16:06:53 <cyberpear> #startmeeting Ansible Lockdown Working Group
16:06:53 <zodbot> Meeting started Thu Jul 11 16:06:53 2019 UTC.
16:06:53 <zodbot> This meeting is logged and archived in a public location.
16:06:53 <zodbot> The chair is cyberpear. Information about MeetBot at http://wiki.debian.org/MeetBot.
16:06:53 <zodbot> Useful Commands: #action #agreed #halp #info #idea #link #topic.
16:06:53 <zodbot> The meeting name has been set to 'ansible_lockdown_working_group'
16:08:37 <cyberpear> #info STIG base requirement comes from NIST SP-800-53 via DISA Generic OS SRG
16:11:17 <cyberpear> #info SP-800-53 compliance is sometimes referred to as RMF or Risk Management Framework and comes from the FISMA law
16:13:15 <cyberpear> #info NIST SP-800-171 is approximately a subset of SP-800-53 that is required for DFARS compliance
16:14:20 <cyberpear> #info SP-800-171 compliance is required for processing CUI (Controlled Unclassified Information) data
16:15:30 <cyberpear> #info DISA publishes a CCI number with each SRG? and STIG rule, and provides a document mapping the CCI to the relevant SP-800-53 section
16:15:48 <cyberpear> #idea add CCI numbers to each STIG rule
16:17:02 <cyberpear> #idea add a variable to STIG roles to enforce only the SP 800-171 subset
16:17:44 <cyberpear> #info SP 800-171  references SP 800-53
16:18:07 <cyberpear> #help Does someone have a mapping of SP 800-171 to SP 800-53 requirements?
16:18:43 <cyberpear> #idea SSG (ComplianceAsCode/content) might have something to map 800-53 to 800-171
16:19:36 <cyberpear> I think that sums up my thoughts on that topic
16:20:43 <cyberpear> #info #help Does someone have a mapping of SP 800-171 to SP 800-53 requirements?
16:21:03 <cyberpear> (not sure if zodbot honors the #help command per the MeetBot wiki)
16:21:34 <cyberpear> any progress on finishing the GUI STIG RHEL7 items? -- I saw the PR was closed
16:22:14 <cyberpear> I'll close the meeting in 5 min of nothing else
16:29:47 <cyberpear> #endmeeting