefox_stig
- ms_dot_net_framework
- ms_office_365_proplus_stig
- ms_sql_server_2016_instance_stig
- ms_windows_10_stg
- network_device_management_srg
- oracle_database_11-2g_stig
- palo_alto_networks_alg_stig
- palo_alto_networks_ndm_stig
- rhel_9_stig
- sles_15_stig
- tomcat_application_server_9_stig
- vmw_vsphere_7-0_esxi_stig
- vmw_vsphere_8-0_esxi_stig
- web_server_srg
- windows_server_2019_stig
- Updated benchmark zos_webspheremq_for_tss_stig, added version v7r1
- Updated benchmark zos_tadz_for_tss_stig, added version v7r1
- Updated benchmark zos_srraudit_for_tss_stig, added version v7r1
- Updated benchmark zos_roscoe_for_tss_stig, added version v7r1
- Updated benchmark zos_quest_nc-pass_for_tss_stig, added version v7r1
- Updated benchmark zos_netview_for_tss_stig, added version v7r1
- Updated benchmark zos_ibm_system_display_and_search_facility_for_tss_stig, added version v7r1
- Updated benchmark zos_hcd_for_tss_stig, added version v7r1
- Updated benchmark zos_ca_vtape_for_tss_stig, added version v7r1
- Updated benchmark zos_ca_mim_for_tss_stig, added version v7r1
- Updated benchmark zos_ca_mics_for_tss_stig, added version v7r1
- Updated benchmark zos_bmc_mainview_for_zos_for_tss_stig, added version v7r1
- Updated benchmark zos_bmc_ioa_for_tss_stig, added version v7r1
- Updated benchmark zos_bmc_control-o_for_tss_stig, added version v7r1
- Updated benchmark zos_bmc_control-m_restart_for_tss_stig, added version v7r1
- Updated benchmark zos_webspheremq_for_racf_stig, added version v7r1
- Updated benchmark zos_vss_for_racf_stig, added version v7r1
- Updated benchmark zos_tadz_for_racf_stig, added version v7r1
- Updated benchmark zos_srraudit_for_racf_stig, added version v7r1
- Updated benchmark zos_roscoe_for_racf_stig, added version v7r1
- Updated benchmark zos_quest_nc-pass_for_racf_stig, added version v7r1
- Updated benchmark zos_netview_for_racf_stig, added version v7r1
- Updated benchmark zos_ibm_system_display_and_search_facility_for_racf_stig, added version v7r1
- Updated benchmark zos_hcd_for_racf_stig, added version v7r1
- Updated benchmark zos_ca_vtape_for_racf_stig, added version v7r1
- Updated benchmark zos_ca_mim_for_racf_stig, added version v7r1
- Updated benchmark zos_ca_mics_for_racf_stig, added version v7r1
- Updated benchmark zos_bmc_mainview_for_zos_for_racf_stig, added version v7r1
- Updated benchmark zos_bmc_ioa_for_racf_stig, added version v7r1
- Updated benchmark zos_bmc_control-o_for_racf_stig, added version v7r1
- Updated benchmark zos_bmc_control-m_restart_for_racf_stig, added version v7r1
- Updated benchmark zos_bmc_control-o_for_acf2_stig, added version v7r1
- Updated benchmark zos_bmc_control-m_restart_for_acf2_stig, added version v7r1
- Updated benchmark zos_webspheremq_for_acf2_stig, added version v7r1
- Updated benchmark zos_tadz_for_acf2_stig, added version v7r1
- Updated benchmark zos_srraudit_for_acf2_stig, added version v7r1
- Updated benchmark zos_roscoe_for_acf2_stig, added version v7r1
- Updated benchmark zos_quest_nc-pass_for_acf2_stig, added version v7r1
- Updated benchmark zos_netview_for_acf2_stig, added version v7r1
- Updated benchmark zos_ibm_system_display_and_search_facility_for_acf2_stig, added version v7r1
- Updated benchmark zos_hcd_for_acf2_stig, added version v7r1
- Updated benchmark zos_ca_vtape_for_acf2_stig, added version v7r1
- Updated benchmark zos_ca_mim_for_acf2_stig, added version v7r1
- Updated benchmark zos_ca_mics_for_acf2_stig, added version v7r1
- Updated benchmark zos_bmc_mainview_for_zos_for_acf2_stig, added version v7r1
- Updated benchmark zos_bmc_ioa_for_acf2_stig, added version v7r1
- Updated benchmark web_server_srg, added version v4r3
- Updated benchmark vmw_vsphere_8-0_vcsa_postgresql_stig, added version v2r2
- Updated benchmark vmw_vsphere_8-0_esxi_stig, added version v2r3
- Updated benchmark vmw_vsphere_7-0_esxi_stig, added version v1r4
- Updated benchmark tm_tippingpoint_ndm_stig, added version v2r3
- Updated benchmark tanium_7-x_stig, added version v2r2
- Updated benchmark tanium_7-x_os_tanos_stig, added version v2r2
- Updated benchmark tanium_7-x_application_tanos_stig, added version v2r2
- Updated benchmark splunk_enterprise_8-x_for_linux_stig, added version v2r2
- Updated benchmark sles_15_stig, added version v2r4
- Updated benchmark rhel_9_stig, added version v2r4
- Updated benchmark rhel_8_stig, added version v2r3
- Updated benchmark palo_alto_networks_ndm_stig, added version v3r3
- Updated benchmark palo_alto_networks_alg_stig, added version v3r4
- Updated benchmark oracle_linux_8_stig, added version v2r4
- Updated benchmark oracle_linux_7_stig, added version v3r2
- Updated benchmark oracle_database_12c_stig, added version v3r4
- Updated benchmark network_device_management_srg, added version v5r3
- Updated benchmark ms_windows_server_2022_dns_stig, added version v2r3
- Updated benchmark ms_windows_server_2022_stig, added version v2r4
- Updated benchmark windows_server_2019_stig, added version v3r4
- Updated benchmark microsoft_windows_11_stig, added version v2r3
- Updated benchmark ms_windows_10_stig, added version v3r4
- Updated benchmark ms_sql_server_2016_instance_stig, added version v3r4
- Updated benchmark ms_office_365_proplus_stig, added version v3r3
- Updated benchmark iis_10-0_site_stig, added version v2r11
- Updated benchmark iis_10-0_server_stig, added version v3r3
- Updated benchmark ms_entra_id_stig, added version v1r1
- Updated benchmark ms_dot_net_framework, added version v2r6
- Updated benchmark moz_firefox_stig, added version v6r6
- Updated benchmark layer_2_switch_srg, added version v3r2
- Updated benchmark kubernetes_stig, added version v2r3
- Updated benchmark juniper_ex_ndm_stig, added version v2r3
- Updated benchmark juniper_ex_l2s_stig, added version v2r3
- Updated benchmark jboss_eap_6-3_stig, added version v2r6
- Updated benchmark infoblox_8_dns_stig, added version v1r2
- Updated benchmark ibm_zsecure_suite_stig, added version v1r3
- Updated benchmark ibm_zos_tss_stig, added version v9r4
- Updated benchmark ibm_zos_racf_stig, added version v9r4
- Updated benchmark ibm_zos_acf2_stig, added version v9r4
- Updated benchmark ibm_websphere_liberty_server_stig, added version v2r2
- Updated benchmark cloudlinux_almalinux_os_9_stig, added version v1r2
- Updated benchmark cisco_nx-os_switch_ndm_stig, added version v3r3
- Updated benchmark cisco_ios_switch_ndm_stig, added version v3r4
- Updated benchmark cisco_ios_router_ndm_stig, added version v3r4
- Updated benchmark cisco_ios-xr_router_ndm_stig, added version v3r3
- Updated benchmark cisco_ios_xe_switch_ndm_stig, added version v3r3
- Updated benchmark cisco_ios-xe_router_ndm_stig, added version v3r4
- Updated benchmark can_ubuntu_22-04_lts_stig, added version v2r4
- Updated benchmark canonical_ubuntu_20-04_lts_stig, added version v2r2
- Updated benchmark application_security_development_stig, added version v6r3
- Updated benchmark arista_mls_eos_4-2x_l2s_stig, added version v2r2
- Updated benchmark arista_mls_eos_4-2x_router_stig, added version v2r2
- Updated benchmark arista_mls_eos_4-2x_ndm_stig, added version v2r2
- Updated benchmark application_server_srg, added version v4r3
- Updated benchmark apple_macos_15_stig, added version v1r3
- Updated benchmark apple_ios-ipados_18_stig, added version v1r3
- Updated benchmark tomcat_application_server_9_stig, added version v3r2
- Updated benchmark apache_server_2-4_windows_site_stig, added version v2r2
- Updated benchmark apache_server_2-4_windows_server_stig, added version v3r3
- Updated benchmark apache_server_2-4_unix_site_stig, added version v2r6
- Updated benchmark mcafee_ens_10-x_stig, added version v3r4
- Updated benchmark mcafee_ens_10-x_local_client_stig, updated version v2r3
- Updated benchmark joint_regional_security_stack_stig, updated version v2r3
- Updated benchmark ess_epo_5-3_5-9_stig, added version v3r4
- General search in CCI rater now works correctly when a CCI definition happens to match and you’re also doing other filters. Fixes XYL-3730
- Fix exporting benchmark sunset status, closes XYL-3731
- Display sunset status in benchmark metadata
- Added Bind9 config parser for use by PP
- Installer improvements, flags should be more reliable
- Attempt to set SELinux labels during Xylok startup. Should help with XYL-375
- Fixed link for exporting CKL files
- Xylok STIG commands and PP
- XYL-404: If the primary server is trying to redirect to port 6443, just don’t. Send it to 443 instead
- XYL-372: Increased cell text limit to 32k characters within spreadsheet generator of the core server. Cells are still limited to the Excel line limit, so it’ll only make so much of a difference.
- Fixed OS-BL-000004 firewall-cmd, closes XYL-939
- Updates to benchmarks for Solaris SPARC and x86.
- XYL-165: #close Added MariaDB runner
- Added the ability to include she-bang (#!) commands within the MariaDB runner to escape the SQL commands. Improves XYL-165
- Benchmark merge test now correctly realizes benchmark should be found with old ID in the alternate ID list
- XYL-94: Added sunsetting to bedit #closes
- Resolved version issues with McAfee Application Control 7.x and Trellix Application Control 8.x STIGs. Moved v1r5 and v1r6 to Trellix Application Control 8.x STIG. Updated McAfee Application Control 7.x STIG v1r4, and marked ready.
- Added interview questions to Central Log Server SRG v3r2, and marked ready.
- Added interview questions to General Purpose Operating System SRG v3r2, and marked ready.
- Added interview questions to Application Server SRG v4r2, and marked ready.
- Updated Palo Alto Networks IDPS STIG v3r2, and marked ready.
- Updated Palo Alto Networks ALG STIG v3r3, and marked ready.
- Updated Palo Alto Networks NDM STIG v3r2, and marked ready.
- Updated Firewall SRG v3r2, and marked ready.
- Added interview questions to Windows DNS v4r1.19, and marked ready.
- Updated Domain Name System SRG v4r1, and marked ready.
- Updated Intrusion Detection and Prevention Systems SRG v3r2, and marked ready.
- Updated Storage Area Network STIG v2r5, and marked ready.
- Updated Multifunction Device and Network Printers STIG v2r15, and marked ready.
- Marked VMware vSphere 7.0 VAMI STIG v1r2 ready.
- Marked Microsoft Office 365 ProPlus STIG v3r2 ready.
- Marked Cisco ASA NDM STIG v2r2 ready.
- Marked Cisco ASA VPN STIG v2r2 ready.
- Marked Google Chrome Current Windows STIG v2r10 ready.
- Marked Microsoft OneDrive STIG v2r3 ready.
- Marked VMware vSphere 8.0 ESXi STIG v2r2 ready.
- Updated SUSE Linux Enterprise Server 15 STIG v2r3, and marked ready.
- Scraped public.disa.mil for updated STIG content 20250402.
- Numerous updates from scrape, including sunsetting old STIGs
- CKLBs are now available and can be broken into per-benchmark files
- Added far more flags to the installer and made sure the important ones work
- Primary server will now ensure it can write the controls file to the correct location for the core server
- Fixed category display on scan analysis
- Integrated new API alongside GQL and tRPC for a cleaner transition plan
-
RHEL 9 Updates
-
Updated VMware vSphere 8.0 vCenter STIG v2r2, and marked ready.
-
Updated VMware vSphere 8.0 vCenter Appliance ESX Agent Manager (EAM) STIG v2r2, and marked ready.
-
Updated VMware vSphere 7.0 vCenter Appliance Photon OS STIG v1r4, and marked ready.
-
Updated VMware vSphere 7.0 ESXi STIG v1r3, and marked ready.
-
Updated VMware vSphere 7.0 Virtual Machine STIG v1r4, and marked ready.
-
Updated Apache Tomcat Application Server 9 STIG v3r1, and marked ready.
-
Updated Apache Server 2.4 UNIX Site STIG v2r5, and marked ready.
-
Updated Apache Server 2.4 UNIX Server STIG v3r2, and marked ready.
-
Marked ESS Trellix Agent STIG v5r12 ready.
-
Added interview questions to Web Server SRG v4r2, and marked ready.
-
Updated Virtual Machine Manager SRG v2r2, and marked ready.
-
Added interview questions to Trellix TIE/DXL STIG v3r1, and marked ready.
-
Updated Traditional Security Checklist v2r6, and marked ready.
-
Updated Network Infrastructure Policy STIG v10r7, and marked ready.
-
Updated Network Device Management SRG v5r2, and marked ready.
-
Added interview questions to AAA Services SRG v2r2, and marked ready.
-
Updated Application Security and Development STIG v6r2, and marked ready.
-
RHEL 8 Updates
-
Updated Cisco IOS XE Router NDM STIG v3r3, and marked ready.
-
Updated Cisco IOS XE Router RTR STIG v3r3, and marked ready.
-
Updated Cisco IOS Router NDM STIG v3r3, and marked ready.
-
Updated Cisco NX OS Switch RTR STIG v3r3, and marked ready.
-
Updated Cisco IOS Switch NDM STIG v3r3, and marked ready.
-
Updated Cisco IOS Router RTR STIG v3r3, and marked ready.
-
Updated ESS ePO 5.x STIG v3r3, and marked ready.
-
Updated ESS Staging Server STIG v5r2, and marked ready.
-
Updated Trellix ENS 10.x STIG v3r3, and marked ready.
-
Updated ESS Remote Console STIG v5r3, and marked ready.
-
Merged several benchmarks to reflect name changes and reduce confusion in the benchmark repository:
- aaa_service_srg –> aaa_services
- apache_tomcat_9_stig –> tomcat_application_server_9_stig
- arcgis_server_103_stig –> arcgis_server_10-3_stig
- canonical_ubuntu_stig –> canonical_ubuntu_16-04_lts
- mobility_policy_stig –> mobile_device_policy_stig
- u_can_ubuntu_18-04_stig –> can_ubuntu_18-04_stig
- uem_srg –> uem_agent_srg
- vrealize_ops_mgr_cassandra_stig –> vmw_vrealize_ops_mgr_cassandra_stig
- windows_daw_stig –> windows_paw_stig
-
Apache Updates
-
Updated Microsoft Windows Server 2019 STIG v3r3, and marked ready. Updated a test in Microsoft Windows Server 2022 STIG.
-
Updated Microsoft Windows Server 2016 STIG v2r10, and marked ready.
-
Updated Microsoft OneNote 2010 STIG v1r10, and marked ready.
-
Updated Microsoft Project 2010 STIG v1r10, and marked ready.
-
Updated Microsoft Publisher 2010 STIG v1r12, and marked ready.
-
Updated Microsoft Access 2010 STIG v1r11, and marked ready.
-
Updated Microsoft InfoPath 2010 STIG v1r12, and marked ready.
-
Updated Microsoft PowerPoint 2010 STIG v1r11, and marked ready.
-
Updated Microsoft Word 2010 STIG v1r12, and marked ready.
-
Updated Microsoft Office System 2010 STIG v1r13, and marked ready.
-
Updated Microsoft Outlook 2010 STIG v1r14, and marked ready.
-
Updated Microsoft Groove 2013 STIG v1r4, and marked ready.
-
Updated Microsoft OneNote 2013 STIG v1r4, and marked ready.
-
Updated Microsoft Outlook 2013 STIG v1r14, and marked ready.
-
Updated Microsoft Office System 2016 STIG v2r4, and marked ready.
-
Updated MS SQL Server 2016 Instance STIG v3r3, and marked ready.
-
Updated Microsoft Windows 10 STIG v3r3, and marked ready.
-
Updated Microsoft DotNet Framework 4.0 STIG, v2r5, and marked ready.
-
Updated Microsoft Windows Server 2022 STIG v2r3, and marked ready.
