Skip to content

Directory Layout

Below is a quick reference to the main directories in this repository and their purposes.

DirectoryDescription
baselines/Baseline profiles containing all rules (e.g., NIST, CIS, DISA STIG, CMMC, CNSSI, indigo).
build/Output directory for generated scripts, documents, and mobileconfig files.
custom/Custom rules and sections for organization-specific requirements.
includes/Supporting YAML libraries for build scripts.
rules/YAML files, one per rule, for securing the operating system.
SCAP/Makefile, scripts, and content for SCAP document generation.
scripts/Scripts for generating reports, baselines, and configurations.
sections/YAML configurations for guide sections, mapping to rule categories.
templates/AsciiDoc templates for generating documentation guides.
  • Directorybaselines/
    • baseline.yaml
  • Directorybuild/
  • Directorycustom/
  • Directoryincludes/
  • Directoryrules/
  • DirectorySCAP/
  • Directoryscripts/
  • Directorysections/
  • Directorytemplates/

Contains baseline files for various standards and frameworks:

  • NIST SP 800-53 rev5 (Low, Moderate, High)
  • NIST SP 800-171 Rev2
  • DISA STIG
  • CIS Level 1 & 2
  • CIS Controls Version 8
  • CMMC Level 1 & 2
  • CNSSI 1253 (Low, Moderate, High)
  • indigo Base & High
  • A comprehensive baseline for all repository rules

Stores all generated outputs, such as documents and mobileconfig files.

For organization-specific customizations of rules and sections.
Note: Filenames must match the originals to override them during guide generation.

YAML-based libraries and supporting files for build scripts.

Contains individual YAML files for each rule, organized by category:

  • audit: OpenBSM settings
  • auth: Smartcard authentication
  • icloud: Apple iCloud/Apple ID configuration
  • os: General OS settings
  • pwpolicy: Password policy enforcement
  • supplemental: Additional supporting information
  • system_settings: System Settings/Preferences configuration

Resources for SCAP document generation, including XSL files, CPE OVAL/definitions, and scripts.

Scripts for generating reports, baselines, and configurations, plus required resources.

YAML files defining guide sections, mapping to rule categories.

AsciiDoc templates for generating documentation guides.