diff --git a/CMakeLists.txt b/CMakeLists.txt index 699194b97..00d54007e 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -87,7 +87,7 @@ option(SSG_PRODUCT_DEFAULT "If enabled, all default release products will be bui # project. Note that the example product is always disabled unless explicitly asked for. option(SSG_PRODUCT_ALINUX2 "If enabled, the Alibaba Cloud Linux 2 SCAP content will be built" ${SSG_PRODUCT_DEFAULT}) option(SSG_PRODUCT_ALINUX3 "If enabled, the Alibaba Cloud Linux 3 SCAP content will be built" ${SSG_PRODUCT_DEFAULT}) -option(SSG_PRODUCT_ALMALINUX9 "If enabled, the AlmaLinux OS 9 SCAP content will be built" ${SSG_PRODUCT_DEFAULT}) +option(SSG_PRODUCT_ALMALINUX8 "If enabled, the AlmaLinux OS 8 SCAP content will be built" ${SSG_PRODUCT_DEFAULT}) option(SSG_PRODUCT_ANOLIS8 "If enabled, the Anolis OS 8 SCAP content will be built" ${SSG_PRODUCT_DEFAULT}) option(SSG_PRODUCT_ANOLIS23 "If enabled, the Anolis OS 23 SCAP content will be built" ${SSG_PRODUCT_DEFAULT}) option(SSG_PRODUCT_CHROMIUM "If enabled, the Chromium SCAP content will be built" ${SSG_PRODUCT_DEFAULT}) @@ -319,7 +319,7 @@ message(STATUS " ") message(STATUS "Products:") message(STATUS "Alibaba Cloud Linux 2: ${SSG_PRODUCT_ALINUX2}") message(STATUS "Alibaba Cloud Linux 3: ${SSG_PRODUCT_ALINUX3}") -message(STATUS "AlmaLinux OS 9: ${SSG_PRODUCT_ALMALINUX9}") +message(STATUS "AlmaLinux OS 8: ${SSG_PRODUCT_ALMALINUX8}") message(STATUS "Anolis OS 8: ${SSG_PRODUCT_ANOLIS8}") message(STATUS "Anolis OS 23: ${SSG_PRODUCT_ANOLIS23}") message(STATUS "Chromium: ${SSG_PRODUCT_CHROMIUM}") @@ -386,8 +386,8 @@ endif() if(SSG_PRODUCT_ALINUX3) add_subdirectory("products/alinux3" "alinux3") endif() -if(SSG_PRODUCT_ALMALINUX9) - add_subdirectory("products/almalinux9" "almalinux9") +if(SSG_PRODUCT_ALMALINUX8) + add_subdirectory("products/almalinux8" "almalinux8") endif() if(SSG_PRODUCT_ANOLIS8) add_subdirectory("products/anolis8" "anolis8") diff --git a/build_product b/build_product index 89d967124..c982dabdf 100755 --- a/build_product +++ b/build_product @@ -359,7 +359,7 @@ all_cmake_products=( AL2023 ALINUX2 ALINUX3 - ALMALINUX9 + ALMALINUX8 ANOLIS8 ANOLIS23 CHROMIUM diff --git a/cmake/SSGCommon.cmake b/cmake/SSGCommon.cmake index 170ae3d39..7792051d3 100644 --- a/cmake/SSGCommon.cmake +++ b/cmake/SSGCommon.cmake @@ -795,7 +795,7 @@ macro(ssg_build_product PRODUCT) ssg_render_policies_for_product(${PRODUCT}) add_dependencies(render-policies ${PRODUCT}-render-policies) - if(SSG_BUILD_DISA_DELTA_FILES AND "${PRODUCT}" MATCHES "rhel(8|9)|ol8") + if(SSG_BUILD_DISA_DELTA_FILES AND "${PRODUCT}" MATCHES "rhel(8|9)|ol8|almalinux8") ssg_build_disa_delta(${PRODUCT} "stig") add_dependencies(${PRODUCT} generate-ssg-delta-${PRODUCT}-stig) endif() diff --git a/components/rpm.yml b/components/rpm.yml index 1523ae90b..303232aca 100644 --- a/components/rpm.yml +++ b/components/rpm.yml @@ -14,9 +14,9 @@ rules: - ensure_gpgcheck_local_packages - ensure_gpgcheck_never_disabled - ensure_gpgcheck_repo_metadata +- ensure_redhat_gpgkey_installed - ensure_oracle_gpgkey_installed - ensure_package_repositories_are_configured -- ensure_redhat_gpgkey_installed - ensure_amazon_gpgkey_installed - ensure_suse_gpgkey_installed - ensure_almalinux_gpgkey_installed diff --git a/controls/anssi.yml b/controls/anssi.yml index cdcec6573..c5d5087b0 100644 --- a/controls/anssi.yml +++ b/controls/anssi.yml @@ -1244,9 +1244,8 @@ controls: - ensure_gpgcheck_never_disabled - ensure_gpgcheck_globally_activated - ensure_gpgcheck_local_packages - - ensure_redhat_gpgkey_installed - - ensure_oracle_gpgkey_installed - ensure_almalinux_gpgkey_installed + - ensure_oracle_gpgkey_installed - id: R60 title: Hardened package repositories @@ -1370,10 +1369,8 @@ controls: PAM delegates requests for remote authentication to this service through a local Unix socket. The sssd service can use IPA, AD or LDAP as a remote database containing information required for authentication. In case IPA or AD is configured through a documented way, the connection is secured by default. In case LDAP is configured manually, there are several configuration options which should be chedked. - {{% if product in ["rhel8"] %}} An allternative solution is to use nss-pam-ldapd package. In case this package is used, we make sure that SSL is turned on and certificate is configured. - {{% endif %}} status: automated rules: - package_sssd_installed @@ -1381,10 +1378,8 @@ controls: - sssd_enable_pam_services - sssd_ldap_configure_tls_reqcert - sssd_ldap_start_tls - {{% if product in ["rhel8","ol8"] %}} - ldap_client_start_tls - ldap_client_tls_cacertpath - {{% endif %}} related_rules: - package_sssd-ipa_installed {{% else %}} @@ -1427,10 +1422,8 @@ controls: securely to Samba domains. Other relevant services are NIS and Hesiod. These should not be used. status: automated - {{% if product in ["rhel8","ol8"] %}} rules: - no_nis_in_nsswitch - {{% endif %}} {{% else %}} status: pending {{% endif %}} diff --git a/controls/cis_almalinux9.yml b/controls/cis_almalinux9.yml index 4591f52c6..670d0b14f 100644 --- a/controls/cis_almalinux9.yml +++ b/controls/cis_almalinux9.yml @@ -360,7 +360,7 @@ controls: - l1_workstation status: manual related_rules: - - ensure_redhat_gpgkey_installed + - ensure_almalinux_gpgkey_installed - id: 1.2.1.2 title: Ensure gpgcheck is globally activated (Automated) diff --git a/controls/cis_rhel10.yml b/controls/cis_rhel10.yml index e35482b2d..029f55f58 100644 --- a/controls/cis_rhel10.yml +++ b/controls/cis_rhel10.yml @@ -315,7 +315,7 @@ controls: - l1_workstation status: manual related_rules: - - ensure_redhat_gpgkey_installed + - ensure_almalinux_gpgkey_installed - id: 1.2.1.2 title: Ensure gpgcheck is globally activated (Automated) diff --git a/controls/cis_rhel8.yml b/controls/cis_rhel8.yml index f2a1e6d3a..2657914ff 100644 --- a/controls/cis_rhel8.yml +++ b/controls/cis_rhel8.yml @@ -353,7 +353,7 @@ controls: - l1_workstation status: manual related_rules: - - ensure_redhat_gpgkey_installed + - ensure_almalinux_gpgkey_installed - id: 1.2.2 title: Ensure gpgcheck is globally activated (Automated) diff --git a/controls/cis_rhel9.yml b/controls/cis_rhel9.yml index 05a3e4ac3..98cb1a49b 100644 --- a/controls/cis_rhel9.yml +++ b/controls/cis_rhel9.yml @@ -360,7 +360,7 @@ controls: - l1_workstation status: manual related_rules: - - ensure_redhat_gpgkey_installed + - ensure_almalinux_gpgkey_installed - id: 1.2.1.2 title: Ensure gpgcheck is globally activated (Automated) diff --git a/controls/e8.yml b/controls/e8.yml index c3dc27737..3d81cacef 100644 --- a/controls/e8.yml +++ b/controls/e8.yml @@ -22,7 +22,7 @@ controls: - service_avahi-daemon_disabled - package_squid_removed - service_squid_disabled - - ensure_redhat_gpgkey_installed + - ensure_almalinux_gpgkey_installed - ensure_gpgcheck_never_disabled - ensure_gpgcheck_local_packages - ensure_gpgcheck_globally_activated diff --git a/controls/hipaa.yml b/controls/hipaa.yml index fdd9e8c65..ceefcc875 100644 --- a/controls/hipaa.yml +++ b/controls/hipaa.yml @@ -167,9 +167,8 @@ controls: - ensure_gpgcheck_local_packages - ensure_gpgcheck_never_disabled - ensure_gpgcheck_repo_metadata - - ensure_redhat_gpgkey_installed - - ensure_suse_gpgkey_installed - ensure_almalinux_gpgkey_installed + - ensure_suse_gpgkey_installed status: automated - id: 164.308(a)(3) @@ -1393,9 +1392,8 @@ controls: - ensure_gpgcheck_local_packages - ensure_gpgcheck_never_disabled - ensure_gpgcheck_repo_metadata - - ensure_redhat_gpgkey_installed - - ensure_suse_gpgkey_installed - ensure_almalinux_gpgkey_installed + - ensure_suse_gpgkey_installed status: automated - id: 164.312(c) @@ -1424,9 +1422,8 @@ controls: - ensure_gpgcheck_local_packages - ensure_gpgcheck_never_disabled - ensure_gpgcheck_repo_metadata - - ensure_redhat_gpgkey_installed - - ensure_suse_gpgkey_installed - ensure_almalinux_gpgkey_installed + - ensure_suse_gpgkey_installed status: automated - id: 164.312(c)(2) @@ -1444,9 +1441,8 @@ controls: - ensure_gpgcheck_local_packages - ensure_gpgcheck_never_disabled - ensure_gpgcheck_repo_metadata - - ensure_redhat_gpgkey_installed - - ensure_suse_gpgkey_installed - ensure_almalinux_gpgkey_installed + - ensure_suse_gpgkey_installed status: automated - id: 164.312(d) @@ -1725,9 +1721,8 @@ controls: - ensure_gpgcheck_local_packages - ensure_gpgcheck_never_disabled - ensure_gpgcheck_repo_metadata - - ensure_redhat_gpgkey_installed - - ensure_suse_gpgkey_installed - ensure_almalinux_gpgkey_installed + - ensure_suse_gpgkey_installed status: automated - id: 164.312(e)(2)(ii) diff --git a/controls/ospp.yml b/controls/ospp.yml index 20ae9fa45..88a5dff83 100644 --- a/controls/ospp.yml +++ b/controls/ospp.yml @@ -447,7 +447,7 @@ controls: - ensure_gpgcheck_globally_activated - ensure_gpgcheck_local_packages - ensure_gpgcheck_never_disabled - - ensure_redhat_gpgkey_installed + - ensure_almalinux_gpgkey_installed status: automated - id: FPT_TUD_EXT.2 @@ -461,7 +461,7 @@ controls: - ensure_gpgcheck_globally_activated - ensure_gpgcheck_local_packages - ensure_gpgcheck_never_disabled - - ensure_redhat_gpgkey_installed + - ensure_almalinux_gpgkey_installed status: automated - id: FPT_TST_EXT.1 diff --git a/controls/pcidss_4.yml b/controls/pcidss_4.yml index 39f47c3c3..99c13d3f4 100644 --- a/controls/pcidss_4.yml +++ b/controls/pcidss_4.yml @@ -1555,9 +1555,8 @@ controls: - base status: automated rules: - - ensure_redhat_gpgkey_installed - - ensure_suse_gpgkey_installed - ensure_almalinux_gpgkey_installed + - ensure_suse_gpgkey_installed - ensure_gpgcheck_globally_activated - ensure_gpgcheck_never_disabled - security_patches_up_to_date diff --git a/controls/srg_gpos/SRG-OS-000366-GPOS-00153.yml b/controls/srg_gpos/SRG-OS-000366-GPOS-00153.yml index dbec9fe45..6ed3ea22d 100644 --- a/controls/srg_gpos/SRG-OS-000366-GPOS-00153.yml +++ b/controls/srg_gpos/SRG-OS-000366-GPOS-00153.yml @@ -12,12 +12,12 @@ controls: - ensure_gpgcheck_globally_activated - ensure_gpgcheck_local_packages - ensure_gpgcheck_never_disabled + {{% if 'almalinux' in product %}} + - ensure_almalinux_gpgkey_installed + {{% endif %}} {{% if 'ubuntu' in product %}} - apt_conf_disallow_unauthenticated {{% endif %}} - {{% if 'rhel' in product %}} - - ensure_redhat_gpgkey_installed - {{% endif %}} {{% if 'ol' in product %}} - ensure_oracle_gpgkey_installed {{% endif %}} diff --git a/controls/stig_rhel9.yml b/controls/stig_rhel9.yml index 32b70f006..37219d207 100644 --- a/controls/stig_rhel9.yml +++ b/controls/stig_rhel9.yml @@ -382,7 +382,7 @@ controls: - medium title: RHEL 9 must ensure cryptographic verification of vendor software packages. rules: - - ensure_redhat_gpgkey_installed + - ensure_almalinux_gpgkey_installed status: automated - id: RHEL-09-214015 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chmod/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chmod/rule.yml index 21a6d25d6..9e6b00836 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chmod/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chmod/rule.yml @@ -60,7 +60,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000466-GPOS-00210,SRG-OS-000458-GPOS-00203,SRG-APP-000091-CTR-000160,SRG-APP-000492-CTR-001220,SRG-APP-000493-CTR-001225,SRG-APP-000494-CTR-001230,SRG-APP-000500-CTR-001260,SRG-APP-000507-CTR-001295,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255 stigid@ol7: OL07-00-030410 stigid@ol8: OL08-00-030490 - stigid@rhel8: RHEL-08-030490 + stigid@almalinux8: RHEL-08-030490 stigid@sle12: SLES-12-020460 stigid@sle15: SLES-15-030290 stigid@ubuntu2004: UBTU-20-010152 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chown/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chown/rule.yml index c305be5d4..9e8cb614c 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chown/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chown/rule.yml @@ -60,7 +60,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000466-GPOS-00210,SRG-OS-000458-GPOS-00203,SRG-OS-000474-GPOS-00219,SRG-APP-000091-CTR-000160,SRG-APP-000492-CTR-001220,SRG-APP-000493-CTR-001225,SRG-APP-000494-CTR-001230,SRG-APP-000500-CTR-001260,SRG-APP-000507-CTR-001295,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255 stigid@ol7: OL07-00-030370 stigid@ol8: OL08-00-030480 - stigid@rhel8: RHEL-08-030480 + stigid@almalinux8: RHEL-08-030480 stigid@sle12: SLES-12-020420 stigid@sle15: SLES-15-030250 stigid@ubuntu2004: UBTU-20-010148 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmod/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmod/rule.yml index ba44cd4ce..c978b9f81 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmod/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmod/rule.yml @@ -57,7 +57,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000466-GPOS-00210,SRG-OS-000458-GPOS-00203,SRG-APP-000091-CTR-000160,SRG-APP-000492-CTR-001220,SRG-APP-000493-CTR-001225,SRG-APP-000494-CTR-001230,SRG-APP-000500-CTR-001260,SRG-APP-000507-CTR-001295,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255 stigid@ol7: OL07-00-030410 stigid@ol8: OL08-00-030490 - stigid@rhel8: RHEL-08-030490 + stigid@almalinux8: RHEL-08-030490 stigid@sle12: SLES-12-020460 stigid@sle15: SLES-15-030290 stigid@ubuntu2004: UBTU-20-010152 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmodat/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmodat/rule.yml index c89f9952e..16f942838 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmodat/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmodat/rule.yml @@ -57,7 +57,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000466-GPOS-00210,SRG-OS-000458-GPOS-00203,SRG-APP-000091-CTR-000160,SRG-APP-000492-CTR-001220,SRG-APP-000493-CTR-001225,SRG-APP-000494-CTR-001230,SRG-APP-000500-CTR-001260,SRG-APP-000507-CTR-001295,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255 stigid@ol7: OL07-00-030410 stigid@ol8: OL08-00-030490 - stigid@rhel8: RHEL-08-030490 + stigid@almalinux8: RHEL-08-030490 stigid@sle12: SLES-12-020460 stigid@sle15: SLES-15-030290 stigid@ubuntu2004: UBTU-20-010152 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchown/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchown/rule.yml index 56ec0034d..26c965977 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchown/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchown/rule.yml @@ -60,7 +60,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000466-GPOS-00210,SRG-OS-000458-GPOS-00203,SRG-OS-000474-GPOS-00219,SRG-APP-000091-CTR-000160,SRG-APP-000492-CTR-001220,SRG-APP-000493-CTR-001225,SRG-APP-000494-CTR-001230,SRG-APP-000500-CTR-001260,SRG-APP-000507-CTR-001295,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255 stigid@ol7: OL07-00-030370 stigid@ol8: OL08-00-030480 - stigid@rhel8: RHEL-08-030480 + stigid@almalinux8: RHEL-08-030480 stigid@sle12: SLES-12-020420 stigid@sle15: SLES-15-030250 stigid@ubuntu2004: UBTU-20-010148 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchownat/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchownat/rule.yml index 4da5306eb..96780da76 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchownat/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchownat/rule.yml @@ -57,7 +57,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000466-GPOS-00210,SRG-OS-000458-GPOS-00203,SRG-OS-000474-GPOS-00219,SRG-APP-000091-CTR-000160,SRG-APP-000492-CTR-001220,SRG-APP-000493-CTR-001225,SRG-APP-000494-CTR-001230,SRG-APP-000500-CTR-001260,SRG-APP-000507-CTR-001295,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255 stigid@ol7: OL07-00-030370 stigid@ol8: OL08-00-030480 - stigid@rhel8: RHEL-08-030480 + stigid@almalinux8: RHEL-08-030480 stigid@sle12: SLES-12-020420 stigid@sle15: SLES-15-030250 stigid@ubuntu2004: UBTU-20-010148 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fremovexattr/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fremovexattr/rule.yml index 01ddcaa79..dc65bd448 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fremovexattr/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fremovexattr/rule.yml @@ -74,7 +74,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000458-GPOS-00203,SRG-OS-000462-GPOS-00206,SRG-OS-000463-GPOS-00207,SRG-OS-000471-GPOS-00215,SRG-OS-000474-GPOS-00219,SRG-OS-000466-GPOS-00210,SRG-OS-000468-GPOS-00212,SRG-OS-000064-GPOS-00033,SRG-APP-000091-CTR-000160,SRG-APP-000492-CTR-001220,SRG-APP-000493-CTR-001225,SRG-APP-000494-CTR-001230,SRG-APP-000500-CTR-001260,SRG-APP-000507-CTR-001295,SRG-APP-000495-CTR-001235,SRG-APP-000496-CTR-001240,SRG-APP-000497-CTR-001245,SRG-APP-000498-CTR-001250,SRG-APP-000499-CTR-001255 stigid@ol7: OL07-00-030440 stigid@ol8: OL08-00-030200 - stigid@rhel8: RHEL-08-030200 + stigid@almalinux8: RHEL-08-030200 stigid@sle12: SLES-12-020370 stigid@sle15: SLES-15-030190 stigid@ubuntu2004: UBTU-20-010147 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fsetxattr/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fsetxattr/rule.yml index 77ede090f..84af9eb21 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fsetxattr/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fsetxattr/rule.yml @@ -69,7 +69,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000458-GPOS-00203,SRG-OS-000462-GPOS-00206,SRG-OS-000463-GPOS-00207,SRG-OS-000466-GPOS-00210,SRG-OS-000468-GPOS-00212,SRG-OS-000471-GPOS-00215,SRG-OS-000474-GPOS-00219,SRG-OS-000064-GPOS-00033,SRG-APP-000091-CTR-000160,SRG-APP-000492-CTR-001220,SRG-APP-000493-CTR-001225,SRG-APP-000494-CTR-001230,SRG-APP-000500-CTR-001260,SRG-APP-000507-CTR-001295,SRG-APP-000495-CTR-001235,SRG-APP-000496-CTR-001240,SRG-APP-000497-CTR-001245,SRG-APP-000498-CTR-001250,SRG-APP-000501-CTR-001265,SRG-APP-000502-CTR-001270 stigid@ol7: OL07-00-030440 stigid@ol8: OL08-00-030200 - stigid@rhel8: RHEL-08-030200 + stigid@almalinux8: RHEL-08-030200 stigid@sle12: SLES-12-020370 stigid@sle15: SLES-15-030190 stigid@ubuntu2004: UBTU-20-010144 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lchown/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lchown/rule.yml index 9b93a4f4a..6db791741 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lchown/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lchown/rule.yml @@ -60,7 +60,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000466-GPOS-00210,SRG-OS-000458-GPOS-00203,SRG-OS-000474-GPOS-00219,SRG-APP-000091-CTR-000160,SRG-APP-000492-CTR-001220,SRG-APP-000493-CTR-001225,SRG-APP-000494-CTR-001230,SRG-APP-000500-CTR-001260,SRG-APP-000507-CTR-001295,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255 stigid@ol7: OL07-00-030370 stigid@ol8: OL08-00-030480 - stigid@rhel8: RHEL-08-030480 + stigid@almalinux8: RHEL-08-030480 stigid@sle12: SLES-12-020420 stigid@sle15: SLES-15-030250 stigid@ubuntu2004: UBTU-20-010148 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lremovexattr/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lremovexattr/rule.yml index eccf126f2..e301893b2 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lremovexattr/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lremovexattr/rule.yml @@ -74,7 +74,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000458-GPOS-00203,SRG-OS-000462-GPOS-00206,SRG-OS-000463-GPOS-00207,SRG-OS-000468-GPOS-00212,SRG-OS-000471-GPOS-00215,SRG-OS-000474-GPOS-00219,SRG-OS-000466-GPOS-00210,SRG-OS-000064-GPOS-00033,SRG-APP-000091-CTR-000160,SRG-APP-000492-CTR-001220,SRG-APP-000493-CTR-001225,SRG-APP-000494-CTR-001230,SRG-APP-000500-CTR-001260,SRG-APP-000507-CTR-001295,SRG-APP-000495-CTR-001235,SRG-APP-000496-CTR-001240,SRG-APP-000497-CTR-001245,SRG-APP-000498-CTR-001250,SRG-APP-000499-CTR-001255,SRG-APP-000501-CTR-001265,SRG-APP-000502-CTR-001270 stigid@ol7: OL07-00-030440 stigid@ol8: OL08-00-030200 - stigid@rhel8: RHEL-08-030200 + stigid@almalinux8: RHEL-08-030200 stigid@sle12: SLES-12-020370 stigid@sle15: SLES-15-030190 stigid@ubuntu2004: UBTU-20-010146 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lsetxattr/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lsetxattr/rule.yml index 55afc87c7..61a43002c 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lsetxattr/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lsetxattr/rule.yml @@ -69,7 +69,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000458-GPOS-00203,SRG-OS-000462-GPOS-00206,SRG-OS-000463-GPOS-00207,SRG-OS-000466-GPOS-00210,SRG-OS-000468-GPOS-00212,SRG-OS-000471-GPOS-00215,SRG-OS-000474-GPOS-00219,SRG-OS-000064-GPOS-00033,SRG-APP-000091-CTR-000160,SRG-APP-000492-CTR-001220,SRG-APP-000493-CTR-001225,SRG-APP-000494-CTR-001230,SRG-APP-000500-CTR-001260,SRG-APP-000507-CTR-001295,SRG-APP-000495-CTR-001235,SRG-APP-000496-CTR-001240,SRG-APP-000497-CTR-001245,SRG-APP-000498-CTR-001250,SRG-APP-000501-CTR-001265,SRG-APP-000502-CTR-001270 stigid@ol7: OL07-00-030440 stigid@ol8: OL08-00-030200 - stigid@rhel8: RHEL-08-030200 + stigid@almalinux8: RHEL-08-030200 stigid@sle12: SLES-12-020370 stigid@sle15: SLES-15-030190 stigid@ubuntu2004: UBTU-20-010143 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_removexattr/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_removexattr/rule.yml index d800a14e3..f586a1eda 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_removexattr/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_removexattr/rule.yml @@ -73,7 +73,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000458-GPOS-00203,SRG-OS-000462-GPOS-00206,SRG-OS-000463-GPOS-00207,SRG-OS-000468-GPOS-00212,SRG-OS-000471-GPOS-00215,SRG-OS-000474-GPOS-00219,SRG-OS-000466-GPOS-00210,SRG-OS-000064-GPOS-00033,SRG-APP-000091-CTR-000160,SRG-APP-000492-CTR-001220,SRG-APP-000493-CTR-001225,SRG-APP-000494-CTR-001230,SRG-APP-000500-CTR-001260,SRG-APP-000507-CTR-001295,SRG-APP-000495-CTR-001235,SRG-APP-000496-CTR-001240,SRG-APP-000497-CTR-001245,SRG-APP-000498-CTR-001250,SRG-APP-000499-CTR-001255,SRG-APP-000501-CTR-001265,SRG-APP-000502-CTR-001270 stigid@ol7: OL07-00-030440 stigid@ol8: OL08-00-030200 - stigid@rhel8: RHEL-08-030200 + stigid@almalinux8: RHEL-08-030200 stigid@sle12: SLES-12-020370 stigid@sle15: SLES-15-030190 stigid@ubuntu2004: UBTU-20-010145 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_setxattr/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_setxattr/rule.yml index 4f709ced1..6cf0fce0e 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_setxattr/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_setxattr/rule.yml @@ -69,7 +69,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000466-GPOS-00210,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000458-GPOS-00203,SRG-APP-000091-CTR-000160,SRG-APP-000492-CTR-001220,SRG-APP-000493-CTR-001225,SRG-APP-000494-CTR-001230,SRG-APP-000500-CTR-001260,SRG-APP-000507-CTR-001295,SRG-APP-000495-CTR-001235 stigid@ol7: OL07-00-030440 stigid@ol8: OL08-00-030200 - stigid@rhel8: RHEL-08-030200 + stigid@almalinux8: RHEL-08-030200 stigid@sle12: SLES-12-020370 stigid@sle15: SLES-15-030190 stigid@ubuntu2004: UBTU-20-010142 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_chacl/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_chacl/rule.yml index 122e7f039..42e04c66d 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_chacl/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_chacl/rule.yml @@ -39,7 +39,7 @@ references: nist@sle12: AU-3,AU-3.1,AU-12.1(ii),AU-12(a),AU-12.1(iv),AU-12(c),MA-4(1)(a) srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000466-GPOS-00210,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255 stigid@ol8: OL08-00-030570 - stigid@rhel8: RHEL-08-030570 + stigid@almalinux8: RHEL-08-030570 stigid@sle12: SLES-12-020620 stigid@sle15: SLES-15-030440 stigid@ubuntu2004: UBTU-20-010168 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_setfacl/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_setfacl/rule.yml index 2709c0194..34972cd3a 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_setfacl/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_setfacl/rule.yml @@ -38,7 +38,7 @@ references: nist@sle12: AU-3,AU-3.1,AU-12.1(ii),AU-12(a),AU-12.1(iv),AU-12(c),MA-4(1)(a) srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-APP-000495-CTR-001235 stigid@ol8: OL08-00-030330 - stigid@rhel8: RHEL-08-030330 + stigid@almalinux8: RHEL-08-030330 stigid@sle12: SLES-12-020610 stigid@sle15: SLES-15-030430 stigid@ubuntu2004: UBTU-20-010167 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_chcon/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_chcon/rule.yml index ba939bd99..f40dfe642 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_chcon/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_chcon/rule.yml @@ -59,7 +59,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000468-GPOS-00212,SRG-OS-000471-GPOS-00215,SRG-OS-000463-GPOS-00207,SRG-OS-000465-GPOS-00209,SRG-APP-000495-CTR-001235,SRG-APP-000496-CTR-001240,SRG-APP-000497-CTR-001245,SRG-APP-000498-CTR-001250,SRG-APP-000501-CTR-001265,SRG-APP-000502-CTR-001270 stigid@ol7: OL07-00-030580 stigid@ol8: OL08-00-030260 - stigid@rhel8: RHEL-08-030260 + stigid@almalinux8: RHEL-08-030260 stigid@sle12: SLES-12-020630 stigid@sle15: SLES-15-030450 stigid@ubuntu2004: UBTU-20-010165 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_semanage/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_semanage/rule.yml index 7710a16da..b344a039e 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_semanage/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_semanage/rule.yml @@ -56,7 +56,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000463-GPOS-00207,SRG-OS-000465-GPOS-00209,SRG-APP-000495-CTR-001235,SRG-APP-000496-CTR-001240,SRG-APP-000497-CTR-001245,SRG-APP-000498-CTR-001250 stigid@ol7: OL07-00-030560 stigid@ol8: OL08-00-030313 - stigid@rhel8: RHEL-08-030313 + stigid@almalinux8: RHEL-08-030313 {{{ ocil_fix_srg_privileged_command("semanage", "/usr/sbin/", "privileged-unix-update") }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setfiles/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setfiles/rule.yml index 5af56b1d2..a5074c050 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setfiles/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setfiles/rule.yml @@ -46,7 +46,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000463-GPOS-00207,SRG-OS-000465-GPOS-00209,SRG-APP-000495-CTR-001235,SRG-APP-000496-CTR-001240,SRG-APP-000497-CTR-001245,SRG-APP-000498-CTR-001250 stigid@ol7: OL07-00-030590 stigid@ol8: OL08-00-030314 - stigid@rhel8: RHEL-08-030314 + stigid@almalinux8: RHEL-08-030314 {{{ ocil_fix_srg_privileged_command("setfiles", "/usr/sbin/", "privileged-unix-update") }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setsebool/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setsebool/rule.yml index 5dafeb060..db55c65eb 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setsebool/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setsebool/rule.yml @@ -55,7 +55,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000463-GPOS-00207,SRG-OS-000465-GPOS-00209,SRG-APP-000495-CTR-001235,SRG-APP-000496-CTR-001240,SRG-APP-000497-CTR-001245,SRG-APP-000498-CTR-001250 stigid@ol7: OL07-00-030570 stigid@ol8: OL08-00-030316 - stigid@rhel8: RHEL-08-030316 + stigid@almalinux8: RHEL-08-030316 {{{ ocil_fix_srg_privileged_command("setsebool", "/usr/sbin/", "privileged") }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rename/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rename/rule.yml index 3b9508a74..7c11ab9f7 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rename/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rename/rule.yml @@ -55,7 +55,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000466-GPOS-00210,SRG-OS-000467-GPOS-00211,SRG-OS-000468-GPOS-00212,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255,SRG-APP-000501-CTR-001265,SRG-APP-000502-CTR-001270 stigid@ol7: OL07-00-030910 stigid@ol8: OL08-00-030361 - stigid@rhel8: RHEL-08-030361 + stigid@almalinux8: RHEL-08-030361 stigid@ubuntu2004: UBTU-20-010267 stigid@ubuntu2204: UBTU-22-654185 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_renameat/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_renameat/rule.yml index 1de048100..766168996 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_renameat/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_renameat/rule.yml @@ -52,7 +52,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000466-GPOS-00210,SRG-OS-000467-GPOS-00211,SRG-OS-000468-GPOS-00212,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255,SRG-APP-000501-CTR-001265,SRG-APP-000502-CTR-001270 stigid@ol7: OL07-00-030910 stigid@ol8: OL08-00-030361 - stigid@rhel8: RHEL-08-030361 + stigid@almalinux8: RHEL-08-030361 stigid@ubuntu2004: UBTU-20-010267 stigid@ubuntu2204: UBTU-22-654185 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rmdir/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rmdir/rule.yml index ab5a8cff6..8b6d610da 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rmdir/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rmdir/rule.yml @@ -49,7 +49,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000466-GPOS-00210,SRG-OS-000467-GPOS-00211,SRG-OS-000468-GPOS-00212,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255,SRG-APP-000501-CTR-001265,SRG-APP-000502-CTR-001270 stigid@ol7: OL07-00-030910 stigid@ol8: OL08-00-030361 - stigid@rhel8: RHEL-08-030361 + stigid@almalinux8: RHEL-08-030361 stigid@ubuntu2004: UBTU-20-010267 stigid@ubuntu2204: UBTU-22-654185 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlink/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlink/rule.yml index 5ace03a60..d3eacf1a3 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlink/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlink/rule.yml @@ -55,7 +55,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000466-GPOS-00210,SRG-OS-000467-GPOS-00211,SRG-OS-000468-GPOS-00212,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255,SRG-APP-000501-CTR-001265,SRG-APP-000502-CTR-001270 stigid@ol7: OL07-00-030910 stigid@ol8: OL08-00-030361 - stigid@rhel8: RHEL-08-030361 + stigid@almalinux8: RHEL-08-030361 stigid@ubuntu2004: UBTU-20-010267 stigid@ubuntu2204: UBTU-22-654185 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlinkat/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlinkat/rule.yml index 6d609b2eb..1fe02f0d5 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlinkat/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlinkat/rule.yml @@ -52,7 +52,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000466-GPOS-00210,SRG-OS-000467-GPOS-00211,SRG-OS-000468-GPOS-00212,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255,SRG-APP-000501-CTR-001265,SRG-APP-000502-CTR-001270 stigid@ol7: OL07-00-030910 stigid@ol8: OL08-00-030361 - stigid@rhel8: RHEL-08-030361 + stigid@almalinux8: RHEL-08-030361 stigid@ubuntu2004: UBTU-20-010267 stigid@ubuntu2204: UBTU-22-654185 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_creat/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_creat/rule.yml index 54002d249..eab8ab594 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_creat/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_creat/rule.yml @@ -64,7 +64,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000458-GPOS-00203,SRG-OS-000461-GPOS-00205,SRG-APP-000495-CTR-001235 stigid@ol7: OL07-00-030510 stigid@ol8: OL08-00-030420 - stigid@rhel8: RHEL-08-030420 + stigid@almalinux8: RHEL-08-030420 stigid@sle12: SLES-12-020490 stigid@sle15: SLES-15-030150 stigid@ubuntu2004: UBTU-20-010155 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_ftruncate/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_ftruncate/rule.yml index 34bc88541..dfe128709 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_ftruncate/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_ftruncate/rule.yml @@ -64,7 +64,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000458-GPOS-00203,SRG-OS-000461-GPOS-00205,SRG-APP-000495-CTR-001235 stigid@ol7: OL07-00-030510 stigid@ol8: OL08-00-030420 - stigid@rhel8: RHEL-08-030420 + stigid@almalinux8: RHEL-08-030420 stigid@sle12: SLES-12-020490 stigid@sle15: SLES-15-030150 stigid@ubuntu2004: UBTU-20-010155 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open/rule.yml index d40e5cecc..74615a3e2 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open/rule.yml @@ -66,7 +66,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000458-GPOS-00203,SRG-OS-000461-GPOS-00205,SRG-APP-000495-CTR-001235 stigid@ol7: OL07-00-030510 stigid@ol8: OL08-00-030420 - stigid@rhel8: RHEL-08-030420 + stigid@almalinux8: RHEL-08-030420 stigid@sle12: SLES-12-020490 stigid@sle15: SLES-15-030150 stigid@ubuntu2004: UBTU-20-010155 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at/rule.yml index 86297fe41..3d17494ac 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at/rule.yml @@ -55,7 +55,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000458-GPOS-00203,SRG-OS-000461-GPOS-00205,SRG-APP-000495-CTR-001235 stigid@ol7: OL07-00-030510 stigid@ol8: OL08-00-030420 - stigid@rhel8: RHEL-08-030420 + stigid@almalinux8: RHEL-08-030420 stigid@sle12: SLES-12-020490 stigid@sle15: SLES-15-030150 stigid@ubuntu2004: UBTU-20-010155 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat/rule.yml index 6bf71d78a..cdd5e064e 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat/rule.yml @@ -64,7 +64,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000458-GPOS-00203,SRG-OS-000461-GPOS-00205,SRG-APP-000495-CTR-001235 stigid@ol7: OL07-00-030510 stigid@ol8: OL08-00-030420 - stigid@rhel8: RHEL-08-030420 + stigid@almalinux8: RHEL-08-030420 stigid@sle12: SLES-12-020490 stigid@sle15: SLES-15-030150 stigid@ubuntu2004: UBTU-20-010155 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_truncate/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_truncate/rule.yml index 1cc55c41c..a6c46912e 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_truncate/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_truncate/rule.yml @@ -63,7 +63,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000458-GPOS-00203,SRG-OS-000461-GPOS-00205,SRG-APP-000495-CTR-001235 stigid@ol7: OL07-00-030510 stigid@ol8: OL08-00-030420 - stigid@rhel8: RHEL-08-030420 + stigid@almalinux8: RHEL-08-030420 stigid@sle12: SLES-12-020490 stigid@sle15: SLES-15-030150 stigid@ubuntu2004: UBTU-20-010155 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_create/kubernetes/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_create/kubernetes/shared.yml index bdf3015c4..658327033 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_create/kubernetes/shared.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_create/kubernetes/shared.yml @@ -1,5 +1,5 @@ --- -# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos +# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos apiVersion: machineconfiguration.openshift.io/v1 kind: MachineConfig spec: diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/kubernetes/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/kubernetes/shared.yml index 7c8e520c1..e5c1d9d93 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/kubernetes/shared.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/kubernetes/shared.yml @@ -1,5 +1,5 @@ --- -# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos +# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos apiVersion: machineconfiguration.openshift.io/v1 kind: MachineConfig spec: diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/rule.yml index 112f91278..14f745cad 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/rule.yml @@ -56,7 +56,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000471-GPOS-00216,SRG-OS-000477-GPOS-00222,SRG-APP-000495-CTR-001235,SRG-APP-000504-CTR-001280 stigid@ol7: OL07-00-030830 stigid@ol8: OL08-00-030390 - stigid@rhel8: RHEL-08-030390 + stigid@almalinux8: RHEL-08-030390 stigid@sle12: SLES-12-020730 stigid@sle15: SLES-15-030520 stigid@ubuntu2004: UBTU-20-010181 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/tests/missing_auid_filter.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/tests/missing_auid_filter.fail.sh index 1bf2449b4..e709c4daf 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/tests/missing_auid_filter.fail.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/tests/missing_auid_filter.fail.sh @@ -1,5 +1,5 @@ #!/bin/bash -# platform = Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_ubuntu +# platform = Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8,multi_platform_ubuntu # packages = audit rm -f /etc/audit/rules.d/* diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/kubernetes/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/kubernetes/shared.yml index 639d76a21..7f4d463d6 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/kubernetes/shared.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/kubernetes/shared.yml @@ -1,5 +1,5 @@ --- -# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos +# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos apiVersion: machineconfiguration.openshift.io/v1 kind: MachineConfig spec: diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/rule.yml index 2756d56fa..a260684e6 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/rule.yml @@ -54,7 +54,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000471-GPOS-00216,SRG-OS-000477-GPOS-00222,SRG-APP-000495-CTR-001235,SRG-APP-000504-CTR-001280 stigid@ol7: OL07-00-030820 stigid@ol8: OL08-00-030360 - stigid@rhel8: RHEL-08-030360 + stigid@almalinux8: RHEL-08-030360 stigid@sle12: SLES-12-020740 stigid@sle15: SLES-15-030530 stigid@ubuntu2004: UBTU-20-010179 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/tests/missing_auid_filter.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/tests/missing_auid_filter.fail.sh index 548015d2a..8605337d4 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/tests/missing_auid_filter.fail.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/tests/missing_auid_filter.fail.sh @@ -1,5 +1,5 @@ #!/bin/bash -# platform = Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_ubuntu +# platform = Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8,multi_platform_ubuntu # packages = audit rm -f /etc/audit/rules.d/* diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/kubernetes/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/kubernetes/shared.yml index 083a612a0..3228b89b7 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/kubernetes/shared.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/kubernetes/shared.yml @@ -1,5 +1,5 @@ --- -# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos +# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos apiVersion: machineconfiguration.openshift.io/v1 kind: MachineConfig spec: diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/rule.yml index 58cd30b2f..da5669b69 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/rule.yml @@ -56,7 +56,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000471-GPOS-00216,SRG-OS-000477-GPOS-00222,SRG-APP-000495-CTR-001235,SRG-APP-000504-CTR-001280 stigid@ol7: OL07-00-030820 stigid@ol8: OL08-00-030360 - stigid@rhel8: RHEL-08-030360 + stigid@almalinux8: RHEL-08-030360 stigid@sle12: SLES-12-020740 stigid@sle15: SLES-15-030530 stigid@ubuntu2004: UBTU-20-010179 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/tests/missing_auid_filter.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/tests/missing_auid_filter.fail.sh index 8e282ee3e..02be3e6f2 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/tests/missing_auid_filter.fail.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/tests/missing_auid_filter.fail.sh @@ -1,5 +1,5 @@ #!/bin/bash -# platform = Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_ubuntu +# platform = Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8,multi_platform_ubuntu # packages = audit rm -f /etc/audit/rules.d/* diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_query/tests/missing_auid_filter.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_query/tests/missing_auid_filter.fail.sh index 009564309..35ad01a74 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_query/tests/missing_auid_filter.fail.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_query/tests/missing_auid_filter.fail.sh @@ -1,5 +1,5 @@ #!/bin/bash -# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9 +# platform = Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9 # packages = audit rm -f /etc/audit/rules.d/* diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/rule.yml index 3d2a43291..a91e740bc 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/rule.yml @@ -49,7 +49,7 @@ references: srg: SRG-OS-000392-GPOS-00172,SRG-OS-000470-GPOS-00214,SRG-OS-000473-GPOS-00218,SRG-APP-000503-CTR-001275,SRG-APP-000506-CTR-001290 stigid@ol7: OL07-00-030610 stigid@ol8: OL08-00-030590 - stigid@rhel8: RHEL-08-030590 + stigid@almalinux8: RHEL-08-030590 ocil_clause: 'the command does not return a line, or the line is commented out' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_cis.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_cis.pass.sh index aa5933406..9d159f0e4 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_cis.pass.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_cis.pass.sh @@ -1,6 +1,6 @@ #!/bin/bash # packages = audit -# platform = multi_platform_rhel +# platform = multi_platform_rhel,multi_platform_almalinux # profiles = xccdf_org.ssgproject.content_profile_cis {{{ setup_auditctl_environment() }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_extra_permission_cis.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_extra_permission_cis.pass.sh index 742a8dc93..ebf3e4241 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_extra_permission_cis.pass.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_extra_permission_cis.pass.sh @@ -1,6 +1,6 @@ #!/bin/bash # packages = audit -# platform = multi_platform_rhel +# platform = multi_platform_rhel,multi_platform_almalinux # profiles = xccdf_org.ssgproject.content_profile_cis {{{ setup_auditctl_environment() }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_without_key_cis.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_without_key_cis.pass.sh index 1b52b43c4..959b8c363 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_without_key_cis.pass.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_without_key_cis.pass.sh @@ -1,6 +1,6 @@ #!/bin/bash # packages = audit -# platform = multi_platform_rhel +# platform = multi_platform_rhel,multi_platform_almalinux # profiles = xccdf_org.ssgproject.content_profile_cis {{{ setup_auditctl_environment() }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_remove_all_rules_cis.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_remove_all_rules_cis.fail.sh index 6e725d924..003cbad34 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_remove_all_rules_cis.fail.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_remove_all_rules_cis.fail.sh @@ -1,6 +1,6 @@ #!/bin/bash # packages = audit -# platform = multi_platform_rhel +# platform = multi_platform_rhel,multi_platform_almalinux # profiles = xccdf_org.ssgproject.content_profile_cis {{{ setup_auditctl_environment() }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_wrong_rule_cis.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_wrong_rule_cis.fail.sh index be053a0e4..9ae68c06d 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_wrong_rule_cis.fail.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_wrong_rule_cis.fail.sh @@ -1,6 +1,6 @@ #!/bin/bash # packages = audit -# platform = multi_platform_rhel +# platform = multi_platform_rhel,multi_platform_almalinux # profiles = xccdf_org.ssgproject.content_profile_cis {{{ setup_auditctl_environment() }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_wrong_rule_without_key_cis.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_wrong_rule_without_key_cis.fail.sh index 32a315ee3..ceaa81c5d 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_wrong_rule_without_key_cis.fail.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_wrong_rule_without_key_cis.fail.sh @@ -1,6 +1,6 @@ #!/bin/bash # packages = audit -# platform = multi_platform_rhel +# platform = multi_platform_rhel,multi_platform_almalinux # profiles = xccdf_org.ssgproject.content_profile_cis {{{ setup_auditctl_environment() }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_correct_cis.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_correct_cis.pass.sh index 900ec1c42..66a26d349 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_correct_cis.pass.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_correct_cis.pass.sh @@ -1,6 +1,6 @@ #!/bin/bash # packages = audit -# platform = multi_platform_rhel +# platform = multi_platform_rhel,multi_platform_almalinux # profiles = xccdf_org.ssgproject.content_profile_cis path="/var/run/faillock" diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_correct_extra_permission_cis.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_correct_extra_permission_cis.pass.sh index 6211dfd8a..0cc9223e1 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_correct_extra_permission_cis.pass.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_correct_extra_permission_cis.pass.sh @@ -1,6 +1,6 @@ #!/bin/bash # packages = audit -# platform = multi_platform_rhel +# platform = multi_platform_rhel,multi_platform_almalinux # profiles = xccdf_org.ssgproject.content_profile_cis path="/var/run/faillock" diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_correct_without_key_cis.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_correct_without_key_cis.pass.sh index 1d00bfac9..41961fe47 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_correct_without_key_cis.pass.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_correct_without_key_cis.pass.sh @@ -1,6 +1,6 @@ #!/bin/bash # packages = audit -# platform = multi_platform_rhel +# platform = multi_platform_rhel,multi_platform_almalinux # profiles = xccdf_org.ssgproject.content_profile_cis path="/var/run/faillock" diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_remove_all_rules_cis.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_remove_all_rules_cis.fail.sh index a68b4e87a..33230eff8 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_remove_all_rules_cis.fail.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_remove_all_rules_cis.fail.sh @@ -1,6 +1,6 @@ #!