-
Updated benchmark mcafee_ens_10-x_stig, added version v3r3
-
Updated benchmark mcafee_ens_10-x_local_client_stig, added version v2r3
-
Updated benchmark ess_mcafee_agent_stig, added version v5r12
-
Updated benchmark hbss_staging_server, added version v5r2
-
Updated benchmark hbss_-_remote_console, added version v5r3
-
Updated benchmark ess_epo_5-3_5-9_stig, added version v3r3
-
Scraped benchmarks on 7 Feb 25
-
Updated benchmark vmw_vsphere_8.0_virtual_machine_stig, updated version v2r1
-
Updated benchmark vmw_vsphere_8-0_vcsa_vami_stig, updated version v2r1
-
Updated benchmark vmw_vsphere_8-0_vcsa_ui_stig, updated version v2r1
-
Updated benchmark vmw_vsphere_8-0_vcsa_sts_stig, updated version v2r1
-
Updated benchmark vmw_vsphere_8-0_vcsa_postgresql_stig, updated version v2r1
-
Updated benchmark vmw_vsphere_8-0_vcsa_photon_os_4-0_stig, updated version v2r1
-
Updated benchmark vmw_vsphere_8-0_vcsa_perfcharts_stig, updated version v2r1
-
Updated benchmark vmw_vsphere_8-0_vcsa_lookup_svc_stig, updated version v2r1
-
Updated benchmark vmw_vsphere_8-0_vcsa_envoy_stig, updated version v2r1
-
Updated benchmark vmw_vsphere_8-0_vcsa_eam_stig, updated version v2r2
-
Updated benchmark vmw_vsphere_8-0_vcenter_stig, updated version v2r2
-
Updated benchmark vmw_vsphere_8.0_virtual_machine_stig, updated version v1r1
-
Updated benchmark vmw_vsphere_8-0_vcsa_vami_stig, updated version v1r1
-
Updated benchmark vmw_vsphere_8-0_vcsa_ui_stig, updated version v1r1
-
Updated benchmark vmw_vsphere_8-0_vcsa_sts_stig, updated version v1r1
-
Updated benchmark vmw_vsphere_8-0_vcsa_postgresql_stig, updated version v1r1
-
Updated benchmark vmw_vsphere_8-0_vcsa_photon_os_4-0_stig, updated version v1r1
-
Updated benchmark vmw_vsphere_8-0_vcsa_perfcharts_stig, updated version v1r1
-
Updated benchmark vmw_vsphere_8-0_vcsa_lookup_svc_stig, updated version v1r1
-
Updated benchmark vmw_vsphere_8-0_vcsa_envoy_stig, updated version v1r1
-
Updated benchmark vmw_vsphere_8-0_vcsa_eam_stig, updated version v1r1
-
Updated benchmark vmw_vsphere_8-0_vcenter_stig, updated version v1r1
-
Updated benchmark vmw_vsphere_8-0_esxi_stig, updated version v1r1
-
Updated benchmark vmw_vsphere_8-0_esxi_stig, updated version v2r2
-
Updated benchmark ms_windows_server_2022_stig, updated version v2r3
-
Updated benchmark zos_webspheremq_for_tss_stig, added version v6r5
-
Updated benchmark zos_websphere_application_server_for_tss_stig, added version v7r1
-
Updated benchmark zos_tdmf_for_tss_stig, added version v7r1
-
Updated benchmark zos_ibm_cics_transaction_server_for_tss, added version v7r1
-
Updated benchmark zos_fep_for_tss, added version v7r1
-
Updated benchmark zos_fdr_for_tss_stig, added version v7r1
-
Updated benchmark zos_compuware_abend-aid_for_tss, added version v7r1
-
Updated benchmark zos_clsupersession_for_tss_stig, added version v7r1
-
Updated benchmark zos_catalog_solutions_for_tss_stig, added version v7r1
-
Updated benchmark zos_ca_common_services_for_tss_stig, added version v7r1
-
Updated benchmark zos_ca_auditor_for_tss_stig, added version v7r1
-
Updated benchmark zos_ca_1_tape_management_for_tss_stig, added version v7r1
-
Updated benchmark zos_bmc_control-m_for_tss_stig, added version v7r1
-
Updated benchmark zos_bmc_control-d_for_tss_stig, added version v7r1
-
Updated benchmark zos_webspheremq_for_acf2_stig, added version v6r5
-
Updated benchmark zos_websphere_application_server_for_acf2_stig, added version v7r1
-
Updated benchmark zos_tdmf_for_acf2_stig, added version v7r1
-
Updated benchmark zos_ibm_cics_transaction_server_for_acf2, added version v7r1
-
Updated benchmark zos_fep_for_acf2_stig, added version v7r1
-
Updated benchmark zos_fdr_for_acf2_stig, added version v7r1
-
Updated benchmark zos_compuware_abend-aid_for_acf2, added version v7r1
-
Updated benchmark zos_clsupersession_for_acf2_stig, added version v7r1
-
Updated benchmark zos_catalog_solutions_for_acf2_stig, added version v7r1
-
Updated benchmark zos_ca_common_services_for_acf2_stig, added version v7r1
-
Updated benchmark zos_ca_auditor_for_acf2_stig, added version v7r1
-
Updated benchmark zos_ca_1_tape_management_for_acf2_stig, added version v7r1
-
Updated benchmark zos_bmc_control-m_for_acf2_stig, added version v7r1
-
Updated benchmark zos_bmc_control-d_for_acf2_stig, added version v7r1
-
Updated benchmark google_android_15_cope_stig, added version v1r2
-
Updated benchmark google_android_15_cobo_stig, added version v1r2
-
Updated benchmark google_android_13_cope_stig, added version v2r2
-
Updated benchmark google_android_13_cobo_stig, added version v2r2
-
Updated benchmark vmw_vsphere_8.0_virtual_machine_stig, updated version v2r1
-
Updated benchmark vmw_vsphere_8-0_vcsa_vami_stig, updated version v2r1
-
Updated benchmark vmw_vsphere_8-0_vcsa_ui_stig, updated version v2r1
-
Updated benchmark vmw_vsphere_8-0_vcsa_sts_stig, updated version v2r1
-
Updated benchmark vmw_vsphere_8-0_vcsa_postgresql_stig, updated version v2r1
-
Updated benchmark vmw_vsphere_8-0_vcsa_photon_os_4-0_stig, updated version v2r1
-
Updated benchmark vmw_vsphere_8-0_vcsa_perfcharts_stig, updated version v2r1
-
Updated benchmark vmw_vsphere_8-0_vcsa_lookup_svc_stig, updated version v2r1
-
Updated benchmark vmw_vsphere_8-0_vcsa_envoy_stig, updated version v2r1
-
Updated benchmark vmw_vsphere_8-0_vcsa_eam_stig, added version v2r2
-
Updated benchmark vmw_vsphere_8-0_vcenter_stig, added version v2r2
-
Updated benchmark vmw_vsphere_8.0_virtual_machine_stig, updated version v1r1
-
Updated benchmark vmw_vsphere_8-0_vcsa_vami_stig, updated version v1r1
-
Updated benchmark vmw_vsphere_8-0_vcsa_ui_stig, updated version v1r1
-
Updated benchmark vmw_vsphere_8-0_vcsa_sts_stig, updated version v1r1
-
Updated benchmark vmw_vsphere_8-0_vcsa_postgresql_stig, updated version v1r1
-
Updated benchmark vmw_vsphere_8-0_vcsa_photon_os_4-0_stig, updated version v1r1
-
Updated benchmark vmw_vsphere_8-0_vcsa_perfcharts_stig, updated version v1r1
-
Updated benchmark vmw_vsphere_8-0_vcsa_lookup_svc_stig, updated version v1r1
-
Updated benchmark vmw_vsphere_8-0_vcsa_envoy_stig, updated version v1r1
-
Updated benchmark vmw_vsphere_8-0_vcsa_eam_stig, updated version v1r1
-
Updated benchmark vmw_vsphere_8-0_vcenter_stig, updated version v1r1
-
Updated benchmark vmw_vsphere_8-0_esxi_stig, updated version v1r1
-
Updated benchmark vmw_vsphere_8-0_esxi_stig, added version v2r2
-
Updated benchmark cloud_computing_mission_owner_os_srg, added version v1r2
-
Updated benchmark cloud_computing_mission_owner_srg, added version v1r2
-
Updated benchmark vmw_vsphere_7-0_virtual_machine_stig, added version v1r4
-
Updated benchmark vmw_vsphere_7-0_vca_photon_os_stig, added version v1r4
-
Updated benchmark vmw_vsphere_7-0_esxi_stig, added version v1r3
-
Added benchmark ss_android_15_cope_stig, added version v1r1
-
Added benchmark ss_android_15_cobo_stig, added version v1r1
-
Updated benchmark ss_android_os_14_kpe_3-x_cope_stig, added version v2r2
-
Updated benchmark ss_android_os_14_kpe_3-x_cobo_stig, added version v2r2
-
Updated benchmark apple_macos_15_stig, added version v1r2
-
Updated benchmark container_platform_srg, added version v2r2
-
Updated benchmark apple_ios-ipados_18_stig, added version v1r2
-
Updated benchmark apple_macos_14_stig, added version v2r3
-
Updated benchmark dragos_platform_2-x_stig, added version v1r2
-
Updated benchmark ibm_zos_tss_stig, added version v9r3
-
Updated benchmark ibm_zos_racf_stig, added version v9r3
-
Updated benchmark ibm_zos_acf2_stig, added version v9r3
-
Added benchmark zebra_android_13_cope_stig, added version v1r1
-
Added benchmark zebra_android_13_cobo_stig, added version v1r1
-
Updated benchmark rh_openshift_container_platform_4-12_stig, added version v2r2
-
Updated benchmark ss_android_os_13_kpe_3-x_cope_stig, added version v2r2
-
Updated benchmark ss_android_os_13_kpe_3-x_cobo_stig, added version v2r2
-
Updated benchmark vmw_nsx_4-x_distributed_fw_stig, added version v1r2
-
Updated benchmark vmw_nsx_4-x_tier1_gw_rtr_stig, added version v1r2
-
Updated benchmark vmw_nsx_4-x_tier1_gw_fw_stig, added version v1r2
-
Updated benchmark vmw_nsx_4-x_tier0_gw_rtr_stig, added version v1r2
-
Updated benchmark vmw_nsx_4-x_tier0_gw_fw_stig, added version v1r2
-
Updated benchmark vmw_nsx_4-x_manager_ndm_stig, added version v1r2
-
Updated benchmark evvm_policy_srg, added version v1r2
-
Updated benchmark cisco_ios_switch_ndm_stig, added version v3r3
-
Added benchmark xylok_security_suite_20-x_stig, added version v1r1
-
Updated benchmark cisco_ios-xe_router_rtr_stig, added version v3r3
-
Updated benchmark cisco_ios-xe_router_ndm_stig, added version v3r3
-
Updated benchmark cisco_nx-os_switch_rtr_stig, added version v3r3
-
Added benchmark dell_os10_switch_router_stig, added version v1r1
-
Added benchmark dell_os10_switch_ndm_stig, added version v1r1
-
Added benchmark dell_os10_switch_l2s_stig, added version v1r1
-
Updated benchmark cisco_ios_router_rtr_stig, added version v3r3
-
Updated benchmark cisco_ios_router_ndm_stig, added version v3r3
-
Added benchmark hpe_aruba_aos_wireless_stig, added version v1r1
-
Added benchmark hpe_aruba_aos_vpn_stig, added version v1r1
-
Added benchmark hpe_aruba_aos_ndm_stig, added version v1r1
-
Updated benchmark can_ubuntu_22-04_lts_stig, added version v2r3
-
Updated benchmark ms_windows_server_2022_stig, added version v2r3
-
Updated benchmark ms_exchange_2019_edge_server_stig, added version v2r2
-
Updated benchmark apache_server_2-4_windows_server_stig, added version v3r2
-
Updated benchmark mariadb_enterprise_10-x_stig, added version v2r3
-
Updated benchmark apache_server_2-4_unix_site_stig, added version v2r5
-
Updated benchmark apache_server_2-4_unix_server_stig, added version v3r2
-
Added benchmark cloudlinux_almalinux_os_9_stig, added version v1r1
-
Added benchmark anduril_nixos_stig, added version v1r1
-
Updated benchmark f5_big-ip_local_traffic_manager_11-x_stig, added version v2r4
-
Updated benchmark f5_big-ip_device_management_11-x_stig, added version v2r4
-
Updated benchmark f5_big-ip_application_security_manager_11-x_stig, added version v2r2
-
Updated benchmark f5_big-ip_advanced_firewall_manager_11-x_stig, added version v2r2
-
Updated benchmark f5_big-ip_access_policy_manager_11-x_stig, added version v2r4
-
Updated benchmark oracle_weblogic_server_12c_stig, added version v2r2
-
Updated benchmark pan_prisma_cloud_compute_stig, added version v2r2
-
Updated benchmark juniper_router_rtr_stig, added version v3r2
-
Updated benchmark juniper_router_ndm_stig, added version v3r2
-
Updated benchmark juniper_srx_sg_vpn_stig, added version v3r2
-
Updated benchmark juniper_srx_sg_ndm_stig, added version v3r3
-
Updated benchmark juniper_srx_sg_alg_stig, added version v3r3
-
Updated benchmark oracle_database_12c_stig, added version v3r3
-
Updated benchmark ms_windows_10_stig, added version v3r3
-
Updated benchmark palo_alto_networks_idps_stig, added version v3r2
-
Updated benchmark palo_alto_networks_alg_stig, added version v3r3
-
Updated benchmark rgs_rke2_stig, added version v2r3
-
Updated benchmark uem_server_srg, added version v2r3
-
Updated benchmark ibm_zsecure_suite_stig, added version v1r2
-
Updated benchmark fs_nac_stig, added version v2r3
-
Updated benchmark microsoft_groove_2013, added version v1r4
-
Updated benchmark microsoft_outlook_2013, added version v1r14
-
Updated benchmark microsoft_onenote_2010, added version v1r10
-
Updated benchmark ms_office_365_proplus_stig, added version v3r2
-
Updated benchmark application_security_development_stig, added version v6r2
-
Updated benchmark multi-function_device, added version v2r15
-
Updated benchmark application_server_srg, added version v4r2
-
Updated benchmark vmm, added version v2r2
-
Updated benchmark solaris_11_x86_stig, added version v3r2
-
Updated benchmark ms_exchange_2016_edge_transport_server_stig, added version v2r6
-
Updated benchmark general_purpose_operating_system, added version v3r2
-
Updated benchmark aaa_services, added version v2r2
-
Updated benchmark windows_server_2019_stig, added version v3r3
-
Updated benchmark windows_server_2016_stig, added version v2r10
-
Updated benchmark mcafee_application_control_7-x_stig, added version v1r4
-
Updated benchmark ms_sql_server_2016_instance_stig, added version v3r3
-
Updated benchmark microsoft_onenote_2013, added version v1r4
-
Updated benchmark ibm_aspera_platform_4-2_stig, added version v1r3
-
Updated benchmark microsoft_sharepoint_server_2013, added version v2r4
-
Updated benchmark idps_srg, added version v3r2
-
Updated benchmark ms_dot_net_framework, added version v2r5
-
Updated benchmark oracle_http_server_12-1-3_stig, added version v2r3
-
Updated benchmark firewall_srg, added version v3r2
-
Updated benchmark solaris_11_sparc_stig, added version v3r2
-
Updated benchmark database_generic, added version v4r3
-
Updated benchmark mainframe_product_srg, added version v3r3
-
Updated benchmark central_log_server_srg, added version v3r2
-
Updated benchmark vpn, added version v3r3
-
Added benchmark ms_entra_id_stig, added version v1r0.1
-
Updated benchmark application_layer_gateway_srg, added version v2r2
-
Updated benchmark microsoft_office_system_2016, added version v2r4
-
Updated benchmark microsoft_outlook_2010, added version v1r14
-
Added benchmark ms_sql_server_2022_instance_stig, added version v1r0.1
-
Added benchmark ms_sql_server_2022_database_stig, added version v1r0.1
-
Updated benchmark rhel_8_stig, added version v2r2
-
Updated benchmark sles_15_stig, added version v2r3
-
Updated benchmark zos_webspheremq_for_racf_stig, added version v6r5
-
Updated benchmark zos_websphere_application_server_for_racf_stig, added version v7r1
-
Updated benchmark zos_tdmf_for_racf_stig, added version v7r1
-
Updated benchmark zos_ibm_cics_transaction_server_for_racf, added version v7r1
-
Updated benchmark zos_fep_for_racf_stig, added version v7r1
-
Updated benchmark zos_fdr_for_racf_stig, added version v7r1
-
Updated benchmark zos_compuware_abend-aid_for_racf, added version v7r1
-
Updated benchmark zos_clsupersession_for_racf_stig, added version v7r1
-
Updated benchmark zos_catalog_solutions_for_racf_stig, added version v7r1
-
Updated benchmark zos_ca_common_services_for_racf_stig, added version v7r1
-
Updated benchmark zos_ca_auditor_for_racf_stig, added version v7r1
-
Updated benchmark zos_ca_1_tape_management_for_racf_stig, added version v7r1
-
Updated benchmark zos_bmc_control-m_for_racf_stig, added version v7r1
-
Updated benchmark zos_bmc_control-d_for_racf_stig, added version v7r1
-
Updated benchmark google_android_14_cope_stig, added version v2r2
-
Updated benchmark google_android_14_cobo_stig, added version v2r2
-
Updated benchmark apple_macos_13_stig, added version v1r5
-
Updated benchmark rhel_9_stig, added version v2r3
-
Updated benchmark sles_12_stig, added version v3r2
-
Updated benchmark oracle_linux_8_stig, added version v2r3
-
Updated benchmark san, added version v2r5
-
Merged HPE Nimble Storage Array STIG with HPE Nimble Storage Array NDM STIG. Added missing interviews to HPE Nimble Storage Array NDM STIG, v2r1, and marked ready.
- Fixed searching for CCIs using general search and CCI definition in CCI rater
- Fixed benchmarks not importing after move to packed format
- Fixed loading CNSSI 1253 for rev 4, which should fix issues with CCI rater and similar usage (applicable controls were not being determined correctly). This fixes a regression only in v2024.12.1.
- Improvements to request logging
- Moved banner to use gomponents from templ, templ removed entirely
- Several RHEL 6 command and PP fixes
- Added interview questions for the Container SRG
- Fixed Microsoft Defender Antivirus STIG check WNDF-AV-000004 OS list.
- Updated Microsoft Word 2013 STIG v1r7, and marked ready, closes #168.
- Updated Microsoft Visio 2013 STIG v1r5, and marked ready, closes #197.
- Updated ESS Agent Handler STIG v2r4, and marked ready.
- Updated ESS Trellix Agent STIG v5r11, and marked ready.
- Updated ESS Rogue Sensor STIG v5r3, and marked ready.
