Skip to content
@ansible-lockdown

Ansible Lockdown

Ansible Lockdown is a security baseline automation project sponsored by Mindpoint Group.
README.md

Welcome to Ansible Lockdown

Org Stars Lockdown_followers Discord_active

Part of the Lockdown Suite by
MindPoint Group

Based upon the following products

Remediation Roles Audit Profiles
Ansible by RedHat Github hosted goss

Ansible

by RedHat

Goss

Go Server Spec

What is it?

Based upon industry recognized benchmarks and best practices, using leading products to enable highly adjustable configurations to bring your systems/platforms into security compliance.

  • Open Source (MIT licensed)
    • Community supported as standard
    • Enterprise support available
  • Configuration-as-code
    • Assist in bringing your systems/platform into compliance through the use of Ansible
    • Audit your current system/platform using Goss
  • Highly configurable to work with your systems

Content

CIS DISA-STIG
CIS Disa STIG
CIS Repos STIG Repos

Looking for support?

Useful Links

Repositories

CIS

Links
CIS-Linux
CIS-Windows
CIS-Platform
CIS-Applications

CIS-Linux

OS Remediate Audit
Amazon2 Amazon2-CIS Amazon2-CIS-Audit
Amazon2023 Amazon2023-CIS Amazon2023-CIS-Audit
DEBIAN11 DEBIAN11-CIS DEBIAN11-CIS-Audit
DEBIAN12 Static Badge Static Badge
RHEL7 RHEL7-CIS RHEL7-CIS-Audit
RHEL8 RHEL8-CIS RHEL8-CIS-Audit
RHEL9 RHEL9-CIS RHEL9-CIS-Audit
UBUNTU18 UBUNTU18-CIS UBUNTU18-CIS-Audit
UBUNTU20 UBUNTU20-CIS UBUNTU20-CIS-Audit
UBUNTU22 UBUNTU22-CIS UBUNTU22-CIS-Audit
UBUNTU24 Static Badge Static Badge

CIS-Windows

OS Remediate Audit
Windows-10 Windows-10-CIS Static Badge
Windows-11 Windows-11-CIS Static Badge
Windows-2016 Windows-2016-CIS Windows-2016-CIS-Audit
Windows-2019 Windows-2019-CIS Windows-2019-CIS-Audit
Windows-2022 Windows-2022-CIS Static Badge

CIS-Platform

OS Remediate Audit
Cisco-IOS-L2S Cisco-IOS-L2S N/A
AWS-Foundations AWS-Foundations N/A
Azure-CIS Azure-CIS N/A

CIS-Applications

Application Remediate Audit
Apache-2.4 Apache-2.4-CIS N/A
Postgres-12 Postgres-12-CIS N/A
Kubernetes1.6.1 Kubernetes1.6.1-CIS N/A

STIG

Links
STIG-Linux
STIG-Windows
STIG-Applications
STIG-Archived

STIG-Linux

OS Remediate Audit
RHEL7 RHEL7-STIG RHEL7-STIG-Audit
RHEL8 RHEL8-STIG RHEL8-STIG-Audit
RHEL9 RHEL9-STIG RHEL9-STIG-Audit
UBUNTU18 UBUNTU18-STIG UBUNTU18-STIG-Audit
UBUNTU20 UBUNTU20-STIG Static Badge

STIG-Windows

OS Remediate Audit
Windows-10 Windows-10-STIG N/A
Windows-2016 Windows-2016-STIG N/A
Windows-2019 Windows-2019-STIG N/A
Windows-2022 Windows-2022-STIG N/A

STIG-Applications

Application Remediate Audit
Apache-2.4-STIG Apache-2.4-STIG N/A
Cisco-IOS-L2S Cisco-IOS-L2S-STIG N/A
Windows-Advanced-Firewall WinFWADV-STIG WinFWADV-STIG-Audit
KUBERNETES-STIG KUBERNETES-STIG N/A

STIG-Archived

OS
RHEL5-STIG
RHEL6-STIG
Windows-2008R2-Member-Server-STIG
Windows-2012-Member-Server-STIG
Windows-2012-Domain-Controller-STIG
Application
Postgres-9-STIG

Pinned Loading

  1. RHEL7-CIS RHEL7-CIS Public

    Ansible role for Red Hat 7 CIS Baseline

    YAML 473 303

  2. RHEL7-STIG RHEL7-STIG Public

    Ansible role for Red Hat 7 STIG Baseline

    YAML 284 143

  3. RHEL8-CIS RHEL8-CIS Public

    Ansible role for Red Hat 8 CIS Baseline

    YAML 268 165

  4. UBUNTU20-CIS UBUNTU20-CIS Public

    Ansible role for Ubuntu 2004 CIS Baseline

    YAML 179 63

  5. RHEL9-CIS RHEL9-CIS Public

    Ansible role for Red Hat 9 CIS Baseline

    YAML 123 93

  6. Windows-2019-CIS Windows-2019-CIS Public

    CIS Baseline Ansible Role for Windows 2019

    YAML 134 73

Repositories

Showing 10 of 69 repositories
  • RHEL9-STIG-Audit Public

    RHEL9 Audit for the STIG benchmark

    ansible-lockdown/RHEL9-STIG-Audit’s past year of commit activity
    YAML 1 MIT 2 0 0 Updated Nov 8, 2024
  • RHEL8-STIG-Audit Public

    Audit control files for rhel8 stig - utilising goss

    ansible-lockdown/RHEL8-STIG-Audit’s past year of commit activity
    YAML 13 MIT 4 1 0 Updated Nov 7, 2024
  • RHEL8-STIG Public

    Ansible role for Red Hat 8 STIG Baseline

    ansible-lockdown/RHEL8-STIG’s past year of commit activity
    YAML 99 MIT 58 11 1 Updated Nov 7, 2024
  • RHEL9-CIS Public

    Ansible role for Red Hat 9 CIS Baseline

    ansible-lockdown/RHEL9-CIS’s past year of commit activity
    YAML 123 MIT 93 6 0 Updated Nov 5, 2024
  • UBUNTU22-CIS Public

    Ansible role for Ubuntu22 CIS Baseline

    ansible-lockdown/UBUNTU22-CIS’s past year of commit activity
    YAML 191 MIT 81 9 0 Updated Nov 5, 2024
  • UBUNTU22-CIS-Audit Public

    Audit for Ubuntu 22 CIS

    ansible-lockdown/UBUNTU22-CIS-Audit’s past year of commit activity
    YAML 38 MIT 15 2 0 Updated Nov 4, 2024
  • RHEL7-STIG Public

    Ansible role for Red Hat 7 STIG Baseline

    ansible-lockdown/RHEL7-STIG’s past year of commit activity
    YAML 284 MIT 143 2 1 Updated Nov 1, 2024
  • RHEL9-CIS-Audit Public

    Audit configurations for RHEL9 CIS

    ansible-lockdown/RHEL9-CIS-Audit’s past year of commit activity
    YAML 22 MIT 13 4 0 Updated Oct 30, 2024
  • RHEL8-CIS Public

    Ansible role for Red Hat 8 CIS Baseline

    ansible-lockdown/RHEL8-CIS’s past year of commit activity
    YAML 268 MIT 165 5 1 Updated Oct 30, 2024
  • RHEL9-STIG Public

    Ansible playbook for RHEL9 Disa STIG

    ansible-lockdown/RHEL9-STIG’s past year of commit activity
    Jinja 10 MIT 12 10 0 Updated Oct 29, 2024
View all repositories