/bin/bash # packages = audit -# platform = multi_platform_rhel +# platform = multi_platform_rhel,multi_platform_almalinux # profiles = xccdf_org.ssgproject.content_profile_cis path="/var/run/faillock" diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_wrong_rule_cis.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_wrong_rule_cis.fail.sh index 97d8f88da..d35376777 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_wrong_rule_cis.fail.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_wrong_rule_cis.fail.sh @@ -1,6 +1,6 @@ #!/bin/bash # packages = audit -# platform = multi_platform_rhel +# platform = multi_platform_rhel,multi_platform_almalinux # profiles = xccdf_org.ssgproject.content_profile_cis path="/var/run/faillock" diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_wrong_rule_without_key_cis.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_wrong_rule_without_key_cis.fail.sh index 43168b5cc..d87e6b3e3 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_wrong_rule_without_key_cis.fail.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_wrong_rule_without_key_cis.fail.sh @@ -1,6 +1,6 @@ #!/bin/bash # packages = audit -# platform = multi_platform_rhel +# platform = multi_platform_rhel,multi_platform_almalinux # profiles = xccdf_org.ssgproject.content_profile_cis path="/var/run/faillock" diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_lastlog/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_lastlog/rule.yml index ee68421a4..c2eb04164 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_lastlog/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_lastlog/rule.yml @@ -52,7 +52,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000473-GPOS-00218,SRG-OS-000470-GPOS-00214,SRG-APP-000495-CTR-001235,SRG-APP-000503-CTR-001275,SRG-APP-000506-CTR-001290 stigid@ol7: OL07-00-030620 stigid@ol8: OL08-00-030600 - stigid@rhel8: RHEL-08-030600 + stigid@almalinux8: RHEL-08-030600 stigid@sle12: SLES-12-020660 stigid@sle15: SLES-15-030480 stigid@ubuntu2004: UBTU-20-010171 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_default.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_default.fail.sh index 48bf48bd2..0c9d7c81e 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_default.fail.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_default.fail.sh @@ -1,5 +1,5 @@ #!/bin/bash # packages = audit -# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu +# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu {{{ setup_auditctl_environment() }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_missing_rule.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_missing_rule.fail.sh index 5d91bba64..5d53ea73c 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_missing_rule.fail.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_missing_rule.fail.sh @@ -1,6 +1,6 @@ #!/bin/bash # packages = audit -# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu +# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu {{{ setup_auditctl_environment() }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_one_rule.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_one_rule.fail.sh index 92186611b..ee66ac9dc 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_one_rule.fail.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_one_rule.fail.sh @@ -1,6 +1,6 @@ #!/bin/bash # packages = audit -# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu +# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu {{{ setup_auditctl_environment() }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_rules_configured.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_rules_configured.pass.sh index 7e041ef90..1d5b3127b 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_rules_configured.pass.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_rules_configured.pass.sh @@ -1,6 +1,6 @@ #!/bin/bash # packages = audit -# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu +# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu {{{ setup_auditctl_environment() }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_rules_without_perm_x.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_rules_without_perm_x.pass.sh index a6592b8e1..9962409ea 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_rules_without_perm_x.pass.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_rules_without_perm_x.pass.sh @@ -1,6 +1,6 @@ #!/bin/bash # packages = audit -# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu +# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu {{{ setup_auditctl_environment() }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_default.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_default.fail.sh index d5c338857..af5946007 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_default.fail.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_default.fail.sh @@ -1,5 +1,5 @@ #!/bin/bash # packages = audit -# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu +# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu # augenrules is default for rhel7 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_duplicated.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_duplicated.fail.sh index 0a16a0c50..8a4e1608a 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_duplicated.fail.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_duplicated.fail.sh @@ -1,7 +1,7 @@ #!/bin/bash # packages = audit # remediation = none -# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu +# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu ./generate_privileged_commands_rule.sh {{{ uid_min }}} privileged /tmp/privileged.rules diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_extra_rules_configured.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_extra_rules_configured.pass.sh index adbf71ccf..cac9509dd 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_extra_rules_configured.pass.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_extra_rules_configured.pass.sh @@ -1,6 +1,6 @@ #!/bin/bash # packages = audit -# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu +# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu ./generate_privileged_commands_rule.sh {{{ uid_min }}} privileged /etc/audit/rules.d/privileged.rules echo "-a always,exit -F path=/usr/bin/notrelevant -F perm=x -F auid>={{{ uid_min }}} -F auid!=unset -F key=privileged" >> /etc/audit/rules.d/privileged.rules diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_missing_rule.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_missing_rule.fail.sh index 2f01315e0..0fcf5d593 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_missing_rule.fail.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_missing_rule.fail.sh @@ -1,6 +1,6 @@ #!/bin/bash # packages = audit -# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu +# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu ./generate_privileged_commands_rule.sh {{{ uid_min }}} privileged /etc/audit/rules.d/privileged.rules sed -i '/newgrp/d' /etc/audit/rules.d/privileged.rules diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_one_rule.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_one_rule.fail.sh index 2c3c6124c..0e5ad3011 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_one_rule.fail.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_one_rule.fail.sh @@ -1,5 +1,5 @@ #!/bin/bash # packages = audit -# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu +# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu echo "-a always,exit -F path=/usr/bin/sudo -F perm=x -F auid>={{{ uid_min }}} -F auid!=unset -F key=privileged" >> /etc/audit/rules.d/privileged.rules diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_configured.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_configured.pass.sh index ee2c9ce79..cabf11a5b 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_configured.pass.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_configured.pass.sh @@ -1,5 +1,5 @@ #!/bin/bash # packages = audit -# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu +# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu ./generate_privileged_commands_rule.sh {{{ uid_min }}} privileged /etc/audit/rules.d/privileged.rules diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_configured_mixed_keys.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_configured_mixed_keys.pass.sh index b6fd7bf89..ee7c90bfd 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_configured_mixed_keys.pass.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_configured_mixed_keys.pass.sh @@ -1,6 +1,6 @@ #!/bin/bash # packages = audit -# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu +# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu ./generate_privileged_commands_rule.sh {{{ uid_min }}} privileged /etc/audit/rules.d/privileged.rules # change key of rules for binaries in /usr/sbin diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_ignore_dracut_tmp.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_ignore_dracut_tmp.pass.sh index 6ef31d987..2da0682e0 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_ignore_dracut_tmp.pass.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_ignore_dracut_tmp.pass.sh @@ -1,6 +1,6 @@ #!/bin/bash # packages = audit -# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8 +# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8 ./generate_privileged_commands_rule.sh {{{ uid_min }}} privileged /etc/audit/rules.d/privileged.rules diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_multiple_partitions.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_multiple_partitions.fail.sh index a45b84843..f4e964bc1 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_multiple_partitions.fail.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_multiple_partitions.fail.sh @@ -1,6 +1,6 @@ #!/bin/bash # packages = audit -# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu +# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu . $SHARED/partition.sh diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_without_perm_x.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_without_perm_x.pass.sh index 1f42f8652..e2dbd9bd9 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_without_perm_x.pass.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_without_perm_x.pass.sh @@ -1,6 +1,6 @@ #!/bin/bash # packages = audit -# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu +# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu ./generate_privileged_commands_rule.sh {{{ uid_min }}} privileged /etc/audit/rules.d/privileged.rules sed -i -E 's/^(.*path=[[:graph:]]+) -F perm=x(.*$)/\1\2/' /etc/audit/rules.d/privileged.rules diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_two_rules_mixed_keys.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_two_rules_mixed_keys.fail.sh index e58060ff7..556cd112a 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_two_rules_mixed_keys.fail.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_two_rules_mixed_keys.fail.sh @@ -1,6 +1,6 @@ #!/bin/bash # packages = audit -# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu +# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu echo "-a always,exit -F path=/usr/bin/newgrp -F perm=x -F auid>={{{ uid_min }}} -F auid!=unset -k privileged" >> /etc/audit/rules.d/privileged.rules echo "-a always,exit -F path=/usr/bin/passwd -F perm=x -F auid>={{{ uid_min }}} -F auid!=unset -F key=privileged" >> /etc/audit/rules.d/privileged.rules diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_two_rules_sep_files.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_two_rules_sep_files.fail.sh index 8f3c02693..0d251f46b 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_two_rules_sep_files.fail.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_two_rules_sep_files.fail.sh @@ -1,6 +1,6 @@ #!/bin/bash # packages = audit -# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu +# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu echo "-a always,exit -F path=/usr/bin/newgrp -F perm=x -F auid>={{{ uid_min }}} -F auid!=unset -F key=privileged" >> /etc/audit/rules.d/priv.rules echo "-a always,exit -F path=/usr/bin/notrelevant -F perm=x -F auid>={{{ uid_min }}} -F auid!=unset -F key=privileged" >> /etc/audit/rules.d/priv.rules diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/rules_with_own_key.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/rules_with_own_key.pass.sh index 2dba37605..c9684121a 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/rules_with_own_key.pass.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/rules_with_own_key.pass.sh @@ -1,5 +1,5 @@ #!/bin/bash # packages = audit -# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu +# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu ./generate_privileged_commands_rule.sh {{{ uid_min }}} own_key /etc/audit/rules.d/privileged.rules diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chage/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chage/rule.yml index ebb130081..5d0f04372 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chage/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chage/rule.yml @@ -59,7 +59,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000468-GPOS-00212,SRG-OS-000471-GPOS-00215,SRG-APP-000029-CTR-000085,SRG-APP-000495-CTR-001235,SRG-APP-000501-CTR-001265,SRG-APP-000502-CTR-001270 stigid@ol7: OL07-00-030660 stigid@ol8: OL08-00-030250 - stigid@rhel8: RHEL-08-030250 + stigid@almalinux8: RHEL-08-030250 stigid@sle12: SLES-12-020690 stigid@sle15: SLES-15-030120 stigid@ubuntu2004: UBTU-20-010175 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chsh/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chsh/rule.yml index bf9ce6ce9..addc7d1c7 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chsh/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chsh/rule.yml @@ -59,7 +59,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-APP-000495-CTR-001235 stigid@ol7: OL07-00-030720 stigid@ol8: OL08-00-030410 - stigid@rhel8: RHEL-08-030410 + stigid@almalinux8: RHEL-08-030410 stigid@sle12: SLES-12-020580 stigid@sle15: SLES-15-030100 stigid@ubuntu2004: UBTU-20-010163 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_crontab/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_crontab/rule.yml index 99a41a0bd..a9aee449a 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_crontab/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_crontab/rule.yml @@ -58,7 +58,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-APP-000495-CTR-001235 stigid@ol7: OL07-00-030800 stigid@ol8: OL08-00-030400 - stigid@rhel8: RHEL-08-030400 + stigid@almalinux8: RHEL-08-030400 stigid@sle12: SLES-12-020710 stigid@sle15: SLES-15-030130 stigid@ubuntu2004: UBTU-20-010177 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_gpasswd/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_gpasswd/rule.yml index d86dc06b6..1fcbaded1 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_gpasswd/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_gpasswd/rule.yml @@ -59,7 +59,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-APP-000029-CTR-000085,SRG-APP-000495-CTR-001235 stigid@ol7: OL07-00-030650 stigid@ol8: OL08-00-030370 - stigid@rhel8: RHEL-08-030370 + stigid@almalinux8: RHEL-08-030370 stigid@sle12: SLES-12-020560 stigid@sle15: SLES-15-030080 stigid@ubuntu2004: UBTU-20-010174 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_insmod/ansible/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_insmod/ansible/shared.yml index 6c114c13c..5c5f7185c 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_insmod/ansible/shared.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_insmod/ansible/shared.yml @@ -1,4 +1,4 @@ -# platform = multi_platform_rhel,multi_platform_sle,multi_platform_slmicro +# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro # reboot = false # strategy = restrict # complexity = low diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_insmod/bash/shared.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_insmod/bash/shared.sh index f4fff8181..6c379ca01 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_insmod/bash/shared.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_insmod/bash/shared.sh @@ -1,4 +1,4 @@ -# platform = multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_debian +# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_debian # Perform the remediation for both possible tools: 'auditctl' and 'augenrules' {{{ bash_fix_audit_watch_rule("auditctl", "/sbin/insmod", "x", "modules") }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_kmod/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_kmod/rule.yml index 6b0577551..417636fce 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_kmod/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_kmod/rule.yml @@ -46,7 +46,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000471-GPOS-00216,SRG-OS-000477-GPOS-00222,SRG-APP-000495-CTR-001235,SRG-APP-000504-CTR-001280 stigid@ol7: OL07-00-030840 stigid@ol8: OL08-00-030580 - stigid@rhel8: RHEL-08-030580 + stigid@almalinux8: RHEL-08-030580 stigid@sle12: SLES-12-020360 stigid@sle15: SLES-15-030410 stigid@ubuntu2004: UBTU-20-010297 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_mount/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_mount/rule.yml index 8c9cda6bc..064be2883 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_mount/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_mount/rule.yml @@ -48,7 +48,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-APP-000029-CTR-000085 stigid@ol7: OL07-00-030740 stigid@ol8: OL08-00-030300 - stigid@rhel8: RHEL-08-030300 + stigid@almalinux8: RHEL-08-030300 stigid@sle12: SLES-12-020290 stigid@ubuntu2004: UBTU-20-010138 stigid@ubuntu2204: UBTU-22-654065 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newgrp/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newgrp/rule.yml index d418cb87e..9367434f4 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newgrp/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newgrp/rule.yml @@ -59,7 +59,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-APP-000029-CTR-000085,SRG-APP-000495-CTR-001235 stigid@ol7: OL07-00-030710 stigid@ol8: OL08-00-030350 - stigid@rhel8: RHEL-08-030350 + stigid@almalinux8: RHEL-08-030350 stigid@sle12: SLES-12-020570 stigid@sle15: SLES-15-030090 stigid@ubuntu2004: UBTU-20-010164 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pam_timestamp_check/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pam_timestamp_check/rule.yml index 39a88c457..46e4b7d77 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pam_timestamp_check/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pam_timestamp_check/rule.yml @@ -63,7 +63,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-APP-000029-CTR-000085,SRG-APP-000495-CTR-001235 stigid@ol7: OL07-00-030810 stigid@ol8: OL08-00-030340 - stigid@rhel8: RHEL-08-030340 + stigid@almalinux8: RHEL-08-030340 stigid@sle12: SLES-12-020720 stigid@sle15: SLES-15-030510 stigid@ubuntu2004: UBTU-20-010178 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_passwd/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_passwd/rule.yml index 51384e3ea..bca6c4a7e 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_passwd/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_passwd/rule.yml @@ -56,7 +56,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-APP-000029-CTR-000085,SRG-APP-000495-CTR-001235 stigid@ol7: OL07-00-030630 stigid@ol8: OL08-00-030290 - stigid@rhel8: RHEL-08-030290 + stigid@almalinux8: RHEL-08-030290 stigid@sle12: SLES-12-020550 stigid@sle15: SLES-15-030070 stigid@ubuntu2004: UBTU-20-010172 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postdrop/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postdrop/rule.yml index 689846be0..170998446 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postdrop/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postdrop/rule.yml @@ -56,7 +56,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-APP-000495-CTR-001235 stigid@ol7: OL07-00-030760 stigid@ol8: OL08-00-030311 - stigid@rhel8: RHEL-08-030311 + stigid@almalinux8: RHEL-08-030311 {{{ ocil_fix_srg_privileged_command("postdrop") }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postqueue/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postqueue/rule.yml index 081af9c93..d91bd904d 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postqueue/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postqueue/rule.yml @@ -56,7 +56,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-APP-000495-CTR-001235 stigid@ol7: OL07-00-030770 stigid@ol8: OL08-00-030312 - stigid@rhel8: RHEL-08-030312 + stigid@almalinux8: RHEL-08-030312 {{{ ocil_fix_srg_privileged_command("postqueue") }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_agent/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_agent/rule.yml index 670dc8ffc..4a3f802f0 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_agent/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_agent/rule.yml @@ -41,7 +41,7 @@ references: nist@sle12: AU-3,AU-3.1,AU-12(a),AU-12(c),AU-12.1(a),AU-12.1(ii),AU-12.1(iv),MA-4(1)(a) srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-APP-000495-CTR-001235 stigid@ol8: OL08-00-030280 - stigid@rhel8: RHEL-08-030280 + stigid@almalinux8: RHEL-08-030280 stigid@sle12: SLES-12-020310 stigid@sle15: SLES-15-030370 stigid@ubuntu2004: UBTU-20-010140 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_keysign/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_keysign/rule.yml index 595e7b6cf..bbb05489f 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_keysign/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_keysign/rule.yml @@ -66,7 +66,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-APP-000029-CTR-000085,SRG-APP-000495-CTR-001235 stigid@ol7: OL07-00-030780 stigid@ol8: OL08-00-030320 - stigid@rhel8: RHEL-08-030320 + stigid@almalinux8: RHEL-08-030320 stigid@sle12: SLES-12-020320 stigid@sle15: SLES-15-030060 stigid@ubuntu2004: UBTU-20-010141 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_su/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_su/rule.yml index bf3adae2f..423054155 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_su/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_su/rule.yml @@ -57,7 +57,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000064-GPOS-0003,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000466-GPOS-00210,SRG-APP-000029-CTR-000085,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255,SRG-OS-000755-GPOS-00220 stigid@ol7: OL07-00-030680 stigid@ol8: OL08-00-030190 - stigid@rhel8: RHEL-08-030190 + stigid@almalinux8: RHEL-08-030190 stigid@sle12: SLES-12-020250 stigid@sle15: SLES-15-030550 stigid@ubuntu2004: UBTU-20-010136 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudo/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudo/rule.yml index 454f68577..03cc1e157 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudo/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudo/rule.yml @@ -58,7 +58,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000466-GPOS-00210,SRG-APP-000029-CTR-000085,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255,SRG-OS-000755-GPOS-00220 