Patch Policies and Dashboards in ZCM have improved considerably, and we would like to see the capabilities expanded to application and operating system configuration audit.

Operating System and Application STIGs are no longer just for the US DOD, they are now being used by DOD suppliers who need to prove configuration conformance with NIST SP 800-171 for USG auditors.

This seems to be a perfect function for the ZPM module / ZEN agent. Allow users to create/import a STIG Patch Policy for supported Linux, Windows, Mac or various applications, apply the STIG policy and integrate into the existing dashboard to show compliance (or lack of).

More information on DICA's STIG for various platforms/applications can be found here;
https://iase.disa.mil/stigs/Pages/a-z.aspx?

More information on how Microsoft's compliance tool here;
https://github.com/Microsoft/PowerStig/wiki

Comments