stigsolution.com /blog/
STIG SOLUTION - Providing solutions to STIG problems
Active Web Watch
stigsolution.com /blog/
STIG SOLUTION - Providing solutions to STIG problems
Active Web Watch
Finding and correcting issues in an eMASS POA&M can be tough, especially if you have to work from spreadsheets. After loading an eMASS POA&M to STIGrevolution, it will compare the POA&M against the data from any loaded test results. This allows you to see where security check numbers, raw severity, and controls are incorrect.
STIGrevolution provides buttons that allow you to open POA&M items directly in eMASS using your default browser, making it easy to correct any issues.
The post STIGrevolution – Finding and Correcting POA&M Issues first appeared on STIG SOLUTION.
The post STIGrevolution – Finding and Correcting POA&M Issues appeared first on STIG SOLUTION.
Keeping your test results in sync with your eMASS POA&M can be tough. Using STIGrevolution, you can import all of your test results and your eMASS POA&M and instantly see how things match up. STIGrevolution can even identify bad information in your POA&M, allowing you to easily make corrections.
The post STIGrevolution – Comparing Test Results with eMASS POA&M first appeared on STIG SOLUTION.
The post STIGrevolution – Comparing Test Results with eMASS POA&M appeared first on STIG SOLUTION.
Ensuring your checklists have all findings reviewed and all finding details filled out can be difficult, especially if you’re not able to work on your checklists all at once. STIGrevolution provides a combination of dashboard buttons and status tabs to help you identify these issues easily. By using the Checklist tab, users can easily find and fill in any incomplete test results.
The post STIGrevolution – Ensuring Complete Test Results first appeared on STIG SOLUTION.
The post STIGrevolution – Ensuring Complete Test Results appeared first on STIG SOLUTION.
When DISA releases updated verisons of STIGs, knowing which of you checklists need updating and completing those updates can be a time consuming tasks. STIGrevolution allows you to add STIGs to a STIG Library, which it then uses to automatically compare your CKLs against every time you load them.
Updates can be done with a click of a button, allowing you to update multiple CKLs at one time.
The post STIGrevolution – Updating Checklists first appeared on STIG SOLUTION.
The post STIGrevolution – Updating Checklists appeared first on STIG SOLUTION.
Have you ever felt the challenge of maintaining consistent and up-to-date host information in your checklists? Mistakes can throw off your POA&M, create problems when comparing to diagrams and other documents, and ultimately undermine the validity of your checklists.
Regular tools like the STIG viewer make us fill out checklists one at a time. It’s tedious, prone to human error, and when dealing with vast numbers of assets, almost impossible to keep consistent. Errors in entries such as the host name or mismatched IP and MAC addresses can create confusion.
STIGrevolution can solve these issues. Upon loading checklists into STIGrevolution, an inventory grid clearly lays out all your checklists and the host information. Highlighted errors in red or orange quickly tell you where the problems lie. Whether it’s missing host names, duplicated checklists, mismatched IP addresses, or discrepancies in file naming, STIGrevolution instantly pinpoints the issues.
Rather than sifting through each entry manually, you can make corrections withing STIGrevolution. Copying host information to multiple checklists for the same host with a single click is a feature that is a huge time saver, especially when dealing with assets that require a large number of checklists.
If there’s a mismatch between your host name and file name, STIGrevolution will help you correct it with its ‘rename’ feature. This ensures checklists aren’t misidentified and that the hostname, which is a key identifier for your checklist data, is filled in correctly.
If you’re among the many professionals drowning in a sea of mismatched and inconsistent checklists, give STIGrevolution a try.
The post STIGrevolution – Edit Host Information first appeared on STIG SOLUTION.
The post STIGrevolution – Edit Host Information appeared first on STIG SOLUTION.
STIGrevolution 1.0.1 RC1 will release next week. This new version will be free to use under an extended trial until September 30, 2023.
Here’s a brief overview.
The post STIGrevolution 1.0.1 RC1 Preview first appeared on STIG SOLUTION.
The post STIGrevolution 1.0.1 RC1 Preview appeared first on STIG SOLUTION.
The post STIGrevolution – Filling out results on multiple CKLs at once first appeared on STIG SOLUTION.
The post STIGrevolution – Filling out results on multiple CKLs at once appeared first on STIG SOLUTION.
The post STIGrevolution – 50 SCAP files to 50 CKLs first appeared on STIG SOLUTION.
The post STIGrevolution – 50 SCAP files to 50 CKLs appeared first on STIG SOLUTION.
In this video, we demonstrate the basic functionality in STIGrevolution allowing users to easily fill out DISA STIG checklists and view their information. We also cover bulk CKL handling capabilities that allow users to create CKLs from SCAP, update existing CKLs with SCAP, and update existing CKLS with new STIG versions.
We’ll be showcasing other capabilities in an upcoming video, including the ability to view and interact with eMASS POA&Ms and compare them to CKLs and ACAS scan data.
The post STIGrevolution – Intro first appeared on STIG SOLUTION.
The post STIGrevolution – Intro appeared first on STIG SOLUTION.
Tenable’s Nessus vulnerability scanner is a very popular security scanning tool. While Nessus does have its own built-in reporting capability, it doesn’t always meet all the needs of its users.
That’s why we’ve just release a new solution, NessViewer. This application takes the .nessus files generated from the scans and gives users the ability to do additional analysis and report generation.
NessViewer is a .NET Application that executes in .NET Framework, preventing the need for installation or creating any footprint on your computer.
NessViewer provides the following views into your data:
Dashboard, with information about each of the scans loaded from .nessus files as well as asset totals
Vulnerabilities, with a data view that can be sorted, filtered and grouped
Software, providing the ability to create software lists for scanned assets
Ports, giving you a list of ports by asset as well as the ability to look up possible related listeners
Detailed Vulnerability list or DVL, a commonly requested format for validation events
Plan of Action and Milestones (POA&M)
Every view in NessViewer is also exportable to Microsoft Excel.
Getting started
To get started, download and open the NessViewer EXE. There’s no installation, as long as you have .NET Framework 4.6 or higher, the application will start immediately.
The first thing you will see is the Open Files tab, you’ll click the “Open Files” button to open one or more Nessus files. You can come back to this tab at any time and use “Open Files” to add more .nessus files. Clicking the “Remove” button next to any file will remove it.
After you’ve loaded some files, it’s time to start looking at your data. You’ll notice on the left hand side that there are several tabs marked with icons. The first one under the Open Files tab is the Dashboard view.
Dashboard
The post NessViewer Public Beta first appeared on STIG SOLUTION.
The post NessViewer Public Beta appeared first on STIG SOLUTION.