stigid@ol7: OL07-00-030690 stigid@ol8: OL08-00-030550 - stigid@rhel8: RHEL-08-030550 + stigid@almalinux8: RHEL-08-030550 stigid@sle12: SLES-12-020260 stigid@sle15: SLES-15-030560 stigid@ubuntu2004: UBTU-20-010161 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_umount/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_umount/rule.yml index ddd2466b3..bc30c6665 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_umount/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_umount/rule.yml @@ -57,7 +57,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-APP-000029-CTR-000085 stigid@ol7: OL07-00-030750 stigid@ol8: OL08-00-030301 - stigid@rhel8: RHEL-08-030301 + stigid@almalinux8: RHEL-08-030301 stigid@sle12: SLES-12-020300 stigid@ubuntu2004: UBTU-20-010139 stigid@ubuntu2204: UBTU-22-654115 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_chkpwd/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_chkpwd/rule.yml index d01d81fca..04c930100 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_chkpwd/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_chkpwd/rule.yml @@ -61,7 +61,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-APP-000029-CTR-000085,SRG-APP-000495-CTR-001235 stigid@ol7: OL07-00-030640 stigid@ol8: OL08-00-030317 - stigid@rhel8: RHEL-08-030317 + stigid@almalinux8: RHEL-08-030317 stigid@sle12: SLES-12-020680 stigid@sle15: SLES-15-030110 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_update/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_update/rule.yml index 655f14784..cb8c772ff 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_update/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_update/rule.yml @@ -38,7 +38,7 @@ references: disa: CCI-000172,CCI-000130,CCI-000135,CCI-000169,CCI-002884 srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000064-GPOS-00033,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-APP-000495-CTR-001235 stigid@ol8: OL08-00-030310 - stigid@rhel8: RHEL-08-030310 + stigid@almalinux8: RHEL-08-030310 stigid@ubuntu2004: UBTU-20-010173 stigid@ubuntu2204: UBTU-22-654120 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_userhelper/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_userhelper/rule.yml index 8473b25a0..6ae9e6f22 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_userhelper/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_userhelper/rule.yml @@ -54,7 +54,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-APP-000495-CTR-001235 stigid@ol7: OL07-00-030670 stigid@ol8: OL08-00-030315 - stigid@rhel8: RHEL-08-030315 + stigid@almalinux8: RHEL-08-030315 {{{ ocil_fix_srg_privileged_command("userhelper") }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_usermod/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_usermod/rule.yml index d54a24124..129eaeae3 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_usermod/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_usermod/rule.yml @@ -43,7 +43,7 @@ references: nist@sle12: AU-3,AU-12(a),AU-12(c),MA-4(1)(a) srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000466-GPOS-00210,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255 stigid@ol8: OL08-00-030560 - stigid@rhel8: RHEL-08-030560 + stigid@almalinux8: RHEL-08-030560 stigid@sle12: SLES-12-020700 stigid@sle15: SLES-15-030500 stigid@ubuntu2004: UBTU-20-010176 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_immutable/kubernetes/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_immutable/kubernetes/shared.yml index 26d02c24e..28daa9106 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_immutable/kubernetes/shared.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_immutable/kubernetes/shared.yml @@ -1,5 +1,5 @@ --- -# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos +# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos apiVersion: machineconfiguration.openshift.io/v1 kind: MachineConfig spec: diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_immutable/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_immutable/rule.yml index 3e5198685..7fce51fd8 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_immutable/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_immutable/rule.yml @@ -53,7 +53,7 @@ references: pcidss: Req-10.5.2 srg: SRG-OS-000057-GPOS-00027,SRG-OS-000058-GPOS-00028,SRG-OS-000059-GPOS-00029,SRG-APP-000119-CTR-000245,SRG-APP-000120-CTR-000250 stigid@ol8: OL08-00-030121 - stigid@rhel8: RHEL-08-030121 + stigid@almalinux8: RHEL-08-030121 ocil_clause: 'the audit system is not set to be immutable by adding the "-e 2" option to the end of "/etc/audit/audit.rules"' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_immutable_login_uids/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_immutable_login_uids/rule.yml index ecdc6aa7e..50b9dc000 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_immutable_login_uids/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_immutable_login_uids/rule.yml @@ -32,7 +32,7 @@ references: disa: CCI-000163,CCI-000172,CCI-000164,CCI-000162 srg: SRG-OS-000462-GPOS-00206,SRG-OS-000475-GPOS-00220,SRG-OS-000057-GPOS-00027,SRG-OS-000058-GPOS-00028,SRG-OS-000059-GPOS-00029 stigid@ol8: OL08-00-030122 - stigid@rhel8: RHEL-08-030122 + stigid@almalinux8: RHEL-08-030122 ocil_clause: 'the system is not configured to make login UIDs immutable' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_mac_modification/kubernetes/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_mac_modification/kubernetes/shared.yml index 889f83178..7896d4cb1 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_mac_modification/kubernetes/shared.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_mac_modification/kubernetes/shared.yml @@ -1,5 +1,5 @@ --- -# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos +# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos # reboot = true # strategy = restrict # complexity = low diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_media_export/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_media_export/rule.yml index 96a0fd181..8f8d29987 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_media_export/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_media_export/rule.yml @@ -53,7 +53,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-APP-000495-CTR-001235 stigid@ol7: OL07-00-030740 stigid@ol8: OL08-00-030302 - stigid@rhel8: RHEL-08-030302 + stigid@almalinux8: RHEL-08-030302 stigid@sle12: SLES-12-020290 stigid@sle15: SLES-15-030350 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_session_events/kubernetes/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_session_events/kubernetes/shared.yml index 8b2377d44..39c2bba69 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_session_events/kubernetes/shared.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_session_events/kubernetes/shared.yml @@ -1,5 +1,5 @@ --- -# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos +# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos # reboot = true # strategy = restrict # complexity = low diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_sudoers/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_sudoers/rule.yml index 20c0566d6..c00ed3d39 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_sudoers/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_sudoers/rule.yml @@ -33,7 +33,7 @@ references: disa: CCI-001403,CCI-001404,CCI-001405,CCI-000172,CCI-000130,CCI-002130,CCI-000135,CCI-000169,CCI-002884,CCI-000018,CCI-000015 srg: SRG-OS-000004-GPOS-00004,SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000304-GPOS-00121,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000470-GPOS-00214,SRG-OS-000471-GPOS-00215,SRG-OS-000239-GPOS-00089,SRG-OS-000240-GPOS-00090,SRG-OS-000241-GPOS-00091,SRG-OS-000303-GPOS-00120,SRG-OS-000466-GPOS-00210,SRG-OS-000476-GPOS-00221,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255,SRG-APP-000503-CTR-001275 stigid@ol8: OL08-00-030171 - stigid@rhel8: RHEL-08-030171 + stigid@almalinux8: RHEL-08-030171 stigid@ubuntu2204: UBTU-22-654220 ocil_clause: 'the command does not return a line, or the line is commented out' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_sudoers_d/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_sudoers_d/rule.yml index 7a7c522d9..3265b03bf 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_sudoers_d/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_sudoers_d/rule.yml @@ -33,7 +33,7 @@ references: disa: CCI-001403,CCI-001404,CCI-001405,CCI-000172,CCI-000130,CCI-002130,CCI-000135,CCI-000169,CCI-002884,CCI-000018,CCI-000015 srg: SRG-OS-000004-GPOS-00004,SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000304-GPOS-00121,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000470-GPOS-00214,SRG-OS-000471-GPOS-00215,SRG-OS-000239-GPOS-00089,SRG-OS-000240-GPOS-00090,SRG-OS-000241-GPOS-00091,SRG-OS-000303-GPOS-00120,SRG-OS-000466-GPOS-00210,SRG-OS-000476-GPOS-00221,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255,SRG-APP-000503-CTR-001275 stigid@ol8: OL08-00-030172 - stigid@rhel8: RHEL-08-030172 + stigid@almalinux8: RHEL-08-030172 stigid@ubuntu2204: UBTU-22-654225 ocil_clause: 'the command does not return a line, or the line is commented out' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_auid_privilege_function/ansible/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_auid_privilege_function/ansible/shared.yml index 3028257be..49e27f007 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_auid_privilege_function/ansible/shared.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_auid_privilege_function/ansible/shared.yml @@ -1,4 +1,4 @@ -# platform = multi_platform_rhel +# platform = multi_platform_rhel,multi_platform_almalinux # reboot = false # strategy = restrict # complexity = low diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_auid_privilege_function/bash/shared.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_auid_privilege_function/bash/shared.sh index 15d6fa4e2..7f98c9915 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_auid_privilege_function/bash/shared.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_auid_privilege_function/bash/shared.sh @@ -1,4 +1,4 @@ -# platform = multi_platform_rhel +# platform = multi_platform_rhel,multi_platform_almalinux # First perform the remediation of the syscall rule # Retrieve hardware architecture of the underlying system diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/kubernetes/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/kubernetes/shared.yml index 323a798b1..46fad7416 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/kubernetes/shared.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/kubernetes/shared.yml @@ -1,5 +1,5 @@ --- -# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos +# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos # reboot = true # strategy = restrict # complexity = low diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/rule.yml index fe2ad3850..94e2346e4 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/rule.yml @@ -55,7 +55,7 @@ references: srg: SRG-OS-000326-GPOS-00126,SRG-OS-000327-GPOS-00127,SRG-APP-000343-CTR-000780,SRG-APP-000381-CTR-000905,SRG-OS-000755-GPOS-00220 stigid@ol7: OL07-00-030360 stigid@ol8: OL08-00-030000 - stigid@rhel8: RHEL-08-030000 + stigid@almalinux8: RHEL-08-030000 stigid@sle12: SLES-12-020240 stigid@sle15: SLES-15-030640 stigid@ubuntu2004: UBTU-20-010211 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_sysadmin_actions/kubernetes/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_sysadmin_actions/kubernetes/shared.yml index 336beb2b7..26c47e462 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_sysadmin_actions/kubernetes/shared.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_sysadmin_actions/kubernetes/shared.yml @@ -1,5 +1,5 @@ --- -# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos +# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos # reboot = true # strategy = restrict # complexity = low diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_group/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_group/rule.yml index 23b6aa511..b6ccde579 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_group/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_group/rule.yml @@ -57,7 +57,7 @@ references: srg: SRG-OS-000004-GPOS-00004,SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000304-GPOS-00121,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000470-GPOS-00214,SRG-OS-000471-GPOS-00215,SRG-OS-000239-GPOS-00089,SRG-OS-000240-GPOS-00090,SRG-OS-000241-GPOS-00091,SRG-OS-000303-GPOS-00120,SRG-OS-000466-GPOS-00210,SRG-OS-000476-GPOS-00221,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255,SRG-APP-000503-CTR-001275 stigid@ol7: OL07-00-030871 stigid@ol8: OL08-00-030170 - stigid@rhel8: RHEL-08-030170 + stigid@almalinux8: RHEL-08-030170 stigid@sle12: SLES-12-020210 stigid@sle15: SLES-15-030010 stigid@ubuntu2004: UBTU-20-010101 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_gshadow/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_gshadow/rule.yml index 66e53dab5..9c213c8fc 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_gshadow/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_gshadow/rule.yml @@ -57,7 +57,7 @@ references: srg: SRG-OS-000004-GPOS-00004,SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000304-GPOS-00121,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000470-GPOS-00214,SRG-OS-000471-GPOS-00215,SRG-OS-000239-GPOS-00089,SRG-OS-000240-GPOS-00090,SRG-OS-000241-GPOS-00091,SRG-OS-000303-GPOS-00120,SRG-OS-000466-GPOS-00210,SRG-OS-000476-GPOS-00221,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255,SRG-APP-000503-CTR-001275 stigid@ol7: OL07-00-030872 stigid@ol8: OL08-00-030160 - stigid@rhel8: RHEL-08-030160 + stigid@almalinux8: RHEL-08-030160 stigid@sle12: SLES-12-020590 stigid@sle15: SLES-15-030040 stigid@ubuntu2004: UBTU-20-010103 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_opasswd/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_opasswd/rule.yml index f76934615..504881518 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_opasswd/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_opasswd/rule.yml @@ -58,7 +58,7 @@ references: srg: SRG-OS-000004-GPOS-00004,SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000304-GPOS-00121,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000470-GPOS-00214,SRG-OS-000471-GPOS-00215,SRG-OS-000239-GPOS-00089,SRG-OS-000240-GPOS-00090,SRG-OS-000241-GPOS-00091,SRG-OS-000303-GPOS-00120,SRG-OS-000466-GPOS-00210,SRG-OS-000476-GPOS-00221,SRG-APP-000495-CTR-001235,SRG-APP-000496-CTR-001240,SRG-APP-000497-CTR-001245,SRG-APP-000498-CTR-001250,SRG-APP-000503-CTR-001275 stigid@ol7: OL07-00-030874 stigid@ol8: OL08-00-030140 - stigid@rhel8: RHEL-08-030140 + stigid@almalinux8: RHEL-08-030140 stigid@sle12: SLES-12-020230 stigid@sle15: SLES-15-030030 stigid@ubuntu2004: UBTU-20-010104 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_passwd/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_passwd/rule.yml index 45030b4f9..623656779 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_passwd/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_passwd/rule.yml @@ -57,7 +57,7 @@ references: srg: SRG-OS-000004-GPOS-00004,SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000304-GPOS-00121,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000470-GPOS-00214,SRG-OS-000471-GPOS-00215,SRG-OS-000239-GPOS-00089,SRG-OS-000240-GPOS-00090,SRG-OS-000241-GPOS-00091,SRG-OS-000303-GPOS-00120,SRG-OS-000304-GPOS-00121,SRG-OS-000466-GPOS-00210,SRG-OS-000476-GPOS-00221,SRG-OS-000274-GPOS-00104,SRG-OS-000275-GPOS-00105,SRG-OS-000276-GPOS-00106,SRG-OS-000277-GPOS-00107,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255,SRG-APP-000503-CTR-001275 stigid@ol7: OL07-00-030870 stigid@ol8: OL08-00-030150 - stigid@rhel8: RHEL-08-030150 + stigid@almalinux8: RHEL-08-030150 stigid@sle12: SLES-12-020200 stigid@sle15: SLES-15-030000 stigid@ubuntu2004: UBTU-20-010100 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_shadow/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_shadow/rule.yml index 01ff15bf6..65d6337f3 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_shadow/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_shadow/rule.yml @@ -57,7 +57,7 @@ references: srg: SRG-OS-000004-GPOS-00004,SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000304-GPOS-00121,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000470-GPOS-00214,SRG-OS-000471-GPOS-00215,SRG-OS-000239-GPOS-00089,SRG-OS-000240-GPOS-00090,SRG-OS-000241-GPOS-00091,SRG-OS-000303-GPOS-00120,SRG-OS-000466-GPOS-00210,SRG-OS-000476-GPOS-00221,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255,SRG-APP-000503-CTR-001275 stigid@ol7: OL07-00-030873 stigid@ol8: OL08-00-030130 - stigid@rhel8: RHEL-08-030130 + stigid@almalinux8: RHEL-08-030130 stigid@sle12: SLES-12-020220 stigid@sle15: SLES-15-030020 stigid@ubuntu2004: UBTU-20-010102 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_adjtimex/kubernetes/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_adjtimex/kubernetes/shared.yml index 49c97e395..51f48c0f9 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_adjtimex/kubernetes/shared.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_adjtimex/kubernetes/shared.yml @@ -1,5 +1,5 @@ --- -# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos +# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos # reboot = true # strategy = restrict # complexity = low diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_clock_settime/kubernetes/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_clock_settime/kubernetes/shared.yml index ec76157d4..0f9e9f7cc 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_clock_settime/kubernetes/shared.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_clock_settime/kubernetes/shared.yml @@ -1,5 +1,5 @@ --- -# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos +# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos # reboot = true # strategy = restrict # complexity = low diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_settimeofday/kubernetes/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_settimeofday/kubernetes/shared.yml index 3f43030e9..85e9a47c8 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_settimeofday/kubernetes/shared.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_settimeofday/kubernetes/shared.yml @@ -1,5 +1,5 @@ --- -# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos +# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos # reboot = true # strategy = restrict # complexity = low diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_stime/kubernetes/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_stime/kubernetes/shared.yml index 8a58bbc38..1a73014dc 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_stime/kubernetes/shared.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_stime/kubernetes/shared.yml @@ -1,5 +1,5 @@ --- -# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos +# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos # reboot = true # strategy = restrict # complexity = low diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_watch_localtime/kubernetes/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_watch_localtime/kubernetes/shared.yml index 140506b60..4290a051f 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_watch_localtime/kubernetes/shared.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_watch_localtime/kubernetes/shared.yml @@ -1,5 +1,5 @@ --- -# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos +# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos # reboot = true # strategy = restrict # complexity = low diff --git a/linux_os/guide/auditing/auditd_configure_rules/directory_group_ownership_var_log_audit/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/directory_group_ownership_var_log_audit/rule.yml index b648f54cc..87157586f 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/directory_group_ownership_var_log_audit/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/directory_group_ownership_var_log_audit/rule.yml @@ -36,7 +36,7 @@ references: pcidss: Req-10.5.1 srg: SRG-OS-000057-GPOS-00027,SRG-OS-000058-GPOS-00028,SRG-OS-000059-GPOS-00029,SRG-OS-000206-GPOS-00084 stigid@ol8: OL08-00-030110 - stigid@rhel8: RHEL-08-030110 + stigid@almalinux8: RHEL-08-030110 ocil: |- {{% if product =="ol8" %}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/directory_group_ownership_var_log_audit/tests/correct_value_non-root_group.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/directory_group_ownership_var_log_audit/tests/correct_value_non-root_group.pass.sh index 09d4e8ff5..6a8e8bdab 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/directory_group_ownership_var_log_audit/tests/correct_value_non-root_group.pass.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/directory_group_ownership_var_log_audit/tests/correct_value_non-root_group.pass.sh @@ -1,6 +1,6 @@ #!/bin/bash # packages = audit -# platform = multi_platform_rhel +# platform = multi_platform_rhel,multi_platform_almalinux groupadd group_test diff --git a/linux_os/guide/auditing/auditd_configure_rules/directory_ownership_var_log_audit/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/directory_ownership_var_log_audit/rule.yml index de4d603cd..a76d9c19b 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/directory_ownership_var_log_audit/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/directory_ownership_var_log_audit/rule.yml @@ -32,7 +32,7 @@ references: pcidss: Req-10.5.1 srg: SRG-OS-000057-GPOS-00027,SRG-OS-000058-GPOS-00028,SRG-OS-000059-GPOS-00029,SRG-OS-000206-GPOS-00084 stigid@ol8: OL08-00-030100 - stigid@rhel8: RHEL-08-030100 + stigid@almalinux8: RHEL-08-030100 ocil_clause: the directory is not owned by root diff --git a/linux_os/guide/auditing/auditd_configure_rules/directory_permissions_var_log_audit/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/directory_permissions_var_log_audit/rule.yml index b558e92ad..d62740922 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/directory_permissions_var_log_audit/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/directory_permissions_var_log_audit/rule.yml @@ -3,7 +3,7 @@ documentation_complete: true title: 'System Audit Logs Must Have Mode 0750 or Less Permissive' description: |- - {{% if product in ["ol8", "rhel8"] %}} + {{% if product in ["ol8", "rhel8", "almalinux8"] %}} Verify the audit log directories have a mode of "0700" or less permissive by first determining where the audit logs are stored with the following command: 
$ sudo grep -iw log_file /etc/audit/auditd.conf
@@ -45,7 +45,7 @@ references:
     nist-csf: DE.AE-3,DE.AE-5,PR.AC-4,PR.DS-5,PR.PT-1,RS.AN-1,RS.AN-4
     srg: SRG-OS-000057-GPOS-00027,SRG-OS-000058-GPOS-00028,SRG-OS-000059-GPOS-00029
     stigid@ol8: OL08-00-030120
-    stigid@rhel8: RHEL-08-030120
+    stigid@almalinux8: RHEL-08-030120
     stigid@ubuntu2004: UBTU-20-010128
     stigid@ubuntu2204: UBTU-22-653060
 
