Skip to content

Generate a Baseline

Jump to bottom
Allen Golbig edited this page Jan 19, 2021 · 14 revisions

The project provides the following Baselines:

  • NIST 800-53

    • High

    • Moderate

    • Low

  • DISA-STIG

  • NIST 800-171

  • CNSSI 1253

If you want to create your own baseline or modify an existing baseline, the generate-baseline.py found in the scripts folder will generate a baseline.yaml file containing all the rules with the provided tag. The baseline.yaml is what is required to run the generate-guidance.py script.

Get a list of available tags
➜  macos_security git:(big_sur) ./scripts/generate_baseline.py -l
800-171
800-53r4_high
800-53r4_low
800-53r4_moderate
cnssi-1253
inherent
manual
n_a
none
permanent
stig
supplemental
Generate a new baseline
➜  macos_security git:(big_sur) ./scripts/generate_baseline.py -k 800-53r4_moderate
➜  macos_security git:(big_sur) ls -dn build/baselines/*
-rw-r--r--  1 501  20  6350 Jan 19 13:30 build/baselines/800-53r4_moderate.yaml

Introduction

Clone this wiki locally