DISA has released the Riverbed SteelHead CX v8 STIG Version 1. The requirements of the STIG become effective immediately. The STIG is available at http://iase.disa.mil/stigs/net_perimeter/network-infrastructure/Pages/other.aspx.
DISA has released the Adobe ColdFusion 11 STIG Version 1. The requirements of this STIG become effective immediately. The STIG is available on IASE at: http://iase.disa.mil/stigs/app-security/app-servers/Pages/ColdFusion.aspx
DISA has released the Palo Alto Networks STIG Version 1. The requirements of the STIG become effective immediately. The STIG is available at http://iase.disa.mil/stigs/net_perimeter/network-infrastructure/Pages/firewall.aspx.
DISA has released the McAfee VirusScan Enterprise for Linux (VSEL) 1.9x/2.0x STIGs Version 1. The requirements of the STIGs become effective immediately. The STIGs are available on IASE at http://iase.disa.mil/stigs/app-security/antivirus/Pages/antivirus.aspx.
DISA has developed the Draft Network Infrastructure Policy STIG Version 9. The Draft STIG is available at http://iase.disa.mil/stigs/net_perimeter/network-infrastructure/Pages/policy.aspx for review and comment. Please provide comments, recommended changes, and/or additions to the draft STIG by 29 December 2015 on the Comment Matrix spreadsheet located at http://iase.disa.mil/stigs/net_perimeter/network-infrastructure/Pages/policy.aspx. Comments should be sent via NIPRNet email to: disa.stig_spt@mail.mil. Include the title and version of the STIG in the subject line of your email.
DISA has released the following IAVM packages: http://iase.disa.mil/stigs/Pages/iavm.aspx AIX 6.1 Ver 1, Rel 16 Apple OS 10.10 Workstation Ver 1, Rel 5 Apple OS 10.8 Workstation Ver 1, Rel 9 Apple OS X 10.9 Workstation Ver 1, Rel 6 BlackBerry 10 OS Ver 1, Rel 7 Cisco IOS Ver 1, Rel 7 HP-UX 11.23 Ver 1, Rel 16 HP-UX 11.31 Ver 1, Rel 16 MAC OS X 10.6 Ver 1, Rel 16 Oracle Linux 5 Ver 1, Rel 9 Oracle Linux 6 Ver 1, Rel 9 RHEL 5 Ver 1, Rel 16 RHEL 6 Ver 1, Rel 14 Solaris 10 SPARC Ver 1, Rel 16 Solaris 10 x86 Ver 1, Rel 16 Solaris 11 SPARC Ver 1, Rel 9 Solaris 11 x86 Ver 1, Rel 9 Windows 7 Ver 1, Rel 14 Windows 8 and 8-1 Ver 1, Rel 14 Windows 2008 R2 Ver 1, Rel 14 Windows 2008 Ver 1, Rel 14 Windows 2012 and 2012 R2 Ver 1, Rel 12 Windows Vista Ver 1, Rel 14 zOS Ver 6, Rel 22
DISA has released the Microsoft Windows 10 STIG Version 1. The requirements of the STIG become effective immediately. The STIG is available on IASE at http://iase.disa.mil/stigs/os/windows/Pages/win10.aspx
Dear CSFI members (linkedin), On behalf of CSFI, Federal Times and C4ISR & Networks are providing $100 off registration to CyberCon 2015 – The government/military cybersecurity event on Nov 18 in Arlington, VA. *****Use promo code CSFI2015CC.***** EXCITING NEWS! DHS Secretary Jeh Johnson to deliver a keynote address. LTG Alan Lynn, DISA Director,Commander, JFHQ-DODIN to also deliver a keynote speech. CyberCon 2015 is the forum for dialogue on strategy and innovation to secure federal and defense networks, as well as private-sector networks that hold their sensitive data. Cybersecurity will be the defining battle of the next decade and CyberCon 2015 will provide a roadmap for innovation and collaboration that lead to more transparent and secure networks. • Enterprise architecture • Collaboration • Monitoring and authentication • Network visibility and modernization • Insider threats • Big data and technical enablers The stellar lineup of subject matter experts also includes: • U.S. Senator Mike Rounds (R-S.D.) • Congressman C.A. Dutch Ruppersberger [D-MD-2] • LTG Robert Ferrell, Army CIO/G-6 • Dave DeVries, Principal Deputy CIO of DoD • Ann Barron-DiCamillo, Director, US-CERT, DHS • VADM Ted Branch, Deputy CNO Information Dominance • Rafael Diaz, Chief Information Officer, Department of Housing and Urban Development • Brig. Gen. Thomas Murphy, Vice Commander, 24th Air Force and Vice Command, Air Forces Cyber, U.S. Air Force • Kenneth Bible, Deputy Director, C4 and Deputy Chief Information Officer, U.S. Marine Corps • Mark Schwartz, Chief Information Officer, Department of Homeland Security • Amando Gavino, Director of the Office of Network Services, ITS, GSA • COL Gregory Breazile, Director, C2/Cyber & Electronic Warfare Integration Division, Marine Corps. Cyber Task Force • Jim Quinn, Lead System Engineer, Continuous Diagnostics and Mitigation, Department of Homeland Security • COL Bobby Saxon, Division Chief and Program Director, Enterprise Management Decision Support, G-3/5/7 Program Office, U.S. Army • Donna Dodson, Deputy Cyber Security Advisor, National Institute of Science and Technology • C. Todd Ratcliffe, Section Chief, Cyber Operations Section II, FBI • John Gilligan, Former CIO, U.S. Air Force; Former CIO, Department of Energy; and, Chairman of the Board, Center for Internet Security • Tony Sager, Senior Vice President and Chief Evangelist, Center for Internet Security • John Pescatore, Director of Emerging Security Trends, SANS Institute • Tom Moran, Executive Director, All Hazards Consortium • Greg Giddens, Principal Executive Director, Office of Acquisition, Logistics and Construction, Department of Veterans Affairs (VA) • Mark Duke, Professor, Cyber Security Department, Information Resources Management College, National Defense University • Keith Ward, President and Chief Executive Officer, Transglobal Secure Collaboration Participation We hope to see you there! CSFI Management
DISA has released the following IAVM packages: http://iase.disa.mil/stigs/Pages/iavm.aspx  AIX 6.1 Ver 1, Rel 15 Apple OS 10.10 Workstation Ver 1, Rel 4 Apple OS 10.8 Workstation Ver 1, Rel 8 Apple OS X 10.9 Workstation Ver 1, Rel 5 BlackBerry 10 OS Ver 1, Rel 6 HP-UX 11.23 Ver 1, Rel 15 HP-UX 11.31 Ver 1, Rel 15 MAC OS X 10.6 Ver 1, Rel 15 Oracle Linux 5 Ver 1, Rel 8 Oracle Linux 6 Ver 1, Rel 8 RHEL 5 Ver 1, Rel 15 RHEL 6 Ver 1, Rel 13 Solaris 10 SPARC Ver 1, Rel 15 Solaris 10 x86 Ver 1, Rel 15 Solaris 11 SPARC Ver 1, Rel 8 Solaris 11 x86 Ver 1, Rel 8 Windows 7 Ver 1, Rel 13 Windows 8 and 8-1 Ver 1, Rel 13 Windows 2008 R2 Ver 1, Rel 13 Windows 2008 Ver 1, Rel 13 Windows 2012 and 2012 R2 Ver 1, Rel 11 Windows Vista Ver 1, Rel 13
DISA has released updates to the SRG/STIG Library Compilations in .ZIP format to correspond with the latest quarterly SRG/STIG update cycle. This release also includes newly released SRGs and STIGs published since the last quarterly release of the SRG/STIG Library Compilations. The SRG/STIG_Library.zip is a compilation of DoD Security Requirements Guides (SRGs), DoD Security Technical Implementation Guides (STIGs) (provided in XCCDF or .pdf format), Checklists, Security Readiness Review (SRR) Tools that are available through the IASE web site’s STIG pages. Two versions of the compilation are produced, an FOUO version and a NON-FOUO version entitled U_SRG-STIG_Library.zip and FOUO _SRG-STIG_Library.zip. The file name preceded by FOUO_ contains STIGs and related content that has been designated as FOUO. As such a DoD PKI certificate is required to download it. The file name preceded by U_ is the NON-FOUO version which does not contain FOUO. It is therefore downloadable by the general public. These compilations may be used and distributed in the same manner as the individually downloaded documents. The FOUO compilation as a whole and any separated FOUO content must be handled in accordance with customary FOUO handling and dissemination guidelines. Please see “SRG/STIG Library Compilation READ ME” for additional information to include download / extraction instructions and a FAQ. All related files are available on IASE at: http://iase.disa.mil/stigs/dod-purpose-tool/Pages/index.aspx
