Forcepoint operating system lockdown tool now open source
Forcepoint’s operating system (OS) lockdown tool, formerly known as Security Blanket, is now an open source project called “OS Lockdown.”
This powerful tool is used to harden systems by aligning settings with published STIGs (Security Technical Implementation Guide), custom profiles built from STIGs or from scratch. OS Lockdown provides the ability to audit systems against variations from those profiles.
We are excited to support and collaborate with the open source security community through the creation and participation in this new project. Forcepoint developers will remain modestly active in the project by guiding newcomers, encouraging participation, and helping to maintain the project’s focus and vision.
You can find the project page, along with instructions to build, download and install the software, here: https://github.com/OSLockdown/OSLockdown.
What is OS Lockdown?
The OS Lockdown software package helps you harden various Linux® and Solaris™ operating systems. OS Lockdown provides a library of 339 'Modules' that can be combined into a 'Profile.' Many Modules have options to fine-tune their actions (for example, how long should a password be?). This Profile can then be used to assess how well a box complies with the Profile, try to remediate any discrepancies, or undo the last set of remediations made by OS Lockdown. A typical Profile might be based on the DISA STIGs or another industry standard.
Most interactions are done using the provided Web Console application. This Console operates in either 'Standalone' or 'Enterprise' mode. The Standalone Console limits actions to the local box, where the Enterprise mode provides extra feature to control many 'Client' boxes remotely. Communications are over https, with either self-signed certificates or certificates signed by an external CA. Multiple users can be created with different roles and allowed actions. Actions can be automated to run at specified times (no more than once a day), and important results can be fed into a SIEM tool CEF (Common Event Format) messages via syslog.
We believe this software has a very bright future in the passionate and capable hands of the open source community. Please join us in crafting the future of OS Lockdown!