Skip to content
@ansible-lockdown

Ansible Lockdown

Ansible Lockdown is a security baseline automation project sponsored by Mindpoint Group.

Welcome to Ansible Lockdown

Org Stars Lockdown_followers Discord_active

Part of the Lockdown Suite by
MindPoint Group

Based upon the following products

Remediation Roles Audit Profiles
Ansible by RedHat Github hosted goss
by RedHat
Go Server Spec

What is it?

Based upon industry recognized benchmarks and best practices, using leading products to enable highly adjustable configurations to bring your systems/platforms into security compliance.

  • Open Source (MIT licensed)
    • Community supported as standard
    • Enterprise support available
  • Configuration-as-code
    • Assist in bringing your systems/platform into compliance through the use of Ansible
    • Audit your current system/platform using Goss
  • Highly configurable to work with your systems

Content

CIS DISA-STIG
CIS Disa STIG
CIS Repos STIG Repos

Looking for support?

Useful Links

Repositories

CIS


Links
CIS-Linux
CIS-Windows
CIS-Platform
CIS-Applications

CIS-Linux


OS Remediate Audit
Amazon2 Amazon2-CIS Amazon2-CIS-Audit
Amazon2023 Amazon2023-CIS Amazon2023-CIS-Audit
DEBIAN11 DEBIAN11-CIS DEBIAN11-CIS-Audit
DEBIAN12 Static Badge Static Badge
RHEL7 RHEL7-CIS RHEL7-CIS-Audit
RHEL8 RHEL8-CIS RHEL8-CIS-Audit
RHEL9 RHEL9-CIS RHEL9-CIS-Audit
UBUNTU18 UBUNTU18-CIS UBUNTU18-CIS-Audit
UBUNTU20 UBUNTU20-CIS UBUNTU20-CIS-Audit
UBUNTU22 UBUNTU22-CIS UBUNTU22-CIS-Audit
UBUNTU24 Static Badge Static Badge

CIS-Windows


OS Remediate Audit
Windows-10 Windows-10-CIS Static Badge
Windows-11 Windows-11-CIS Static Badge
Windows-2016 Windows-2016-CIS Windows-2016-CIS-Audit
Windows-2019 Windows-2019-CIS Windows-2019-CIS-Audit
Windows-2022 Windows-2022-CIS Static Badge

CIS-Platform


OS Remediate Audit
Cisco-IOS-L2S Cisco-IOS-L2S N/A
AWS-Foundations AWS-Foundations N/A
Azure-CIS Azure-CIS N/A

CIS-Applications


Application Remediate Audit
Apache-2.4 Apache-2.4-CIS N/A
Postgres-12 Postgres-12-CIS N/A
Kubernetes1.6.1 Kubernetes1.6.1-CIS N/A

STIG


Links
STIG-Linux
STIG-Windows
STIG-Applications
STIG-Archived

STIG-Linux


OS Remediate Audit
RHEL7 RHEL7-STIG RHEL7-STIG-Audit
RHEL8 RHEL8-STIG RHEL8-STIG-Audit
RHEL9 RHEL9-STIG RHEL9-STIG-Audit
UBUNTU18 UBUNTU18-STIG UBUNTU18-STIG-Audit
UBUNTU20 UBUNTU20-STIG Static Badge

STIG-Windows


OS Remediate Audit
Windows-10 Windows-10-STIG N/A
Windows-2016 Windows-2016-STIG N/A
Windows-2019 Windows-2019-STIG N/A
Windows-2022 Windows-2022-STIG N/A

STIG-Applications


Application Remediate Audit
Apache-2.4-STIG Apache-2.4-STIG N/A
Cisco-IOS-L2S Cisco-IOS-L2S-STIG N/A
Windows-Advanced-Firewall WinFWADV-STIG WinFWADV-STIG-Audit
KUBERNETES-STIG KUBERNETES-STIG N/A

STIG-Archived


OS
RHEL5-STIG
RHEL6-STIG
Windows-2008R2-Member-Server-STIG
Windows-2012-Member-Server-STIG
Windows-2012-Domain-Controller-STIG
Application
Postgres-9-STIG

Pinned Loading

  1. RHEL7-CIS RHEL7-CIS Public

    Ansible role for Red Hat 7 CIS Baseline

    YAML 475 303

  2. RHEL7-STIG RHEL7-STIG Public

    Ansible role for Red Hat 7 STIG Baseline

    YAML 285 143

  3. RHEL8-CIS RHEL8-CIS Public

    Ansible role for Red Hat 8 CIS Baseline

    YAML 280 170

  4. UBUNTU20-CIS UBUNTU20-CIS Public

    Ansible role for Ubuntu 2004 CIS Baseline

    YAML 183 65

  5. RHEL9-CIS RHEL9-CIS Public

    Ansible role for Red Hat 9 CIS Baseline

    YAML 132 97

  6. Windows-2019-CIS Windows-2019-CIS Public

    CIS Baseline Ansible Role for Windows 2019

    YAML 137 73

Repositories

Showing 10 of 70 repositories
  • UBUNTU22-CIS Public

    Ansible role for Ubuntu22 CIS Baseline

    ansible-lockdown/UBUNTU22-CIS’s past year of commit activity
    YAML 202 MIT 83 9 1 Updated Dec 12, 2024
  • DEBIAN11-CIS Public

    DEBIAN11- CIS Ansible Role

    ansible-lockdown/DEBIAN11-CIS’s past year of commit activity
    YAML 20 MIT 5 0 1 Updated Dec 11, 2024
  • AMAZON2023-CIS Public

    Ansible role for Amazon2023 CIS Baseline

    ansible-lockdown/AMAZON2023-CIS’s past year of commit activity
    YAML 28 MIT 21 3 1 Updated Dec 11, 2024
  • UBUNTU18-CIS Public

    CIS Baseline Ansible Role for Ubuntu 18

    ansible-lockdown/UBUNTU18-CIS’s past year of commit activity
    YAML 31 MIT 25 0 0 Updated Dec 11, 2024
  • RHEL9-CIS Public

    Ansible role for Red Hat 9 CIS Baseline

    ansible-lockdown/RHEL9-CIS’s past year of commit activity
    YAML 132 MIT 97 4 0 Updated Dec 11, 2024
  • RHEL8-CIS Public

    Ansible role for Red Hat 8 CIS Baseline

    ansible-lockdown/RHEL8-CIS’s past year of commit activity
    YAML 280 MIT 170 7 0 Updated Dec 10, 2024
  • UBUNTU22-CIS-Audit Public

    Audit for Ubuntu 22 CIS

    ansible-lockdown/UBUNTU22-CIS-Audit’s past year of commit activity
    YAML 40 MIT 15 2 0 Updated Dec 10, 2024
  • UBUNTU24-CIS-Audit Public

    CIS Audit for Ubuntu24

    ansible-lockdown/UBUNTU24-CIS-Audit’s past year of commit activity
    YAML 5 MIT 0 0 0 Updated Dec 9, 2024
  • RHEL9-CIS-Audit Public

    Audit configurations for RHEL9 CIS

    ansible-lockdown/RHEL9-CIS-Audit’s past year of commit activity
    YAML 26 MIT 13 6 0 Updated Dec 4, 2024
  • RHEL8-STIG-Audit Public

    Audit control files for rhel8 stig - utilising goss

    ansible-lockdown/RHEL8-STIG-Audit’s past year of commit activity
    YAML 14 MIT 5 0 0 Updated Dec 3, 2024