STIG Manager Logo

Contents:

  • Introduction and Features
  • Setup and Deployment
  • For Users
  • For Admins
  • The STIG Manager Project
    • Project Description and Resources
    • Contribution Guide
    • API Testing Guide
    • Documentation
    • Examples and Sample Data
    • Requirements and Dependencies
    • Clients
    • Related Repositories
      • STIGMan Watcher
      • STIGMan Orchestration
      • STIGMan Client Modules
    • STIG Manager OSS on Docker Hub
    • STIG Manager is an active, Open Source project maintained by NUWCDIVNPT
  • Contribution Guide
  • Terminology and Concepts

Common Tasks:

  • Build A Collection with .ckl or XCCDF Files
  • Review a STIG on an Asset
  • Review an entire Collection at once
  • Set the Default STIG Revision for a Collection
  • Accept and Reject STIG Reviews
  • Analyze Findings and generate a POA&M
  • Check evaluation progress
  • Add Users
  • Export Results
  • Transfer Assets to Another Collection
  • Tag Assets with Labels
  • Create a new set of STIG Assignments based on an existing set
  • Update Reference STIGs
  • Having a problem? Let us know and submit an issue on GitHub!
STIG Manager
  • The STIG Manager Project
  • Related Repositories
  • View page source
Previous Next

Related Repositories

The STIG Manager OSS API is designed and documented such that additional clients can be developed to enhance its utility for users.

The STIG Manager OSS project provides the main reference UI Client, described in this documentation, as part of the main repository on GitHub.

If other projects want to contribute a client or other stand-alone enhancements to the tool, create a Pull Request and we will link to them here.

STIGMan Watcher

The STIG Manager Watcher utility is separately maintained by a member of the NUWCDIVNPT STIG Manager team, and serves as the reference Command Line Utility. It is a Node.js app that will monitor a specific folder for .ckl or XCCDF .xml files and automatically import them into a designated Collection.

See the STIGMan Watcher Repo for more details.

STIGMan Orchestration

The STIG Manager Demonstration Orchestration offers a sample configuration for a deployment of STIG Manager that offers CAC-Authentication with an nginx reverse proxy, as well as pre-configured Keycloak OIDC Authentication and MySql Database containers.

See the STIGMan Orchestration for more details.

STIGMan Client Modules

The STIG Manager team maintains a separate repository containing useful javascript modules for developing clients. These modules are used in both the STIG Manager GUI and STIGMan Watcher, and are provided as a resource to assist the creation of clients that import checklist files or batch updates to the API.

These modules are available in the stig-manager-client-modules repository. Check the gitHub repo’s README.md and documentation for more specific information about using them.

  • ReviewParser.js Provides parsers for .ckl, .cklb, and XCCDF data. These modules will process data in the checklist format specified, and return a JSON object that can be used to create or update Assets, STIG Assignments, and Reviews in the STIG Manager API. The parsers incorporate processing that will ensure Reviews conform to the Import Options specified by the target Collections in the API, if specified.

    • reviewsFromCkl

    • reviewsFromCklb

    • reviewsFromXccdf

  • TaskObject.js Takes parsed checklist data, as well as the current state of a Collection’s Assets and the STIGs available in the system, and create a TaskObject. The TaskObject defines Assets and Assignments that need to be created or updated, as well as the Reviews that were identified in the parsed checklist data for those Assets.

Previous Next

© Copyright 2025 U.S. Federal Government (in countries where recognized).

Built with Sphinx using a theme provided by Read the Docs.