Is there an automated way to compare old STIGS to new STIGS? For example, if I'm using Java 7 and the newer version Java 8 comes out, I want to compare the two to see what's changed. Currently I'm doing this manually and it's very painful. Is there an automated way of doing this?
Asked
Active
Viewed 1,260 times
2 Answers
1
I know this is old, but i figured i'd answer it anyway. There is a SaaS tool called Vaulted (https://vaulted.io) that was released recently that allows you to compare DISA STIGs. It contains a library of all current STIGs and SRGs, and allows you to look at look versions of those STIGs/SRGs and compare them. You need a free account to do it, but if you're still interested it might help you out.
Mike Bell
- 41
- 1
- 3
0
It seems like the only official option is to watch the "Quarterly Release Schedule and Summary" page and read each doc for changes.
https://public.cyber.mil/stigs/release-schedule/
Or to sign up for the mailing list
https://public.govdelivery.com/accounts/USDISA/subscriber/new?topic_id=USDISA_181
Anthony Mastrean
- 21,850
- 21
- 110
- 188