- Updated Trellix ENS 10.x STIG v3r2, and marked ready.
- Updated ESS ePO 5.x STIG v3r2, and marked ready.
- Updated Microsoft IIS 10.0 Site STIG v2r10, and marked ready.
- Updated Microsoft IIS 10.0 Server STIG v3r2, and marked ready.
-
RMF rev 5 can now be used by setting the
CONTROL_SETconfiguration setting. See Configuration Options documentation for more details. Note that many packages are still requiring submission in Rev 4, so we are leaving the default as Rev 4. Please report any issues you encounter.- As a result of this change, we have also finally released the STIGs with Rev 5 CCIs. Using these STIGs may result in some data not being shown in eMASS rev 4 packages, but that still appears to be the guidance from at least some AOs.
-
Added session length configuration settings and documentation
- RMF rev 4 controls now load in the same fashion as Rev 5
- Updated to 1 Oct 24 CCI list
- Hid dashboard and new client checklist
- Banner improvements and banner documentation
- Added session ID to logs when available
- Connection header won’t be logged any more–it’s boring
- Added ability to control session termination at browser close
- Upgraded to Go 1.23.
- Corrected docs about updating
- Parameters are nicely substituted into controls when building for display
- CSF loading properly and displaying on UI
- Updated CSF to 800-53 rev 5 version
- Show device type on machine page
- Licenses are now processed in the primary server, allowing for features implemented there to check status
- Corrected command coverage calculation for automated vs interview
- Added flags to installer so they’re reflected in the help
- Corrected issue with parsing TOML license file dates
- Updated Microsoft Windows Server 2022 STIG v2r2, and marked ready.
- Updated Microsoft Edge STIG v2r2, and marked ready.
- Updated MS SQL Server 2016 Database STIG v3r2, and marked ready.
- Updated Microsoft Windows Server 2019 STIG v3r2, and marked ready.
- Updated Microsoft Windows 10 STIG v3r2, and marked ready.
- Updated Microsoft Windows Server Domain Name System (DNS) STIG v2r2, and marked ready.
- Updated Microsoft Windows 11 STIG v2r2, and marked ready.
- Updated MS SQL Server 2016 Instance STIG v3r2, and marked ready.
- Updated Cisco IOS Xe Switch NDM STIG v3r2, and marked ready.
- Updated Cisco IOS Switch NDM STIG v3r2, and marked ready.
- Updated Cisco IOS Router NDM STIG v3r2, and marked ready. Updated Cisco IOS Router RTR STIG v3r2, and marked ready.
- Updated Cisco IOS XR Router NDM STIG v3r2, and marked ready. Updated Cisco IOS XR Router RTR STIG v3r2, and marked ready.
- Updated Cisco IOS XE Router NDM STIG v3r2, and marked ready. Updated Cisco IOS XE Router RTR STIG v3r2, and marked ready.
- Updated Cisco ISE NAC STIG v2r2, and marked ready. Updated Cisco ISE NDM STIG v2r2, and marked ready.
- Updated Cisco NX OS Switch NDM STIG v3r2, and marked ready. Updated Cisco NX OS Switch RTR STIG v3r2, and marked ready. Cisco NX OS Switch L2S STIG v3r2 only removed checks, marked ready.
- Scraped October quarterly updates and other STIG updates to 4 Nov 2024.
- Updated benchmark vmw_vsphere_8.0_virtual_machine_stig, updated version v2r1
- Updated benchmark vmw_vsphere_8-0_vcsa_vami_stig, updated version v2r1
- Updated benchmark vmw_vsphere_8-0_vcsa_ui_stig, updated version v2r1
- Updated benchmark vmw_vsphere_8-0_vcsa_sts_stig, updated version v2r1
- Updated benchmark vmw_vsphere_8-0_vcsa_postgresql_stig, updated version v2r1
- Updated benchmark vmw_vsphere_8-0_vcsa_photon_os_4-0_stig, updated version v2r1
- Updated benchmark vmw_vsphere_8-0_vcsa_perfcharts_stig, updated version v2r1
- Updated benchmark vmw_vsphere_8-0_vcsa_lookup_svc_stig, updated version v2r1
- Updated benchmark vmw_vsphere_8-0_vcsa_envoy_stig, updated version v2r1
- Updated benchmark vmw_vsphere_8-0_vcsa_eam_stig, updated version v2r1
- Updated benchmark vmw_vsphere_8-0_vcenter_stig, updated version v2r1
- Updated benchmark vmw_vsphere_8.0_virtual_machine_stig, updated version v1r1
- Updated benchmark vmw_vsphere_8-0_vcsa_vami_stig, updated version v1r1
- Updated benchmark vmw_vsphere_8-0_vcsa_ui_stig, updated version v1r1
- Updated benchmark vmw_vsphere_8-0_vcsa_sts_stig, updated version v1r1
- Updated benchmark vmw_vsphere_8-0_vcsa_postgresql_stig, updated version v1r1
- Updated benchmark vmw_vsphere_8-0_vcsa_photon_os_4-0_stig, updated version v1r1
- Updated benchmark vmw_vsphere_8-0_vcsa_perfcharts_stig, updated version v1r1
- Updated benchmark vmw_vsphere_8-0_vcsa_lookup_svc_stig, updated version v1r1
- Updated benchmark vmw_vsphere_8-0_vcsa_envoy_stig, updated version v1r1
- Updated benchmark vmw_vsphere_8-0_vcsa_eam_stig, updated version v1r1
- Updated benchmark vmw_vsphere_8-0_vcenter_stig, updated version v1r1
- Updated benchmark vmw_vsphere_8-0_esxi_stig, updated version v1r1
- Updated benchmark vmw_vsphere_8-0_esxi_stig, updated version v2r1
- Updated benchmark ms_office_365_proplus_stig, updated version v3r1
- Updated benchmark ms_office_365_proplus_stig, updated version v3r1
- Added benchmark hycu_protege_stig, added version v1r1
- Updated benchmark zos_websphere_application_server_for_tss_stig, added version v6r2
- Updated benchmark zos_roscoe_for_tss_stig, added version v6r9
- Updated benchmark zos_clsupersession_for_tss_stig, added version v6r14
- Updated benchmark zos_websphere_application_server_for_racf_stig, added version v6r2
- Updated benchmark zos_roscoe_for_racf_stig, added version v6r9
- Updated benchmark zos_clsupersession_for_racf_stig, added version v6r14
- Updated benchmark zos_websphere_application_server_for_acf2_stig, added version v6r2
- Updated benchmark zos_roscoe_for_acf2_stig, added version v6r10
- Updated benchmark web_server_srg, added version v4r2
- Updated benchmark vpn, added version v3r2
- Updated benchmark vmw_vsphere_8.0_virtual_machine_stig, updated version v2r1
- Updated benchmark vmw_vsphere_8-0_vcsa_vami_stig, updated version v2r1
- Updated benchmark vmw_vsphere_8-0_vcsa_ui_stig, updated version v2r1
- Updated benchmark vmw_vsphere_8-0_vcsa_sts_stig, updated version v2r1
- Updated benchmark vmw_vsphere_8-0_vcsa_postgresql_stig, updated version v2r1
- Updated benchmark vmw_vsphere_8-0_vcsa_photon_os_4-0_stig, updated version v2r1
- Updated benchmark vmw_vsphere_8-0_vcsa_perfcharts_stig, updated version v2r1
- Updated benchmark vmw_vsphere_8-0_vcsa_lookup_svc_stig, updated version v2r1
- Updated benchmark vmw_vsphere_8-0_vcsa_envoy_stig, updated version v2r1
- Updated benchmark vmw_vsphere_8-0_vcsa_eam_stig, updated version v2r1
- Updated benchmark vmw_vsphere_8-0_vcenter_stig, updated version v2r1
- Updated benchmark vmw_vsphere_8.0_virtual_machine_stig, updated version v1r1
- Updated benchmark vmw_vsphere_8-0_vcsa_vami_stig, updated version v1r1
- Updated benchmark vmw_vsphere_8-0_vcsa_ui_stig, updated version v1r1
- Updated benchmark vmw_vsphere_8-0_vcsa_sts_stig, updated version v1r1
- Updated benchmark vmw_vsphere_8-0_vcsa_postgresql_stig, updated version v1r1
- Updated benchmark vmw_vsphere_8-0_vcsa_photon_os_4-0_stig, updated version v1r1
- Updated benchmark vmw_vsphere_8-0_vcsa_perfcharts_stig, updated version v1r1
- Updated benchmark vmw_vsphere_8-0_vcsa_lookup_svc_stig, updated version v1r1
- Updated benchmark vmw_vsphere_8-0_vcsa_envoy_stig, updated version v1r1
- Updated benchmark vmw_vsphere_8-0_vcsa_eam_stig, updated version v1r1
- Updated benchmark vmw_vsphere_8-0_vcenter_stig, updated version v1r1
- Updated benchmark vmw_vsphere_8-0_esxi_stig, updated version v1r1
- Updated benchmark vmw_vsphere_8-0_esxi_stig, updated version v2r1
- Updated benchmark uem_server_srg, added version v2r2
- Updated benchmark mcafee_application_control_8-x_stig, updated version v3r1
- Updated benchmark traditional_security_checklist, added version v2r6
- Updated benchmark tm_tippingpoint_ndm_stig, added version v2r2
- Updated benchmark tm_tippingpoint_idps_stig, added version v2r2
- Updated benchmark tanium_7-x_stig, updated version v2r1
- Updated benchmark tanium_7-x_os_tanos_stig, updated version v2r1
- Updated benchmark tanium_7-x_application_tanos_stig, updated version v2r1
- Updated benchmark ss_android_os_14_kpe_3-x_cope_stig, updated version v2r1
- Updated benchmark ss_android_os_14_kpe_3-x_cobo_stig, updated version v2r1
- Updated benchmark ss_android_os_13_kpe_3-x_cope_stig, updated version v2r1
- Updated benchmark ss_android_os_13_kpe_3-x_cobo_stig, updated version v2r1
- Updated benchmark splunk_enterprise_8-x_for_linux_stig, updated version v2r1
- Updated benchmark splunk_enterprise_7-x_for_windows_stig, updated version v3r1
- Updated benchmark sles_15_stig, added version v2r2
- Updated benchmark sles_12_stig, added version v3r1
- Updated benchmark rhel_9_stig, added version v2r2
- Updated benchmark rhel_8_stig, added version v2r1
- Updated benchmark rh_openshift_container_platform_4-12_stig, updated version v2r1
- Updated benchmark rh_ansible_automation_controller_web_server_stig, added version v2r2
- Updated benchmark rgs_rke2_stig, added version v2r2
- Updated benchmark rancher_mcm_stig, updated version v2r1
- Updated benchmark redis_enterprise_6-x_stig, added version v2r2
- Updated benchmark rb_netprofiler_stig, updated version v2r1
- Updated benchmark palo_alto_networks_ndm_stig, added version v3r2
- Updated benchmark palo_alto_networks_alg_stig, added version v3r2
- Updated benchmark pan_prisma_cloud_compute_stig, updated version v2r1
- Updated benchmark oracle_mysql_8.0_stig, added version v2r2
- Updated benchmark oracle_linux_8_stig, added version v2r2
- Updated benchmark oracle_linux_7_stig, added version v3r1
- Updated benchmark oracle_database_12c_stig, added version v3r2
- Updated benchmark network_infrastructure_policy_stig, added version v10r7
- Updated benchmark netapp_ontap_dsc_9-x_stig, added version v2r2
- Updated benchmark network_device_management_srg, added version v5r2
- Updated benchmark ms_windows_server_2022_dns_stig, added version v2r2
- Updated benchmark ms_windows_server_2022_stig, added version v2r2
- Updated benchmark windows_server_2019_stig, added version v3r2
- Updated benchmark windows_server_2016_stig, added version v2r9
- Updated benchmark windows_paw_stig, updated version v3r1
- Updated benchmark microsoft_windows_11_stig, added version v2r2
- Updated benchmark ms_windows_10_stig, added version v3r2
- Updated benchmark ms_sql_server_2016_instance_stig, added version v3r2
- Updated benchmark ms_sql_server_2016_database_stig, added version v3r2
- Updated benchmark ms_office_365_proplus_stig, updated version v3r1
- Added benchmark ms_intune_mdm_service_desktop_stig, added version v1r1
- Updated benchmark iis_10-0_site_stig, added version v2r10
- Updated benchmark iis_10-0_server_stig, added version v3r2
- Updated benchmark ms_exchange_2019_mailbox_server_stig, added version v2r2
- Updated benchmark ms_edge_stig, added version v2r2
- Updated benchmark ms_azure_sql_db_stig, added version v2r2
- Added benchmark mongodb_enterprise_advanced_7-x_stig, added version v1r1
- Updated benchmark mirantis_kubernetes_engine_stig, updated version v2r1
- Updated benchmark marklogic_server_v9_stig, added version v3r2
- Updated benchmark mariadb_enterprise_10-x_stig, added version v2r2
- Updated benchmark mainframe_product_srg, added version v3r2
- Updated benchmark kubernetes_stig, added version v2r2
- Updated benchmark juniper_srx_sg_ndm_stig, added version v3r2
- Updated benchmark juniper_srx_sg_alg_stig, added version v3r2
- Updated benchmark juniper_router_ndm_stig, updated version v3r1
- Updated benchmark juniper_ex_ndm_stig, added version v2r2
- Updated benchmark juniper_ex_l2s_stig, added version v2r2
- Updated benchmark jboss_eap_6-3_stig, added version v2r5
- Updated benchmark jamf_pro_v10-x_emm_stig, updated version v3r1
- Updated benchmark ivanti_mi_sentry_9-x_ndm_stig, added version v3r1
- Added benchmark ivanti_sentry_9-x_alg_stig, added version v3r1
- Updated benchmark ivanti_mi_core_mdm_server_stig, added version v3r1
- Updated benchmark ivanti_connect_secure_ndm_stig, added version v2r2
- Updated benchmark isec7_sphere, added version v3r1
- Updated benchmark ibm_zos_tss_stig, added version v9r2
- Updated benchmark ibm_zos_racf_stig, added version v9r2
- Updated benchmark ibm_zos_acf2_stig, added version v9r2
- Updated benchmark ibm_websphere_liberty_server_stig, added version v2r1
- Updated benchmark ibm_aix_7-x_stig, added version v3r1
- Updated benchmark hpe_3par_storeserv_3.3.x_stig, updated version v2r1
- Updated benchmark hpe_3par_ssmc_gpos_stig, updated version v2r1
- Updated benchmark google_chrome_current_windows, added version v2r10
- Added benchmark google_android_15_cope_stig, added version v1r1
- Added benchmark google_android_15_cobo_stig, added version v1r1
- Updated benchmark google_android_13_cope_stig, updated version v2r1
- Updated benchmark google_android_13_cobo_stig, updated version v2r1
- Updated benchmark forescout_ndm_stig, added version v2r2
- Updated benchmark fs_nac_stig, added version v2r2
- Added benchmark f5_big-ip_tmos_vpn_stig, added version v1r1
- Added benchmark f5_big-ip_tmos_ndm_stig, added version v1r1
- Added benchmark f5_big-ip_tmos_fw_stig, added version v1r1
- Added benchmark f5_big-ip_tmos_dns_stig, added version v1r1
- Added benchmark f5_big-ip_tmos_alg_stig, added version v1r1
- Updated benchmark evvm_endpoint_srg, added version v1r2
- Updated benchmark epas_stig, updated version v2r1
- Added benchmark dragos_platform_2-x_stig, added version v1r1
- Updated benchmark database_generic, added version v4r2
- Updated benchmark cisco_nx-os_switch_rtr_stig, added version v3r2
- Updated benchmark cisco_nx-os_switch_ndm_stig, added version v3r2
- Updated benchmark cisco_nx-os_switch_l2s_stig, added version v3r2
- Updated benchmark cisco_ise_ndm_stig, added version v2r2
- Updated benchmark cisco_ise_nac_stig, added version v2r2
- Updated benchmark cisco_ios_switch_ndm_stig, added version v3r2
- Updated benchmark cisco_ios_router_rtr_stig, added version v3r2
- Updated benchmark cisco_ios_router_ndm_stig, added version v3r2
- Updated benchmark cisco_ios-xr_router_rtr_stig, added version v3r2
- Updated benchmark cisco_ios-xr_router_ndm_stig, added version v3r2
- Updated benchmark cisco_ios_xe_switch_ndm_stig, added version v3r2
- Updated benchmark cisco_ios-xe_router_rtr_stig, added version v3r2
- Updated benchmark cisco_ios-xe_router_ndm_stig, added version v3r2
- Updated benchmark cisco_asa_vpn_stig, added version v2r2
- Updated benchmark cisco_asa_ndm_stig, added version v2r2
- Updated benchmark cisco_asa_ips_stig, updated version v2r1
- Updated benchmark crunchy_data_postgresql_stig, updated version v3r1
- Updated benchmark can_ubuntu_22-04_lts_stig, added version v2r2
- Updated benchmark canonical_ubuntu_20-04_lts_stig, added version v2r1
- Updated benchmark ca_idms_stig, added version v2r1
- Updated benchmark application_security_development_stig, updated version v6r1
- Updated benchmark arista_mls_eos_4-2x_ndm_stig, updated version v2r1
- Added benchmark apple_macos_15_stig, added version v1r1
- Updated benchmark apple_macos_14_stig, added version v2r2
- Added benchmark apple_ios-ipados_18_stig, added version v1r1
- Updated benchmark apple_ios-ipados_17_stig, updated version v2r1
- Updated benchmark apple_ios-ipados_16_cobo-cope_stig, updated version v2r1
- Updated benchmark tomcat_application_server_9_stig, updated version v3r1
- Updated benchmark apache_server_2-4_unix_server_stig, updated version v3r1
- Updated benchmark active_directory_forest, updated version v3r1
- Updated benchmark active_directory_domain, updated version v3r5
- Updated benchmark mcafee_tie-dxl_stig, updated version v3r1
- Updated benchmark mcafee_ens_10-x_stig, added version v3r2
- Updated benchmark mcafee_ens_10-x_local_client_stig, added version v2r2
- Updated benchmark ess_mcafee_agent_stig, added version v5r11
- Updated benchmark hbss_rogue_sensor, added version v5r3
- Updated benchmark ess_epo_5-3_5-9_stig, added version v3r2
- Updated benchmark hbss_agent_handler, added version v2r4
- Fixed PP on ESXi 8.0 STIG check ESXI-80-000247
- VMware vSphere 8.0 vCenter Appliance PostgreSQL STIG v2r1 only removed checks, marked ready.