@@ -70,7 +70,7 @@ ocil: |-
 
     Replace "[audit_log_directory]" to the correct audit log directory path, by default this location is "/var/log/audit".
 
-    {{% if product in ["ol8", "rhel8"] %}}
+    {{% if product in ["ol8", "rhel8", "almalinux8"] %}}
     The correct permissions are 0700
     {{% else %}}
     If the log_group is "root" or is not set, the correct permissions are 0700, otherwise they are 0750.
@@ -83,7 +83,7 @@ fixtext: |-
 
     $ sudo grep "^log_file" /etc/audit/auditd.conf
 
-    {{% if product in ["ol8", "rhel8"] %}}
+    {{% if product in ["ol8", "rhel8", "almalinux8"] %}}
     Set the correct permissions mode by the following command:
 
     $ sudo chmod 0700 [audit_log_directory]
diff --git a/linux_os/guide/auditing/auditd_configure_rules/file_group_ownership_var_log_audit/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/file_group_ownership_var_log_audit/rule.yml
index cfcf088bd..9bdb0b72a 100644
--- a/linux_os/guide/auditing/auditd_configure_rules/file_group_ownership_var_log_audit/rule.yml
+++ b/linux_os/guide/auditing/auditd_configure_rules/file_group_ownership_var_log_audit/rule.yml
@@ -40,7 +40,7 @@ references:
     pcidss: Req-10.5.1
     srg: SRG-OS-000057-GPOS-00027,SRG-OS-000058-GPOS-00028,SRG-OS-000059-GPOS-00029,SRG-OS-000206-GPOS-00084
     stigid@ol8: OL08-00-030090
-    stigid@rhel8: RHEL-08-030090
+    stigid@almalinux8: RHEL-08-030090
     stigid@ubuntu2004: UBTU-20-010124
     stigid@ubuntu2204: UBTU-22-653055
 
diff --git a/linux_os/guide/auditing/auditd_configure_rules/file_group_ownership_var_log_audit/tests/correct_value_non-root_group.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/file_group_ownership_var_log_audit/tests/correct_value_non-root_group.pass.sh
index 6f19e15c6..b1d995c61 100644
--- a/linux_os/guide/auditing/auditd_configure_rules/file_group_ownership_var_log_audit/tests/correct_value_non-root_group.pass.sh
+++ b/linux_os/guide/auditing/auditd_configure_rules/file_group_ownership_var_log_audit/tests/correct_value_non-root_group.pass.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = audit
-# platform = multi_platform_rhel
+# platform = multi_platform_rhel,multi_platform_almalinux
 
 if grep -iwq "log_file" /etc/audit/auditd.conf; then
     FILE=$(awk -F "=" '/^log_file/ {print $2}' /etc/audit/auditd.conf | tr -d ' ')
diff --git a/linux_os/guide/auditing/auditd_configure_rules/file_group_ownership_var_log_audit/tests/wrong_value_non-root_group.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/file_group_ownership_var_log_audit/tests/wrong_value_non-root_group.fail.sh
index cf4b02b90..cd69f17c2 100644
--- a/linux_os/guide/auditing/auditd_configure_rules/file_group_ownership_var_log_audit/tests/wrong_value_non-root_group.fail.sh
+++ b/linux_os/guide/auditing/auditd_configure_rules/file_group_ownership_var_log_audit/tests/wrong_value_non-root_group.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = audit
-# platform = multi_platform_rhel
+# platform = multi_platform_rhel,multi_platform_almalinux
 
 if grep -iwq "log_file" /etc/audit/auditd.conf; then
     FILE=$(awk -F "=" '/^log_file/ {print $2}' /etc/audit/auditd.conf | tr -d ' ')
diff --git a/linux_os/guide/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/rule.yml
index 703a5d470..c8e265b3e 100644
--- a/linux_os/guide/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/rule.yml
+++ b/linux_os/guide/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/rule.yml
@@ -35,7 +35,7 @@ references:
     pcidss: Req-10.5.1
     srg: SRG-OS-000057-GPOS-00027,SRG-OS-000058-GPOS-00028,SRG-OS-000059-GPOS-00029,SRG-OS-000206-GPOS-00084
     stigid@ol8: OL08-00-030080
-    stigid@rhel8: RHEL-08-030080
+    stigid@almalinux8: RHEL-08-030080
     stigid@ubuntu2004: UBTU-20-010123
     stigid@ubuntu2204: UBTU-22-653050
 
diff --git a/linux_os/guide/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/tests/wrong_value.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/tests/wrong_value.fail.sh
index d597ca07f..75a41c4fd 100644
--- a/linux_os/guide/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/tests/wrong_value.fail.sh
+++ b/linux_os/guide/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/tests/wrong_value.fail.sh
@@ -15,7 +15,7 @@ useradd testuser_123
 touch "/var/log/audit/audit.log"
 chown root "/var/log/audit/audit.log"
 
-{{% if product in ["ol8", "rhel8"] %}}
+{{% if product in ["ol8", "rhel8", "almalinux8"] %}}
 touch $FILE
 chown testuser_123 $FILE
 {{% else %}}
diff --git a/linux_os/guide/auditing/auditd_configure_rules/file_permissions_var_log_audit/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/file_permissions_var_log_audit/rule.yml
index 19e01c03a..9588a89c8 100644
--- a/linux_os/guide/auditing/auditd_configure_rules/file_permissions_var_log_audit/rule.yml
+++ b/linux_os/guide/auditing/auditd_configure_rules/file_permissions_var_log_audit/rule.yml
@@ -50,7 +50,7 @@ references:
     srg: SRG-OS-000057-GPOS-00027,SRG-OS-000058-GPOS-00028,SRG-OS-000059-GPOS-00029,SRG-OS-000206-GPOS-00084,SRG-APP-000118-CTR-000240
     stigid@ol7: OL07-00-910055
     stigid@ol8: OL08-00-030070
-    stigid@rhel8: RHEL-08-030070
+    stigid@almalinux8: RHEL-08-030070
     stigid@ubuntu2004: UBTU-20-010122
 
 ocil_clause: 'any permissions are more permissive'
diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/tests/audit_remote_server_hostname.pass.sh b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/tests/audit_remote_server_hostname.pass.sh
index 44d9a1f74..b425902e2 100644
--- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/tests/audit_remote_server_hostname.pass.sh
+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/tests/audit_remote_server_hostname.pass.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = audit
-# platform = Red Hat Enterprise Linux 8,multi_platform_fedora
+# platform = Red Hat Enterprise Linux 8,AlmaLinux OS 8,multi_platform_fedora
 
 . $SHARED/auditd_utils.sh
 prepare_auditd_test_enviroment
diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/tests/audit_remote_server_not_there.fail.sh b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/tests/audit_remote_server_not_there.fail.sh
index 0bfa82083..6ad184b90 100644
--- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/tests/audit_remote_server_not_there.fail.sh
+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/tests/audit_remote_server_not_there.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = audit
-# platform = Red Hat Enterprise Linux 8,multi_platform_fedora
+# platform = Red Hat Enterprise Linux 8,AlmaLinux OS 8,multi_platform_fedora
 
 . $SHARED/auditd_utils.sh
 prepare_auditd_test_enviroment
diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_configure_sufficiently_large_partition/rule.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_configure_sufficiently_large_partition/rule.yml
index 9fdd5f730..dccc1f6b4 100644
--- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_configure_sufficiently_large_partition/rule.yml
+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_configure_sufficiently_large_partition/rule.yml
@@ -48,7 +48,7 @@ references:
     nist@sle15: AU-4
     srg: SRG-OS-000341-GPOS-00132,SRG-OS-000342-GPOS-00133
     stigid@ol8: OL08-00-030660
-    stigid@rhel8: RHEL-08-030660
+    stigid@almalinux8: RHEL-08-030660
     stigid@sle12: SLES-12-020020
     stigid@sle15: SLES-15-030660
     stigid@ubuntu2004: UBTU-20-010215
diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/bash/shared.sh b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/bash/shared.sh
index 5e49158b5..e365ecf5f 100644
--- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/bash/shared.sh
+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/bash/shared.sh
@@ -1,7 +1,7 @@
 # platform = multi_platform_all
 
 AUDISP_REMOTE_CONFIG="{{{ audisp_conf_path }}}/audisp-remote.conf"
-{{% if product in ["rhel8", "fedora", "ol8", "rhv4", "sle15"] %}}
+{{% if product in ["rhel8", "almalinux8", "fedora", "ol8", "rhv4", "sle15"] %}}
 option="^transport"
 value="KRB5"
 {{% else %}}
diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/oval/shared.xml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/oval/shared.xml
index f5932e35a..b5c0dd6d6 100644
--- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/oval/shared.xml
+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/oval/shared.xml
@@ -2,7 +2,7 @@
 
 
   
-    {{% if product in ["rhel8", "fedora", "ol8", "rhv4", "sle15"] %}}
+    {{% if product in ["rhel8", "almalinux8", "fedora", "ol8", "rhv4", "sle15"] %}}
     {{{ oval_metadata("transport setting in " + audisp_config_file_path + " is set to 'KRB5'") }}}
     {{% else %}}
     {{{ oval_metadata("enable_krb5 setting in " + audisp_config_file_path + " is set to 'yes'") }}}
@@ -22,7 +22,7 @@
     {{{ audisp_config_file_path }}}
     
     
-{{% if product in ["rhel8", "fedora", "ol8", "rhv4", "sle15"] %}}
+{{% if product in ["rhel8", "almalinux8", "fedora", "ol8", "rhv4", "sle15"] %}}
     ^[ ]*transport[ ]+=[ ]+KRB5[ ]*$
 {{% else %}}
     ^[ ]*enable_krb5[ ]+=[ ]+yes[ ]*$
diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/rule.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/rule.yml
index a08582b06..f0daf5ff4 100644
--- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/rule.yml
+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/rule.yml
@@ -6,7 +6,7 @@ title: 'Encrypt Audit Records Sent With audispd Plugin'
 description: |-
     Configure the operating system to encrypt the transfer of off-loaded audit
     records onto a different system or media from the system being audited.
-{{% if product in ["rhel8", "fedora", "ol8", "rhv4", "sle15"] %}}
+{{% if product in ["rhel8", "almalinux8", "fedora", "ol8", "rhv4", "sle15"] %}}
     Set the transport option in 
{{{ audisp_conf_path }}}/audisp-remote.conf

     to KRB5.
 {{% else %}}
@@ -43,7 +43,7 @@ ocil_clause: 'audispd is not encrypting audit records when sent over the network
 ocil: |-
     To verify the audispd plugin encrypts audit records off-loaded onto a different
     system or media from the system being audited, run the following command:
-{{% if product in ["rhel8", "fedora", "ol8", "rhv4", "sle15"] %}}
+{{% if product in ["rhel8", "almalinux8", "fedora", "ol8", "rhv4", "sle15"] %}}
     
$ sudo grep -i transport {{{ audisp_conf_path }}}/audisp-remote.conf

     The output should return the following:
     
transport = KRB5

diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/tests/transport_bogus_value.fail.sh b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/tests/transport_bogus_value.fail.sh
index 1ee02140b..083bd3bdb 100644
--- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/tests/transport_bogus_value.fail.sh
+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/tests/transport_bogus_value.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = audit
-# platform = Red Hat Enterprise Linux 8,multi_platform_fedora
+# platform = Red Hat Enterprise Linux 8,AlmaLinux OS 8,multi_platform_fedora
 
 . $SHARED/auditd_utils.sh
 prepare_auditd_test_enviroment
diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/tests/transport_correct_value.pass.sh b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/tests/transport_correct_value.pass.sh
index b6775223d..122303c53 100644
--- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/tests/transport_correct_value.pass.sh
+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/tests/transport_correct_value.pass.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = audit
-# platform = Red Hat Enterprise Linux 8,multi_platform_fedora
+# platform = Red Hat Enterprise Linux 8,AlmaLinux OS 8,multi_platform_fedora
 
 . $SHARED/auditd_utils.sh
 prepare_auditd_test_enviroment
diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/tests/transport_not_there.fail.sh b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/tests/transport_not_there.fail.sh
index bf1c533c6..e0feab931 100644
--- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/tests/transport_not_there.fail.sh
+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/tests/transport_not_there.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = audit
-# platform = Red Hat Enterprise Linux 8,multi_platform_fedora
+# platform = Red Hat Enterprise Linux 8,AlmaLinux OS 8,multi_platform_fedora
 
 . $SHARED/auditd_utils.sh
 prepare_auditd_test_enviroment
diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/tests/transport_wrong_value.fail.sh b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/tests/transport_wrong_value.fail.sh
index 864e97b31..ee1a0f679 100644
--- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/tests/transport_wrong_value.fail.sh
+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/tests/transport_wrong_value.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = audit
-# platform = Red Hat Enterprise Linux 8,multi_platform_fedora
+# platform = Red Hat Enterprise Linux 8,AlmaLinux OS 8,multi_platform_fedora
 
 . $SHARED/auditd_utils.sh
 prepare_auditd_test_enviroment
diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/tests/audit_syslog_plugin_activated.pass.sh b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/tests/audit_syslog_plugin_activated.pass.sh
index caf9766f5..e38ca2773 100644
--- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/tests/audit_syslog_plugin_activated.pass.sh
+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/tests/audit_syslog_plugin_activated.pass.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = audit
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,multi_platform_fedora
 # remediation = bash
 
 . $SHARED/auditd_utils.sh
diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/tests/audit_syslog_plugin_activated_not_there.fail.sh b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/tests/audit_syslog_plugin_activated_not_there.fail.sh
index c87268eae..306dcfbce 100644
--- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/tests/audit_syslog_plugin_activated_not_there.fail.sh
+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/tests/audit_syslog_plugin_activated_not_there.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = audit
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,multi_platform_fedora
 # remediation = bash
 
 . $SHARED/auditd_utils.sh
diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/tests/audit_syslog_plugin_not_activated.fail.sh b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/tests/audit_syslog_plugin_not_activated.fail.sh
index 0bb1518ef..dbd9e99ab 100644
--- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/tests/audit_syslog_plugin_not_activated.fail.sh
+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/tests/audit_syslog_plugin_not_activated.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = audit
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,multi_platform_fedora
 # remediation = bash
 
