Security Technical Implementation Guide

The use of STIGs enables a methodology for securing protocols within networks, servers, computers, and logical designs to enhance overall security. These guides, when implemented, enhance security for software, hardware, physical and logical architectures to further reduce vulnerabilities.

Examples where STIGs would be of benefit is in the configuration of a desktop computer or an enterprise server. Most operating systems are not inherently secure,{{cite web | url=https://www.cvedetails.com/top-50-products.php | title=Top 50 products having highest number of cve security vulnerabilities }} which leaves them open to criminals such as identity thieves and computer hackers. A STIG describes how to minimize network-based attacks and prevent system access when the attacker is interfacing with the system, either physically at the machine or over a network. STIGs also describe maintenance processes such as software updates and vulnerability patching.

Advanced STIGs might cover the design of a corporate network, covering configurations of routers, databases, firewalls, domain name servers and switches.

• CIA triad
• Information Assurance
• Security Content Automation Protocol

{{Reflist}}

• [http://web.nvd.nist.gov/view/ncp/repository NIST Security Configuration Checklists Repository]
• [https://public.cyber.mil/stigs/ Security Technical Implementation Guides and Supporting Documents in the Public Area]
• [https://cyber.trackr.live/ Online STIG search]

Category:Configuration management

Category:Security compliance