- VMware vSphere 8.0 vCenter Appliance Envoy STIG v2r1 had no content changes, marked ready.
- Updated VMware vSphere 8.0 vCenter Appliance ESX Agent Manager (EAM) STIG, v2r1, and marked ready, closes #170
- Updated VMware vSphere 8.0 vCenter Appliance Lookup Service STIG, v2r1, and marked ready, closes #171
- Updated VMware vSphere 8.0 vCenter Appliance Perfcharts STIG, v2r1, and marked ready, closes #178
- Updated VMware vSphere 8.0 vCenter Appliance User Interface (UI) STIG, v2r1, and marked ready, closes #179
- Updated VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG, v2r1, and marked ready, closes #193
- Updated VMware vSphere 8.0 vCenter Appliance Secure Token Service (STS) STIG, v2r1, and marked ready, closes #194
- Updated VMware vSphere 8.0 vCenter STIG, v2r1, and marked ready, closes #202
- Updated VMware vSphere 8.0 ESXi STIG, v2r1, and marked ready, closes #210
- VMware vSphere 8.0 Virtual Machine STIG v2r1 had no content changes, marked ready.
- Updated VMware vSphere 8.0 vCenter Appliance Management Interface (VAMI) STIG, v2r1, and marked ready, closes #225
- Updated Trellix ENS 10.x STIG, v3r1, and marked ready, closes #218
- Updated ESS ePO 5.x STIG, v3r1, and marked ready, closes #163
- Updated Trellix Application Control 8.x STIG, v3r1, and marked ready, closes #216
- Updated Splunk Enterprise 8.x for Linux STIG, v2r1, and marked ready.
- Updated Splunk Enterprise 7.x for Windows STIG, v3r1, and marked ready, closes #201
- Updated Router SRG, v5r1, and marked ready, closes #169
- Updated MS SQL Server 2014 Database STIG, v1r7, and marked ready, closes #167
- Updated MS SQL Server 2014 Instance STIG, v2r4, and marked ready, closes #158
- MS SQL Server 2016 Database STIG, v3r1, and marked ready, closes #177
- Updated MS SQL Server 2016 Instance STIG, v3r1, and marked ready, closes #149
- Microsoft IIS 10.0 Server STIG v3r1 had no content changes, marked ready.
- Microsoft Edge STIG v2r1 had no content changes, marked ready.
- Updated Layer 2 Switch SRG, v3r1, and marked ready. closes #204
- Updated license end date to match Zivaro and added benchmarks per Tod Swain 28 Oct 24 email
- Updated license end date and added benchmarks per Tod Swain 28 Oct 24 email
- Updated Microsoft Office 365 ProPlus STIG, v3r1, and marked ready, closes #153
- Updated Microsoft Publisher 2013 STIG, v1r6, and marked ready
- Updated Microsoft Project 2013 STIG, v1r5, and marked ready, closes #191 and #192
- Updated Microsoft PowerPoint 2013 STIG, v1r7, and marked ready, closes #166
- Updated Microsoft Office System 2013 STIG, v2r2, and marked ready, closes #165
- Updated Microsoft Lync 2013 STIG, v1r5, and marked ready, closes #215
- Updated Microsoft InfoPath 2013 STIG, v1r6, and marked ready, closes #186
- Updated Microsoft Excel 2013 STIG, v1r8, and marked ready, closes #164
- Updated Microsoft Access 2013 STIG v1r7, and marked ready, closes #222
- Always produce licenses with date-only format
- Updated Active Directory Forest STIG, v3r1, and marked ready, closes #224
- Updated Active Directory Domain STIG, v3r5, and marked ready, closes #199
- Updated Microsoft Windows 2012 Server Domain Name System STIG, v2r7, and marked ready, closes #159
- Updated Microsoft Windows Server 2022 STIG, v2r1, and marked ready, closes #152
- Updated Microsoft Windows Server 2019 STIG v3r1, and marked ready, closes #151
- Updated Microsoft Windows 10 STIG, v3r1, and marked ready, closes #160
- Updated Microsoft Windows 11 STIG, v2r1, and marked ready, closes #150
- Updated Microsoft Windows PAW STIG, v3r1, and marked ready, closes #187
- Cisco NX OS Switch RTR STIG v3r1 had no content changes, marked ready.
- Updated Cisco NX OS Switch NDM STIG, v3r1, and marked ready, closes #203
- Updated Cisco NX OS Switch L2S STIG, v3r1, and marked ready, closes #184
- Updated Cisco ISE NDM STIG, v2r1, and marked ready, closes #176
- Updated Cisco ISE NAC STIG, v2r1, and marked ready, closes #175
- Updated Cisco IOS XR Router RTR STIG, v3r1, closes #157
- Cisco IOS XR Router NDM STIG v3r1 had no content changes, marked ready.
- Cisco IOS XE Switch RTR STIG v3r1 had no content changes, marked ready.
- Updated Cisco IOS XE Switch NDM STIG, v3r1, and marked ready, closes #195
- Updated Cisco IOS XE Switch L2S STIG, v3r1, and marked ready, closes #183
- Cisco IOS XE Router RTR STIG v3r1 had no content changes, marked ready.
- Updated Cisco IOS XE Router NDM STIG, v3r1, and marked ready, closes #196
- Cisco IOS Switch RTR STIG v3r1 had no content changes, marked ready.
- Updated Cisco IOS Switch NDM STIG, v3r1, and marked ready, closes #190
- Updated Cisco IOS Switch L2S STIG, v3r1, and marked ready, closes #182
- Updated Cisco IOS Router RTR STIG, v3r1, and marked ready, closes #156
- Updated Cisco IOS Router NDM STIG, v3r1, and marked ready, closes #189
- Cisco ASA VPN STIG v2r1 had no content changes, marked ready.
- Updated Cisco ASA NDM STIG v2r1, and marked ready, closes #162
- Updated Cisco ASA IPS STIG, v2r1, and marked ready, closes #181
- Updated Cisco ASA Firewall STIG, v2r1, and marked ready, closes #180
- Reverted WinXP powershell commands to wmic.
- RHEL 7 UPDATE
- ORACLE DATABASE 11.2G
- ORACLE DATABASE 11.2
- Added Windows DNS 2022 stig per William Boutu
- Added Windows DNS 2022 stig per Alexander Cushman
- Added Windows DNS 2022 stig per Alexander Cushman
- Added Windows DNS 2022 STIG per Alexander Cushman
- Imported DISA updates from Jul through 26 Sep 2024.
- Updated benchmark vmw_vsphere_8.0_virtual_machine_stig, updated version v2r1
- Updated benchmark vmw_vsphere_8-0_vcsa_vami_stig, updated version v2r1
- Updated benchmark vmw_vsphere_8-0_vcsa_ui_stig, updated version v2r1
- Updated benchmark vmw_vsphere_8-0_vcsa_sts_stig, updated version v2r1
- Updated benchmark vmw_vsphere_8-0_vcsa_postgresql_stig, updated version v2r1
- Updated benchmark vmw_vsphere_8-0_vcsa_photon_os_4-0_stig, updated version v2r1
- Updated benchmark vmw_vsphere_8-0_vcsa_perfcharts_stig, updated version v2r1
- Updated benchmark vmw_vsphere_8-0_vcsa_lookup_svc_stig, updated version v2r1
- Updated benchmark vmw_vsphere_8-0_vcsa_envoy_stig, updated version v2r1
- Updated benchmark vmw_vsphere_8-0_vcsa_eam_stig, updated version v2r1
- Updated benchmark vmw_vsphere_8-0_vcenter_stig, updated version v2r1
- Updated benchmark vmw_vsphere_8.0_virtual_machine_stig, updated version v1r1
- Updated benchmark vmw_vsphere_8-0_vcsa_vami_stig, updated version v1r1
- Updated benchmark vmw_vsphere_8-0_vcsa_ui_stig, updated version v1r1
- Updated benchmark vmw_vsphere_8-0_vcsa_sts_stig, updated version v1r1
- Updated benchmark vmw_vsphere_8-0_vcsa_postgresql_stig, updated version v1r1
- Updated benchmark vmw_vsphere_8-0_vcsa_photon_os_4-0_stig, updated version v1r1
- Updated benchmark vmw_vsphere_8-0_vcsa_perfcharts_stig, updated version v1r1
- Updated benchmark vmw_vsphere_8-0_vcsa_lookup_svc_stig, updated version v1r1
- Updated benchmark vmw_vsphere_8-0_vcsa_envoy_stig, updated version v1r1
- Updated benchmark vmw_vsphere_8-0_vcsa_eam_stig, updated version v1r1
- Updated benchmark vmw_vsphere_8-0_vcenter_stig, updated version v1r1
- Updated benchmark vmw_vsphere_8-0_esxi_stig, updated version v1r1
- Updated benchmark vmw_vsphere_8-0_esxi_stig, updated version v2r1
- Updated benchmark vmw_vsphere_7-0_virtual_machine_stig, updated version v1r3
- Updated benchmark vmw_vsphere_7-0_vcenter_stig, updated version v1r3
- Updated benchmark vmw_vsphere_7-0_vca_ui_stig, updated version v1r2
- Updated benchmark vmw_vsphere_7-0_vca_sts_stig, updated version v1r2
- Updated benchmark vmw_vsphere_7-0_vca_rhttpproxy_stig, updated version v1r1
- Updated benchmark vmw_vsphere_7-0_vca_postgresql_stig, updated version v1r2
- Updated benchmark vmw_vsphere_7-0_vca_photon_os_stig, updated version v1r3
- Updated benchmark vmw_vsphere_7-0_vca_perfcharts_stig, updated version v1r1
- Updated benchmark vmw_vsphere_7-0_vca_lookup_svc_stig, updated version v1r2
- Updated benchmark vmw_vsphere_7-0_vca_eam_stig, updated version v1r2
- Updated benchmark vmw_vsphere_7-0_vami_stig, updated version v1r2
- Updated benchmark vmw_vsphere_7-0_esxi_stig, updated version v1r2
- Updated benchmark vmw_nsx-t_t1_gateway_rtr_stig, updated version v1r1
- Updated benchmark vmw_nsx-t_t1_gateway_fw_stig, updated version v1r3
- Updated benchmark vmw_nsx-t_t-0_rtr_stig, updated version v1r2
- Updated benchmark vmw_nsx-t_t-0_gateway_fw_stig, updated version v1r3
- Updated benchmark vmware_nsx-t_sdn_controller_stig, updated version v1r1
- Updated benchmark vmw_nsx-t_manager_ndm_stig, updated version v1r3
- Updated benchmark vmware_nsx-t_distributed_fw_stig, updated version v1r3
- Updated benchmark traditional_security_checklist, updated version v2r5
- Updated benchmark tanium_7.3_stig, updated version v2r2
- Updated benchmark tanium_7.0_stig, updated version v1r2
- Updated benchmark symantec_proxysg_ndm_stig, updated version v1r2
- Updated benchmark symantec_proxysg_alg_stig, updated version v1r3
- Updated benchmark san, updated version v2r4
- Updated benchmark samsung_sds_emm_stig, updated version v1r3
- Updated benchmark spec_innovations_innoslate_4.x_stig, updated version v1r1
- Updated benchmark sles_12_stig, updated version v2r13
- Updated benchmark sel-2740s_ndm_stig, updated version v1r1
- Updated benchmark sel-2740s_l2s_stig, updated version v1r1
- Updated benchmark sdn_nv_stig, updated version v1r1
- Updated benchmark oracle_weblogic_server_12c_stig, updated version v2r1
- Updated benchmark oracle_linux_7_stig, updated version v2r14
- Updated benchmark oracle_http_server_12-1-3_stig, updated version v2r2
- Updated benchmark network_wlan_controller_platform_stig, updated version v7r3
- Updated benchmark network_wlan_controller_mgmt_stig, updated version v7r2
- Updated benchmark network_wlan_bridge_platform_stig, updated version v7r2
- Updated benchmark network_wlan_bridge_mgmt_stig, updated version v7r2
- Updated benchmark network_wlan_ap-nipr_platform_stig, updated version v7r3
- Updated benchmark network_wlan_ap-nipr_mgmt_stig, updated version v7r2
- Updated benchmark network_wlan_ap-ig_platform_stig, updated version v7r3
- Updated benchmark network_wlan_ap-ig_mgmt_stig, updated version v7r2
- Updated benchmark network_infrastructure_policy_stig, updated version v10r6
- Updated benchmark multi-function_device, updated version v2r14
- Updated benchmark windows_firewall_with_advanced_security, updated version v2r2
- Updated benchmark microsoft_sharepoint_designer_2013, updated version v1r3
- Updated benchmark microsoft_sharepoint_server_2013, updated version v2r3
- Updated benchmark ms_scom_stig, updated version v1r1
- Updated benchmark microsoft_publisher_2016, updated version v1r3
- Updated benchmark microsoft_outlook_2016, updated version v2r3
- Updated benchmark microsoft_onedrive, updated version v2r3
- Updated benchmark ie_11_stig, updated version v2r5
- Updated benchmark ms_exchange_2016_mailbox_server_stig, updated version v2r6
- Updated benchmark ms_exchange_2016_edge_transport_server_stig, updated version v2r5
- Updated benchmark ms_defender_antivirus, updated version v2r4
- Updated benchmark moz_firefox_stig, updated version v6r5
- Updated benchmark mobileiron_core_v10-x_mdm_stig, updated version v1r1
- Updated benchmark microsoft_word_2016, updated version v1r1
- Updated benchmark microsoft_visio_2016, updated version v1r1
- Updated benchmark microsoft_skype_for_business_2016, updated version v1r1
- Updated benchmark microsoft_project_2016, updated version v1r1
- Updated benchmark microsoft_powerpoint_2016, updated version v1r1
- Updated benchmark microsoft_onenote_2016, updated version v1r2
- Updated benchmark microsoft_access_2016, updated version v1r1
- Updated benchmark ibm_zvm_ca_vmsecure_stig, updated version v2r2
- Updated benchmark ibm_websphere_traditional_v9-x_stig, updated version v1r1
- Updated benchmark ibm_websphere_liberty_server_stig, updated version v1r2
- Updated benchmark ibm_maas360_with_watson_v10.x_mdm_stig, updated version v1r2
- Updated benchmark ibm_db2_v10-5_luw_stig, updated version v2r1
- Updated benchmark ibm_datapower_ndm_stig, updated version v1r2
- Updated benchmark ibm_datapower_alg_stig, updated version v1r1
- Updated benchmark ibm_aspera_platform_4-2_stig, updated version v1r2
- Updated benchmark ibm_aix_7-x_stig, updated version v2r9
- Updated benchmark hycu_for_nutanix_stig, updated version v1r1
- Updated benchmark hpe_3par_storeserv_3.2.x_stig, updated version v2r1
- Updated benchmark hp_flexfabric_switch_rtr_stig, updated version v1r2
- Updated benchmark hp_flexfabric_switch_ndm_stig, updated version v1r3
- Updated benchmark hp_flexfabric_switch_l2s_stig, updated version v1r3
- Updated benchmark google_chrome_current_windows, updated version v2r9
- Updated benchmark fn_fortigate_firewall_stig, updated version v1r3
- Updated benchmark fn_fortigate_firewall_ndm_stig, updated version v1r4
- Updated benchmark citrix_xendesktop_7-x_windows_vda_stig, updated version v1r2
- Updated benchmark citrix_xendesktop_storefront_stig, updated version v1r1
- Updated benchmark citrix_xendesktop_7-x_receiver_stig, updated version v1r1
- Updated benchmark citrix_xendesktop_license_server_stig, updated version v1r3
- Updated benchmark citrix_xendesktop_delivery_controller_stig, updated version v1r3
- Updated benchmark citrix_vad_7-x_workspace_app_stig, updated version v1r2
- Updated benchmark citrix_vad_7x_windows_vda_stig, updated version v1r1
- Updated benchmark citrix_vad_7-x_storefront_stig, updated version v1r1
- Updated benchmark citrix_vad_7-x_linux_vda_stig, updated version v1r1
- Updated benchmark citrix_vad_7-x_license_server_stig, updated version v1r1
- Updated benchmark citrix_vad_7-x_delivery_controller_stig, updated version v1r2
- Updated benchmark ca_idms_stig, updated version v1r2
- Updated benchmark bems_3-x_stig, updated version v1r2
- Updated benchmark bems_2-x_stig, updated version v1r3
- Updated benchmark bb_uem_mdm_stig, updated version v2r1
- Updated benchmark bb_cylanceprotect_mobile_for_uem_stig, updated version v1r2
- Updated benchmark avepoint_docave_6_stig, updated version v1r2
- Updated benchmark apple_ios-ipados_16_mdfpp_3-3_byoad_stig, updated version v1r1
- Updated benchmark apple_ios-ipados_16_byoad_stig, updated version v1r1
- Updated benchmark apache_site_2.2_windows, updated version v1r13
- Updated benchmark apache_server_2.2_windows, updated version v1r13
- Updated benchmark apache_site_2.2_unix, updated version v1r11
- Updated benchmark apache_server_2.2_unix, updated version v1r11
- Updated benchmark avepoint_compliance_guardian_stig, updated version v1r1
- Updated benchmark akamai_ksd_service_il2_ndm_stig, updated version v1r1
- Updated benchmark akamai_ksd_service_il2_alg_stig, updated version v1r1
- Updated benchmark adobe_acrobat_reader_dc_continuous_track_stig, updated version v2r1
- Updated benchmark adobe_acrobat_pro_dc_continuous_stig, updated version v2r1
- Updated benchmark active_directory_forest, updated version v2r8
- Updated benchmark active_directory_domain, updated version v3r4
- Updated benchmark rel_in-country_lan_stig, updated version v2r2
- Updated benchmark rel_embedded_lan_stig, updated version v2r2
- Updated benchmark dod internet-niprnet_dmz_technology_policy_stig, updated version v3r5
- Updated benchmark dod_internet-niprnet_dmz_technology_device_stig, updated version v3r5
- Updated benchmark backbone_transport_services_policy_stig, updated version v3r1
- Updated benchmark mcafee_tie-dxl_stig, added version v3r1
- Updated benchmark mcafee_ens_10-x_stig, added version v3r1
- Updated benchmark mcafee_ens_10-x_local_client_stig, added version v2r1
- Updated benchmark joint_regional_security_stack_stig, updated version v2r3
- Updated benchmark ess_mcafee_agent_stig, updated version v5r10
- Updated benchmark hbss_staging_server, updated version v5r1