 . $SHARED/auditd_utils.sh
diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/kubernetes/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/kubernetes/shared.yml
index 55f407e01..b9084af21 100644
--- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/kubernetes/shared.yml
+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_rhcos
+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhcos
 # reboot = true
 # strategy = restrict
 # complexity = low
diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/rule.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/rule.yml
index c3734c2bf..c8547b5eb 100644
--- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/rule.yml
+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/rule.yml
@@ -43,7 +43,7 @@ references:
     nist-csf: DE.AE-3,DE.AE-5,PR.DS-4,PR.PT-1,RS.AN-1,RS.AN-4
     srg: SRG-OS-000047-GPOS-00023,SRG-APP-000098-CTR-000185,SRG-APP-000099-CTR-000190,SRG-APP-000100-CTR-000195,SRG-APP-000100-CTR-000200,SRG-APP-000109-CTR-000215,SRG-APP-000290-CTR-000670,SRG-APP-000357-CTR-000800
     stigid@ol8: OL08-00-030040
-    stigid@rhel8: RHEL-08-030040
+    stigid@almalinux8: RHEL-08-030040
 
 ocil_clause: 'there is no evidence of appropriate action'
 
diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_error_action_stig/kubernetes/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_error_action_stig/kubernetes/shared.yml
index 55f407e01..b9084af21 100644
--- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_error_action_stig/kubernetes/shared.yml
+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_error_action_stig/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_rhcos
+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhcos
 # reboot = true
 # strategy = restrict
 # complexity = low
diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/kubernetes/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/kubernetes/shared.yml
index 55f407e01..b9084af21 100644
--- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/kubernetes/shared.yml
+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_rhcos
+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhcos
 # reboot = true
 # strategy = restrict
 # complexity = low
diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/rule.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/rule.yml
index 55ec11167..79ab2e8a0 100644
--- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/rule.yml
+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/rule.yml
@@ -49,7 +49,7 @@ references:
     nist@sle12: AU-5(b),AU-5.1(iv)
     srg: SRG-OS-000047-GPOS-00023
     stigid@ol8: OL08-00-030060
-    stigid@rhel8: RHEL-08-030060
+    stigid@almalinux8: RHEL-08-030060
     stigid@sle12: SLES-12-020060
     stigid@sle15: SLES-15-030590
     stigid@ubuntu2004: UBTU-20-010118
diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_full_action_stig/kubernetes/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_full_action_stig/kubernetes/shared.yml
index 55f407e01..b9084af21 100644
--- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_full_action_stig/kubernetes/shared.yml
+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_full_action_stig/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_rhcos
+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhcos
 # reboot = true
 # strategy = restrict
 # complexity = low
diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_action_mail_acct/rule.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_action_mail_acct/rule.yml
index ea6b13852..574d80fac 100644
--- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_action_mail_acct/rule.yml
+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_action_mail_acct/rule.yml
@@ -47,7 +47,7 @@ references:
     srg: SRG-OS-000046-GPOS-00022,SRG-OS-000343-GPOS-00134
     stigid@ol7: OL07-00-030350
     stigid@ol8: OL08-00-030020
-    stigid@rhel8: RHEL-08-030020
+    stigid@almalinux8: RHEL-08-030020
     stigid@sle12: SLES-12-020040
     stigid@sle15: SLES-15-030570
     stigid@ubuntu2004: UBTU-20-010117
diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_action/kubernetes/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_action/kubernetes/shared.yml
index 55f407e01..b9084af21 100644
--- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_action/kubernetes/shared.yml
+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_action/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_rhcos
+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhcos
 # reboot = true
 # strategy = restrict
 # complexity = low
diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_flush/kubernetes/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_flush/kubernetes/shared.yml
index 55f407e01..b9084af21 100644
--- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_flush/kubernetes/shared.yml
+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_flush/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_rhcos
+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhcos
 # reboot = true
 # strategy = restrict
 # complexity = low
diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file/kubernetes/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file/kubernetes/shared.yml
index 55f407e01..b9084af21 100644
--- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file/kubernetes/shared.yml
+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_rhcos
+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhcos
 # reboot = true
 # strategy = restrict
 # complexity = low
diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action/kubernetes/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action/kubernetes/shared.yml
index 55f407e01..b9084af21 100644
--- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action/kubernetes/shared.yml
+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_rhcos
+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhcos
 # reboot = true
 # strategy = restrict
 # complexity = low
diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action_stig/kubernetes/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action_stig/kubernetes/shared.yml
index 55f407e01..b9084af21 100644
--- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action_stig/kubernetes/shared.yml
+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action_stig/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_rhcos
+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhcos
 # reboot = true
 # strategy = restrict
 # complexity = low
diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_num_logs/kubernetes/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_num_logs/kubernetes/shared.yml
index 55f407e01..b9084af21 100644
--- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_num_logs/kubernetes/shared.yml
+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_num_logs/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_rhcos
+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhcos
 # reboot = true
 # strategy = restrict
 # complexity = low
diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left/kubernetes/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left/kubernetes/shared.yml
index 55f407e01..b9084af21 100644
--- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left/kubernetes/shared.yml
+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_rhcos
+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhcos
 # reboot = true
 # strategy = restrict
 # complexity = low
diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/kubernetes/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/kubernetes/shared.yml
index 55f407e01..b9084af21 100644
--- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/kubernetes/shared.yml
+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_rhcos
+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhcos
 # reboot = true
 # strategy = restrict
 # complexity = low
diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/rule.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/rule.yml
index 30931a5e2..40de099cd 100644
--- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/rule.yml
+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/rule.yml
@@ -58,7 +58,7 @@ references:
     srg: SRG-OS-000343-GPOS-00134
     stigid@ol7: OL07-00-030340
     stigid@ol8: OL08-00-030731
-    stigid@rhel8: RHEL-08-030731
+    stigid@almalinux8: RHEL-08-030731
     stigid@ubuntu2004: UBTU-20-010217
     stigid@ubuntu2204: UBTU-22-653040
 
diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_percentage/rule.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_percentage/rule.yml
index a7c0963ac..71fd60240 100644
--- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_percentage/rule.yml
+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_percentage/rule.yml
@@ -37,7 +37,7 @@ references:
     srg: SRG-OS-000343-GPOS-00134
     stigid@ol7: OL07-00-030330
     stigid@ol8: OL08-00-030730
-    stigid@rhel8: RHEL-08-030730
+    stigid@almalinux8: RHEL-08-030730
     stigid@ubuntu2004: UBTU-20-010217
     stigid@ubuntu2204: UBTU-22-653040
 
diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_freq/kubernetes/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_freq/kubernetes/shared.yml
index 55f407e01..b9084af21 100644
--- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_freq/kubernetes/shared.yml
+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_freq/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_rhcos
+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhcos
 # reboot = true
 # strategy = restrict
 # complexity = low
diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_local_events/kubernetes/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_local_events/kubernetes/shared.yml
index 55f407e01..b9084af21 100644
--- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_local_events/kubernetes/shared.yml
+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_local_events/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_rhcos
+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhcos
 # reboot = true
 # strategy = restrict
 # complexity = low
diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_local_events/rule.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_local_events/rule.yml
index 8aabe5ca5..47fad3734 100644
--- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_local_events/rule.yml
+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_local_events/rule.yml
@@ -24,7 +24,7 @@ references:
     nist: CM-6
     srg: SRG-OS-000062-GPOS-00031,SRG-OS-000480-GPOS-00227
     stigid@ol8: OL08-00-030061
-    stigid@rhel8: RHEL-08-030061
+    stigid@almalinux8: RHEL-08-030061
 
 ocil_clause: local_events isn't set to yes
 
diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_log_format/kubernetes/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_log_format/kubernetes/shared.yml
index 55f407e01..b9084af21 100644
--- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_log_format/kubernetes/shared.yml
+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_log_format/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_rhcos
+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhcos
 # reboot = true
 # strategy = restrict
 # complexity = low
diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_log_format/rule.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_log_format/rule.yml
index 1e4489ec6..9efec94dd 100644
--- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_log_format/rule.yml
+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_log_format/rule.yml
@@ -26,7 +26,7 @@ references:
     ospp: FAU_GEN.1.2
     srg: SRG-OS-000255-GPOS-00096,SRG-OS-000480-GPOS-00227,SRG-APP-000096-CTR-000175,SRG-APP-000097-CTR-000180,SRG-APP-000098-CTR-000185,SRG-APP-000099-CTR-000190,SRG-APP-000100-CTR-000195,SRG-APP-000100-CTR-000200,SRG-APP-000109-CTR-000215,SRG-APP-000290-CTR-000670,SRG-APP-000357-CTR-000800
     stigid@ol8: OL08-00-030063
-    stigid@rhel8: RHEL-08-030063
+    stigid@almalinux8: RHEL-08-030063
 
 ocil_clause: log_format isn't set to ENRICHED
 
diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_name_format/kubernetes/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_name_format/kubernetes/shared.yml
index 55f407e01..b9084af21 100644
--- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_name_format/kubernetes/shared.yml
+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_name_format/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_rhcos
+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhcos
 # reboot = true
 # strategy = restrict
 # complexity = low
diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_name_format/rule.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_name_format/rule.yml
index 3adb155e4..6ffb0c791 100644
--- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_name_format/rule.yml
+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_name_format/rule.yml
@@ -29,7 +29,7 @@ references:
     srg: SRG-OS-000039-GPOS-00017,SRG-OS-000342-GPOS-00133,SRG-OS-000479-GPOS-00224
     stigid@ol7: OL07-00-030211
     stigid@ol8: OL08-00-030062
-    stigid@rhel8: RHEL-08-030062
+    stigid@almalinux8: RHEL-08-030062
 
 ocil_clause: name_format isn't set to {{{ xccdf_value("var_auditd_name_format") }}}
 
diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_overflow_action/rule.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_overflow_action/rule.yml
index 0182850d3..baf98cc48 100644
--- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_overflow_action/rule.yml
+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_overflow_action/rule.yml
@@ -31,7 +31,7 @@ references:
     srg: SRG-OS-000342-GPOS-00133,SRG-OS-000479-GPOS-00224
     stigid@ol7: OL07-00-030210
     stigid@ol8: OL08-00-030700
-    stigid@rhel8: RHEL-08-030700
+    stigid@almalinux8: RHEL-08-030700
 
 ocil_clause: 'auditd overflow action is not set correctly'
 
diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_write_logs/kubernetes/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_write_logs/kubernetes/shared.yml
index 55f407e01..b9084af21 100644
--- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_write_logs/kubernetes/shared.yml
+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_write_logs/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_rhcos
+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhcos
 # reboot = true
 # strategy = restrict
 # complexity = low
diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/var_audispd_remote_server.var b/linux_os/guide/auditing/configure_auditd_data_retention/var_audispd_remote_server.var
index bcafc35b8..1579dc90f 100644
--- a/linux_os/guide/auditing/configure_auditd_data_retention/var_audispd_remote_server.var
+++ b/linux_os/guide/auditing/configure_auditd_data_retention/var_audispd_remote_server.var
@@ -3,7 +3,7 @@ documentation_complete: true
 title: 'Remote server for audispd to send audit records'
 
 description: |-
-{{% if product in ["rhel8", "fedora"] %}}
+{{% if product in ["rhel8", "almalinux8", "fedora"] %}}
     The setting for remote_server in /etc/audit/audisp-remote.conf
 {{% else %}}
     The setting for remote_server in /etc/audisp/audisp-remote.conf
diff --git a/linux_os/guide/auditing/file_permissions_auditd/file_permissions_etc_audit_auditd/rule.yml b/linux_os/guide/auditing/file_permissions_auditd/file_permissions_etc_audit_auditd/rule.yml
index 50f9e7742..e60a7155e 100644
--- a/linux_os/guide/auditing/file_permissions_auditd/file_permissions_etc_audit_auditd/rule.yml
+++ b/linux_os/guide/auditing/file_permissions_auditd/file_permissions_etc_audit_auditd/rule.yml
@@ -28,7 +28,7 @@ references:
     nist: AU-12(b)
     srg: SRG-OS-000063-GPOS-00032
     stigid@ol8: OL08-00-030610
-    stigid@rhel8: RHEL-08-030610
+    stigid@almalinux8: RHEL-08-030610
     stigid@ubuntu2004: UBTU-20-010133
     stigid@ubuntu2204: UBTU-22-653065
 
diff --git a/linux_os/guide/auditing/file_permissions_auditd/file_permissions_etc_audit_rulesd/rule.yml b/linux_os/guide/auditing/file_permissions_auditd/file_permissions_etc_audit_rulesd/rule.yml
index 47c502bef..3a05556b9 100644
--- a/linux_os/guide/auditing/file_permissions_auditd/file_permissions_etc_audit_rulesd/rule.yml
+++ b/linux_os/guide/auditing/file_permissions_auditd/file_permissions_etc_audit_rulesd/rule.yml
@@ -28,7 +28,7 @@ references:
     nist: AU-12(b)
     srg: SRG-OS-000063-GPOS-00032
     stigid@ol8: OL08-00-030610
-    stigid@rhel8: RHEL-08-030610
+    stigid@almalinux8: RHEL-08-030610
     stigid@ubuntu2004: UBTU-20-010133
     stigid@ubuntu2204: UBTU-22-653065
 
diff --git a/linux_os/guide/auditing/grub2_audit_argument/rule.yml b/linux_os/guide/auditing/grub2_audit_argument/rule.yml
index e53a46352..48cb9c37d 100644
--- a/linux_os/guide/auditing/grub2_audit_argument/rule.yml
+++ b/linux_os/guide/auditing/grub2_audit_argument/rule.yml
@@ -46,7 +46,7 @@ references:
     pcidss: Req-10.3
     srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000473-GPOS-00218,SRG-OS-000254-GPOS-00095
     stigid@ol8: OL08-00-030601
-    stigid@rhel8: RHEL-08-030601
+    stigid@almalinux8: RHEL-08-030601
     stigid@ubuntu2004: UBTU-20-010198
     stigid@ubuntu2204: UBTU-22-212015
 
diff --git a/linux_os/guide/auditing/grub2_audit_argument/tests/double_value_rhel8.fail.sh b/linux_os/guide/auditing/grub2_audit_argument/tests/double_value_rhel8.fail.sh
index 065c1d459..3915234ff 100644
--- a/linux_os/guide/auditing/grub2_audit_argument/tests/double_value_rhel8.fail.sh
+++ b/linux_os/guide/auditing/grub2_audit_argument/tests/double_value_rhel8.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 
 # Break the audit argument in kernel command line in /boot/grub2/grubenv
 file="/boot/grub2/grubenv"
diff --git a/linux_os/guide/auditing/grub2_audit_backlog_limit_argument/rule.yml b/linux_os/guide/auditing/grub2_audit_backlog_limit_argument/rule.yml
index 3caeb9ae7..d759aa716 100644
--- a/linux_os/guide/auditing/grub2_audit_backlog_limit_argument/rule.yml
+++ b/linux_os/guide/auditing/grub2_audit_backlog_limit_argument/rule.yml
@@ -36,7 +36,7 @@ references:
     ospp: FAU_STG.1,FAU_STG.3
     srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000254-GPOS-00095,SRG-OS-000341-GPOS-00132,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215
     stigid@ol8: OL08-00-030602
-    stigid@rhel8: RHEL-08-030602
+    stigid@almalinux8: RHEL-08-030602
 
 ocil_clause: 'audit backlog limit is not configured'
 
