STIG Manager
1.3.10
Contents:
Introduction and Features
Setup and Deployment
1. STIG Manager OSS Setup and Technical Information
2. Authentication and Identity
3. Database
4. Logging
5. Deploy with TLS
6. STIG Manager API Data Representations and Permissions
7. Environment Variables
8. Securing and Assessing STIG Manager Deployments
For Users
For Admins
The STIG Manager Project
Terminology and Concepts
Common Tasks:
Build A Collection with .ckl or XCCDF Files
Review a STIG on an Asset
Review an entire Collection at once
Set the Default STIG Revision for a Collection
Accept and Reject STIG Reviews
Analyze Findings and generate a POA&M
Check evaluation progress
Add Users
Export Results
Transfer Assets to Another Collection
Tag Assets with Labels
Create a new set of STIG Assignments based on an existing set
Update Reference STIGs
Having a problem? Let us know and submit an issue on GitHub!
STIG Manager
»
Setup and Deployment
Edit on GitHub
Next
Previous
Setup and Deployment
ΒΆ
These pages describe how to deploy STIG Manager.
Contents:
1. STIG Manager OSS Setup and Technical Information
1.1. Common Components
1.2. Deployment Scenarios
1.3. Additional Suggested Configuration
1.4. First Steps
2. Authentication and Identity
2.1. JSON Web Token (JWT) Requirements
2.2. Scopes, and Privileges
2.3. Authentication Example - RedHat Keycloak 19+
3. Database
3.1. Database User Requirements
3.2. Database - MySQL 8.0.21+
4. Logging
4.1. Logging schemas
4.2. Common
5. Deploy with TLS
5.1. Configure a Reverse Proxy or Kubernetes Ingress Controller
5.2. STIG Manager with nginx for TLS and CAC Authentication
6. STIG Manager API Data Representations and Permissions
6.1. Data Model
6.2. Permissions
6.3. Database Entity Relationship Diagrams
7. Environment Variables
8. Securing and Assessing STIG Manager Deployments
8.1. Securing Your Deployment
8.2. Assessing Your Deployment