First automated tool to lockdown Linux servers to meet DISA STIGS

Trusted Computer Solutions announced that Security Blanket 1.2, an automated tool for locking down Linux operating systems, now supports the government’s lock down profile for the stringent Defense Information Systems Agency’s (DISA) Security Technical Implementation Guides (STIGs), as well as commercial lock-down profiles defined by the SANS Institute, the Center for Internet Security (CIS) and customized user-defined profiles.

Security Blanket 1.2 ensures that Red Hat Enterprise Linux operating systems maintain the highest level of security and that it is easy for system administrators to lock down their servers based on industry guidelines.

DISA STIGs are used to maintain the confidentiality, integrity, and availability of an information system and are an important part of the overall configuration management for a system. A STIG describes what needs to be done to the system in order to minimize malicious system access. Prior to Security Blanket, government customers had to rely on manual implementation of the STIGs or use tools that supported some, but not all, of these guidelines. Security Blanket is the first product available that automates all the STIGs making it easy and efficient to ensure security compliance.

In addition to supporting the DISA STIGs, Security Blanket 1.2 contains a LAMP (Linux, Apache, MySQL, PHP) lock down profile. This profile is based on the SANS Institute’s defined risks associated with using PHP; the CIS Linux and MySQL benchmarks; and the DISA Unix STIGs.

Security Blanket sells for $198 per server.