Unpacking Software Livestream

Join our monthly Unpacking Software livestream to hear about the latest news, chat and opinion on packaging, software deployment and lifecycle management!

Learn More

Chocolatey Product Spotlight

Join the Chocolatey Team on our regular monthly stream where we put a spotlight on the most recent Chocolatey product releases. You'll have a chance to have your questions answered in a live Ask Me Anything format.

Learn More

Chocolatey Coding Livestream

Join us for the Chocolatey Coding Livestream, where members of our team dive into the heart of open source development by coding live on various Chocolatey projects. Tune in to witness real-time coding, ask questions, and gain insights into the world of package management. Don't miss this opportunity to engage with our team and contribute to the future of Chocolatey!

Learn More

Calling All Chocolatiers! Whipping Up Windows Automation with Chocolatey Central Management

Webinar from
Wednesday, 17 January 2024

We are delighted to announce the release of Chocolatey Central Management v0.12.0, featuring seamless Deployment Plan creation, time-saving duplications, insightful Group Details, an upgraded Dashboard, bug fixes, user interface polishing, and refined documentation. As an added bonus we'll have members of our Solutions Engineering team on-hand to dive into some interesting ways you can leverage the new features available!

Watch On-Demand
Chocolatey Community Coffee Break

Join the Chocolatey Team as we discuss all things Community, what we do, how you can get involved and answer your Chocolatey questions.

Watch The Replays
Chocolatey and Intune Overview

Webinar Replay from
Wednesday, 30 March 2022

At Chocolatey Software we strive for simple, and teaching others. Let us teach you just how simple it could be to keep your 3rd party applications updated across your devices, all with Intune!

Watch On-Demand
Chocolatey For Business. In Azure. In One Click.

Livestream from
Thursday, 9 June 2022

Join James and Josh to show you how you can get the Chocolatey For Business recommended infrastructure and workflow, created, in Azure, in around 20 minutes.

Watch On-Demand
The Future of Chocolatey CLI

Livestream from
Thursday, 04 August 2022

Join Paul and Gary to hear more about the plans for the Chocolatey CLI in the not so distant future. We'll talk about some cool new features, long term asks from Customers and Community and how you can get involved!

Watch On-Demand
Hacktoberfest Tuesdays 2022

Livestreams from
October 2022

For Hacktoberfest, Chocolatey ran a livestream every Tuesday! Re-watch Cory, James, Gary, and Rain as they share knowledge on how to contribute to open-source projects such as Chocolatey CLI.

Watch On-Demand



Downloads of v 1.0.3:


Last Update:

02 Nov 2023

Package Maintainer(s):

Software Author(s):

  • simeononsecurity


admin microsoft windows automation privacy telemetry security stigs

Standalone-Windows-STIG - Completely STIG Standalone Windows Systems to DoD STIG/SRG Requirements and NSACyber Guidance.



Downloads of v 1.0.3:



Software Author(s):

  • simeononsecurity

Standalone-Windows-STIG - Completely STIG Standalone Windows Systems to DoD STIG/SRG Requirements and NSACyber Guidance.

  • 1
  • 2
  • 3

Some Checks Are Exempted or Have Failed

Not All Tests Have Passed

Validation Testing Failed

Verification Testing Exemption:


Scan Testing Pending


This package was rejected on 07 Dec 2023. The reviewer chocolatey-ops has listed the following reason(s):

simeononsecurity (maintainer) on 02 Nov 2023 04:48:23 +00:00:

User 'simeononsecurity' (maintainer) submitted package.

chocolatey-ops (reviewer) on 02 Nov 2023 05:24:22 +00:00:

Standalone-Windows-STIG has failed automated validation.


Requirements represent the minimum quality of a package that is acceptable. When a package version has failed requirements, the package version requires fixing and/or response by the maintainer. Provided a Requirement has flagged correctly, it must be fixed before the package version can be approved. The exact same version should be uploaded during moderation review.

  • The ProjectUrl element in the nuspec file should be a valid Url. Please correct this More...

Guidelines are strong suggestions that improve the quality of a package version. These are considered something to fix for next time to increase the quality of the package. Over time Guidelines can become Requirements. A package version can be approved without addressing Guideline comments but will reduce the quality of the package.

  • In the Description element of the nuspec file a potentially invalid Url has been found. Recommendation is to fix this URL More...

Notes typically flag things for both you and the reviewer to go over. Sometimes this is the use of things that may or may not be necessary given the constraints of what you are trying to do and/or are harder for automation to flag for other reasons. Items found in Notes might be Requirements depending on the context. A package version can be approved without addressing Note comments.

  • The package maintainer field (owners) matches the software author field (authors) in the nuspec. The reviewer will ensure that the package maintainer is also the software author. More...

chocolatey-ops (reviewer) on 22 Nov 2023 05:28:52 +00:00:

We've found Standalone-Windows-STIG v1.0.3 in a submitted status and waiting for your next actions. It has had no updates for 20 or more days since a reviewer has asked for corrections. Please note that if there is no response or fix of the package within 15 days of this message, this package version will automatically be closed (rejected) due to being stale.

Take action:

  • Log in to the site and respond to the review comments.
  • Resubmit fixes for this version.
  • If the package version is failing automated checks, you can self-reject the package.

If your package is failing automated testing, you can use the chocolatey test environment to manually run the verification and determine what may need to be fixed.