- Updated benchmark hbss_rogue_sensor, updated version v5r2
- Updated benchmark hbss_-_remote_console, updated version v5r2
- Updated benchmark hbss_policyauditor, updated version v5r1
- Updated benchmark ess_epo_5-3_5-9_stig, added version v3r1
- Updated benchmark hbss_agent_handler, updated version v2r3
- Updated benchmark google_android_13_cope_stig, added version v2r1
- Updated benchmark google_android_13_cobo_stig, added version v2r1
- Added benchmark cd_postgres_16_stig, added version v1r1
- Updated benchmark splunk_enterprise_7-x_for_windows_stig, added version v3r1
- Updated benchmark crunchy_data_postgresql_stig, added version v3r1
- Updated benchmark ss_android_11_knox_3-x_legacy_stig, added version v1r2
- Updated benchmark ss_android_11_knox_3-x_ae_stig, added version v1r2
- Added benchmark cloud_computing_mission_owner_os_srg, added version v1r1
- Updated benchmark cloud_computing_mission_owner_srg, added version v1r1
- Updated benchmark apple_ios-ipados_16_cobo-cope_stig, added version v2r1
- Updated benchmark ss_android_os_14_kpe_3-x_cope_stig, added version v2r1
- Updated benchmark ss_android_os_14_kpe_3-x_cobo_stig, added version v2r1
- Updated benchmark arista_mls_eos_4-2x_router_stig, added version v2r1
- Updated benchmark arista_mls_eos_4-2x_ndm_stig, added version v2r1
- Updated benchmark arista_mls_eos_4-2x_l2s_stig, added version v2r1
- Updated benchmark container_platform_srg, added version v2r1
- Updated benchmark kubernetes_stig, added version v2r1
- Updated benchmark cisco_ise_ndm_stig, added version v2r1
- Updated benchmark cisco_ise_nac_stig, added version v2r1
- Updated benchmark apple_ios-ipados_17_stig, added version v2r1
- Updated benchmark google_android_14_cope_stig, added version v2r1
- Updated benchmark google_android_14_cobo_stig, added version v2r1
- Updated benchmark ivanti_mi_core_mdm_server_stig, added version v2r1
- Updated benchmark jamf_pro_v10-x_emm_stig, added version v3r1
- Updated benchmark ms_exchange_2019_mailbox_server_stig, added version v2r1
- Updated benchmark ms_exchange_2019_edge_server_stig, added version v2r1
- Updated benchmark apple_macos_14_stig, added version v2r1
- Updated benchmark cisco_ios_xe_switch_rtr_stig, added version v3r1
- Updated benchmark cisco_ios_xe_switch_ndm_stig, added version v3r1
- Updated benchmark cisco_ios_xe_switch_l2s_stig, added version v3r1
- Updated benchmark ibm_zos_tss_stig, added version v9r1
- Updated benchmark ibm_zos_racf_stig, added version v9r1
- Updated benchmark ibm_zos_acf2_stig, added version v9r1
- Updated benchmark tanium_7-x_os_tanos_stig, added version v2r1
- Updated benchmark tanium_7-x_application_tanos_stig, added version v2r1
- Updated benchmark ivanti_mi_sentry_9-x_ndm_stig, added version v2r1
- Updated benchmark ivanti_mi_sentry_9-x_alg_stig, added version v2r1
- Updated benchmark tm_tippingpoint_ndm_stig, added version v2r1
- Updated benchmark tm_tippingpoint_idps_stig, added version v2r1
- Updated benchmark ss_android_12_kpe_3-x_cope_stig, added version v1r3
- Updated benchmark ss_android_12_kpe_3-x_cobo_stig, added version v1r3
- Updated benchmark cisco_ios_switch_rtr_stig, added version v3r1
- Updated benchmark cisco_ios_switch_ndm_stig, added version v3r1
- Updated benchmark cisco_ios_switch_l2s_stig, added version v3r1
- Updated benchmark tanium_7-x_stig, added version v2r1
- Updated benchmark cisco_nx-os_switch_rtr_stig, added version v3r1
- Updated benchmark cisco_nx-os_switch_ndm_stig, added version v3r1
- Updated benchmark cisco_nx-os_switch_l2s_stig, added version v3r1
- Updated benchmark google_android_12_cope_stig, added version v1r2
- Updated benchmark google_android_12_cobo_stig, added version v1r2
- Updated benchmark cisco_ios-xe_router_rtr_stig, added version v3r1
- Updated benchmark cisco_ios-xe_router_ndm_stig, added version v3r1
- Updated benchmark mirantis_kubernetes_engine_stig, added version v2r1
- Updated benchmark cisco_ios_router_rtr_stig, added version v3r1
- Updated benchmark cisco_ios_router_ndm_stig, added version v3r1
- Updated benchmark rhel_9_stig, added version v2r1
- Updated benchmark can_ubuntu_22-04_lts_stig, added version v2r1
- Updated benchmark ms_edge_stig, added version v2r1
- Updated benchmark mariadb_enterprise_10-x_stig, added version v2r1
- Updated benchmark ibm_hmc_stig, added version v2r1
- Updated benchmark ibm_hardware_management_console_policies, updated version v2r1
- Updated benchmark ms_windows_server_2022_stig, added version v2r1
- Updated benchmark postgresql_9-x_stig, added version v2r5
- Updated benchmark oracle_mysql_8.0_stig, added version v2r1
- Updated benchmark hpe_nimble_storage_array_ndm_stig, added version v2r1
- Updated benchmark apache_server_2-4_windows_site_stig, updated version v2r1
- Updated benchmark apache_server_2-4_windows_server_stig, added version v3r1
- Updated benchmark ms_exchange_2013_mailbox_stig, added version v2r3
- Updated benchmark ms_exchange_2013_edge_stig, added version v1r6
- Updated benchmark ms_exchange_2013_cas_stig, added version v2r2
- Updated benchmark vmw_vsphere_8.0_virtual_machine_stig, added version v2r1
- Updated benchmark vmw_vsphere_8-0_vcsa_vami_stig, added version v2r1
- Updated benchmark vmw_vsphere_8-0_vcsa_ui_stig, added version v2r1
- Updated benchmark vmw_vsphere_8-0_vcsa_sts_stig, added version v2r1
- Updated benchmark vmw_vsphere_8-0_vcsa_postgresql_stig, added version v2r1
- Updated benchmark vmw_vsphere_8-0_vcsa_photon_os_4-0_stig, added version v2r1
- Updated benchmark vmw_vsphere_8-0_vcsa_perfcharts_stig, added version v2r1
- Updated benchmark vmw_vsphere_8-0_vcsa_lookup_svc_stig, added version v2r1
- Updated benchmark vmw_vsphere_8-0_vcsa_envoy_stig, added version v2r1
- Updated benchmark vmw_vsphere_8-0_vcsa_eam_stig, added version v2r1
- Updated benchmark vmw_vsphere_8-0_vcenter_stig, added version v2r1
- Updated benchmark vmw_vsphere_8.0_virtual_machine_stig, updated version v1r1
- Updated benchmark vmw_vsphere_8-0_vcsa_vami_stig, updated version v1r1
- Updated benchmark vmw_vsphere_8-0_vcsa_ui_stig, updated version v1r1
- Updated benchmark vmw_vsphere_8-0_vcsa_sts_stig, updated version v1r1
- Updated benchmark vmw_vsphere_8-0_vcsa_postgresql_stig, updated version v1r1
- Updated benchmark vmw_vsphere_8-0_vcsa_photon_os_4-0_stig, updated version v1r1
- Updated benchmark vmw_vsphere_8-0_vcsa_perfcharts_stig, updated version v1r1
- Updated benchmark vmw_vsphere_8-0_vcsa_lookup_svc_stig, updated version v1r1
- Updated benchmark vmw_vsphere_8-0_vcsa_envoy_stig, updated version v1r1
- Updated benchmark vmw_vsphere_8-0_vcsa_eam_stig, updated version v1r1
- Updated benchmark vmw_vsphere_8-0_vcenter_stig, updated version v1r1
- Updated benchmark vmw_vsphere_8-0_esxi_stig, updated version v1r1
- Updated benchmark vmw_vsphere_8-0_esxi_stig, added version v2r1
- Updated benchmark splunk_enterprise_8-x_for_linux_stig, added version v2r1
- Updated benchmark docker_enterprise_2-x_linux-unix_stig, added version v2r2
- Updated benchmark oracle_database_11-2g_stig, added version v2r5
- Updated benchmark rh_openshift_container_platform_4-12_stig, added version v2r1
- Updated benchmark ss_android_os_13_kpe_3-x_cope_stig, added version v2r1
- Updated benchmark ss_android_os_13_kpe_3-x_cobo_stig, added version v2r1
- Updated benchmark cisco_ios-xr_router_rtr_stig, added version v3r1
- Updated benchmark cisco_ios-xr_router_ndm_stig, added version v3r1
- Updated benchmark pan_prisma_cloud_compute_stig, added version v2r1
- Updated benchmark apple_macos_12_stig, added version v1r9
- Updated benchmark mot_solutions_android_11_cobo_stig, added version v1r3
- Added benchmark vmw_nsx_4-x_tier1_gw_rtr_stig, added version v1r1
- Added benchmark vmw_nsx_4-x_tier1_gw_fw_stig, added version v1r1
- Added benchmark vmw_nsx_4-x_tier0_gw_rtr_stig, added version v1r1
- Added benchmark vmw_nsx_4-x_tier0_gw_fw_stig, added version v1r1
- Added benchmark vmw_nsx_4-x_manager_ndm_stig, added version v1r1
- Added benchmark vmw_nsx_4-x_distributed_fw_stig, added version v1r1
- Updated benchmark oracle_database_12c_stig, added version v3r1
- Updated benchmark rh_ansible_automation_controller_web_server_stig, added version v2r1
- Updated benchmark rh_ansible_automation_controller_app_server_stig, added version v2r1
- Updated benchmark rb_netprofiler_stig, added version v2r1
- Updated benchmark uem_server_srg, added version v2r1
- Updated benchmark uem_agent_srg, updated version v1r1
- Updated benchmark toss_4_stig, added version v2r1
- Updated benchmark epas_stig, added version v2r1
- Updated benchmark ms_windows_10_stig, added version v3r1
- Updated benchmark arista_dcs-7000_series_rtr_stig, added version v1r4
- Updated benchmark arista_dcs-7000_series_ndm_stig, added version v1r4
- Updated benchmark arista_dcs-7000_series_l2s_stig, updated version v1r3
- Updated benchmark rancher_mcm_stig, added version v2r1
- Updated benchmark ms_office_365_proplus_stig, added version v3r1
- Updated benchmark dns_srg, added version v4r1
- Updated benchmark iis_10-0_site_stig, updated version v2r9
- Updated benchmark iis_10-0_server_stig, added version v3r1
- Updated benchmark microsoft_project_2010, added version v1r10
- Updated benchmark edb_postgres_advanced_server_v11_on_windows_stig, added version v2r4
- Updated benchmark ms_sql_server_2014_instance_stig, added version v2r4
- Updated benchmark ms_sql_server_2014_database_stig, added version v1r7
- Updated benchmark hpe_3par_storeserv_3.3.x_stig, added version v2r1
- Updated benchmark hpe_3par_ssmc_ws_stig, added version v2r1
- Updated benchmark hpe_3par_ssmc_gpos_stig, added version v2r1
- Updated benchmark forescout_counteract_ndm_stig, added version v1r2
- Updated benchmark ibm_mq_appliance_v9-0_ndm_stig, added version v1r2
- Updated benchmark ibm_mq_appliance_v9-0_as_stig, added version v1r2
- Updated benchmark db_networks_dbn_6300_ndm_stig, added version v1r2
- Updated benchmark db_networks_dbn_6300_idps_stig, added version v1r2
- Updated benchmark juniper_srx_sg_vpn_stig, added version v3r1
- Updated benchmark juniper_srx_sg_ndm_stig, added version v3r1
- Updated benchmark juniper_srx_sg_idps_stig, added version v2r1
- Updated benchmark juniper_srx_sg_alg_stig, added version v3r1
- Updated benchmark palo_alto_networks_ndm_stig, added version v3r1
- Updated benchmark palo_alto_networks_idps_stig, added version v3r1
- Updated benchmark palo_alto_networks_alg_stig, added version v3r1
- Updated benchmark microsoft_word_2013, added version v1r7
- Updated benchmark juniper_router_rtr_stig, added version v3r1
- Updated benchmark juniper_router_ndm_stig, added version v3r1
- Updated benchmark forescout_ndm_stig, added version v2r1
- Updated benchmark fs_nac_stig, added version v2r1
- Updated benchmark vmm, added version v2r1
- Updated benchmark ca_api_gateway_ndm_stig, added version v1r2
- Updated benchmark ca_api_gateway_alg_stig, added version v1r3
- Updated benchmark windows_server_2019_stig, added version v3r1
- Updated benchmark microsoft_access_2013, added version v1r7
- Updated benchmark microsoft_infopath_2010, added version v1r12
- Updated benchmark forescout_counteract_alg_stig, added version v1r3
- Updated benchmark layer_2_switch_srg, added version v3r1
- Updated benchmark microsoft_publisher_2010, added version v1r12
- Updated benchmark windows_paw_stig, added version v3r1
- Updated benchmark redis_enterprise_6-x_stig, added version v2r1
- Updated benchmark vpn, added version v3r1
- Updated benchmark microsoft_windows_11_stig, added version v2r1
- Updated benchmark mongodb_enterprise_advanced_4-x_stig, added version v1r4
- Updated benchmark ms_sql_server_2016_instance_stig, added version v3r1
- Updated benchmark ms_sql_server_2016_database_stig, added version v3r1
- Updated benchmark application_security_development_stig, added version v6r1
- Updated benchmark microsoft_powerpoint_2010, added version v1r11
- Updated benchmark netapp_ontap_dsc_9-x_stig, added version v2r1
- Updated benchmark microsoft_access_2010, added version v1r11
- Updated benchmark rhel_7_stig, added version v3r15
- Updated benchmark ms_azure_sql_db_stig, added version v2r1
- Updated benchmark active_directory_forest, added version v3r1
- Updated benchmark microsoft_visio_2013, added version v1r5
- Updated benchmark microsoft_windows_2012_server_domain_name_system_stig, added version v2r7
- Updated benchmark router_srg, added version v5r1
- Updated benchmark mongodb_3-x_stig, added version v2r3
- Updated benchmark microsoft_office_system_2010, added version v1r13
- Added benchmark aaa_services, added version v2r1
- Updated benchmark web_server_srg, added version v4r1
- Updated benchmark microsoft_publisher_2013, added version v1r6
- Updated benchmark mcafee_application_control_8-x_stig, added version v3r1
- Updated benchmark marklogic_server_v9_stig, added version v3r1
- Updated benchmark rgs_rke2_stig, added version v2r1
- Updated benchmark sles_15_stig, added version v2r1
- Updated benchmark juniper_ex_rtr_stig, added version v2r1
- Updated benchmark juniper_ex_ndm_stig, added version v2r1
- Updated benchmark juniper_ex_l2s_stig, added version v2r1
- Updated benchmark central_log_server_srg, added version v3r1
- Updated benchmark microsoft_office_system_2013, added version v2r2
- Updated benchmark microsoft_word_2010, added version v1r12
- Updated benchmark sdn_controller_srg, added version v2r1
- Updated benchmark microsoft_infopath_2013, added version v1r6
- Updated benchmark active_directory_domain, added version v3r5
- Updated benchmark riverbed_steelhead_cx_v8_ndm_stig, added version v1r3
- Updated benchmark riverbed_steelhead_cx_v8_alg_stig, added version v1r2
- Updated benchmark microsoft_lync_2013, added version v1r5
- Updated benchmark idps_srg, added version v3r1
- Updated benchmark can_ubuntu_18-04_stig, added version v2r15
- Updated benchmark database_generic, added version v4r1
- Updated benchmark a10_networks_adc_ndm_stig, added version v1r2
- Updated benchmark a10_networks_adc_alg_stig, added version v2r2
- Updated benchmark application_layer_gateway_srg, added version v2r1
- Updated benchmark firewall_srg, added version v3r1
- Updated benchmark microsoft_excel_2013, added version v1r8
- Updated benchmark cisco_asa_vpn_stig, added version v2r1
- Updated benchmark cisco_asa_ndm_stig, added version v2r1
- Updated benchmark cisco_asa_ips_stig, added version v2r1
- Updated benchmark cisco_asa_fw_stig, added version v2r1
- Updated benchmark application_server_srg, added version v4r1
- Updated benchmark ms_windows_server_2022_dns_stig, added version v2r1
- Updated benchmark microsoft_project_2013, added version v1r5
- Updated benchmark microsoft_powerpoint_2013, added version v1r7
- Updated benchmark general_purpose_operating_system, added version v3r1
- Updated benchmark network_device_management_srg, added version v5r1
- Updated benchmark solaris_11_sparc_stig, added version v3r1
- Updated benchmark ivanti_connect_secure_vpn_stig, added version v2r1
- Updated benchmark ivanti_connect_secure_ndm_stig, added version v2r1
- Added benchmark slem_5_stig, added version v1r1
- Updated benchmark ms_android_11_cope_stig, added version v1r2
- Updated benchmark ms_android_11_cobo_stig, added version v1r2
- Updated benchmark apache_server_2-4_unix_server_stig, added version v3r1
- Updated benchmark oracle_linux_8_stig, added version v2r1
- Updated benchmark tomcat_application_server_9_stig, added version v3r1
- Updated benchmark solaris_11_x86_stig, added version v3r1
- Updated benchmark mainframe_product_srg, added version v3r1
- Updated benchmark vmware_workspace_one_uem_stig, added version v2r2
- Updated benchmark nutanix_aos_5-20-x_os_stig, added version v1r2
- Updated benchmark nutanix_aos_5-20-x_application_stig, added version v1r2
- Added Solaris 10 SPARC and Oracle 11.2g and revised ms window 10/microsoft onedrive stig names
- Cleaned up issues from SQL Server 2012 Merges.
