Document Overview

This document describes SteelCloud’s objective for maintaining and updating SteelCloud provided Signature baseline files for the ConfigOS software suite in accordance with the Defense Information Systems Agency's(DISA) Security Technical Implementation Guides(STIGs) published updates made available on the DoD Cyber Exchange - Public's Document Library.

Method of Updates

SteelCloud shall provide ConfigOS Signature baseline updates to Client using SteelCloud’s support staff at SteelCloud’s reasonable discretion as appropriate.

Scope of Coverage

In Scope

• STIG updates which affect any SteelCloud ConfigOS Signature published, maintained, and currently available.

Out of Scope

• STIG updates which affect technology which SteelCloud currently does not have an officially published Signature.

• STIG Updates which affect “as is” Signatures provided by SteelCloud for Client convenience, but have no official STIG maintained by DISA.

  • e.g. CentOS STIG Signature

• Updates to all customized Client Signatures which are not provided and maintained by SteelCloud.

STIG Publishing Support Timing

SteelCloud will make its best efforts to provide updates to all in scope STIG Signatures within three(3) business days of DISA’s announcement and publications of updated STIG content being available from the DoD Cyber Exchange - Public Document Library via DISA’s SRG/STIG mailing list.

Updated SteelCloud-maintained Signatures will be made available to Client via SteelCloud’s chosen file distribution method.