Note: We don't like to see packages automatically rejected. It doesn't mean that we don't value your contributions, just that we can not continue to hold packages versions in a waiting status that have possibly been abandoned. If you don't believe you will be able to fix up this version of the package within 15 days, we strongly urge you to log in to the site and respond to the review comments until you are able to.

simeononsecurity (maintainer) on 22 Nov 2023 05:52:19 +00:00:

We have verified the installs are working as designed. They break the testing env when we run them due to advanced hardening configurations. This is expected. Please ignore the failure.

Windos (reviewer) on 28 Nov 2023 22:15:35 +00:00:

As per the message starting "Standalone-Windows-STIG has failed automated validation" the reason for the failure is:

> The ProjectUrl element in the nuspec file should be a valid Url. Please correct this More...

The ProjectURL in the nuspec is pointing to "https://simeononsecurity.com/github/standalone-windows-stig/" and this page doesn't exist.

Please update the ProjectUrl to a valid URL, and I would so suggest updating it in the Description, as the same non-existent page is linked to in that.


chocolatey-ops (reviewer) on 07 Dec 2023 05:29:39 +00:00:

Unfortunately there has not been progress to move Standalone-Windows-STIG v1.0.3 towards an approved status within 15 days after the last review message, so we need to close (reject) the package version at this time. If you want to pick this version up and move it towards approval in the future, use the contact site admins link on the package page and we can move it back into a submitted status so you can submit updates.

Status Change - Changed status of package from 'submitted' to 'rejected'.


Standalone systems are some of the most difficult and annoying systems to secure. When not automated, they require manual changes of each STIG/SRG. Totalling over 1000 configuration changes on a typical deployment and an average of 5 minutes per change equaling 3.5 days worth of work. This script aims to speed up that process significantly.
For more information visit our website: https://simeononsecurity.com/github/standalone-windows-stig/ .

$packageName = 'Standalone-Windows-STIG'
$url = "https://github.com/simeononsecurity/Standalone-Windows-STIG-Script/archive/refs/tags/1.0.2.zip"
$toolsDir = "$(Split-Path -parent $MyInvocation.MyCommand.Definition)"
$zipFilePath = Join-Path $toolsDir "Standalone-Windows-STIG.zip"
$extractPath = "C:\temp\WS"
$extractedDirName = "Standalone-Windows-STIG-1.0.2"
$ps1ScriptPath = Join-Path -Path (Join-Path -Path $extractPath -ChildPath $extractedDirName) -ChildPath "secure-standalone.ps1"

# Download the ZIP file
$packageArgs = @{
  packageName   = $packageName
  fileType      = 'ZIP'
  url           = $url
  checksum      = '1059a0b624d681d36c2f803d0d72a4282727e442bade6f43dcc725078a3bc64b'
  checksumType  = 'sha256'
  unzipLocation = $extractPath  # Specify the unzip location here
  confirm       = $false     # Disable confirmation prompt

#Remove Path Limit
New-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Control\FileSystem" -Name "LongPathsEnabled" -PropertyType "DWORD" -Value "1" -Force

# Check if the folder already exists
if (-not (Test-Path $extractPath)) {
    # Create the folder
    New-Item -Path $extractPath -ItemType Directory -Force

Install-ChocolateyZipPackage @packageArgs

# Run the script
Invoke-Expression -Command "powershell.exe -ExecutionPolicy Bypass -File '$ps1ScriptPath'"

# Clean up: Remove the downloaded ZIP file
Remove-Item -Path $zipFilePath -Force

Write-Output 'Documentation is available at https://github.com/simeononsecurity/Standalone-Windows-STIG-Script'
# chocolateypackages
 All the chocolatey packages that I maintain

<a href="https://simeononsecurity.com" target="_blank" rel="noopener noreferrer">
  <h2>Explore the World of Cybersecurity</h2>
<a href="https://simeononsecurity.com" target="_blank" rel="noopener noreferrer">
  <img src="https://simeononsecurity.com/img/banner.png" alt="SimeonOnSecurity Logo" width="300" height="300">

### Links:
- #### [github.com/simeononsecurity](https://github.com/simeononsecurity)
- #### [simeononsecurity.com](https://simeononsecurity.com)

No results available for this package. We are building up results for older packages over time so expect to see results. If this is a new package, it should have results within a day or two.

This package has no dependencies.

Discussion for the Standalone-Windows-STIG - Completely STIG Standalone Windows Systems to DoD STIG/SRG Requirements and NSACyber Guidance. Package

Ground Rules:

  • This discussion is only about Standalone-Windows-STIG - Completely STIG Standalone Windows Systems to DoD STIG/SRG Requirements and NSACyber Guidance. and the Standalone-Windows-STIG - Completely STIG Standalone Windows Systems to DoD STIG/SRG Requirements and NSACyber Guidance. package. If you have feedback for Chocolatey, please contact the Google Group.
  • This discussion will carry over multiple versions. If you have a comment about a particular version, please note that in your comments.
  • The maintainers of this Chocolatey Package will be notified about new comments that are posted to this Disqus thread, however, it is NOT a guarantee that you will get a response. If you do not hear back from the maintainers after posting a message below, please follow up by using the link on the left side of this page or follow this link to contact maintainers. If you still hear nothing back, please follow the package triage process.
  • Tell us what you love about the package or Standalone-Windows-STIG - Completely STIG Standalone Windows Systems to DoD STIG/SRG Requirements and NSACyber Guidance., or tell us what needs improvement.
  • Share your experiences with the package, or extra configuration or gotchas that you've found.
  • If you use a url, the comment will be flagged for moderation until you've been whitelisted. Disqus moderated comments are approved on a weekly schedule if not sooner. It could take between 1-5 days for your comment to show up.
comments powered by Disqus