Comment on Implementing Least-Privilege Administrative Models
PaddleMaster@beehaw.org 8 months ago
Some of that, yes. I work for a university that’s government adjacent, so we have to get audited pretty often. Part of that is proving that we STIG and conform to other frameworks. But within certain labs, access is remote only, so I’m not sure how they would handle having a PAW, when there’s probably just a few admin accounts that have strict rules and limits applied.
redfox@infosec.pub 8 months ago
What do you guys use for STIG audit?
Manual STIG viewer or SCAP?