General Cyber Exchange Announcements

Supplemental Automation Content has been updated for July 2020

This content leverages Configuration Management tools to enforce STIG requirements. These tools allow for customization and use a STIG-centric approach.

The Supplemental Automation Content can be found on the Cyber Exchange website on the Supplemental Automation Content tab located at:
https://cyber.mil/stigs/supplemental-automation-content/

For users who do not have a CAC that has DoD Certificates, the Supplemental Automation Content is also available from:
https://public.cyber.mil/stigs/supplemental-automation-content/

McAfee Home Use Solutions

McAfee has announced a “Work from Home (WFH)” program that provides free access to their Total Protection solution for 60-days. Under McAfee WFH, anyone can download their premier anti-virus and secure virtual private networking solutions to better protect their systems in response to the heightened mission need to support telework requirements. Click here to learn more about McAfee’s corporate Work from Home program.

The DoD Home Use program provides an annual subscription to McAfee’s Internet Security product for approved DoD employees via this website: https://www.disa.mil/Cybersecurity/Network-Defense/Antivirus/Home-Use.

SRGs/STIGs Announcements

STIG Update - DISA Has Released the Canonical Ubuntu 20.04 LTS STIG

DISA has released the Canonical Ubuntu 20.04 LTS Security Technical Implementation Guide (STIG). The requirements of the STIG become effective immediately.

Customers who have a CAC that has DoD Certificates can obtain the STIG at https://cyber.mil/stigs/downloads/.

For those who do not have a CAC that has DoD Certificates, the STIG is also available from https://public.cyber.mil/stigs/downloads/.

If you are unable to find and download the content, please report broken link issues to the DoD Cyber Exchange Web team at dod.cyberexchange@mail.mil. For all questions related to the STIG content, please contact the DISA STIG Customer Support Desk at disa.stig_spt@mail.mil.

STIG Update - DISA Has Released the Citrix Virtual Apps and Desktops 7.x STIG

DISA has released the Citrix Virtual Apps and Desktops (VAD) 7.x Security Technical Implementation Guide (STIG). The requirements of the STIG become effective immediately.

Customers who have a CAC that has DoD Certificates can obtain the STIG at https://cyber.mil/stigs/downloads/.

For those who do not have a CAC that has DoD Certificates, the STIG is also available from https://public.cyber.mil/stigs/downloads/.

If you are unable to find and download the content, please report broken link issues to the DoD Cyber Exchange Web team at dod.cyberx@mail.mil. For all questions related to the STIG content, please contact the DISA STIG Customer Support Desk at disa.stig_spt@mail.mil.

STIG Viewer Version 2.13

DISA has released STIG Viewer Version 2.13. This latest version of STIG Viewer is available at https://public.cyber.mil/stigs/downloads/.

==General==
-Font size preferences
-Switch from arbitrary sizes to four pre-defined sizes.
-Preferences now apply to more components.
-Eliminated blank console windows for Windows and Linux self-contained builds.
-Added right margin to content display to prevent obscured last character.
-Rule ID column now displays by default.

==Checklist tab==
-Import checklist data now displays a message listing unmatched rules.
-Preferences now allow for imported finding details to be appended or prepended.
-Dark mode context menu background for text areas is now gray.
-Dark mode now applies to target comment field.
-CSV export now has “Name” selection instead of “HostName”.

For all STIG/SRG related questions, please contact the DISA STIG Customer Support Desk: disa.stig_spt@mail.mil

STIG Update - DISA Has Released the Oracle MySQL 8.0 STIG

DISA has released the Oracle MySQL 8.0 Security Technical Implementation Guide (STIG). The requirements of the STIG become effective immediately.

Customers who have a CAC that has DoD Certificates can obtain the STIG at https://cyber.mil/stigs/downloads/.

For those who do not have a CAC that has DoD Certificates, the STIG is also available from https://public.cyber.mil/stigs/downloads/.

If you are unable to find and download the content, please report broken link issues to the DoD Cyber Exchange Web team at dod.cyberexchange@mail.mil. For all questions related to the STIG content, please contact the DISA STIG Customer Support Desk at disa.stig_spt@mail.mil.

The SCC Development Team is pleased to announce the release of SCC 5.4.

The binaries will be available at:

https://public.cyber.mil/stigs/scap/ in the SCAP Tools section.
https://cyber.mil/stigs/scap/ in the SCAP Tools section.
https://cyber.smil.mil/stigs/scap/ in the SCAP Tools section.

Primary changes from 5.3.1 to 5.4

* For All Platforms
* Updated SCAP content to January 2021
* Improved SSH remote scanning, fixing several issues with 5.3.1, especially with RHEL 7 and Solaris remote targets.

* For Windows
* Fixed several small bugs with ntuser tests and file tests

* For Linux
* Added support for SLES 15, Red Hat Enterprise Linux 8 and Oracle Linux 8

STIG Update - DISA has released the Canonical Ubuntu 18.04 LTS with Ansible Automation Package

DISA has released the Canonical Ubuntu 18.04 LTS with Ansible Automation Package.