- Merged duplicate SQL Server 2012 STIGs.
- SOLARIS 10
- Added eMASS control summary tables to CRA
- Family control rollup on control rating spreadsheet now uses all controls, not base controls
- Correctly pass connection security status to Django in both HTTP and HTTPS modes
- Reverted WinXP powershell commands to wmic.
- For HTTP_ONLY servers, ensure all cookies are sent without the Secure attribute. Should fix CSRF issues.
Small release. We have RMF rev 5 STIGs imported, but still not included in this release while we test the swap from Rev4 to Rev5.
- Work on Solaris 10 SPARC and Oracle 11.2g
- Revised MS Windows 10 and One Drive STIG names
- Several configuration items have been added:
- Added ability to control session termination at browser close, commit without CCI changes
- Added session ID to logs when available
- Added session length configuration settings and documentation
- Added basic DoD-style banner to Xylok, see configuration documentation for details
- Show device type on machine page
- Added a Risk Assessment helper, intended for helping update Control risks within eMASS directly (rather than only through the POAM)
- Add POAM Helpers at CCI and control level
- Added eMASS count helper for quick comparisons to eMASS’s control status
- Connection header won’t be logged any more
- Corrected docs about updating
- Use correct redirect code for some items
- Hid dashboard and new client checklist
- Corrected display of Cat Is vs Cat IIIs on CCI rater related data and similar locations
- Skip adding blank mitigations to controls
- Updated SOLARIS 10 SPARC
- Warning: CentOS 7 is now EOM and RHEL 7 has only ELS available. We will stop intentionally supporting them soon. (https://www.redhat.com/en/technologies/linux-platforms/enterprise-linux/rhel-7-end-of-maintenance)
- Moved to a true executable wrapper around installer, rather than the BASH+tar wrapper. This setup seems to avoid the NIPR block that was preventing downloads of the installer before, plus allows for better command line parsing and easier changes in the future.
- Added “POA&M Helper” worksheet to SAR that should make it easier to update risk ratings within eMASS.
- Added “ALLOWED_DOMAINS” setting to configuration to allow users to restrict the domains the server may be accessed via. See Server Admin-Configuration docs for details.
- Added “HTTP_ONLY” setting to configuration to allow users to make Xylok listen only via HTTP. Primarily intended for use behind a reverse proxy which is already terminating HTTPS. See Server Admin-Configuration docs for details.
- Overlays now mark removed controls as N/A, rather than fully tailoring them out of the baseline.
- CRA now correctly reports number of inherited controls based on realized inheritance, rather than just the count of “possible” inherited CCIs.
- Send all download files with the proper filename. Fixes issue with CKL files being given an XML extension
- Corrected diagram width error in reports
- Re-enabled installation tests for Rocky 8, Rocky 9, Fedora 40, and various LTS Ubuntus
- Blocked known crawler user agents by returning no content and a 403 error code
- Handle Podman warnings better in Xylok manager, skipping warning lines when attempting to parse JSON output.
- Added commands for Windows Server 2022 DNS
- Corrected related PP on Windows 11 STIG.
- Updated IE 11 check DTBI9999-IE11 to check for IE disabling.
- Updates to RHEL 8 and 9 benchmarks
- Handle Podman read-only file system changes changes. Fixes issues with Podman 4.7+, closes #97
- Allow IP address certificates and increased header logging for requests. Progress on #96 for TLS issues to provide more debugging information
- Allow certificate generation for any domain, not just one with ‘xylok’ in it
- Fixed some classification markings on report
- Fixed document usage in reports
- Sorted related data for CCI ratings to put Cat Is on top
- Fixed several bugs with CCI rater updating
- The server now features ACME (Let’s Encrypt) support, allowing the server to automatically generate certificates. In addition, for servers with no Internet connection, automatic certificates can be generated for any domain used to access the server.
- For users, if you have trusted the Xylok CA certificate in your browser(s) in the past you will need to repeat that process. Download your local CA from your local /docs/ page.
- If you want to use Let’s Encrypt, see the updated documentation on the HTTPS.
- Corrected loading features from core server
- Updated documentation to reflect that Docker is preferred on RHEL/CentOS 7
- Stop generating local certs using the script
- Changed Docker healthcheck to not break with new TLS provider
- Always use CertMagic-based server
- Spread context-based logging throughout tools
- Added more logging around failing post-processing format requests
- Use ‘mark results as’ setting for report overall markings, not ‘is classified’ checkbox. Fixes #5
- Only say SUT one time in the reporting tools section of the report. Fixes #24
- Allow scan page to work with numeric impact levels, displaying them correctly. Fixes #45
- Show the control title on the control detail page, closes #28
- If there are no overlays for a control, don’t display an empty row in the table
- Allow downloads are marked as downloads now. Closes #38
- Added documentation for advanced collector encryption of passwords
- Upgraded Go version
- Return error when internal proxy requests fail
- Updated PP on Windows 11 Checks Closes #84 Closes #85
- RHEL 9 Bug Fixes and STIG Updates
- Updated matching software and OS tags on Adobe Acrobat Pro XI STIG.
- Tombstoned Adobe Acrobat Pro DC STIG (v1r0.1-draft).
- Fixed OS tags for Adobe Acrobat Pro DC Continuous STIG.
- Updated matching software list for Adobe Acrobat Pro DC Classic STIG.
- Updated matching software list for Adobe Acrobat Reader DC Classic Track STIG.
- Corrected OS tags on Adobe Acrobat Reader DC Continuous Track STIG.
- Added PP to Apache Server 2.4 UNIX Server STIG v2r7.
- Updated Cisco IOS XE Switch NDM STIG v2r9.
- Updated Cisco IOS Switch NDM STIG v2r9.
- Updated Trellix ENS 10.x STIG v2r14.
- Updated VMware vSphere 7.0 vCenter Appliance Photon OS STIG v1r3.
- Updated Active Directory Domain STIG v3r4.
- Updated Microsoft Office System 2016 STIG v2r3.
- Updated Microsoft Excel 2016 STIG v2r1.
- Updated Microsoft SQL Server 2016 Database STIG v2r9.
- FMC Custom STIG
- Updated Microsoft Office 365 ProPlus STIG v2r12.
- Updated Microsoft DotNet Framework 4.0 STIG v2r4.
- Updated Microsoft Edge STIG v1r8.
- Updated Microsoft SQL Server 2016 Instance STIG v2r12.
- Updated Microsoft Windows Server 2016 STIG v2r8.
- Updated Microsoft Windows Server 2019 STIG v2r9.
- Updated Microsoft Windows Server 2022 STIG v1r5.
- Updated Microsoft Windows 10 STIG v2r9 Updated Microsoft Windows 11 STIG v1r6
- Imported DISA STIG updates from early May 2024.
- Updated benchmark ms_windows_server_2022_stig, added version v1r5
- Updated benchmark bind_9-x_stig, added version v2r3
- Updated benchmark microsoft_windows_11_stig, added version v1r6
- Updated benchmark ms_windows_10_stig, added version v2r9
- Updated benchmark dns_srg, added version v3r2
- Updated benchmark microsoft_windows_2012_server_domain_name_system_stig, added version v2r6
- Updated benchmark windows_server_2016_stig, added version v2r8
- Updated benchmark active_directory_domain, added version v3r4
- Updated benchmark windows_server_2019_stig, added version v2r9
- Imported DISA STIG updates from Apr 2024, including CUI STIGs.
- Updated benchmark mcafee_ens_10-x_stig, added version v2r14
- Updated benchmark zos_webspheremq_for_tss_stig, updated version v6r4
- Updated benchmark zos_websphere_application_server_for_tss_stig, updated version v6r1
- Updated benchmark zos_tdmf_for_tss_stig, updated version v6r4
- Updated benchmark zos_tadz_for_tss_stig, updated version v6r7
- Updated benchmark zos_srraudit_for_tss_stig, updated version v6r5
- Updated benchmark zos_roscoe_for_tss_stig, updated version v6r8
- Updated benchmark zos_quest_nc-pass_for_tss_stig, updated version v6r3
- Updated benchmark zos_netview_for_tss_stig, updated version v6r9
- Updated benchmark zos_ibm_system_display_and_search_facility_for_tss_stig, updated version v6r10
- Updated benchmark zos_ibm_health_checker_for_tss, updated version v6r3
- Updated benchmark zos_ibm_cics_transaction_server_for_tss, updated version v6r9
- Updated benchmark zos_hcd_for_tss_stig, updated version v6r4
- Updated benchmark zos_fep_for_tss, updated version v6r1
- Updated benchmark zos_fdr_for_tss_stig, updated version v6r2
- Updated benchmark zos_cssmtp_for_tss_stig, updated version v6r6
- Updated benchmark zos_compuware_abend-aid_for_tss, updated version v6r7
- Updated benchmark zos_clsupersession_for_tss_stig, added version v6r13
- Updated benchmark zos_catalog_solutions_for_tss_stig, updated version v6r5
- Updated benchmark zos_ca_1_tape_management_for_tss_stig, updated version v6r10
- Updated benchmark zos_ca_vtape_for_tss_stig, updated version v6r5
- Updated benchmark zos_ca_mim_for_tss_stig, updated version v6r4
- Updated benchmark zos_ca_mics_for_tss_stig, updated version v6r5
- Updated benchmark zos_ca_common_services_for_tss_stig, updated version v6r2
- Updated benchmark zos_ca_auditor_for_tss_stig, updated version v6r4
- Updated benchmark zos_bmc_mainview_for_zos_for_tss_stig, updated version v6r8
- Updated benchmark zos_bmc_ioa_for_tss_stig, updated version v6r8
- Updated benchmark zos_bmc_control-o_for_tss_stig, updated version v6r8
- Updated benchmark zos_bmc_control-m_restart_for_tss_stig, updated version v6r6
- Updated benchmark zos_bmc_control-m_for_tss_stig, updated version v6r10
- Updated benchmark zos_bmc_control-d_for_tss_stig, updated version v6r8
- Updated benchmark zos_webspheremq_for_racf_stig, updated version v6r4
- Updated benchmark zos_websphere_application_server_for_racf_stig, updated version v6r1
- Updated benchmark zos_vss_for_racf_stig, updated version v6r8
- Updated benchmark zos_tdmf_for_racf_stig, updated version v6r4
- Updated benchmark zos_tadz_for_racf_stig, updated version v6r7
- Updated benchmark zos_srraudit_for_racf_stig, updated version v6r5
- Updated benchmark zos_roscoe_for_racf_stig, updated version v6r8
- Updated benchmark zos_quest_nc-pass_for_racf_stig, updated version v6r3
- Updated benchmark zos_netview_for_racf_stig, updated version v6r9
- Updated benchmark zos_ibm_system_display_and_search_facility_for_racf_stig, updated version v6r10
- Updated benchmark zos_ibm_health_checker_for_racf, updated version v6r3
- Updated benchmark zos_ibm_cics_transaction_server_for_racf, updated version v6r9
- Updated benchmark zos_hcd_for_racf_stig, updated version v6r4
- Updated benchmark zos_fep_for_racf_stig, updated version v6r1
- Updated benchmark zos_fdr_for_racf_stig, updated version v6r2
- Updated benchmark zos_cssmtp_for_racf_stig, updated version v6r6
- Updated benchmark zos_compuware_abend-aid_for_racf, updated version v6r7
- Updated benchmark zos_clsupersession_for_racf_stig, added version v6r13
- Updated benchmark zos_catalog_solutions_for_racf_stig, updated version v6r5
- Updated benchmark zos_ca_1_tape_management_for_racf_stig, updated version v6r10
- Updated benchmark zos_ca_vtape_for_racf_stig, updated version v6r5
- Updated benchmark zos_ca_mim_for_racf_stig, updated version v6r4
- Updated benchmark zos_ca_mics_for_racf_stig, updated version v6r5
- Updated benchmark zos_ca_common_services_for_racf_stig, updated version v6r3
- Updated benchmark zos_ca_auditor_for_racf_stig, updated version v6r4
- Updated benchmark zos_bmc_mainview_for_zos_for_racf_stig, updated version v6r8
- Updated benchmark zos_bmc_ioa_for_racf_stig, updated version v6r8
- Updated benchmark zos_bmc_control-o_for_racf_stig, updated version v6r8
- Updated benchmark zos_bmc_control-m_restart_for_racf_stig, updated version v6r6
- Updated benchmark zos_bmc_control-m_for_racf_stig, updated version v6r10
- Updated benchmark zos_bmc_control-d_for_racf_stig, updated version v6r8
- Updated benchmark zos_webspheremq_for_acf2_stig, updated version v6r4
- Updated benchmark zos_websphere_application_server_for_acf2_stig, updated version v6r1
- Updated benchmark zos_tdmf_for_acf2_stig, updated version v6r4
- Updated benchmark zos_tadz_for_acf2_stig, updated version v6r7
- Updated benchmark zos_srraudit_for_acf2_stig, updated version v6r5
- Updated benchmark zos_roscoe_for_acf2_stig, updated version v6r9
- Updated benchmark zos_quest_nc-pass_for_acf2_stig, updated version v6r3
- Updated benchmark zos_netview_for_acf2_stig, updated version v6r9
- Updated benchmark zos_ibm_system_display_and_search_facility_for_acf2_stig, updated version v6r11
- Updated benchmark zos_ibm_health_checker_for_acf2, updated version v6r3
- Updated benchmark zos_ibm_cics_transaction_server_for_acf2, updated version v6r8
- Updated benchmark zos_hcd_for_acf2_stig, updated version v6r4
- Updated benchmark zos_fep_for_acf2_stig, updated version v6r1
- Updated benchmark zos_fdr_for_acf2_stig, updated version v6r2
- Updated benchmark zos_cssmtp_for_acf2_stig, updated version v6r6
- Updated benchmark zos_compuware_abend-aid_for_acf2, updated version v6r7
- Updated benchmark zos_clsupersession_for_acf2_stig, added version v6r13
- Updated benchmark zos_catalog_solutions_for_acf2_stig, updated version v6r4
- Updated benchmark zos_ca_1_tape_management_for_acf2_stig, updated version v6r10
- Updated benchmark zos_ca_vtape_for_acf2_stig, updated version v6r5
- Updated benchmark zos_ca_mim_for_acf2_stig, updated version v6r4
- Updated benchmark zos_ca_mics_for_acf2_stig, updated version v6r5
- Updated benchmark zos_ca_common_services_for_acf2_stig, updated version v6r2
- Updated benchmark zos_ca_auditor_for_acf2_stig, updated version v6r4
- Updated benchmark zos_bmc_mainview_for_zos_for_acf2_stig, updated version v6r10
- Updated benchmark zos_bmc_ioa_for_acf2_stig, updated version v6r8
- Updated benchmark zos_bmc_control-o_for_acf2_stig, updated version v6r8
- Updated benchmark zos_bmc_control-m_restart_for_acf2_stig, updated version v6r6
- Updated benchmark zos_bmc_control-m_for_acf2_stig, updated version v6r10
- Updated benchmark zos_bmc_control-d_for_acf2_stig, updated version v6r8
- Added benchmark ss_android_14_mdfpp_3-3_byoad_stig, added version v1r1
- Added benchmark ss_android_14_byoad_stig, added version v1r1
- Updated benchmark ss_android_os_14_kpe_3-x_cope_stig, added version v1r2
- Updated benchmark ss_android_os_14_kpe_3-x_cobo_stig, added version v1r2
- Added benchmark google_android_14_mdf_pp_3-3_byoad_stig, added version v1r1
- Added benchmark google_android_14_byoad_stig, added version v1r1
- Updated benchmark rhel_9_stig, added version v1r3
- Added benchmark evvm_session_management_srg, added version v1r1
- Added benchmark evvm_policy_srg, added version v1r1
- Added benchmark evvm_endpoint_srg, added version v1r1
- Added benchmark apple_ios_ipados_17_mdfpp_3-3_byoad_stig, added version v1r1
- Added benchmark apple_ios-ipados_17_byoad_stig, added version v1r1
- Updated benchmark oracle_linux_8_stig, added version v1r10
- Updated benchmark google_android_13_mdf_pp_3-3_byoad_stig, updated version v1r1
- Updated benchmark google_android_13_byoad_stig, added version v1r2
- Updated benchmark ms_edge_stig, added version v1r8
- Updated benchmark cisco_ios_switch_rtr_stig, updated version v2r5
- Updated benchmark cisco_ios_switch_ndm_stig, added version v2r9
- Updated benchmark cisco_ios_switch_l2s_stig, updated version v2r4
- Updated benchmark solaris_11_x86_stig, added version v2r10
- Updated benchmark rhel_8_stig, added version v1r14
- Updated benchmark apple_macos_13_stig, added version v1r4
- Updated benchmark ibm_zos_tss_stig, added version v8r13
- Updated benchmark ibm_zos_racf_stig, added version v8r14
- Updated benchmark ibm_zos_acf2_stig, added version v8r15
- Updated benchmark apache_server_2-4_unix_site_stig, updated version v2r4
- Updated benchmark apache_server_2-4_unix_server_stig, added version v2r7
- Updated benchmark f5_big-ip_local_traffic_manager_11-x_stig, added version v2r3
- Updated benchmark f5_big-ip_device_management_11-x_stig, added version v2r3
- Added benchmark f5_big-ip_application_security_manager_11-x_stig, added version v2r1
- Added benchmark f5_big-ip_advanced_firewall_manager_11-x_stig, added version v2r1
- Updated benchmark f5_big-ip_access_policy_manager_11-x_stig, added version v2r3
- Updated benchmark apple_macos_14_stig, added version v1r2
- Updated benchmark cisco_ios_xe_switch_rtr_stig, updated version v2r5
- Updated benchmark cisco_ios_xe_switch_ndm_stig, added version v2r9
- Updated benchmark cisco_ios_xe_switch_l2s_stig, updated version v2r5
- Updated benchmark canonical_ubuntu_20-04_lts_stig, added version v1r12
- Updated benchmark solaris_11_sparc_stig, added version v2r10
- Updated benchmark apple_ios-ipados_15_stig, added version v1r4
- Updated benchmark rh_ansible_automation_controller_web_server_stig, added version v1r2
- Updated benchmark rh_ansible_automation_controller_app_server_stig, updated version v1r2
- Added benchmark can_ubuntu_22-04_lts_stig, added version v1r1
- Updated benchmark cisco_nx-os_switch_rtr_stig, updated version v2r3
- Updated benchmark cisco_nx-os_switch_ndm_stig, added version v2r8
- Updated benchmark cisco_nx-os_switch_l2s_stig, updated version v2r3
- Updated benchmark ms_office_365_proplus_stig, added version v2r12
- Updated benchmark web_server_srg, added version v3r3
- Added benchmark ibm_zsecure_suite_stig, added version v1r1
- Updated benchmark ms_sql_server_2016_instance_stig, added version v2r12
- Updated benchmark ms_sql_server_2016_database_stig, added version v2r9
- Updated benchmark jboss_eap_6-3_stig, added version v2r4
- Added benchmark mirantis_kubernetes_engine_stig, added version v1r1
- Updated benchmark sles_15_stig, added version v1r13
- Updated benchmark router_srg, added version v4r3
- Updated benchmark can_ubuntu_18-04_stig, added version v2r14
- Updated benchmark netapp_ontap_dsc_9-x_stig, added version v1r4
- Updated benchmark microsoft_excel_2016, added version v2r1
- Updated benchmark rgs_rke2_stig, added version v1r5
- Updated benchmark vpn, added version v2r6
- Updated benchmark vmware_horizon_7-13_connection_server_stig, added version v1r2
- Updated benchmark vmware_horizon_7-13_client_stig, updated version v1r1
- Updated benchmark vmware_horizon_7-13_agent_stig, updated version v1r1
- Updated benchmark ms_dot_net_framework, added version v2r4
- Updated benchmark rhel_9_stig, updated version v1r2
- Updated benchmark microsoft_office_system_2016, added version v2r3
- Minor updates to McAfee STIGs.
