Skip to content

Commit 98b9872

Browse files
Merge pull request #704 from brodjieski/dev_2.0
Sync and merge VisionOS STIG rules
2 parents 2ddf477 + b92092e commit 98b9872

40 files changed

Lines changed: 162 additions & 12 deletions

File tree

scripts/2.0-merge.py

Lines changed: 50 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -388,6 +388,16 @@ def main():
388388
new_yaml["platforms"] = {"visionOS": {}}
389389

390390
new_yaml["platforms"]["visionOS"].update({os_: {}})
391+
if "visionos_stig" in rule_yaml["tags"]:
392+
if "benchmarks" in new_yaml["platforms"]["visionOS"][os_]:
393+
new_yaml["platforms"]["visionOS"][os_]["benchmarks"].append(
394+
"visionos_stig"
395+
)
396+
else:
397+
new_yaml["platforms"]["visionOS"][os_].update(
398+
{"benchmarks": ["visionos_stig"]}
399+
)
400+
new_yaml["tags"].remove("visionos_stig")
391401
if "severity" in rule_yaml:
392402
new_yaml["platforms"]["visionOS"][os_].update(
393403
{"severity": rule_yaml["severity"]}
@@ -459,6 +469,7 @@ def main():
459469
{"benchmarks": ["ios_stig"]}
460470
)
461471
new_yaml["tags"].remove("ios_stig")
472+
462473
if "ios_stig_byoad" in rule_yaml["tags"]:
463474
if "benchmarks" in new_yaml["platforms"]["iOS"][os_]:
464475
new_yaml["platforms"]["iOS"][os_]["benchmarks"].append(
@@ -890,7 +901,30 @@ def main():
890901
].update(
891902
{"supervised": rule_yaml["supervised"]}
892903
)
893-
# print(update_rule_yaml)
904+
if "severity" in rule_yaml:
905+
update_rule_yaml["platforms"]["visionOS"][
906+
os_
907+
].update({"severity": rule_yaml["severity"]})
908+
909+
if "visionos_stig" in rule_yaml["tags"]:
910+
if (
911+
"benchmarks"
912+
in update_rule_yaml["platforms"][
913+
"visionOS"
914+
][os_]
915+
):
916+
update_rule_yaml["platforms"]["visionOS"][
917+
os_
918+
]["benchmarks"].append("visionos_stig")
919+
else:
920+
update_rule_yaml["platforms"]["visionOS"][
921+
os_
922+
].update({"benchmarks": ["visionos_stig"]})
923+
924+
if "visionos_stig" in update_rule_yaml["tags"]:
925+
update_rule_yaml["tags"].remove(
926+
"visionos_stig"
927+
)
894928
else:
895929
if "iOS" not in update_rule_yaml["platforms"]:
896930
update_rule_yaml["platforms"].update(
@@ -998,6 +1032,7 @@ def main():
9981032

9991033
if "ios_stig" in update_rule_yaml["tags"]:
10001034
update_rule_yaml["tags"].remove("ios_stig")
1035+
10011036
if "ios_stig_byoad" in rule_yaml["tags"]:
10021037
if (
10031038
"benchmarks"
@@ -1371,6 +1406,7 @@ def main():
13711406
{"benchmarks": ["ios_stig"]}
13721407
)
13731408
new_yaml["tags"].remove("ios_stig")
1409+
13741410
if "ios_stig_byoad" in rule_yaml["tags"]:
13751411
if "benchmarks" in new_yaml["platforms"]["iOS"][os_]:
13761412
new_yaml["platforms"]["iOS"][os_][
@@ -1432,6 +1468,19 @@ def main():
14321468
new_yaml["platforms"]["visionOS"][os_].update(
14331469
{"supervised": rule_yaml["supervised"]}
14341470
)
1471+
if "visionos_stig" in rule_yaml["tags"]:
1472+
if (
1473+
"benchmarks"
1474+
in new_yaml["platforms"]["visionOS"][os_]
1475+
):
1476+
new_yaml["platforms"]["visionOS"][os_][
1477+
"benchmarks"
1478+
].append("visionos_stig")
1479+
else:
1480+
new_yaml["platforms"]["visionOS"][os_].update(
1481+
{"benchmarks": ["visionos_stig"]}
1482+
)
1483+
new_yaml["tags"].remove("visionos_stig")
14351484

