[Verse 1] Time to audit every vulnerability lurking in the code Download your compliance checker, SCC or OpenSCAP mode Virtual machine ready, isolated and pristine SCAP benchmark loaded, security screening routine [Chorus] Scan and sort, scan and sort Open findings need support Not a Finding, mark it clean Not Reviewed sits in between STIG compliance, line by line Automated search divine [Verse 2] Command line whispers, scanner springs to life Probing every corner, cutting through security strife Benchmark questions firing, thousands in a row Each configuration tested, vulnerabilities exposed [Chorus] Scan and sort, scan and sort Open findings need support Not a Finding, mark it clean Not Reviewed sits in between STIG compliance, line by line Automated search divine [Verse 3] Report materializes, categories crystal clear Red flags wave for dangers, green means coast is clear Yellow holds the mysteries, manual review awaits Import to STIG Viewer, validation validates [Bridge] Three buckets hold your fate Open wounds investigate Passing marks celebrate Gray zones need human trait [Chorus] Scan and sort, scan and sort Open findings need support Not a Finding, mark it clean Not Reviewed sits in between STIG compliance, line by line Automated search divine [Outro] Remediate the crimson, verify the gold Security posture strengthened, vulnerabilities controlled
← 1 Lab 1 — STIG Viewer Orientation | 3 Lab 3 — Manual STIG Assessment →