diff --git a/linux_os/guide/auditing/grub2_audit_backlog_limit_argument/tests/correct_grubenv.pass.sh b/linux_os/guide/auditing/grub2_audit_backlog_limit_argument/tests/correct_grubenv.pass.sh
index aaffbf476..dd784d58c 100644
--- a/linux_os/guide/auditing/grub2_audit_backlog_limit_argument/tests/correct_grubenv.pass.sh
+++ b/linux_os/guide/auditing/grub2_audit_backlog_limit_argument/tests/correct_grubenv.pass.sh
@@ -1,4 +1,4 @@
 #!/bin/bash
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 
 grub2-editenv - set "$(grub2-editenv - list | grep kernelopts) audit_backlog_limit=8192"
diff --git a/linux_os/guide/auditing/grub2_audit_backlog_limit_argument/tests/wrong_value_rhel8.fail.sh b/linux_os/guide/auditing/grub2_audit_backlog_limit_argument/tests/wrong_value_rhel8.fail.sh
index f93dc5644..13ab00c1b 100644
--- a/linux_os/guide/auditing/grub2_audit_backlog_limit_argument/tests/wrong_value_rhel8.fail.sh
+++ b/linux_os/guide/auditing/grub2_audit_backlog_limit_argument/tests/wrong_value_rhel8.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 
 # Break the audit_backlog_limit argument in kernel command line in /boot/grub2/grubenv
 file="/boot/grub2/grubenv"
diff --git a/linux_os/guide/auditing/package_audit_installed/rule.yml b/linux_os/guide/auditing/package_audit_installed/rule.yml
index 6353d9d95..12a9aced8 100644
--- a/linux_os/guide/auditing/package_audit_installed/rule.yml
+++ b/linux_os/guide/auditing/package_audit_installed/rule.yml
@@ -32,7 +32,7 @@ references:
     pcidss: Req-10.1
     srg: SRG-OS-000062-GPOS-00031,SRG-OS-000037-GPOS-00015,SRG-OS-000038-GPOS-00016,SRG-OS-000039-GPOS-00017,SRG-OS-000040-GPOS-00018,SRG-OS-000041-GPOS-00019,SRG-OS-000042-GPOS-00021,SRG-OS-000051-GPOS-00024,SRG-OS-000054-GPOS-00025,SRG-OS-000122-GPOS-00063,SRG-OS-000254-GPOS-00095,SRG-OS-000255-GPOS-00096,SRG-OS-000337-GPOS-00129,SRG-OS-000348-GPOS-00136,SRG-OS-000349-GPOS-00137,SRG-OS-000350-GPOS-00138,SRG-OS-000351-GPOS-00139,SRG-OS-000352-GPOS-00140,SRG-OS-000353-GPOS-00141,SRG-OS-000354-GPOS-00142,SRG-OS-000358-GPOS-00145,SRG-OS-000365-GPOS-00152,SRG-OS-000392-GPOS-00172,SRG-OS-000475-GPOS-00220
     stigid@ol8: OL08-00-030180
-    stigid@rhel8: RHEL-08-030180
+    stigid@almalinux8: RHEL-08-030180
     stigid@sle12: SLES-12-020000
     stigid@sle15: SLES-15-030650
     stigid@ubuntu2004: UBTU-20-010182
diff --git a/linux_os/guide/auditing/policy_rules/audit_access_failed_aarch64/kubernetes/shared.yml b/linux_os/guide/auditing/policy_rules/audit_access_failed_aarch64/kubernetes/shared.yml
index f29a4afc6..26ac0688c 100644
--- a/linux_os/guide/auditing/policy_rules/audit_access_failed_aarch64/kubernetes/shared.yml
+++ b/linux_os/guide/auditing/policy_rules/audit_access_failed_aarch64/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
 apiVersion: machineconfiguration.openshift.io/v1
 kind: MachineConfig
 spec:
diff --git a/linux_os/guide/auditing/policy_rules/audit_access_failed_ppc64le/kubernetes/shared.yml b/linux_os/guide/auditing/policy_rules/audit_access_failed_ppc64le/kubernetes/shared.yml
index 412c67f15..ec1467404 100644
--- a/linux_os/guide/auditing/policy_rules/audit_access_failed_ppc64le/kubernetes/shared.yml
+++ b/linux_os/guide/auditing/policy_rules/audit_access_failed_ppc64le/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
 apiVersion: machineconfiguration.openshift.io/v1
 kind: MachineConfig
 spec:
diff --git a/linux_os/guide/auditing/policy_rules/audit_access_success/kubernetes/shared.yml b/linux_os/guide/auditing/policy_rules/audit_access_success/kubernetes/shared.yml
index 413293083..3f8c50a39 100644
--- a/linux_os/guide/auditing/policy_rules/audit_access_success/kubernetes/shared.yml
+++ b/linux_os/guide/auditing/policy_rules/audit_access_success/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
 apiVersion: machineconfiguration.openshift.io/v1
 kind: MachineConfig
 spec:
diff --git a/linux_os/guide/auditing/policy_rules/audit_access_success_aarch64/kubernetes/shared.yml b/linux_os/guide/auditing/policy_rules/audit_access_success_aarch64/kubernetes/shared.yml
index 1d08bae3a..3e2300448 100644
--- a/linux_os/guide/auditing/policy_rules/audit_access_success_aarch64/kubernetes/shared.yml
+++ b/linux_os/guide/auditing/policy_rules/audit_access_success_aarch64/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
 apiVersion: machineconfiguration.openshift.io/v1
 kind: MachineConfig
 spec:
diff --git a/linux_os/guide/auditing/policy_rules/audit_access_success_ppc64le/kubernetes/shared.yml b/linux_os/guide/auditing/policy_rules/audit_access_success_ppc64le/kubernetes/shared.yml
index 372b7c27c..4e2ce77e9 100644
--- a/linux_os/guide/auditing/policy_rules/audit_access_success_ppc64le/kubernetes/shared.yml
+++ b/linux_os/guide/auditing/policy_rules/audit_access_success_ppc64le/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
 apiVersion: machineconfiguration.openshift.io/v1
 kind: MachineConfig
 spec:
diff --git a/linux_os/guide/auditing/policy_rules/audit_basic_configuration/kubernetes/shared.yml b/linux_os/guide/auditing/policy_rules/audit_basic_configuration/kubernetes/shared.yml
index f62426900..bd3ddd10a 100644
--- a/linux_os/guide/auditing/policy_rules/audit_basic_configuration/kubernetes/shared.yml
+++ b/linux_os/guide/auditing/policy_rules/audit_basic_configuration/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
 apiVersion: machineconfiguration.openshift.io/v1
 kind: MachineConfig
 spec:
diff --git a/linux_os/guide/auditing/policy_rules/audit_create_failed_aarch64/kubernetes/shared.yml b/linux_os/guide/auditing/policy_rules/audit_create_failed_aarch64/kubernetes/shared.yml
index c26dc39be..d32b854fd 100644
--- a/linux_os/guide/auditing/policy_rules/audit_create_failed_aarch64/kubernetes/shared.yml
+++ b/linux_os/guide/auditing/policy_rules/audit_create_failed_aarch64/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
 apiVersion: machineconfiguration.openshift.io/v1
 kind: MachineConfig
 spec:
diff --git a/linux_os/guide/auditing/policy_rules/audit_create_failed_ppc64le/kubernetes/shared.yml b/linux_os/guide/auditing/policy_rules/audit_create_failed_ppc64le/kubernetes/shared.yml
index 08c8dc855..e9277f263 100644
--- a/linux_os/guide/auditing/policy_rules/audit_create_failed_ppc64le/kubernetes/shared.yml
+++ b/linux_os/guide/auditing/policy_rules/audit_create_failed_ppc64le/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
 apiVersion: machineconfiguration.openshift.io/v1
 kind: MachineConfig
 spec:
diff --git a/linux_os/guide/auditing/policy_rules/audit_delete_failed/kubernetes/shared.yml b/linux_os/guide/auditing/policy_rules/audit_delete_failed/kubernetes/shared.yml
index dab3d0eaa..620596c44 100644
--- a/linux_os/guide/auditing/policy_rules/audit_delete_failed/kubernetes/shared.yml
+++ b/linux_os/guide/auditing/policy_rules/audit_delete_failed/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
 apiVersion: machineconfiguration.openshift.io/v1
 kind: MachineConfig
 spec:
diff --git a/linux_os/guide/auditing/policy_rules/audit_delete_failed_aarch64/kubernetes/shared.yml b/linux_os/guide/auditing/policy_rules/audit_delete_failed_aarch64/kubernetes/shared.yml
index 22d3990f0..ed4f8bce8 100644
--- a/linux_os/guide/auditing/policy_rules/audit_delete_failed_aarch64/kubernetes/shared.yml
+++ b/linux_os/guide/auditing/policy_rules/audit_delete_failed_aarch64/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
 apiVersion: machineconfiguration.openshift.io/v1
 kind: MachineConfig
 spec:
diff --git a/linux_os/guide/auditing/policy_rules/audit_delete_failed_ppc64le/kubernetes/shared.yml b/linux_os/guide/auditing/policy_rules/audit_delete_failed_ppc64le/kubernetes/shared.yml
index 2fb2c25aa..e182781c4 100644
--- a/linux_os/guide/auditing/policy_rules/audit_delete_failed_ppc64le/kubernetes/shared.yml
+++ b/linux_os/guide/auditing/policy_rules/audit_delete_failed_ppc64le/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
 apiVersion: machineconfiguration.openshift.io/v1
 kind: MachineConfig
 spec:
diff --git a/linux_os/guide/auditing/policy_rules/audit_delete_success/kubernetes/shared.yml b/linux_os/guide/auditing/policy_rules/audit_delete_success/kubernetes/shared.yml
index bff04fe4c..a56d7f18f 100644
--- a/linux_os/guide/auditing/policy_rules/audit_delete_success/kubernetes/shared.yml
+++ b/linux_os/guide/auditing/policy_rules/audit_delete_success/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
 
 {{% set file_contents = """## Successful file delete
 -a always,exit -F arch=b32 -S unlink,unlinkat,rename,renameat -F success=1 -F auid>=" ~ uid_min ~ " -F auid!=unset -F key=successful-delete
diff --git a/linux_os/guide/auditing/policy_rules/audit_delete_success_aarch64/kubernetes/shared.yml b/linux_os/guide/auditing/policy_rules/audit_delete_success_aarch64/kubernetes/shared.yml
index 37b8b3676..d1be71273 100644
--- a/linux_os/guide/auditing/policy_rules/audit_delete_success_aarch64/kubernetes/shared.yml
+++ b/linux_os/guide/auditing/policy_rules/audit_delete_success_aarch64/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
 
 {{% set file_contents = """## Successful file delete
 -a always,exit -F arch=b32 -S unlink,unlinkat,rename,renameat -F success=1 -F auid>=" ~ uid_min ~ " -F auid!=unset -F key=successful-delete
diff --git a/linux_os/guide/auditing/policy_rules/audit_delete_success_ppc64le/kubernetes/shared.yml b/linux_os/guide/auditing/policy_rules/audit_delete_success_ppc64le/kubernetes/shared.yml
index a46066d62..731636c7f 100644
--- a/linux_os/guide/auditing/policy_rules/audit_delete_success_ppc64le/kubernetes/shared.yml
+++ b/linux_os/guide/auditing/policy_rules/audit_delete_success_ppc64le/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
 
 {{% set file_contents = """## Successful file delete
 -a always,exit -F arch=b64 -S unlink,unlinkat,rename,renameat -F success=1 -F auid>=" ~ uid_min ~ " -F auid!=unset -F key=successful-delete""" -%}}
diff --git a/linux_os/guide/auditing/policy_rules/audit_immutable_login_uids/kubernetes/shared.yml b/linux_os/guide/auditing/policy_rules/audit_immutable_login_uids/kubernetes/shared.yml
index ff5e61676..f7012bed2 100644
--- a/linux_os/guide/auditing/policy_rules/audit_immutable_login_uids/kubernetes/shared.yml
+++ b/linux_os/guide/auditing/policy_rules/audit_immutable_login_uids/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
 apiVersion: machineconfiguration.openshift.io/v1
 kind: MachineConfig
 spec:
diff --git a/linux_os/guide/auditing/policy_rules/audit_modify_failed/kubernetes/shared.yml b/linux_os/guide/auditing/policy_rules/audit_modify_failed/kubernetes/shared.yml
index 2d9279849..ec6477378 100644
--- a/linux_os/guide/auditing/policy_rules/audit_modify_failed/kubernetes/shared.yml
+++ b/linux_os/guide/auditing/policy_rules/audit_modify_failed/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
 apiVersion: machineconfiguration.openshift.io/v1
 kind: MachineConfig
 spec:
diff --git a/linux_os/guide/auditing/policy_rules/audit_modify_failed_aarch64/kubernetes/shared.yml b/linux_os/guide/auditing/policy_rules/audit_modify_failed_aarch64/kubernetes/shared.yml
index dae466002..527bc8489 100644
--- a/linux_os/guide/auditing/policy_rules/audit_modify_failed_aarch64/kubernetes/shared.yml
+++ b/linux_os/guide/auditing/policy_rules/audit_modify_failed_aarch64/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
 apiVersion: machineconfiguration.openshift.io/v1
 kind: MachineConfig
 spec:
diff --git a/linux_os/guide/auditing/policy_rules/audit_modify_failed_ppc64le/kubernetes/shared.yml b/linux_os/guide/auditing/policy_rules/audit_modify_failed_ppc64le/kubernetes/shared.yml
index f07ff3607..62de7826c 100644
--- a/linux_os/guide/auditing/policy_rules/audit_modify_failed_ppc64le/kubernetes/shared.yml
+++ b/linux_os/guide/auditing/policy_rules/audit_modify_failed_ppc64le/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
 apiVersion: machineconfiguration.openshift.io/v1
 kind: MachineConfig
 spec:
diff --git a/linux_os/guide/auditing/policy_rules/audit_modify_success/kubernetes/shared.yml b/linux_os/guide/auditing/policy_rules/audit_modify_success/kubernetes/shared.yml
index c6f796967..7a6e545c4 100644
--- a/linux_os/guide/auditing/policy_rules/audit_modify_success/kubernetes/shared.yml
+++ b/linux_os/guide/auditing/policy_rules/audit_modify_success/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
 apiVersion: machineconfiguration.openshift.io/v1
 kind: MachineConfig
 spec:
diff --git a/linux_os/guide/auditing/policy_rules/audit_modify_success_aarch64/kubernetes/shared.yml b/linux_os/guide/auditing/policy_rules/audit_modify_success_aarch64/kubernetes/shared.yml
index 212ec4ba5..62e1ee6de 100644
--- a/linux_os/guide/auditing/policy_rules/audit_modify_success_aarch64/kubernetes/shared.yml
+++ b/linux_os/guide/auditing/policy_rules/audit_modify_success_aarch64/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
 apiVersion: machineconfiguration.openshift.io/v1
 kind: MachineConfig
 spec:
diff --git a/linux_os/guide/auditing/policy_rules/audit_modify_success_ppc64le/kubernetes/shared.yml b/linux_os/guide/auditing/policy_rules/audit_modify_success_ppc64le/kubernetes/shared.yml
index 92310b977..e76e314a6 100644
--- a/linux_os/guide/auditing/policy_rules/audit_modify_success_ppc64le/kubernetes/shared.yml
+++ b/linux_os/guide/auditing/policy_rules/audit_modify_success_ppc64le/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
 apiVersion: machineconfiguration.openshift.io/v1
 kind: MachineConfig
 spec:
diff --git a/linux_os/guide/auditing/policy_rules/audit_module_load/kubernetes/shared.yml b/linux_os/guide/auditing/policy_rules/audit_module_load/kubernetes/shared.yml
index f8cd8b73d..090554c02 100644
--- a/linux_os/guide/auditing/policy_rules/audit_module_load/kubernetes/shared.yml
+++ b/linux_os/guide/auditing/policy_rules/audit_module_load/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
 apiVersion: machineconfiguration.openshift.io/v1
 kind: MachineConfig
 spec:
diff --git a/linux_os/guide/auditing/policy_rules/audit_module_load_ppc64le/kubernetes/shared.yml b/linux_os/guide/auditing/policy_rules/audit_module_load_ppc64le/kubernetes/shared.yml
index 231034a9c..460877cec 100644
--- a/linux_os/guide/auditing/policy_rules/audit_module_load_ppc64le/kubernetes/shared.yml
+++ b/linux_os/guide/auditing/policy_rules/audit_module_load_ppc64le/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
 apiVersion: machineconfiguration.openshift.io/v1
 kind: MachineConfig
 spec:
diff --git a/linux_os/guide/auditing/policy_rules/audit_ospp_general/kubernetes/shared.yml b/linux_os/guide/auditing/policy_rules/audit_ospp_general/kubernetes/shared.yml
index 96ee57492..09bfe412b 100644
--- a/linux_os/guide/auditing/policy_rules/audit_ospp_general/kubernetes/shared.yml
+++ b/linux_os/guide/auditing/policy_rules/audit_ospp_general/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
 apiVersion: machineconfiguration.openshift.io/v1
 kind: MachineConfig
 spec:
diff --git a/linux_os/guide/auditing/policy_rules/audit_ospp_general_aarch64/kubernetes/shared.yml b/linux_os/guide/auditing/policy_rules/audit_ospp_general_aarch64/kubernetes/shared.yml
index ac946bfe0..7480f574f 100644
--- a/linux_os/guide/auditing/policy_rules/audit_ospp_general_aarch64/kubernetes/shared.yml
+++ b/linux_os/guide/auditing/policy_rules/audit_ospp_general_aarch64/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
 apiVersion: machineconfiguration.openshift.io/v1
 kind: MachineConfig
 spec:
diff --git a/linux_os/guide/auditing/policy_rules/audit_ospp_general_ppc64le/kubernetes/shared.yml b/linux_os/guide/auditing/policy_rules/audit_ospp_general_ppc64le/kubernetes/shared.yml
index 23940aca3..8775144da 100644
--- a/linux_os/guide/auditing/policy_rules/audit_ospp_general_ppc64le/kubernetes/shared.yml
+++ b/linux_os/guide/auditing/policy_rules/audit_ospp_general_ppc64le/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
 apiVersion: machineconfiguration.openshift.io/v1
 kind: MachineConfig
 spec:
diff --git a/linux_os/guide/auditing/service_auditd_enabled/rule.yml b/linux_os/guide/auditing/service_auditd_enabled/rule.yml
index 675afac32..db22141bb 100644
--- a/linux_os/guide/auditing/service_auditd_enabled/rule.yml
+++ b/linux_os/guide/auditing/service_auditd_enabled/rule.yml
@@ -56,7 +56,7 @@ references:
     srg: SRG-OS-000062-GPOS-00031,SRG-OS-000037-GPOS-00015,SRG-OS-000038-GPOS-00016,SRG-OS-000039-GPOS-00017,SRG-OS-000040-GPOS-00018,SRG-OS-000041-GPOS-00019,SRG-OS-000042-GPOS-00021,SRG-OS-000051-GPOS-00024,SRG-OS-000054-GPOS-00025,SRG-OS-000122-GPOS-00063,SRG-OS-000254-GPOS-00095,SRG-OS-000255-GPOS-00096,SRG-OS-000337-GPOS-00129,SRG-OS-000348-GPOS-00136,SRG-OS-000349-GPOS-00137,SRG-OS-000350-GPOS-00138,SRG-OS-000351-GPOS-00139,SRG-OS-000352-GPOS-00140,SRG-OS-000353-GPOS-00141,SRG-OS-000354-GPOS-00142,SRG-OS-000358-GPOS-00145,SRG-OS-000365-GPOS-00152,SRG-OS-000392-GPOS-00172,SRG-OS-000475-GPOS-00220,SRG-APP-000095-CTR-000170,SRG-APP-000409-CTR-000990,SRG-APP-000508-CTR-001300,SRG-APP-000510-CTR-001310
     stigid@ol7: OL07-00-030000
     stigid@ol8: OL08-00-030181
-    stigid@rhel8: RHEL-08-030181
+    stigid@almalinux8: RHEL-08-030181
     stigid@sle12: SLES-12-020010
     stigid@sle15: SLES-15-030050
     stigid@ubuntu2004: UBTU-20-010182
diff --git a/linux_os/guide/services/base/package_abrt_removed/rule.yml b/linux_os/guide/services/base/package_abrt_removed/rule.yml
index 4613ec199..1e9063ce9 100644
--- a/linux_os/guide/services/base/package_abrt_removed/rule.yml
+++ b/linux_os/guide/services/base/package_abrt_removed/rule.yml
@@ -26,7 +26,7 @@ references:
     disa: CCI-000381
     srg: SRG-OS-000095-GPOS-00049
     stigid@ol8: OL08-00-040001
-    stigid@rhel8: RHEL-08-040001
+    stigid@almalinux8: RHEL-08-040001
 
 {{{ complete_ocil_entry_package(package="abrt") }}}
 
diff --git a/linux_os/guide/services/base/service_kdump_disabled/rule.yml b/linux_os/guide/services/base/service_kdump_disabled/rule.yml
index 6ac54b57b..bb599fdaa 100644
--- a/linux_os/guide/services/base/service_kdump_disabled/rule.yml
+++ b/linux_os/guide/services/base/service_kdump_disabled/rule.yml
@@ -45,7 +45,7 @@ references:
     srg: SRG-OS-000269-GPOS-00103,SRG-OS-000480-GPOS-00227
     stigid@ol7: OL07-00-021300
     stigid@ol8: OL08-00-010670
-    stigid@rhel8: RHEL-08-010670
+    stigid@almalinux8: RHEL-08-010670
     stigid@sle12: SLES-12-010840
     stigid@sle15: SLES-15-040190
     stigid@ubuntu2004: UBTU-20-010413
diff --git a/linux_os/guide/services/cron_and_at/package_cron_installed/rule.yml b/linux_os/guide/services/cron_and_at/package_cron_installed/rule.yml
index 617dc8b2a..f1a6aa4ae 100644
--- a/linux_os/guide/services/cron_and_at/package_cron_installed/rule.yml
+++ b/linux_os/guide/services/cron_and_at/package_cron_installed/rule.yml
@@ -1,4 +1,4 @@
-{{% if product in [ "ol9", "ol10", "rhel8", "rhel9", "rhel10", "sle12", "sle15"] %}}
+{{% if product in [ "ol9", "ol10", "rhel8", "almalinux8", "rhel9", "rhel10", "sle12", "sle15"] %}}
 {{% set package_name = "cronie" %}}
 {{% else %}}
 {{% set package_name = "cron" %}}
diff --git a/linux_os/guide/services/cron_and_at/service_cron_enabled/rule.yml b/linux_os/guide/services/cron_and_at/service_cron_enabled/rule.yml
index 7977cba9f..2f6eb4edf 100644
--- a/linux_os/guide/services/cron_and_at/service_cron_enabled/rule.yml
+++ b/linux_os/guide/services/cron_and_at/service_cron_enabled/rule.yml
@@ -1,4 +1,4 @@
-{{% if product in ["rhel8", "rhel9", "rhel10"] %}}
+{{% if product in ["rhel8", "almalinux8", "rhel9", "rhel10"] %}}
 {{% set service_name = "crond" %}}
 {{% else %}}
 {{% set service_name = "cron" %}}
diff --git a/linux_os/guide/services/fapolicyd/fapolicy_default_deny/rule.yml b/linux_os/guide/services/fapolicyd/fapolicy_default_deny/rule.yml
index 67fc86c42..a397633e8 100644
--- a/linux_os/guide/services/fapolicyd/fapolicy_default_deny/rule.yml
+++ b/linux_os/guide/services/fapolicyd/fapolicy_default_deny/rule.yml
@@ -25,7 +25,7 @@ references:
   nist: CM-7 (2),CM-7 (5) (b),CM-6 b
   srg: SRG-OS-000368-GPOS-00154,SRG-OS-000370-GPOS-00155,SRG-OS-000480-GPOS-00232
   stigid@ol8: OL08-00-040137
-  stigid@rhel8: RHEL-08-040137
+  stigid@almalinux8: RHEL-08-040137
 
 ocil_clause: 'fapolicyd is not running in enforcement mode with a deny-all, permit-by-exception policy'
 
@@ -40,7 +40,7 @@ ocil: |-
 
     Check that fapolicyd employs a deny-all policy on system mounts with the following commands:
 
