Aesir Automation Content

On-prem or SaaS security automation library with STIG automation for containers and platforms. Curated by domain experts. Combine with your own custom content produced with the Aesir Platform for full-stack security.

GuidanceDocsComplianceScansNormalizedData

Plan

Harden & Validate

Standardize

Visualize

inspec exec rhel9-stig -t ssh://prod-web-01.example.mil

Profile: RHEL 9 STIG Automated Compliance Validation

Version: 1.4.0

Target: ssh://prod-web-01.example.mil

✔SV-257777:RHEL 9 must implement DOD-approved encryption in OpenSSL

✔SV-257778:RHEL 9 must use a separate file system for /tmp

✘SV-257779:RHEL 9 must disable the Ctrl-Alt-Delete sequence

expected service('ctrl-alt-del.target') to be disabled

✔SV-257780:RHEL 9 must restrict access to the kernel message buffer

✔SV-257781:RHEL 9 must enable FIPS mode

✔SV-257782:RHEL 9 must not have the telnet-server package installed

✘SV-257783:RHEL 9 must use strong password hashing algorithm

expected sha512 but got sha256 in /etc/login.defs

✔SV-257784:RHEL 9 must have the firewalld package installed

○SV-257785:RHEL 9 must have the tmux package installed

Not applicable — GUI not installed

✔SV-257786:RHEL 9 must enable audit logging

... 211 more controls ...

186 passed

23 failed

12 skipped

0 errors

Compliance Rate89%

Expert-Curated Automation Content

Written and validated by the domain experts who helped create the underlying security standards. Curated automation built on deep subject matter expertise.

Chef InSpec

CINC Auditor

Ansible

AAC Profile Library3248 total controls

Containers

Alpine Linux

28 controls· InSpec

InSpec

Validate

UBI 9

440 controls· InSpec

InSpec

Validate

UBI 10

440 controls· InSpec

InSpec

Validate

Ubuntu (Container)

189 controls· InSpec

InSpec

Validate

Container Platforms

Kubernetes

96 controls· InSpec

InSpec+Ansible

Validate

RGS RKE2

22 controls· InSpec

InSpec+Ansible

Validate

Red Hat OpenShift

80 controls· InSpec

InSpec+Ansible

Validate

Operating Systems

Windows 11

396 controls· InSpec

InSpec+Ansible

Validate

Windows Server 2025

488 controls· InSpec

InSpec+Ansible

Validate

RHEL 9

440 controls· InSpec

InSpec+Ansible

Validate

RHEL 10

440 controls· InSpec

InSpec+Ansible

Validate

Ubuntu 24.04 LTS

189 controls· InSpec

InSpec+Ansible

Validate

12 platform profilesCurated by STIG co-authors

Combine with Custom Automation

Use AAC to cover common system components that comprise your system. Easily integrate with other automation tools and profiles. For example, you can easily combine automation based off of your Aesir Sindre™ documentation with AAC to cover your software stack top to bottom.

inspec.yml

# inspec.yml — My System Validation Profile

name: my-system-validation

version: 1.0.0

depends:

# AAC profiles for base platform coverage

- name: aac-rhel10-stig

url: https://aac.aesirsystems.com/profiles/rhel10

- name: aac-k8s-stig

url: https://aac.aesirsystems.com/profiles/kubernetes

# Custom profile from your Sindre™ documentation

- name: my-app-controls

path: ./profiles/my-app-controls

AAC Profile

Custom Profile

Rapid Turnaround

New DISA STIG releases covered within one month. Never behind on compliance requirements.

Update TurnaroundTarget: < 30 days

RHEL 9 STIG V2R2

DISA: Jan 24AAC: Feb 4

11d

Windows Server 2022 STIG V2R3

DISA: Jan 24AAC: Feb 10

17d

Ubuntu 22.04 STIG V2R1

DISA: Jan 24AAC: Feb 7

14d

Kubernetes STIG V2R2

DISA: Jan 24AAC: Feb 12

19d

Apache Server 2.4 STIG V3R1

DISA: Oct 25AAC: Nov 6

12d

PostgreSQL 15 STIG V1R1

DISA: Oct 25AAC: Nov 15

21d

Average: 16 daysAll within target

Need proven security automation content?

AAC provides expert-curated automation for your most critical compliance requirements.