STIG Manager is an API and Web client for managing the assessment of Information Systems for compliance with security checklists published by the United States (U.S.) Defense Information Systems Agency (DISA). STIG Manager supports DISA checklists distributed as either a Security Technical Implementation Guide (STIG) or a Security Requirements Guide (SRG).
For many deployments, our official Docker image is a good choice.
The STIG Manager documentation provides useful references, such as User and Setup Guides, videos, Release Notes, Terminology, and deployment scenarios.
- User Walkthrough
- Admin Walkthrough
- Setup and Technical Information
- Environment Variable Reference
- Release Notes
Please read our CONTRIBUTING document. It explains:
- How you can get involved in the project and contribute
- How to set up a development environment to work with the project's code