Jump to content

Security Technical Implementation Guide

From Wikipedia, the free encyclopedia
This is an old revision of this page, as edited by Caseyjsmith806 (talk | contribs) at 19:01, 16 June 2016 (Changed definition). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

A Security Technical Implementation Guide (STIG) is a cybersecurity methodology for standardizing security protocols within networks, servers, computers, and logical designs that enhance overall security. These guides, when implemented, enhance security for software, hardware, physical and logical architectures to further reduce vulnerabilities.

An example where STIGs would be of benefit is in the configuration of a desktop computer. Most operating systems are not inherently secure.[1] This leaves them open to criminals such as identity thieves and computer hackers. A STIG describes how to minimize network-based attacks and preventing system access when the attacker is interfacing with the system, either physically at the machine, or over a network. STIGs also describe maintenance processes, such as software updates and vulnerability patching.

Advanced STIGs might cover the design of a corporate network, covering configurations of routers, firewalls, domain name servers and switches.

References

  1. ^ https://www.cvedetails.com/top-50-products.php

Resources

Tools

See also

Retrieved from "https://en.wikipedia.org/w/index.php?title=Security_Technical_Implementation_Guide&oldid=725607810"