- Created new Powershell utility function.
- Upgraded Go version, removing two vulnerabilities
- Log all HTTP requests by default
- Allow access to API liveness/readiness without auth
- No longer try to compress any data, it was causing issues with downloads
- Fix: Handle benchmarks with question but no answer choices (#32)
- Changelog/doc link fixes (#30)
- Correctly import all the changes listed in v2024.05.1, the question issue above was cancelling the import.
- Control rater now de-duplicates default control comments
- File portal now offers a ‘proxied’ download which runs through the portal server. Depending on your network, this may avoid network blocks.
- Nginx has been removed in favor of a new primary process that handles both the proxying to the backend and a new GraphQL server. This change should be transparent to the user.
- Installer will now automatically apply FAPolicy for the xylok-manager.py script and ensures the scripts it installs are readable, fixing an issue with some new installs.
- GraphQL server running within primary server now
- Upgraded GraphQL to new release of gqlgen
- GraphQL can handle dates in the CCI rater now. Closes #26
- GraphQL report updates can take booleans now
- Feature list fully loading through graphql
- Report listing loads over graphql
- Updated report working through graphql
- Nessus importing now correctly creates all missing plugin checks
- Handle lodash paths like a.0.c.3 as if the numbers are also array indexes
- Filter out empty documents from report list
- Moved Latex packages into repo, avoiding download issues
- Correctly report the error and fail to build installer if latex libraries fail to install
- Fix control rater modal not working, closes #2
- Made table 4.2 in report use a long table and be much shorter, in case there are a lot of the ‘highest rated’ controls
- CORS fix for tRPC->core again
- Download portal has a simple cache now, making it faster
- Removed link to tRPC docs, tRPC is going to be removed soon
- Fixed small bugs with automatically created interview questions
- Imported DISA STIG updates from early May 2024.
- Updated benchmark ms_windows_server_2022_stig, added version v1r5
- Updated benchmark bind_9-x_stig, added version v2r3
- Updated benchmark microsoft_windows_11_stig, added version v1r6
- Updated benchmark ms_windows_10_stig, added version v2r9
- Updated benchmark dns_srg, added version v3r2
- Updated benchmark microsoft_windows_2012_server_domain_name_system_stig, added version v2r6
- Updated benchmark windows_server_2016_stig, added version v2r8
- Updated benchmark active_directory_domain, added version v3r4
- Updated benchmark windows_server_2019_stig, added version v2r9
- Imported DISA STIG updates from Apr 2024, including CUI STIGs.
- Updated benchmark mcafee_ens_10-x_stig, added version v2r14
- Updated benchmark zos_webspheremq_for_tss_stig, updated version v6r4
- Updated benchmark zos_websphere_application_server_for_tss_stig, updated version v6r1
- Updated benchmark zos_tdmf_for_tss_stig, updated version v6r4
- Updated benchmark zos_tadz_for_tss_stig, updated version v6r7
- Updated benchmark zos_srraudit_for_tss_stig, updated version v6r5
- Updated benchmark zos_roscoe_for_tss_stig, updated version v6r8
- Updated benchmark zos_quest_nc-pass_for_tss_stig, updated version v6r3
- Updated benchmark zos_netview_for_tss_stig, updated version v6r9
- Updated benchmark zos_ibm_system_display_and_search_facility_for_tss_stig, updated version v6r10
- Updated benchmark zos_ibm_health_checker_for_tss, updated version v6r3
- Updated benchmark zos_ibm_cics_transaction_server_for_tss, updated version v6r9
- Updated benchmark zos_hcd_for_tss_stig, updated version v6r4
- Updated benchmark zos_fep_for_tss, updated version v6r1
- Updated benchmark zos_fdr_for_tss_stig, updated version v6r2
- Updated benchmark zos_cssmtp_for_tss_stig, updated version v6r6
- Updated benchmark zos_compuware_abend-aid_for_tss, updated version v6r7
- Updated benchmark zos_clsupersession_for_tss_stig, added version v6r13
- Updated benchmark zos_catalog_solutions_for_tss_stig, updated version v6r5
- Updated benchmark zos_ca_1_tape_management_for_tss_stig, updated version v6r10
- Updated benchmark zos_ca_vtape_for_tss_stig, updated version v6r5
- Updated benchmark zos_ca_mim_for_tss_stig, updated version v6r4
- Updated benchmark zos_ca_mics_for_tss_stig, updated version v6r5
- Updated benchmark zos_ca_common_services_for_tss_stig, updated version v6r2
- Updated benchmark zos_ca_auditor_for_tss_stig, updated version v6r4
- Updated benchmark zos_bmc_mainview_for_zos_for_tss_stig, updated version v6r8
- Updated benchmark zos_bmc_ioa_for_tss_stig, updated version v6r8
- Updated benchmark zos_bmc_control-o_for_tss_stig, updated version v6r8
- Updated benchmark zos_bmc_control-m_restart_for_tss_stig, updated version v6r6
- Updated benchmark zos_bmc_control-m_for_tss_stig, updated version v6r10
- Updated benchmark zos_bmc_control-d_for_tss_stig, updated version v6r8
- Updated benchmark zos_webspheremq_for_racf_stig, updated version v6r4
- Updated benchmark zos_websphere_application_server_for_racf_stig, updated version v6r1
- Updated benchmark zos_vss_for_racf_stig, updated version v6r8
- Updated benchmark zos_tdmf_for_racf_stig, updated version v6r4
- Updated benchmark zos_tadz_for_racf_stig, updated version v6r7
- Updated benchmark zos_srraudit_for_racf_stig, updated version v6r5
- Updated benchmark zos_roscoe_for_racf_stig, updated version v6r8
- Updated benchmark zos_quest_nc-pass_for_racf_stig, updated version v6r3
- Updated benchmark zos_netview_for_racf_stig, updated version v6r9
- Updated benchmark zos_ibm_system_display_and_search_facility_for_racf_stig, updated version v6r10
- Updated benchmark zos_ibm_health_checker_for_racf, updated version v6r3
- Updated benchmark zos_ibm_cics_transaction_server_for_racf, updated version v6r9
- Updated benchmark zos_hcd_for_racf_stig, updated version v6r4
- Updated benchmark zos_fep_for_racf_stig, updated version v6r1
- Updated benchmark zos_fdr_for_racf_stig, updated version v6r2
- Updated benchmark zos_cssmtp_for_racf_stig, updated version v6r6
- Updated benchmark zos_compuware_abend-aid_for_racf, updated version v6r7
- Updated benchmark zos_clsupersession_for_racf_stig, added version v6r13
- Updated benchmark zos_catalog_solutions_for_racf_stig, updated version v6r5
- Updated benchmark zos_ca_1_tape_management_for_racf_stig, updated version v6r10
- Updated benchmark zos_ca_vtape_for_racf_stig, updated version v6r5
- Updated benchmark zos_ca_mim_for_racf_stig, updated version v6r4
- Updated benchmark zos_ca_mics_for_racf_stig, updated version v6r5
- Updated benchmark zos_ca_common_services_for_racf_stig, updated version v6r3
- Updated benchmark zos_ca_auditor_for_racf_stig, updated version v6r4
- Updated benchmark zos_bmc_mainview_for_zos_for_racf_stig, updated version v6r8
- Updated benchmark zos_bmc_ioa_for_racf_stig, updated version v6r8
- Updated benchmark zos_bmc_control-o_for_racf_stig, updated version v6r8
- Updated benchmark zos_bmc_control-m_restart_for_racf_stig, updated version v6r6
- Updated benchmark zos_bmc_control-m_for_racf_stig, updated version v6r10
- Updated benchmark zos_bmc_control-d_for_racf_stig, updated version v6r8
- Updated benchmark zos_webspheremq_for_acf2_stig, updated version v6r4
- Updated benchmark zos_websphere_application_server_for_acf2_stig, updated version v6r1
- Updated benchmark zos_tdmf_for_acf2_stig, updated version v6r4
- Updated benchmark zos_tadz_for_acf2_stig, updated version v6r7
- Updated benchmark zos_srraudit_for_acf2_stig, updated version v6r5
- Updated benchmark zos_roscoe_for_acf2_stig, updated version v6r9
- Updated benchmark zos_quest_nc-pass_for_acf2_stig, updated version v6r3
- Updated benchmark zos_netview_for_acf2_stig, updated version v6r9
- Updated benchmark zos_ibm_system_display_and_search_facility_for_acf2_stig, updated version v6r11
- Updated benchmark zos_ibm_health_checker_for_acf2, updated version v6r3
- Updated benchmark zos_ibm_cics_transaction_server_for_acf2, updated version v6r8
- Updated benchmark zos_hcd_for_acf2_stig, updated version v6r4
- Updated benchmark zos_fep_for_acf2_stig, updated version v6r1
- Updated benchmark zos_fdr_for_acf2_stig, updated version v6r2
- Updated benchmark zos_cssmtp_for_acf2_stig, updated version v6r6
- Updated benchmark zos_compuware_abend-aid_for_acf2, updated version v6r7
- Updated benchmark zos_clsupersession_for_acf2_stig, added version v6r13
- Updated benchmark zos_catalog_solutions_for_acf2_stig, updated version v6r4
- Updated benchmark zos_ca_1_tape_management_for_acf2_stig, updated version v6r10
- Updated benchmark zos_ca_vtape_for_acf2_stig, updated version v6r5
- Updated benchmark zos_ca_mim_for_acf2_stig, updated version v6r4
- Updated benchmark zos_ca_mics_for_acf2_stig, updated version v6r5
- Updated benchmark zos_ca_common_services_for_acf2_stig, updated version v6r2
- Updated benchmark zos_ca_auditor_for_acf2_stig, updated version v6r4
- Updated benchmark zos_bmc_mainview_for_zos_for_acf2_stig, updated version v6r10
- Updated benchmark zos_bmc_ioa_for_acf2_stig, updated version v6r8
- Updated benchmark zos_bmc_control-o_for_acf2_stig, updated version v6r8
- Updated benchmark zos_bmc_control-m_restart_for_acf2_stig, updated version v6r6
- Updated benchmark zos_bmc_control-m_for_acf2_stig, updated version v6r10
- Updated benchmark zos_bmc_control-d_for_acf2_stig, updated version v6r8
- Added benchmark ss_android_14_mdfpp_3-3_byoad_stig, added version v1r1
- Added benchmark ss_android_14_byoad_stig, added version v1r1
- Updated benchmark ss_android_os_14_kpe_3-x_cope_stig, added version v1r2
- Updated benchmark ss_android_os_14_kpe_3-x_cobo_stig, added version v1r2
- Added benchmark google_android_14_mdf_pp_3-3_byoad_stig, added version v1r1
- Added benchmark google_android_14_byoad_stig, added version v1r1
- Updated benchmark rhel_9_stig, added version v1r3
- Added benchmark evvm_session_management_srg, added version v1r1
- Added benchmark evvm_policy_srg, added version v1r1
- Added benchmark evvm_endpoint_srg, added version v1r1
- Added benchmark apple_ios_ipados_17_mdfpp_3-3_byoad_stig, added version v1r1
- Added benchmark apple_ios-ipados_17_byoad_stig, added version v1r1
- Updated benchmark oracle_linux_8_stig, added version v1r10
- Updated benchmark google_android_13_mdf_pp_3-3_byoad_stig, updated version v1r1
- Updated benchmark google_android_13_byoad_stig, added version v1r2
- Updated benchmark ms_edge_stig, added version v1r8
- Updated benchmark cisco_ios_switch_rtr_stig, updated version v2r5
- Updated benchmark cisco_ios_switch_ndm_stig, added version v2r9
- Updated benchmark cisco_ios_switch_l2s_stig, updated version v2r4
- Updated benchmark solaris_11_x86_stig, added version v2r10
- Updated benchmark rhel_8_stig, added version v1r14
- Updated benchmark apple_macos_13_stig, added version v1r4
- Updated benchmark ibm_zos_tss_stig, added version v8r13
- Updated benchmark ibm_zos_racf_stig, added version v8r14
- Updated benchmark ibm_zos_acf2_stig, added version v8r15
- Updated benchmark apache_server_2-4_unix_site_stig, updated version v2r4
- Updated benchmark apache_server_2-4_unix_server_stig, added version v2r7
- Updated benchmark f5_big-ip_local_traffic_manager_11-x_stig, added version v2r3
- Updated benchmark f5_big-ip_device_management_11-x_stig, added version v2r3
- Added benchmark f5_big-ip_application_security_manager_11-x_stig, added version v2r1
- Added benchmark f5_big-ip_advanced_firewall_manager_11-x_stig, added version v2r1
- Updated benchmark f5_big-ip_access_policy_manager_11-x_stig, added version v2r3
- Updated benchmark apple_macos_14_stig, added version v1r2
- Updated benchmark cisco_ios_xe_switch_rtr_stig, updated version v2r5
- Updated benchmark cisco_ios_xe_switch_ndm_stig, added version v2r9
- Updated benchmark cisco_ios_xe_switch_l2s_stig, updated version v2r5
- Updated benchmark canonical_ubuntu_20-04_lts_stig, added version v1r12
- Updated benchmark solaris_11_sparc_stig, added version v2r10
- Updated benchmark apple_ios-ipados_15_stig, added version v1r4
- Updated benchmark rh_ansible_automation_controller_web_server_stig, added version v1r2
- Updated benchmark rh_ansible_automation_controller_app_server_stig, updated version v1r2
- Added benchmark can_ubuntu_22-04_lts_stig, added version v1r1
- Updated benchmark cisco_nx-os_switch_rtr_stig, updated version v2r3
- Updated benchmark cisco_nx-os_switch_ndm_stig, added version v2r8
- Updated benchmark cisco_nx-os_switch_l2s_stig, updated version v2r3
- Updated benchmark ms_office_365_proplus_stig, added version v2r12
- Updated benchmark web_server_srg, added version v3r3
- Added benchmark ibm_zsecure_suite_stig, added version v1r1
- Updated benchmark ms_sql_server_2016_instance_stig, added version v2r12
- Updated benchmark ms_sql_server_2016_database_stig, added version v2r9
- Updated benchmark jboss_eap_6-3_stig, added version v2r4
- Added benchmark mirantis_kubernetes_engine_stig, added version v1r1
- Updated benchmark sles_15_stig, added version v1r13
- Updated benchmark router_srg, added version v4r3
- Updated benchmark can_ubuntu_18-04_stig, added version v2r14
- Updated benchmark netapp_ontap_dsc_9-x_stig, added version v1r4
- Updated benchmark microsoft_excel_2016, added version v2r1
- Updated benchmark rgs_rke2_stig, added version v1r5
- Updated benchmark vpn, added version v2r6
- Updated benchmark vmware_horizon_7-13_connection_server_stig, added version v1r2
- Updated benchmark vmware_horizon_7-13_client_stig, updated version v1r1
- Updated benchmark vmware_horizon_7-13_agent_stig, updated version v1r1
- Updated benchmark ms_dot_net_framework, added version v2r4
- Updated benchmark rhel_9_stig, updated version v1r2
- Updated benchmark microsoft_office_system_2016, added version v2r3
- Updated Apache Server 2.4 UNIX Site STIG v2r4 and marked ready.
