Are there any documents that address STIGs for Solarwinds servers? Particularly that go into certain GPO/local policy settings that need to be modified/waivered for the Windows servers themselves and IIS? I'm trying to find some guidance to hand over to the SA team so we can make dedicated policies as needed. I know there are some 3rd party companies that are familiar with this, but I haven't been able to find any publicly available information about known STIG problems and remediation.
Just want to note that this isn't anything to do with compliance reporting or trying to baseline servers or anything. This is specifically for the Solarwinds application server configuration.
