PowerSTIG

3.0.0

The PowerStig module provides a set of PowerShell classes to access DISA STIG settings extracted from the xccdf. The module provides a unified way to access the parsed STIG data by enabling the concepts of:
1. Exceptions (overriding and auto-documenting)
2. Ignoring a single or entire class of rules (auto-documenting)
3. Organizational settings to address STIG rules that have allowable ranges.

This module is intended to be used by additional automation as a lightweight portable “database” to audit and enforce the parsed STIG data.

Minimum PowerShell version

5.1

Installation Options

Copy and Paste the following command to install this package using PowerShellGet More Info

Install-Module -Name PowerSTIG -RequiredVersion 3.0.0

Copy and Paste the following command to install this package using Microsoft.PowerShell.PSResourceGet More Info

Install-PSResource -Name PowerSTIG -Version 3.0.0

You can deploy this package directly to Azure Automation. Note that deploying packages with dependencies will deploy all the dependencies to Azure Automation. Learn More

Manually download the .nupkg file to your system's default download location. Note that the file won't be unpacked, and won't include any dependencies. Learn More

Owners

Copyright

Package Details

Author(s)

Adam Haynes

Release Notes

NEW

       * Introduces class support for each rule type
       * The STIG class now contains an array of rule objects vs xml elements
       * Orgsettings, Exceptions, and Rule skips are all supported by the Rule base class
       * Rule help is provided for any loaded rule.
         * See the [wiki](https://github.com/Microsoft/PowerStig/wiki/GettingRuleHelp) for more information.
       * Major code refactor to simplify maintenance and usage
       * [Breaking Change] The STIG class constructor no longer accepts Orgsettings, Exceptions, or Rule skips
         * That functionality has move to the load rule method
       * DSC composite resource parameter validation for version numbers has been removed
         * The STIG class validates all input and will throw an error if invalid data is provided.
       * The Get-StigList has be updated and renamed to Get-Stig to return the STIG class

       UPDATES

       * Fixed [#241](https://github.com/Microsoft/PowerStig/issues/241): [WindowsFeatureRule] PsDesiredStateConfiguration\WindowsOptionalFeature doesn't properly handle features that return $null
       * Fixed [#258](https://github.com/Microsoft/PowerStig/issues/258): New-StigChecklist will not accept a path without an explicit filename
       * Fixed [#243](https://github.com/Microsoft/PowerStig/issues/243): [V-46515] Windows-All-IE11-1.15 Rawstring typo
       * Fixed [#289](https://github.com/Microsoft/PowerStig/issues/289): Updated DocumentRule and DocumentRuleConvert Classes to parse correctly.
       * Fixed [#284](https://github.com/Microsoft/PowerStig/issues/284): [V-74415] [V-74413] Windows 10 STIG rule V-74415 and V-74413 should not contain white space in key
       * Fixed [290](https://github.com/Microsoft/PowerStig/issues/290): [V-76731] IIS Server STIG V-76731 fails to properly set STIG guidance because rule is not split.
       * Fixed [314](https://github.com/Microsoft/PowerStig/issues/314): Update PowerSTIG to Utilize LogTargetW3C parameter in xWebAdministration 2.5.0.0.
       * Fixed [334](https://github.com/Microsoft/PowerStig/issues/334): Update PowerStig to utilize AccessControlDsc 1.3.0.0
       * Fixed [331](https://github.com/Microsoft/PowerStig/issues/331): 2012/R2 [V-39325] 2016 [V-73373], [V-73389] PermissionRule.Convert CheckContent Match Parser Update
       * Fixed [320](https://github.com/Microsoft/PowerStig/issues/320): IIS Site STIG doesn't correctly convert STIGS that contain "SSL Settings" in raw string

       * Added the following STIGs
         * IIS Site 8.5 V1R6 [#276](https://github.com/Microsoft/PowerStig/issues/276)
         * Windows Firewall STIG V1R7 [#319](https://github.com/Microsoft/PowerStig/issues/319)

       * Removed the following STIGs
         * Windows Server 2012 R2 DC 2.12
         * Windows Server 2012 R2 DSN 1.7
         * Active Directory Domain 2.9
         * IIS Server 8.5 1.3
         * IIS Site 8.5 1.2
         * Removed: Internet Explorer 1.13

FileList

Version History

Version	Downloads	Last updated
4.26.0	1,480	5/29/2025
4.25.0	23,056	2/21/2025
4.24.0	14,470	12/9/2024
4.23.0	5,483	9/30/2024
4.22.0	8,257	5/31/2024
4.21.0	6,546	3/1/2024
4.20.0	3,053	1/12/2024
4.19.0	1,340	12/22/2023
4.18.0	3,543	9/5/2023
4.17.0	2,085	6/27/2023
4.16.0	3,440	3/16/2023
4.15.0	1,937	12/29/2022
4.14.0	2,972	9/14/2022
4.13.1	1,941	6/27/2022
4.13.0	223	6/16/2022
4.12.1	1,143	3/23/2022
4.12.0	72	3/18/2022
4.11.0	2,446	12/13/2021
4.10.1	4,873	8/31/2021
4.10.0	220	8/20/2021
4.9.1	3,337	6/3/2021
4.9.0	249	6/1/2021
4.8.0	2,563	3/1/2021
4.7.1	700	1/22/2021
4.7.0	570	12/17/2020
4.6.0	672	12/1/2020
4.5.1	895	10/12/2020
4.5.0	426	9/1/2020
4.4.2	1,194	7/7/2020
4.3.0	1,719	3/27/2020
4.2.0	1,303	12/20/2019
4.1.1	624	10/31/2019
4.0.0	695	9/20/2019
3.3.0	551	8/12/2019
3.2.0	956	5/25/2019
3.1.0	919	4/1/2019
3.0.1	188	3/12/2019
3.0.0 (current version)	122	3/1/2019
2.4.0.0	3,522	2/7/2019
2.3.2.0	666	12/18/2018
2.3.1.0	222	12/7/2018
2.3.0.0	58	11/30/2018
2.2.0.0	916	10/10/2018
2.1.0.0	1,469	9/5/2018
2.0.0.0	2,715	8/17/2018
1.1.1.0	619	8/13/2018
1.1.0.0	624	7/29/2018
1.0.0.0	1,476	5/31/2018
0.9.3.0	530	1/8/2018
0.9.2.8	77	12/7/2017
0.9.2.7	92	11/3/2017

Show less