Steps to Change the Secure Baseline Profile

Access Admin Settings

• Navigate to Admin > Targets.

Edit the Desired Target

• Locate the target you want to modify in the target list.
• Click the pencil icon in the Update column for the target.

Change Secure Baseline Profile

• In the Secure Baseline Profile drop-down menu, select DISA STIG.
• Save the changes to apply the new baseline.

Key Considerations

Impact of Change:
Once the baseline is updated to DISA STIG, all future baseline scans for this target will follow DISA STIG compliance requirements instead of CIS.

Default Profile:
The Secure Baseline Profile defaults to CIS for all newly created targets. As a result, this change must be applied manually for each new target.

Bulk Configuration Not Supported:
At this time, there is no way to globally set DISA STIG as the default Secure Baseline Profile for all targets. Each target must be configured individually.

Workaround for Repeated Manual Configuration

If frequent manual configuration is cumbersome, consider:

• Using a standardized process or checklist to ensure the Secure Baseline Profile is updated during target creation.
• Providing feedback to the development team for feature enhancement requests via CYRISMA Support.

Additional Notes

• Most customers utilize CIS as their baseline, which is why it remains the default setting.
• If this limitation is acceptable for your use case, no further action is needed.