Some of that, yes. I work for a university that’s government adjacent, so we have to get audited pretty often. Part of that is proving that we STIG and conform to other frameworks. But within certain labs, access is remote only, so I’m not sure how they would handle having a PAW, when there’s probably just a few admin accounts that have strict rules and limits applied.
this post was submitted on 11 Apr 2024
7 points (81.8% liked)
cybersecurity
3249 readers
1 users here now
An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!
Community Rules
- Be kind
- Limit promotional activities
- Non-cybersecurity posts should be redirected to other communities within infosec.pub.
Enjoy!
founded 1 year ago
MODERATORS
What do you guys use for STIG audit?
Manual STIG viewer or SCAP?