Customers who have a CAC that has DoD Certificates can obtain the STIG at https://cyber.mil/stigs/downloads/.

For those who do not have a CAC that has DoD Certificates, the STIG is also available from https://public.cyber.mil/stigs/downloads/.

If you are unable to find and download the content, please report broken link issues to the DoD Cyber Exchange Web team at dod.cyberexchange@mail.mil. For all questions related to the STIG content, please contact the DISA STIG Customer Support Desk at disa.stig_spt@mail.mil.

STIG Update - Group Policy Objects have been updated

Group Policy Objects (GPOs) have been updated to include Microsoft Edge and to revise the Google Chrome files. See the Change Log document included in the zip file for additional information.

The DISA Risk Management Executive posts the GPOs for use by system administrators to ease the burden in securing systems within their environment.

The GPOs can be found on the Cyber Exchange website on the Group Policy Objects tab at https://cyber.mil/stigs/gpo/. For users who do not have a CAC that has DoD Certificates, the GPO is also available from https://public.cyber.mil/stigs/gpo/.

DISA Has Released the Microsoft Edge STIG

DISA has released the Microsoft Edge Security Technical Implementation Guide (STIG). The requirements of the STIG become effective immediately.

Customers who have a CAC that has DoD Certificates can obtain the STIG at https://cyber.mil/stigs/downloads/.

For those who do not have a CAC that has DoD Certificates, the STIG is also available from https://public.cyber.mil/stigs/downloads/.

If you are unable to find and download the content, please report broken link issues to the DoD Cyber Exchange Web team at dod.cyberexchange@mail.mil. For all questions related to the STIG content, please contact the DISA STIG Customer Support Desk at disa.stig_spt@mail.mil.

STIG Update - DISA Has Released Latest STIG Applicability Guides

DISA has released the latest STIG Applicability Guides for Linux, Mac, and Windows. The purpose of this tool is to assist the SRG/STIG user community in determining what SRGs and/or STIGs apply to a particular situation or information system and to create a fully formatted document containing a “collection” of SRGs and STIGs applicable to the situation being addressed.

The SRG/STIG Applicability Guide is updated periodically to address the most recent new SRG/STIG releases and sunset products.

Customers who have a CAC that has DoD Certificates can obtain the files at https://cyber.mil/stigs/downloads/.

For those who do not have a CAC that has DoD Certificates, the files are also available from https://public.cyber.mil/stigs/downloads/.

If you are not able to find and download the content, please report broken link issues to the DoD Cyber Exchange Web team at dod.cyberexchange@mail.mil. For all questions related to the guide content, please contact the DISA STIG Customer Support Desk at disa.stig_spt@mail.mil.

DISA has released the following guidance: How to Create an SRG/STIG ID Mapping Spreadsheet

To provide increased flexibility for the future, DISA has updated the systems that produce STIGs and SRGs. This has resulted in a modification to Group and Rule IDs (Vul and Subvul IDs).

Spreadsheets that mapped these new IDs to the “legacy” IDs were provided for end users during the October 2020 Quarterly Release. Although these spreadsheets are no longer being provided as of January 2021, users may create their own.

To create this spreadsheet, please refer to the How to Create an SRG-STIG ID Mapping Spreadsheet document.

For all questions related to STIG content, please contact the DISA STIG Customer Support Desk at disa.stig_spt@mail.mil.

DISA has released the Infoblox 8.x DNS STIG

DISA has released the Infoblox 8.x DNS Security Technical Implementation Guide (STIG). The requirements of the STIG become effective immediately.

Customers who have a CAC that has DoD Certificates can obtain the STIG at https://cyber.mil/stigs/downloads/.

For those who do not have a CAC that has DoD Certificates, the STIG is also available from https://public.cyber.mil/stigs/downloads/.

DISA has released the SLES 15 Security Technical Implementation Guide (STIG).

DISA has released the SLES 15 Security Technical Implementation Guide (STIG). The requirements of the STIG become effective immediately.

Customers who have a CAC that has DoD Certificates can obtain the STIG at https://cyber.mil/stigs/downloads/.

For those who do not have a CAC that has DoD Certificates, the STIG is also available from https://public.cyber.mil/stigs/downloads/.

If you are unable to find and download the content, please report broken link issues to the DoD Cyber Exchange Web team at dod.cyberx@mail.mil. For all questions related to the STIG content, please contact the DISA STIG Customer Support Desk at disa.stig_spt@mail.mil.

PKI/PKE Announcements

New WCF CAs released - Certificate Bundle v5.10

The WCF PKI has recently deployed updated WCF Signing CAs 1-10. These new certificates are now available in the WCF PKI PKCS#7 Certificate Bundle v5.10.