Open Issues Need Help
View All on GitHubAI Summary: Address identified STIG compliance gaps in a Debian-based security hardening project (HARDN-XDR). This involves implementing disk/swap encryption, securing the GRUB bootloader, hardening AppArmor profiles, establishing robust backup/recovery procedures, and integrating automated STIG validation scanning. The goal is to improve the security posture of the Debian image and ensure it meets STIG compliance requirements.
A single STIG Compliant - Debian Package, to fully secure the OS using automation, encryption, monitoring, heuristics and availability.
AI Summary: The task involves updating the auditd.sh script within the HARDN-XDR project. This likely entails modifying the script to improve its functionality, address bugs, or enhance its security features related to auditing system events on Debian systems. The update should maintain STIG compliance.
A single STIG Compliant - Debian Package, to fully secure the OS using automation, encryption, monitoring, heuristics and availability.
AI Summary: The task involves verifying and improving 30+ security modules within a Debian-based security hardening project (HARDN-XDR). This includes ensuring each module has installation and verification steps, establishing baseline configurations for Debian 12 and Ubuntu 22-24.04 (virtualized and desktop deployments), adhering to STIG compliance, implementing backups, testing each module's integration with systemd, and conducting a code review.
A single STIG Compliant - Debian Package, to fully secure the OS using automation, encryption, monitoring, heuristics and availability.
AI Summary: The task involves updating the auditd.sh script within the HARDN-XDR project to incorporate MITRE ATT&CK policies. This requires integrating the auditd framework with MITRE's threat model to enhance the system's security monitoring capabilities by leveraging the knowledge base provided by the referenced auditd-attack project. The goal is to improve the detection of malicious activities by correlating audit logs with known attack techniques.
A single STIG Compliant - Debian Package, to fully secure the OS using automation, encryption, monitoring, heuristics and availability.
AI Summary: The task involves improving the `hardn-main.sh` script within the HARDN-XDR project to achieve a Lynis audit score of 90 or higher. This includes addressing any security vulnerabilities or configuration issues identified by Lynis. Additionally, the task requires creating or updating documentation for the build process.
A single STIG Compliant - Debian Package, to fully secure the OS using automation, encryption, monitoring, heuristics and availability.
AI Summary: The task involves brainstorming and implementing new features for HARDN-XDR, a Debian-based security package aiming for STIG compliance. This includes gathering community suggestions for additional tools and functionalities to enhance its capabilities as a comprehensive security solution, potentially involving CLI, GUI, monitoring, and endpoint management improvements.
A single STIG Compliant - Debian Package, to fully secure the OS using automation, encryption, monitoring, heuristics and availability.
AI Summary: Enhance the `install.sh` script of the HARDN-XDR project by adding a menu-driven interface. This menu should allow users to start, stop, reset, or get help regarding the various security services installed by HARDN-XDR. Each menu option will call a separate shell script located in the `/src` directory. The scripts will handle starting/stopping services using systemd, resetting STIG/Lynis compliance settings, and providing help information with documentation links.
A single STIG Compliant - Debian Package, to fully secure the OS using automation, encryption, monitoring, heuristics and availability.