PowerSTIG

3.0.0

The PowerStig module provides a set of PowerShell classes to access DISA STIG settings extracted from the xccdf. The module provides a unified way to access the parsed STIG data by enabling the concepts of:
1. Exceptions (overriding and auto-documenting)
2. Ignoring a single or entire class of rules (auto-documenting)
3. Organizational settings to address STIG rules t
The PowerStig module provides a set of PowerShell classes to access DISA STIG settings extracted from the xccdf. The module provides a unified way to access the parsed STIG data by enabling the concepts of:
1. Exceptions (overriding and auto-documenting)
2. Ignoring a single or entire class of rules (auto-documenting)
3. Organizational settings to address STIG rules that have allowable ranges.

This module is intended to be used by additional automation as a lightweight portable “database” to audit and enforce the parsed STIG data.

Minimum PowerShell version

5.1

Installation Options

Copy and Paste the following command to install this package using PowerShellGet More Info

Install-Module -Name PowerSTIG -RequiredVersion 3.0.0

You can deploy this package directly to Azure Automation. Note that deploying packages with dependencies will deploy all the dependencies to Azure Automation. Learn More

Manually download the .nupkg file to your system's default download location. Note that the file won't be unpacked, and won't include any dependencies. Learn More

Author(s)

Adam Haynes

Copyright

Copyright 2019

Owners

Tags

DSC DesiredStateConfiguration STIG PowerStig

Functions

Get-DomainName Get-Stig New-StigCheckList

DSCResources

DotNetFramework FireFox IisServer IisSite InternetExplorer Office OracleJRE SqlServer WindowsClient WindowsDnsServer WindowsFirewall WindowsServer

Dependencies

Release Notes

NEW

       * Introduces class support for each rule type
       * The STIG class now contains an array of rule objects vs xml elements
       * Orgsettings, Exceptions, and Rule skips are all supported by the Rule base class
       * Rule help is provided for any loaded rule.
         * See the [wiki](https://github.com/Microsoft/PowerStig/wiki/GettingRuleHelp) for more information.
       * Major code refactor to simplify maintenance and usage
       * [Breaking Change] The STIG class constructor no longer accepts Orgsettings, Exceptions, or Rule skips
         * That functionality has move to the load rule method
       * DSC composite resource parameter validation for version numbers has been removed
         * The STIG class validates all input and will throw an error if invalid data is provided.
       * The Get-StigList has be updated and renamed to Get-Stig to return the STIG class

       UPDATES

       * Fixed [#241](https://github.com/Microsoft/PowerStig/issues/241): [WindowsFeatureRule] PsDesiredStateConfiguration\WindowsOptionalFeature doesn't properly handle features that return $null
       * Fixed [#258](https://github.com/Microsoft/PowerStig/issues/258): New-StigChecklist will not accept a path without an explicit filename
       * Fixed [#243](https://github.com/Microsoft/PowerStig/issues/243): [V-46515] Windows-All-IE11-1.15 Rawstring typo
       * Fixed [#289](https://github.com/Microsoft/PowerStig/issues/289): Updated DocumentRule and DocumentRuleConvert Classes to parse correctly.
       * Fixed [#284](https://github.com/Microsoft/PowerStig/issues/284): [V-74415] [V-74413] Windows 10 STIG rule V-74415 and V-74413 should not contain white space in key
       * Fixed [290](https://github.com/Microsoft/PowerStig/issues/290): [V-76731] IIS Server STIG V-76731 fails to properly set STIG guidance because rule is not split.
       * Fixed [314](https://github.com/Microsoft/PowerStig/issues/314): Update PowerSTIG to Utilize LogTargetW3C parameter in xWebAdministration 2.5.0.0.
       * Fixed [334](https://github.com/Microsoft/PowerStig/issues/334): Update PowerStig to utilize AccessControlDsc 1.3.0.0
       * Fixed [331](https://github.com/Microsoft/PowerStig/issues/331): 2012/R2 [V-39325] 2016 [V-73373], [V-73389] PermissionRule.Convert CheckContent Match Parser Update
       * Fixed [320](https://github.com/Microsoft/PowerStig/issues/320): IIS Site STIG doesn't correctly convert STIGS that contain "SSL Settings" in raw string

       * Added the following STIGs
         * IIS Site 8.5 V1R6 [#276](https://github.com/Microsoft/PowerStig/issues/276)
         * Windows Firewall STIG V1R7 [#319](https://github.com/Microsoft/PowerStig/issues/319)

       * Removed the following STIGs
         * Windows Server 2012 R2 DC 2.12
         * Windows Server 2012 R2 DSN 1.7
         * Active Directory Domain 2.9
         * IIS Server 8.5 1.3
         * IIS Site 8.5 1.2
         * Removed: Internet Explorer 1.13

Version History

Version Downloads Last updated
4.12.1 651 3/23/2022
4.12.0 49 3/18/2022
4.11.0 1,844 12/13/2021
4.10.1 4,035 8/31/2021
4.10.0 203 8/20/2021
4.9.1 2,047 6/3/2021
4.9.0 234 6/1/2021
4.8.0 2,549 3/1/2021
4.7.1 664 1/22/2021
4.7.0 556 12/17/2020
4.6.0 406 12/1/2020
4.5.1 877 10/12/2020
4.5.0 392 9/1/2020
4.4.2 1,180 7/7/2020
4.3.0 1,705 3/27/2020
4.2.0 1,276 12/20/2019
4.1.1 613 10/31/2019
4.0.0 680 9/20/2019
3.3.0 539 8/12/2019
3.2.0 940 5/25/2019
3.1.0 905 4/1/2019
3.0.1 176 3/12/2019
3.0.0 (current version) 111 3/1/2019
2.4.0.0 3,165 2/7/2019
2.3.2.0 655 12/18/2018
2.3.1.0 210 12/7/2018
2.3.0.0 46 11/30/2018
2.2.0.0 890 10/10/2018
2.1.0.0 1,457 9/5/2018
2.0.0.0 2,700 8/17/2018
1.1.1.0 606 8/13/2018
1.1.0.0 609 7/29/2018
1.0.0.0 1,461 5/31/2018
0.9.3.0 517 1/8/2018
0.9.2.8 64 12/7/2017
0.9.2.7 79 11/3/2017
Show less