Blog Posts For 2018
Version 2.2
The following updates were made to STIG Spider:
- Scrolling performance has been improved on iOS devices when viewing a STIG document.
- Can now navigate to the top of the STIG document using the link in the STIG Group navigation footer.
- Can now navigate to the top of the page using the link in the footer of the page.
Version 2.1
The following updates were made to STIG Spider:
- 7 STIGs that were added in version 1.2, but mistakenly removed in version 2.0, were re-added.
- Now collecting name and organization information when a new account is registered. This enables us to more effectively reach out for feedback.
- The Privacy Policy was updated to reflect the additional information we now collect when a new account is registered.
The following upstream components were updated:
- Cookie Consent was updated from 3.0.3 to 3.1.0.
Version 2.0
The following new features and improvements have been added to STIG Spider:
-
(Subscribers Only) Filter and Search results are now printable!
Print all results that match your criteria instead of browsing through them one-by-one.
Other features include:
- The ability to select a subset of matched STIGs for further refinement.
- Optionally highlight Search terms in the printout.
- Optionally include a record of your Filter and Search criteria in the printout.
- Optionally start each STIG on a new page.
-
A refined Filter and Search experience:
- Improved group navigation! A selected STIG's groups are always visible for quick navigation. The currently visible group is highlighted.
- Navigating to a group now keeps the group's ID visible instead of it being slightly out of view.
- Search criteria are no longer hidden when results are displayed (showing this again was slow on older computers). Scroll to the top of the search page to view/change your criteria.
- Gets rid of the Parameters box showing search criteria (since it was really not that useful).
- No longer using content delivery networks (CDNs) to deliver parts of the site, resulting in an increase of performance and security for customers with restrictive firewalls/proxies.
- Minor interface adjustments were made for improved consistency.
- A new Blog containing information about feature and content updates.
- The Privacy Policy was updated with additional detail regarding how your data is secured in transit and at rest, and how you can manage it.
STIG Spider was updated to address the following upstream vulnerabilities:
- CVE-2018-8171 A Security Feature Bypass vulnerability exists in ASP.NET when the number of incorrect login attempts is not validated, aka "ASP.NET Security Feature Bypass Vulnerability."
- CVE-2018-8356 A security feature bypass vulnerability exists when Microsoft .NET Framework components do not correctly validate certificates, aka ".NET Framework Security Feature Bypass Vulnerability."
- CVE-2018-8409 A denial of service vulnerability exists when System.IO.Pipelines improperly handles requests, aka "System.IO.Pipelines Denial of Service."
Version 1.2
STIG Spider was synchronized with DISA's 2018 Q3 SRG-STIG Library Compilation.
Version 1.1
Version 1.1 of STIG Spider adds compliance with EU GDPR rules.
Version 1.0
Version 1.0 of STIG Spider is live!