DISA Policy

Our Policy for The Defense Information Systems Agency (DISA) addresses guidelines put forward by the Security Technical Implementation Guide (STIG).

From the Unix STIG:
"Department of Defense Directive (DODD) 8500.1 establishes policy and assigns responsibilities to the Defense Information Systems Agency (DISA) to develop and provide security configuration guidance for IA and IA-enabled IT products in coordination with the National Security Agency (NSA). Paragraph 4.18 of the 8500.1 states, "All IA and IA-enabled IT products incorporated into DOD information systems shall be configured in accordance with DOD-approved security configuration guidelines." DISA Field Security Operations (FSO) develops the guidelines, which are called Security Technical Implementation Guides."

Our Tripwire policies address the DISA requirements for several platforms based on the STIG for those platforms. We give the user a proactive way to automatically assess configurations against these requirements, dramatically reducing the time needed to satisfy any compliance or audit requirements and with our tunable change detection, help you achieve and maintain a known and trusted state.