by Cesar Navas
March 11, 2024
The Defense Information Systems Agency (DISA) is a United States Department of Defense combat support agency composed of military, federal civilians, and contractors. Security Technical Implementation Guides (STIG) is a configuration standard consisting of cybersecurity requirements for a specific product. This report provides a high-level overview of results gathered from DISA STIG compliance scans.
Tenable Vulnerability Management is able to perform a wide variety of platform and application audits based on the best practice consensus benchmarks developed by using DISA STIGs. The Tenable Research team creates audits based on published DISA STIG within each unique benchmark, and then validates that all the tests are within the specified parameters of the STIG. Each STIG is linked to several versions of the supporting configuration guide and linked together using a downloadable STIG file. Compliance results have been broken down into four categories (Application, Computer, Cloud, and Network). This report contains chapters which display information on DISA compliance benchmarks for all four Categories.
Tenable provides several solutions for organizations to better understand vulnerability management. Security leaders need to SEE everything, PREDICT what matters most and ACT to address cyber risk and effectively align cybersecurity initiatives with business objectives. Tenable Vulnerability Management (formerly Tenable.io) discovers and analyzes assets continuously to provide an accurate and unified view of an organization's security posture. The requirements for this report are: Tenable Vulnerability Management.
Chapters:
- DISA Audit Benchmarks Collected using Application Checks: This chapter displays information on compliance benchmarks for the Application categories.
- DISA Audit Benchmarks Collected using Cloud Checks: This chapter displays information on compliance benchmarks for the Cloud categories.
- DISA Audit Benchmarks Collected using Computer Checks: This chapter displays information on compliance benchmarks for the Computer categories.
- DISA Audit Benchmarks Collected using Network Checks: This chapter displays information on compliance benchmarks for the Network categories.