- Updated Apache Server 2.4 UNIX Server STIG v2r6 and marked ready.
- Minor updates to McAfee STIGs.
- Updated Apache Server 2.4 UNIX Server STIG, v2r6.
- Cleaned up implicit memory warning in advanced collector lint
- Benchmarks now figure out if they have users directly from the license file
- Added interview questions to VMM SRG and marked it ready for customer usage (interview only)
- Cisco FMC data collection changes, notably virtually all top-level “Get all” type API queries are made, ensuring we have almost all useful data
- Added image tests to ensure collectors are built and bundled into image correctly
- Added Nginx redirect to fix the documentation links to the collector data not always working
- Benchmark editor now always add a command runner key and sanity checks confirms this
- Hashes are built during installer upload, rather than as a separate step, limiting the chance they are out of sync
- Corrected commands there were missing runners
- Fixed one collector lint warning
-
We’ve begun work on an “advanced collector” which will be more intelligent about which benchmarks to run, how they get executed, how errors get handled, and have other capabilities.
- This collector is packaged as a binary executable, rather than the existing human-readable scripts we use
- We’re interested in learning what you would need to get approval for the use of this new tool on your network, please let us know what you would need!
- Currently, it works with the Cisco FMC API, but the goal is to allow it to run all of our existing benchmarks. If you’re interested in looking at it, the initial documentation is at https://app.xylok.io/docs/detailed/build/docs/data-collection/advanced-collector
-
Changed to having interview answers be blank by default, rather than ‘Not yet answered’
- Added Cisco FMC as an OS options
- Added SBOM and static analysis reports to Xylok. Currently, this only covers the new collector but we’ll likely expand this for other parts of Xylok.
- Inherited count in CRA says ‘CCIs’ now instead of ‘controls,’ which was a little inaccurate
- RHEL 7, 8, and 9 updates
- RHEL 8 v1r13 marked as customer ready
- Added winserver-powershell OS tag, and applied to AD Domain and Forest STIGs
- Corrected very old, bad Firewall SRG version (v1r01) with an incorrect date to make it not appear as “newest”
- Readied latest Firewall SRG to allow it to work with new collector
- Updated Google Chrome Current Windows STIG v2r9 and marked ready.
- Updated VMware vSphere 7.0 vCenter STIG v1r3 and marked ready.
- Updated VMware vSphere 7.0 Virtual Machine STIG v1r3 and marked ready.
- Updated ESS Trellix Agent STIG v5r10 and marked ready.
- Updated ESS Policy Auditor STIG v5r1 and marked ready.
- Updated ESS Staging Server STIG v5r1 and marked ready.
- Updated ESS Agent Handler STIG v2r3 and marked ready.
- Updated ESS ePO 5.x STIG v2r13 and marked ready.
- Updated ESS Policy Auditor STIG v5r1.
- Updated ESS Staging Server STIG v5r1.
- Updated ESS Agent Handler STIG v2r3.
- Updated ESS ePO 5.x STIG v2r13.
- Updated Trellix ENS 10.x STIG v2r13 and marked ready.
- Updated Trellix Application Control 8.x STIG v2r2 and marked ready.
- Updated ESS Trellix Agent STIG v5r10.
- Removed typesense completely and started integration of new graphql server
- Updated OSes to include RHEL 9
- Added a lock around rebuilding most control rating sets to prevent issues with two rebuilds running simultaneously
- Removed PP chunk size to avoid lambda request size limits
- Added some more debugging/exception handling to the PP testing endpoint
- Allow PP formatting requests to be downloaded successfully
- Fixed CRA total numbers not adding up correctly
- Lots of work on RHEL 9 to bring out in this release. v1r1 is customer ready, v1r2 will be shortly as well.
- Added PP to VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v1r1. Updated audit_helper utility.
- Marked v1r1 of RHEL 9 customer ready
- Updated Cisco IOS Router NDM STIG v2r8.
- Updated Cisco IOS Switch NDM STIG v2r8.
- Updated Cisco IOS-XR Router NDM STIG v2r5.
- Updated Cisco IOS-XE Switch NDM STIG v2r8.
- Updated Cisco ISE NAC STIG v1r5.
- Updated Cisco ISE NDM STIG v1r6.
- Updated Cisco IOS-XE Router NDM STIG v2r9.
- Updated Cisco NX-OS Switch NDM STIG v2r7.
- Updated Cisco NX-OS Switch L2S STIG v2r3.
- Updated MS SQL Server 2016 Database STIG v2r8.
- Updated MS SQL Server 2016 Instance STIG v2r11.
- Updated Microsoft Internet Explorer 11 STIG v2r5.
- Updated Microsoft DotNet Framework 4.0 STIG v2r3.
- Apache 2.4 Fix
- Added PP to VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v1r1.
- Added PP to VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v1r1.
- Added PP to VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v1r1.
- Added PP to VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v1r1.
- Added PP to VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v1r1.
- Added PP to VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v1r1.
- Added PP to VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v1r1.
- Added PP to VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v1r1.
- Added PP to VMware vSphere 8.0 vCenter Appliance User Interface (UI) STIG v1r1.
- Added PP to VMware vSphere 8.0 vCenter Appliance Secure Token Service (STS) STIG v1r1.
- Added PP to VMware vSphere 8.0 vCenter Appliance PostgreSQL STIG v1r1.
- Added PP to VMware vSphere 8.0 vCenter Appliance PostgreSQL STIG v1r1.
- Added PP to VMware vSphere 8.0 vCenter Appliance PostgreSQL STIG v1r1.
- Added PP to VMWare vSphere 8.0 vCenter Appliance PostgreSQL STIG v1r1.
- Scraped DISA STIGs as of 28 Jan 2024.
- Scraper: Updated benchmark trend_micro_deep_security_9-x_stig, added version v2r1
- Scraper: Updated benchmark toss_4_stig, added version v1r3
- Scraper: Updated benchmark hw_android_9-x_cobo_stig, added version v1r2
- Scraper: Updated benchmark hw_android_9-x_cope_stig, added version v1r2
- Scraper: Updated benchmark edb_postgres_advanced_server_stig, added version v2r3
- Scraper: Updated benchmark google_chrome_current_windows, added version v2r9
- Scraper: Updated benchmark solaris_11_sparc_stig, added version v2r9
- Scraper: Updated benchmark oracle_database_11-2g_stig, added version v2r4
- Scraper: Updated benchmark edb_postgres_advanced_server_v11_on_windows_stig, added version v2r3
- Scraper: Updated benchmark apple_ios-ipados_16_cobo-cope_stig, added version v1r3
- Scraper: Updated benchmark mcafee_application_control_8-x_stig, added version v2r2
- Scraper: Updated benchmark ess_epo_5-3_5-9_stig, added version v2r13
- Scraper: Updated benchmark hbss_-_remote_console, added version v5r2
- Scraper: Updated benchmark general_purpose_operating_system, added version v2r7
- Scraper: Updated benchmark f5_big-ip_access_policy_manager_11-x_stig, updated version v2r2
- Scraper: Updated benchmark f5_big-ip_device_management_11-x_stig, updated version v2r2
- Scraper: Updated benchmark f5_big-ip_local_traffic_manager_11-x_stig, updated version v2r2
- Scraper: Updated benchmark sles_15_stig, added version v1r12
- Scraper: Updated benchmark hbss_policyauditor, added version v5r1
- Scraper: Updated benchmark mongodb_3-x_stig, added version v2r2
- Scraper: Updated benchmark container_platform_srg, added version v1r5
- Scraper: Updated benchmark ms_windows_server_2022_dns_stig, added version v1r1
- Scraper: Added benchmark hpe_nimble_storage_array_ndm_stig, added version v1r2
- Scraper: Updated benchmark mcafee_ens_10-x_local_client_stig, added version v1r6
- Scraper: Updated benchmark ess_mcafee_agent_stig, added version v5r10
- Scraper: Updated benchmark can_ubuntu_18-04_stig, added version v2r13
- Scraper: Updated benchmark cisco_ios_router_ndm_stig, added version v2r8
- Scraper: Updated benchmark apple_macos_13_stig, updated version v1r1
- Scraper: Updated benchmark rhel_9_stig, added version v1r2
- Scraper: Updated benchmark cisco_ios_switch_ndm_stig, added version v2r8
- Scraper: Updated benchmark postgresql_9-x_stig, added version v2r4
- Scraper: Updated benchmark palo_alto_networks_alg_stig, added version v2r4
- Scraper: Added benchmark apple_macos_14_stig, added version v1r1
- Scraper: Updated benchmark oracle_database_12c_stig, added version v2r9
- Scraper: Updated benchmark mongodb_enterprise_advanced_4-x_stig, added version v1r3
- Scraper: Updated benchmark apple_macos_13_stig, updated version v1r3
- Scraper: Updated benchmark redis_enterprise_6-x_stig, added version v1r3
- Scraper: Updated benchmark mariadb_enterprise_10-x_stig, added version v1r3
- Scraper: Updated benchmark database_generic, added version v3r4
- Scraper: Updated benchmark apache_server_2-4_unix_server_stig, added version v2r6
- Scraper: Updated benchmark ms_sql_server_2016_database_stig, added version v2r8
- Scraper: Updated benchmark ms_sql_server_2016_instance_stig, added version v2r11
- Scraper: Added benchmark ms_exchange_2019_mailbox_server_stig, added version v1r1
- Scraper: Added benchmark ms_exchange_2019_edge_server_stig, added version v1r1
- Scraper: Updated benchmark ibm_zos_tss_stig, added version v8r12
- Scraper: Updated benchmark ibm_zos_racf_stig, added version v8r13
- Scraper: Updated benchmark ibm_zos_acf2_stig, added version v8r14
- Scraper: Updated benchmark traditional_security_checklist, added version v2r5
- Scraper: Updated benchmark hbss_rogue_sensor, added version v5r2
- Scraper: Updated benchmark mcafee_tie-dxl_stig, added version v2r3
- Scraper: Updated benchmark cisco_ios-xr_router_ndm_stig, added version v2r5
- Scraper: Added benchmark epas_stig, added version v1r1
- Scraper: Updated benchmark juniper_ex_ndm_stig, added version v1r5
- Scraper: Updated benchmark oracle_linux_8_stig, added version v1r9
- Scraper: Updated benchmark cisco_ios_xe_switch_ndm_stig, added version v2r8
- Scraper: Updated benchmark crunchy_data_postgresql_stig, added version v2r2
- Scraper: Updated benchmark oracle_mysql_8.0_stig, added version v1r5
- Scraper: Updated benchmark cisco_ise_nac_stig, added version v1r5
- Scraper: Updated benchmark cisco_ise_ndm_stig, added version v1r6
- Scraper: Updated benchmark rhel_7_stig, added version v3r14
- Scraper: Updated benchmark vmw_vsphere_7-0_vcenter_stig, added version v1r3
- Scraper: Updated benchmark vmw_vsphere_7-0_vca_photon_os_stig, added version v1r3
- Scraper: Updated benchmark vmw_vsphere_7-0_virtual_machine_stig, added version v1r3
- Scraper: Updated benchmark rgs_rke2_stig, added version v1r4
- Scraper: Updated benchmark hbss_staging_server, added version v5r1
- Scraper: Updated benchmark cisco_ios-xe_router_ndm_stig, added version v2r9
- Scraper: Updated benchmark mcafee_ens_10-x_stig, added version v2r13
- Scraper: Updated benchmark tomcat_application_server_9_stig, added version v2r7
- Scraper: Updated benchmark hbss_agent_handler, added version v2r3
- Scraper: Updated benchmark bb_cylanceprotect_mobile_for_uem_stig, added version v1r2
- Scraper: Updated benchmark hpe_3par_storeserv_3.3.x_stig, added version v1r2
- Scraper: Updated benchmark rhel_8_stig, added version v1r13
- Scraper: Updated benchmark solaris_11_x86_stig, added version v2r9
- Scraper: Updated benchmark cisco_nx-os_switch_ndm_stig, added version v2r7
- Scraper: Updated benchmark cisco_nx-os_switch_l2s_stig, added version v2r3
- Scraper: Updated benchmark ie_11_stig, added version v2r5
- Scraper: Updated benchmark ms_dot_net_framework, added version v2r3
- Scraper: Updated benchmark oracle_linux_7_stig, added version v2r14
- Scraper: Updated benchmark sles_12_stig, added version v2r13
- Scraper: Updated benchmark ms_exchange_2016_mailbox_server_stig, added version v2r6
- Scraper: Updated benchmark ms_exchange_2016_edge_transport_server_stig, added version v2r5
- Scraper: Updated benchmark marklogic_server_v9_stig, added version v2r2
- Scraper: Updated benchmark canonical_ubuntu_20-04_lts_stig, added version v1r11
- Fix CSRF/CORS error when using tRPC calls from the browser
- N/As at the CCI level no longer override an inherited control’s status
- CCI Ratings builds now use MAD risk as a starting point for raw technical risk. There’s also a limit to prevent you from raising the mitigated risk over the raw
- If the MAD doesn’t contain a raw risk (but the row does exist), assign it a default risk of Low
- CCI rater displays related control/AP number at top of page
- CCI rater mitigations are smarter about showing valid likelihood choices
- Disable copying of technical liklihood when using ‘copy’ button on CCI rater
- CCI rater (and other forms) with non-searchable selections now works correctly
- Updated PowerCLI
- Added timestamp to mx logs
- Numerous CRA fixes/improvements:
- More CRA fixes, including correctly showing CIA level
- Moved document listing to CRA report manager, rather than pulling from DB document listing
- Small boilerplate grammar fixes
- No longer say there were no high/mod findings if notable controls aren’t manually set for a report
- Report editor now sends targeted updates to server, rather than entire report. This allows for multiple users to edit the document at the same time.
- Initial commands/PP for VMWare 8 STIGs
- Added PP module docs we were missing
- Updated Splunk Enterprise 8 STIG v1r5.
- Updated McAfee and ENS STIGs with updates from October 2023.
- Updated Cisco STIGs with October 2023 updates.
- Updated Microsoft IIS 8.5 and 10.0 STIGs with Oct 2023 changes.
- Updated MS SQL Server 2016 Database STIG v2r7.
- Updated Microsoft Office 365 ProPlus STIG v2r11.
- Updated Windows PAW STIG v2r3.
- Updated Microsoft Windows Defender Firewall with Advanced Security STIG, v2r2.
- Updated Windows Server 2016, 2019, and 2022 STIGs with November changes.
- Updated Windows Server 2012 DC and MS STIGs, v3r7.
- Updated Windows 10 and Windows 11 STIGs.
- Updated IOS XE Switch L2S STIG to include show vtp password
- Scraped DISA STIGs 13 Dec 23.
- Scraper: Added benchmark ss_android_os_14_kpe_3-x_cope_stig, added version v1r1
- Scraper: Added benchmark ss_android_os_14_kpe_3-x_cobo_stig, added version v1r1
- Scraper: Updated benchmark network_infrastructure_policy_stig, updated version v10r6
- Scraper: Updated benchmark apple_macos_13_stig, updated version v1r1
- Scraper: Added benchmark vmw_vsphere_8-0_vcsa_lookup_svc_stig, added version v1r1
- Scraper: Added benchmark vmw_vsphere_8-0_vcsa_photon_os_4-0_stig, added version v1r1
- Scraper: Added benchmark vmw_vsphere_8-0_vcsa_vami_stig, added version v1r1
- Scraper: Added benchmark vmw_vsphere_8.0_virtual_machine_stig, added version v1r1
- Scraper: Added benchmark vmw_vsphere_8-0_vcsa_envoy_stig, added version v1r1
- Scraper: Added benchmark vmw_vsphere_8-0_esxi_stig, added version v1r1
- Scraper: Added benchmark vmw_vsphere_8-0_vcsa_sts_stig, added version v1r1
- Scraper: Added benchmark vmw_vsphere_8-0_vcsa_perfcharts_stig, added version v1r1
- Scraper: Added benchmark vmw_vsphere_8-0_vcsa_ui_stig, added version v1r1
- Scraper: Added benchmark vmw_vsphere_8-0_vcsa_postgresql_stig, added version v1r1
- Scraper: Added benchmark vmw_vsphere_8-0_vcenter_stig, added version v1r1
- Scraper: Added benchmark vmw_vsphere_8-0_vcsa_eam_stig, added version v1r1
- Scraper: Updated benchmark f5_big-ip_local_traffic_manager_11-x_stig, updated version v2r1
- Scraper: Updated benchmark f5_big-ip_device_management_11-x_stig, updated version v2r1
- Scraper: Updated benchmark f5_big-ip_access_policy_manager_11-x_stig, updated version v2r1
- Scraper: Added benchmark ivanti_connect_secure_vpn_stig, added version v1r1
- Scraper: Added benchmark ivanti_connect_secure_ndm_stig, added version v1r1
- Scraper: Updated benchmark f5_big-ip_access_policy_manager_11-x_stig, added version v2r2
- Scraper: Updated benchmark f5_big-ip_device_management_11-x_stig, added version v2r2
- Scraper: Updated benchmark f5_big-ip_local_traffic_manager_11-x_stig, added version v2r2