A Security Technical Implementation Guide or STIG is a config guide that tells you what configs you need to secure a product. When implemented, STIGs keep your implementation of a product secure to a standard and allow it to interoperate with other STIG’d products that expect that config. Read more at https://public.cyber.mil/stigs/
Like a lot of things, it’s hard to understand without viewing — and this is how I viewed a STIG on my Mac. The official STIG Viewer from cyber.mil is packaged for Linux and Windows but is also published as a vanilla JAR that can be run from your Macbook.
Prerequisites
1. MacOS Ventura (that’s it!)
Steps
1. Install the JDK
2. Install JavaFX
3. Download & run the STIG Viewer
4. Download & view a STIG
1/4 Install the latest JDK 19
I searched for the macOS JDK in Oct 2022 to find that JDK 19 is the most recent, released in Sept. To get this JDK, I browsed to https://www.oracle.com/java/technologies/downloads/#jdk19-mac and download/install the JDK. For my Intel MacBook, I used the x64 DMG Installer.