Sequoia Release 1.1 #457
Merged
Sequoia Release 1.1 #457
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Initial STIG-IDs added to rule files.
New CCIs added to rules
New SRGs added to stig rules
Remove unneeded SRG
- os_authenticated_root_enable, updated check - os_directory_services_configured, removed from stig - os_ess_installed, removed from stig - os_firewall_log_enable, removed from 15.x - os_genmoji_disable, added 800-53 and stig - os_image_generation_disable, added 800-53 and sti.yaml - os_iphone_mirroring_disable - os_password_autofill_disable, added 800-53 and sti - os_ssh_fips_compliant, fixed check/fix - os_ssh_server_alive_count_max_configure, fixed fix - os_ssh_server_alive_interval_configure, fixed fix - os_sshd_fips_compliant, fixed fix/check - os_sudo_log_enforce, added 800-53 and stig - os_writing_tools_disable, added 800-53 and sti - pwpolicy_custom_regex_enforce, updated regex - system_settings_ssh_enable, removed from stig
Removed CCI, SRG, STIG ID, and STIG tag
Added STIG ID to - os_genmoji_disable - os_image_generation_disable - os_sudo_log_enforce - os_writing_tools_disable
removed tags from rules removed from cis
Updated check and fix for ssh and sshd for FIPS
added check into sshd to not fix if proper
Updated ssh fixes to match os_ssh_fips_compliant
remove cis ref & tag from system_settings_improve_search_disable issue #443
os_world_writable_library_folder_configure issue# 445
Replaced N/A CCEs for os_mail_summary_disable and os_photos_enhanced_search_disable
pwpolicy_custom_regex_enforce odv hint updated
Removed 800-53 and 800-171 tags Updated discussion to reflect NIST SP 800-63 and Executive Order M-22-09
Added rules to disable external intelligence features for 15.2
fix[supplemental]: update note about filevault unlock
Updated check to allow greater than ODV. Issue #451
Added mention of /usr/libexec/reset-ssh-configuration.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.