14361485
if "800-53r5" in rule_yaml["references"]:
14371486
new_yaml["references"]["nist"].update(

src/mscp/data/rules/icloud/icloud_backup_disabled.yaml

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -100,6 +100,9 @@ platforms:
100100
visionOS:
101101
'26.0':
102102
supervised: false
103+
benchmarks:
104+
- name: visionos_stig
105+
severity: medium
103106
introduced: '2.0'
104107
tags:
105108
- 800-53r5_low

src/mscp/data/rules/icloud/icloud_drive_disable.yaml

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -145,6 +145,9 @@ platforms:
145145
visionOS:
146146
'26.0':
147147
supervised: true
148+
benchmarks:
149+
- name: visionos_stig
150+
severity: medium
148151
introduced: '2.0'
149152
tags:
150153
- 800-53r5_low

src/mscp/data/rules/icloud/icloud_keychain_disable.yaml

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -150,6 +150,9 @@ platforms:
150150
visionOS:
151151
'26.0':
152152
supervised: false
153+
benchmarks:
154+
- name: visionos_stig
155+
severity: medium
153156
introduced: '2.0'
154157
tags:
155158
- 800-53r5_low

src/mscp/data/rules/icloud/icloud_managed_apps_store_data_disabled.yaml

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -112,6 +112,9 @@ platforms:
112112
visionOS:
113113
'26.0':
114114
supervised: false
115+
benchmarks:
116+
- name: visionos_stig
117+
severity: medium
115118
introduced: '2.0'
116119
tags:
117120
- 800-53r5_low

src/mscp/data/rules/icloud/icloud_photos_disable.yaml

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -129,6 +129,9 @@ platforms:
129129
visionOS:
130130
'26.0':
131131
supervised: false
132+
benchmarks:
133+
- name: visionos_stig
134+
severity: medium
132135
introduced: '2.0'
133136
tags:
134137
- 800-53r5_low

src/mscp/data/rules/os/os_airdrop_disable.yaml

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -148,6 +148,9 @@ platforms:
148148
visionOS:
149149
'26.0':
150150
supervised: true
151+
benchmarks:
152+
- name: visionos_stig
153+
severity: medium
151154
introduced: '2.0'
152155
tags:
153156
- 800-53r5_low

src/mscp/data/rules/os/os_airdrop_unmanaged_destination_enable.yaml

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -122,6 +122,9 @@ platforms:
122122
visionOS:
123123
'26.0':
124124
supervised: false
125+
benchmarks:
126+
- name: visionos_stig
127+
severity: medium
125128
introduced: '2.0'
126129
tags:
127130
- 800-53r5_low

src/mscp/data/rules/os/os_allow_contacts_read_managed_sources_unmanaged_destinations_disable.yaml

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -89,6 +89,9 @@ platforms:
8989
visionOS:
9090
'26.0':
9191
supervised: false
92+
benchmarks:
93+
- name: visionos_stig
94+
severity: low
9295
introduced: '2.0'
9396
tags:
9497
- 800-53r5_low

src/mscp/data/rules/os/os_allow_contacts_write_managed_sources_unmanaged_destinations_disable.yaml

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -92,6 +92,9 @@ platforms:
9292
visionOS:
9393
'26.0':
9494
supervised: false
95+
benchmarks:
96+
- name: visionos_stig
97+
severity: low
9598
introduced: '2.0'
9699
tags:
97100
- 800-53r5_low

0 commit comments

Comments
 (0)