How To STIG SQL Server 2016

[UPDATE 4/16/18]: I have started a series of blog posts that will address, “How to STIG SQL Server 2016.” The first in this series can be found here.

I was recently asked about STIG’ing a database server running SQL Server 2016. I checked DISA’s website and, to my surprise, they have not yet released an official STIG checklist for SQL Server 2016. The latest edition they have a STIG for is SQL Server 2014.

In fact, if you go to their website’s “master list“, and scroll down to “Microsoft SQL Server 2016 FAQ“, the link will direct you to the following FAQ page (image below):

How To STIG SQL Server 2016

So there you have it. Until DISA releases their official SQL Server 2016 STIGs, you can use the current SQL Server 2014 STIGs to harden SQL Server 2016.

Fair enough.

[UPDATE 4/16/18]: I have started a series of blog posts that will address, “How to STIG SQL Server 2016.” The first in this series can be found here.

2 Replies to “How To STIG SQL Server 2016”

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.