[Verse 1] Picture building your dream house, foundation to the roof Every trade has got their standards, that's the basic truth Electricians wire by the code, plumbers follow rules Framers build the structure right with their specific tools [Chorus] STIGs are the building codes, product by product guide OSCAL is the paperwork that keeps you certified One tells you how to build it, one proves that you comply You need them both together, like the earth needs the sky [Verse 2] Network switches need their settings, servers need their locks Databases and firewalls, each one's got their blocks STIGs define the standards for every piece of kit Like electrical and plumbing codes, they make everything fit [Chorus] STIGs are the building codes, product by product guide OSCAL is the paperwork that keeps you certified One tells you how to build it, one proves that you comply You need them both together, like the earth needs the sky [Bridge] Permit application starts the show Inspection reports let the progress flow Certificate of occupancy makes it legal now OSCAL documents the what, the when, the why, the how [Verse 3] When the inspector comes around to check your cyber space They want to see the OSCAL forms, documentation's face But underneath those reports are STIGs that guide the way Both working hand in hand to keep the threats at bay [Chorus] STIGs are the building codes, product by product guide OSCAL is the paperwork that keeps you certified One tells you how to build it, one proves that you comply You need them both together, like the earth needs the sky [Outro] Don't think one replaces the other in this game They're partners in security, not playing for the same Build it right with STIGs, document with OSCAL's might That's how you keep your systems running day and night
← 2 Two Different Questions, Two Different Standards | 4 Prerequisites →