security-benchmarks
security-benchmarks copied to clipboard
GSA
GSA Security Benchmarks and Tools
GSA Security Benchmarks 
Welcome to the General Services Administration Security Benchmarks repository. As automated implementation and verification content is developed and updated, it will be posted here. This content is provided as a tool to facilitate implementation and verification of security settings required by the GSA Security Benchmarks.
What are GSA Security Benchmarks?
The GSA publishes security guides for various operating systems and applications commonly used at the agency. For more information, please refer to the published guides on insite.gsa.gov (only accessible with GSA account).
Available Content
Security Benchmark Documentation
Dependency: GSA account
- Hardening Guides - Documents outlining the general use and standards for security benchmarks.
- Security Benchmark Worksheets - Individual worksheets itemizing the security benchmark settings.
Automated Implementation
Ansible Playbooks
Dependency: Ansible
GPOs
Automated Verification
Dependency: GSA account
- Tenable/Nessus Audit Files - Custom audit content for use with Tenable Security Center or Nessus Vulnerability Scanner
- BigFix Compliance Checklists - Custom audit content for use with hosts that are registered with the BigFix platform.
For questions or comments, contact OCISO ISE: [email protected].
GSA