Skip to content
@ansible-lockdown

Ansible Lockdown

Ansible Lockdown is a security baseline automation project sponsored by Mindpoint Group.

Welcome to Ansible Lockdown

Org Stars Lockdown_followers Discord_active

Part of the Lockdown Suite by
MindPoint Group

Based upon the following products

Remediation Roles Audit Profiles
Ansible by RedHat Github hosted goss
by RedHat
Go Server Spec

What is it?

Based upon industry recognized benchmarks and best practices, using leading products to enable highly adjustable configurations to bring your systems/platforms into security compliance.

  • Open Source (MIT licensed)
    • Community supported as standard
    • Enterprise support available
  • Configuration-as-code
    • Assist in bringing your systems/platform into compliance through the use of Ansible
    • Audit your current system/platform using Goss
  • Highly configurable to work with your systems

Content

CIS DISA-STIG
CIS Disa STIG
CIS Repos STIG Repos

Looking for support?

Useful Links

Repositories

CIS


Links
CIS-Linux
CIS-Windows
CIS-Platform
CIS-Applications

CIS-Linux


OS Remediate Audit
Amazon2 Amazon2-CIS Amazon2-CIS-Audit
Amazon2023 Amazon2023-CIS Amazon2023-CIS-Audit
DEBIAN11 DEBIAN11-CIS DEBIAN11-CIS-Audit
DEBIAN12 Static Badge Static Badge
RHEL7 RHEL7-CIS RHEL7-CIS-Audit
RHEL8 RHEL8-CIS RHEL8-CIS-Audit
RHEL9 RHEL9-CIS RHEL9-CIS-Audit
UBUNTU18 UBUNTU18-CIS UBUNTU18-CIS-Audit
UBUNTU20 UBUNTU20-CIS UBUNTU20-CIS-Audit
UBUNTU22 UBUNTU22-CIS UBUNTU22-CIS-Audit
UBUNTU24 Static Badge Static Badge

CIS-Windows


OS Remediate Audit
Windows-10 Windows-10-CIS Static Badge
Windows-11 Windows-11-CIS Static Badge
Windows-2016 Windows-2016-CIS Windows-2016-CIS-Audit
Windows-2019 Windows-2019-CIS Windows-2019-CIS-Audit
Windows-2022 Windows-2022-CIS Static Badge

CIS-Platform


OS Remediate Audit
Cisco-IOS-L2S Cisco-IOS-L2S N/A
AWS-Foundations AWS-Foundations N/A
Azure-CIS Azure-CIS N/A

CIS-Applications


Application Remediate Audit
Apache-2.4 Apache-2.4-CIS N/A
Postgres-12 Postgres-12-CIS N/A
Kubernetes1.6.1 Kubernetes1.6.1-CIS N/A

STIG


Links
STIG-Linux
STIG-Windows
STIG-Applications
STIG-Archived

STIG-Linux


OS Remediate Audit
RHEL7 RHEL7-STIG RHEL7-STIG-Audit
RHEL8 RHEL8-STIG RHEL8-STIG-Audit
RHEL9 RHEL9-STIG RHEL9-STIG-Audit
UBUNTU18 UBUNTU18-STIG UBUNTU18-STIG-Audit
UBUNTU20 UBUNTU20-STIG Static Badge

STIG-Windows


OS Remediate Audit
Windows-10 Windows-10-STIG N/A
Windows-2016 Windows-2016-STIG N/A
Windows-2019 Windows-2019-STIG N/A
Windows-2022 Windows-2022-STIG N/A

STIG-Applications


Application Remediate Audit
Apache-2.4-STIG Apache-2.4-STIG N/A
Cisco-IOS-L2S Cisco-IOS-L2S-STIG N/A
Windows-Advanced-Firewall WinFWADV-STIG WinFWADV-STIG-Audit
KUBERNETES-STIG KUBERNETES-STIG N/A

STIG-Archived


OS
RHEL5-STIG
RHEL6-STIG
Windows-2008R2-Member-Server-STIG
Windows-2012-Member-Server-STIG
Windows-2012-Domain-Controller-STIG
Application
Postgres-9-STIG

Pinned Loading

  1. RHEL7-CIS RHEL7-CIS Public

    Ansible role for Red Hat 7 CIS Baseline

    YAML 475 303

  2. RHEL7-STIG RHEL7-STIG Public

    Ansible role for Red Hat 7 STIG Baseline

    YAML 285 143

  3. RHEL8-CIS RHEL8-CIS Public

    Ansible role for Red Hat 8 CIS Baseline

    YAML 277 169

  4. UBUNTU20-CIS UBUNTU20-CIS Public

    Ansible role for Ubuntu 2004 CIS Baseline

    YAML 181 63

  5. RHEL9-CIS RHEL9-CIS Public

    Ansible role for Red Hat 9 CIS Baseline

    YAML 130 95

  6. Windows-2019-CIS Windows-2019-CIS Public

    CIS Baseline Ansible Role for Windows 2019

    YAML 136 73

Repositories

Showing 10 of 70 repositories
  • RHEL9-CIS-Audit Public

    Audit configurations for RHEL9 CIS

    ansible-lockdown/RHEL9-CIS-Audit’s past year of commit activity
    YAML 26 MIT 13 5 1 Updated Dec 4, 2024
  • RHEL8-CIS Public

    Ansible role for Red Hat 8 CIS Baseline

    ansible-lockdown/RHEL8-CIS’s past year of commit activity
    YAML 277 MIT 169 6 3 Updated Dec 3, 2024
  • RHEL8-STIG-Audit Public

    Audit control files for rhel8 stig - utilising goss

    ansible-lockdown/RHEL8-STIG-Audit’s past year of commit activity
    YAML 14 MIT 5 0 0 Updated Dec 3, 2024
  • RHEL9-STIG-Audit Public

    RHEL9 Audit for the STIG benchmark

    ansible-lockdown/RHEL9-STIG-Audit’s past year of commit activity
    YAML 2 MIT 3 0 0 Updated Dec 3, 2024
  • UBUNTU22-CIS-Audit Public

    Audit for Ubuntu 22 CIS

    ansible-lockdown/UBUNTU22-CIS-Audit’s past year of commit activity
    YAML 39 MIT 15 3 0 Updated Dec 3, 2024
  • UBUNTU22-CIS Public

    Ansible role for Ubuntu22 CIS Baseline

    ansible-lockdown/UBUNTU22-CIS’s past year of commit activity
    YAML 200 MIT 81 6 1 Updated Dec 3, 2024
  • MPG-AL-READTHEDOCS Public

    MindPoint Group Ansible Lockdown ReadTheDocs

    ansible-lockdown/MPG-AL-READTHEDOCS’s past year of commit activity
    4 MIT 1 1 0 Updated Nov 27, 2024
  • RHEL9-STIG Public

    Ansible playbook for RHEL9 Disa STIG

    ansible-lockdown/RHEL9-STIG’s past year of commit activity
    Jinja 12 MIT 14 9 0 Updated Nov 20, 2024
  • RHEL7-CIS Public

    Ansible role for Red Hat 7 CIS Baseline

    ansible-lockdown/RHEL7-CIS’s past year of commit activity
    YAML 475 MIT 303 0 0 Updated Nov 20, 2024
  • RHEL7-STIG Public

    Ansible role for Red Hat 7 STIG Baseline

    ansible-lockdown/RHEL7-STIG’s past year of commit activity
    YAML 285 MIT 143 0 0 Updated Nov 20, 2024