-    {{%- if product in ["ol8", "rhel8"] %}}
+    {{%- if product in ["ol8", "rhel8", "almalinux8"] %}}
     {{% set product_short_name = "OL" if "ol" in product else "RHEL" %}}
     For {{{ product_short_name }}} 8.5 systems and older:
     $ sudo tail /etc/fapolicyd/fapolicyd.rules
@@ -60,7 +60,7 @@ fixtext: |-
 
     permissive = 1
 
-    {{%- if product in ["ol8", "rhel8"] %}}
+    {{%- if product in ["ol8", "rhel8", "almalinux8"] %}}
     For {{{ product_short_name }}} 8.5 systems and older:
     Build the whitelist in the "/etc/fapolicyd/fapolicyd.rules" file ensuring the last rule is "deny perm=any all : all".
 
diff --git a/linux_os/guide/services/fapolicyd/package_fapolicyd_installed/rule.yml b/linux_os/guide/services/fapolicyd/package_fapolicyd_installed/rule.yml
index 5149ccb54..ba4119ca0 100644
--- a/linux_os/guide/services/fapolicyd/package_fapolicyd_installed/rule.yml
+++ b/linux_os/guide/services/fapolicyd/package_fapolicyd_installed/rule.yml
@@ -24,7 +24,7 @@ references:
     ospp: FMT_SMF_EXT.1
     srg: SRG-OS-000370-GPOS-00155,SRG-OS-000368-GPOS-00154,SRG-OS-000480-GPOS-00230
     stigid@ol8: OL08-00-040135
-    stigid@rhel8: RHEL-08-040135
+    stigid@almalinux8: RHEL-08-040135
 
 ocil_clause: 'the fapolicyd package is not installed'
 
diff --git a/linux_os/guide/services/fapolicyd/service_fapolicyd_enabled/rule.yml b/linux_os/guide/services/fapolicyd/service_fapolicyd_enabled/rule.yml
index d1b5254d2..828ac2fd7 100644
--- a/linux_os/guide/services/fapolicyd/service_fapolicyd_enabled/rule.yml
+++ b/linux_os/guide/services/fapolicyd/service_fapolicyd_enabled/rule.yml
@@ -25,7 +25,7 @@ references:
     ospp: FMT_SMF_EXT.1
     srg: SRG-OS-000370-GPOS-00155,SRG-OS-000368-GPOS-00154,SRG-OS-000480-GPOS-00230
     stigid@ol8: OL08-00-040136
-    stigid@rhel8: RHEL-08-040136
+    stigid@almalinux8: RHEL-08-040136
 
 ocil_clause: 'the service is not enabled'
 
diff --git a/linux_os/guide/services/ftp/disabling_vsftpd/package_vsftpd_removed/rule.yml b/linux_os/guide/services/ftp/disabling_vsftpd/package_vsftpd_removed/rule.yml
index fecfd7986..6a7709ea2 100644
--- a/linux_os/guide/services/ftp/disabling_vsftpd/package_vsftpd_removed/rule.yml
+++ b/linux_os/guide/services/ftp/disabling_vsftpd/package_vsftpd_removed/rule.yml
@@ -36,7 +36,7 @@ references:
     srg: SRG-OS-000074-GPOS-00042,SRG-OS-000095-GPOS-00049,SRG-OS-000480-GPOS-00227
     stigid@ol7: OL07-00-040690
     stigid@ol8: OL08-00-040360
-    stigid@rhel8: RHEL-08-040360
+    stigid@almalinux8: RHEL-08-040360
     stigid@sle12: SLES-12-030011
     stigid@sle15: SLES-15-010030
 
diff --git a/linux_os/guide/services/kerberos/kerberos_disable_no_keytab/rule.yml b/linux_os/guide/services/kerberos/kerberos_disable_no_keytab/rule.yml
index a68fa90a8..5cd576d4e 100644
--- a/linux_os/guide/services/kerberos/kerberos_disable_no_keytab/rule.yml
+++ b/linux_os/guide/services/kerberos/kerberos_disable_no_keytab/rule.yml
@@ -25,7 +25,7 @@ references:
     ism: 0418,1055,1402
     srg: SRG-OS-000120-GPOS-00061
     stigid@ol8: OL08-00-010161
-    stigid@rhel8: RHEL-08-010161
+    stigid@almalinux8: RHEL-08-010161
 
 platforms:
     - krb5_server_older_than_1_17-18 and krb5_workstation_older_than_1_17-18
diff --git a/linux_os/guide/services/kerberos/package_krb5-server_removed/rule.yml b/linux_os/guide/services/kerberos/package_krb5-server_removed/rule.yml
index 36dc8de85..e64652a1b 100644
--- a/linux_os/guide/services/kerberos/package_krb5-server_removed/rule.yml
+++ b/linux_os/guide/services/kerberos/package_krb5-server_removed/rule.yml
@@ -29,7 +29,7 @@ references:
     nist: IA-7,IA-7.1
     srg: SRG-OS-000120-GPOS-00061
     stigid@ol8: OL08-00-010163
-    stigid@rhel8: RHEL-08-010163
+    stigid@almalinux8: RHEL-08-010163
 
 platforms:
     - krb5_server_older_than_1_17-18
diff --git a/linux_os/guide/services/mail/package_mailx_installed/rule.yml b/linux_os/guide/services/mail/package_mailx_installed/rule.yml
index ac5972341..4328c61b2 100644
--- a/linux_os/guide/services/mail/package_mailx_installed/rule.yml
+++ b/linux_os/guide/services/mail/package_mailx_installed/rule.yml
@@ -24,7 +24,7 @@ references:
     srg: SRG-OS-000363-GPOS-00150
     stigid@ol7: OL07-00-020028
     stigid@ol8: OL08-00-010358
-    stigid@rhel8: RHEL-08-010358
+    stigid@almalinux8: RHEL-08-010358
     stigid@sle12: SLES-12-010498
     stigid@sle15: SLES-15-010418
 
diff --git a/linux_os/guide/services/mail/package_postfix_installed/rule.yml b/linux_os/guide/services/mail/package_postfix_installed/rule.yml
index 6ba5bd00e..e0188820d 100644
--- a/linux_os/guide/services/mail/package_postfix_installed/rule.yml
+++ b/linux_os/guide/services/mail/package_postfix_installed/rule.yml
@@ -19,7 +19,7 @@ identifiers:
 references:
     disa: CCI-000139
     srg: SRG-OS-000046-GPOS-00022
-    stigid@rhel8: RHEL-08-030030
+    stigid@almalinux8: RHEL-08-030030
 
 ocil_clause: 'the package is not installed'
 
diff --git a/linux_os/guide/services/mail/package_sendmail_removed/rule.yml b/linux_os/guide/services/mail/package_sendmail_removed/rule.yml
index 8b23a9474..87280428f 100644
--- a/linux_os/guide/services/mail/package_sendmail_removed/rule.yml
+++ b/linux_os/guide/services/mail/package_sendmail_removed/rule.yml
@@ -33,7 +33,7 @@ references:
     nist-csf: PR.IP-1,PR.PT-3
     srg: SRG-OS-000480-GPOS-00227,SRG-OS-000095-GPOS-00049
     stigid@ol8: OL08-00-040002
-    stigid@rhel8: RHEL-08-040002
+    stigid@almalinux8: RHEL-08-040002
 
 {{{ complete_ocil_entry_package(package="sendmail") }}}
 
diff --git a/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias/ansible/shared.yml b/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias/ansible/shared.yml
index a0330236a..89efc61e4 100644
--- a/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias/ansible/shared.yml
+++ b/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_debian
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_debian
 # reboot = false
 # strategy = configure
 # complexity = low
diff --git a/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias/bash/shared.sh b/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias/bash/shared.sh
index 001ead7d6..1fc220d8a 100644
--- a/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias/bash/shared.sh
+++ b/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_debian
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_debian
 
 {{{ bash_instantiate_variables("var_postfix_root_mail_alias") }}}
 
diff --git a/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias_postmaster/rule.yml b/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias_postmaster/rule.yml
index 6b5349b41..1873724cd 100644
--- a/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias_postmaster/rule.yml
+++ b/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias_postmaster/rule.yml
@@ -30,7 +30,7 @@ references:
     nist: AU-5(a),AU-5.1(ii)
     srg: SRG-OS-000046-GPOS-00022
     stigid@ol8: OL08-00-030030
-    stigid@rhel8: RHEL-08-030030
+    stigid@almalinux8: RHEL-08-030030
 
 ocil_clause: 'the alias is not set or is not root'
 
diff --git a/linux_os/guide/services/mail/postfix_harden_os/postfix_server_cfg/postfix_server_relay/postfix_prevent_unrestricted_relay/rule.yml b/linux_os/guide/services/mail/postfix_harden_os/postfix_server_cfg/postfix_server_relay/postfix_prevent_unrestricted_relay/rule.yml
index b66afbaae..b0dab5753 100644
--- a/linux_os/guide/services/mail/postfix_harden_os/postfix_server_cfg/postfix_server_relay/postfix_prevent_unrestricted_relay/rule.yml
+++ b/linux_os/guide/services/mail/postfix_harden_os/postfix_server_cfg/postfix_server_relay/postfix_prevent_unrestricted_relay/rule.yml
@@ -26,7 +26,7 @@ references:
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol7: OL07-00-040680
     stigid@ol8: OL08-00-040290
-    stigid@rhel8: RHEL-08-040290
+    stigid@almalinux8: RHEL-08-040290
 
 ocil_clause: 'the "smtpd_client_restrictions" parameter contains any entries other than "permit_mynetworks" and "reject"'
 
diff --git a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_nodev_remote_filesystems/rule.yml b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_nodev_remote_filesystems/rule.yml
index eaee5b233..41c58ffc4 100644
--- a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_nodev_remote_filesystems/rule.yml
+++ b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_nodev_remote_filesystems/rule.yml
@@ -27,7 +27,7 @@ references:
     nist-csf: PR.IP-1,PR.PT-2,PR.PT-3
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol8: OL08-00-010640
-    stigid@rhel8: RHEL-08-010640
+    stigid@almalinux8: RHEL-08-010640
 
 ocil_clause: 'the setting does not show'
 
diff --git a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_noexec_remote_filesystems/rule.yml b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_noexec_remote_filesystems/rule.yml
index 6673f2b5b..abeb64446 100644
--- a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_noexec_remote_filesystems/rule.yml
+++ b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_noexec_remote_filesystems/rule.yml
@@ -33,7 +33,7 @@ references:
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol7: OL07-00-021021
     stigid@ol8: OL08-00-010630
-    stigid@rhel8: RHEL-08-010630
+    stigid@almalinux8: RHEL-08-010630
     stigid@sle12: SLES-12-010820
     stigid@sle15: SLES-15-040170
 
diff --git a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_nosuid_remote_filesystems/rule.yml b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_nosuid_remote_filesystems/rule.yml
index 11ef40a64..ddc51b730 100644
--- a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_nosuid_remote_filesystems/rule.yml
+++ b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_nosuid_remote_filesystems/rule.yml
@@ -31,7 +31,7 @@ references:
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol7: OL07-00-021020
     stigid@ol8: OL08-00-010650
-    stigid@rhel8: RHEL-08-010650
+    stigid@almalinux8: RHEL-08-010650
     stigid@sle12: SLES-12-010810
     stigid@sle15: SLES-15-040160
 
diff --git a/linux_os/guide/services/ntp/chrony_set_nts/tests/chrony_d_one_pool_missing.fail.sh b/linux_os/guide/services/ntp/chrony_set_nts/tests/chrony_d_one_pool_missing.fail.sh
index 4963780f8..c3bc5b0de 100644
--- a/linux_os/guide/services/ntp/chrony_set_nts/tests/chrony_d_one_pool_missing.fail.sh
+++ b/linux_os/guide/services/ntp/chrony_set_nts/tests/chrony_d_one_pool_missing.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = chrony
-# platform = multi_platform_rhel
+# platform = multi_platform_rhel,multi_platform_almalinux
 
 {{{ bash_package_remove("ntp") }}}
 
diff --git a/linux_os/guide/services/ntp/chrony_set_nts/tests/chrony_d_one_server_missing.fail.sh b/linux_os/guide/services/ntp/chrony_set_nts/tests/chrony_d_one_server_missing.fail.sh
index fdfe38968..92a468e1e 100644
--- a/linux_os/guide/services/ntp/chrony_set_nts/tests/chrony_d_one_server_missing.fail.sh
+++ b/linux_os/guide/services/ntp/chrony_set_nts/tests/chrony_d_one_server_missing.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = chrony
-# platform = multi_platform_rhel
+# platform = multi_platform_rhel,multi_platform_almalinux
 
 {{{ bash_package_remove("ntp") }}}
 
diff --git a/linux_os/guide/services/ntp/chronyd_client_only/kubernetes/shared.yml b/linux_os/guide/services/ntp/chronyd_client_only/kubernetes/shared.yml
index c435df983..b80ffbf7b 100644
--- a/linux_os/guide/services/ntp/chronyd_client_only/kubernetes/shared.yml
+++ b/linux_os/guide/services/ntp/chronyd_client_only/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_rhcos
+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhcos
 # reboot = true
 # strategy = restrict
 # complexity = low
diff --git a/linux_os/guide/services/ntp/chronyd_client_only/rule.yml b/linux_os/guide/services/ntp/chronyd_client_only/rule.yml
index b37e8c606..e38d1ae22 100644
--- a/linux_os/guide/services/ntp/chronyd_client_only/rule.yml
+++ b/linux_os/guide/services/ntp/chronyd_client_only/rule.yml
@@ -29,7 +29,7 @@ references:
     ospp: FMT_SMF_EXT.1
     srg: SRG-OS-000096-GPOS-00050,SRG-OS-000095-GPOS-00049
     stigid@ol8: OL08-00-030741
-    stigid@rhel8: RHEL-08-030741
+    stigid@almalinux8: RHEL-08-030741
 
 ocil_clause: 'the "port" option is not set to "0", is commented out, or is missing'
 
diff --git a/linux_os/guide/services/ntp/chronyd_no_chronyc_network/kubernetes/shared.yml b/linux_os/guide/services/ntp/chronyd_no_chronyc_network/kubernetes/shared.yml
index c435df983..b80ffbf7b 100644
--- a/linux_os/guide/services/ntp/chronyd_no_chronyc_network/kubernetes/shared.yml
+++ b/linux_os/guide/services/ntp/chronyd_no_chronyc_network/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_rhcos
+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhcos
 # reboot = true
 # strategy = restrict
 # complexity = low
diff --git a/linux_os/guide/services/ntp/chronyd_no_chronyc_network/rule.yml b/linux_os/guide/services/ntp/chronyd_no_chronyc_network/rule.yml
index 7a926f6fe..5d9485f1b 100644
--- a/linux_os/guide/services/ntp/chronyd_no_chronyc_network/rule.yml
+++ b/linux_os/guide/services/ntp/chronyd_no_chronyc_network/rule.yml
@@ -27,7 +27,7 @@ references:
     nist: CM-7(1)
     srg: SRG-OS-000096-GPOS-00050,SRG-OS-000095-GPOS-00049
     stigid@ol8: OL08-00-030742
-    stigid@rhel8: RHEL-08-030742
+    stigid@almalinux8: RHEL-08-030742
 
 ocil_clause: 'the "cmdport" option is not set to "0", is commented out, or is missing'
 
diff --git a/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/kubernetes/shared.yml b/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/kubernetes/shared.yml
index c435df983..b80ffbf7b 100644
--- a/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/kubernetes/shared.yml
+++ b/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_rhcos
+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhcos
 # reboot = true
 # strategy = restrict
 # complexity = low
diff --git a/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/rule.yml b/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/rule.yml
index 33ac6c19a..b3de88fff 100644
--- a/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/rule.yml
+++ b/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/rule.yml
@@ -93,7 +93,7 @@ references:
     srg: SRG-OS-000355-GPOS-00143,SRG-OS-000356-GPOS-00144,SRG-OS-000359-GPOS-00146
     stigid@ol7: OL07-00-040500
     stigid@ol8: OL08-00-030740
-    stigid@rhel8: RHEL-08-030740
+    stigid@almalinux8: RHEL-08-030740
     stigid@sle12: SLES-12-030300
     stigid@sle15: SLES-15-010400
     stigid@ubuntu2004: UBTU-20-010435
diff --git a/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/tests/chrony_d_one_pool_misconfigured.fail.sh b/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/tests/chrony_d_one_pool_misconfigured.fail.sh
index a7d291916..c1802d791 100644
--- a/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/tests/chrony_d_one_pool_misconfigured.fail.sh
+++ b/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/tests/chrony_d_one_pool_misconfigured.fail.sh
@@ -1,7 +1,7 @@
 #!/bin/bash
 # packages = chrony
 # variables = var_time_service_set_maxpoll=16
-# platform = multi_platform_rhel
+# platform = multi_platform_rhel,multi_platform_almalinux
 
 {{{ bash_package_remove("ntp") }}}
 
diff --git a/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/tests/chrony_d_one_server_misconfigured.fail.sh b/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/tests/chrony_d_one_server_misconfigured.fail.sh
index f6da9d51f..2eeff701b 100644
--- a/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/tests/chrony_d_one_server_misconfigured.fail.sh
+++ b/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/tests/chrony_d_one_server_misconfigured.fail.sh
@@ -1,7 +1,7 @@
 #!/bin/bash
 # packages = chrony
 # variables = var_time_service_set_maxpoll=16
-# platform = multi_platform_rhel
+# platform = multi_platform_rhel,multi_platform_almalinux
 
 {{{ bash_package_remove("ntp") }}}
 
diff --git a/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_multiple_servers/kubernetes/shared.yml b/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_multiple_servers/kubernetes/shared.yml
index c435df983..b80ffbf7b 100644
--- a/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_multiple_servers/kubernetes/shared.yml
+++ b/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_multiple_servers/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_rhcos
+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhcos
 # reboot = true
 # strategy = restrict
 # complexity = low
diff --git a/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_remote_server/bash/shared.sh b/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_remote_server/bash/shared.sh
index 3a3a23fe9..07d545b85 100644
--- a/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_remote_server/bash/shared.sh
+++ b/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_remote_server/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Red Hat Enterprise Linux 8,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_almalinux
+# platform = Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_almalinux
 
 {{{ bash_instantiate_variables("var_multiple_time_servers") }}}
 
diff --git a/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_remote_server/kubernetes/shared.yml b/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_remote_server/kubernetes/shared.yml
index c435df983..b80ffbf7b 100644
--- a/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_remote_server/kubernetes/shared.yml
+++ b/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_remote_server/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_rhcos
+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhcos
 # reboot = true
 # strategy = restrict
 # complexity = low
diff --git a/linux_os/guide/services/ntp/chronyd_server_directive/rule.yml b/linux_os/guide/services/ntp/chronyd_server_directive/rule.yml
index 353812b08..2eb12a06e 100644
--- a/linux_os/guide/services/ntp/chronyd_server_directive/rule.yml
+++ b/linux_os/guide/services/ntp/chronyd_server_directive/rule.yml
@@ -25,7 +25,7 @@ references:
     disa: CCI-001890,CCI-004926,CCI-004923
     srg: SRG-OS-000355-GPOS-00143,SRG-OS-000356-GPOS-00144,SRG-OS-000359-GPOS-00146
     stigid@ol8: OL08-00-030740
-    stigid@rhel8: RHEL-08-030740
+    stigid@almalinux8: RHEL-08-030740
 
 ocil_clause: 'an authoritative remote time server is not configured or configured with pool directive'
 
diff --git a/linux_os/guide/services/ntp/chronyd_specify_remote_server/rule.yml b/linux_os/guide/services/ntp/chronyd_specify_remote_server/rule.yml
index 516a57a68..1b36373e5 100644
--- a/linux_os/guide/services/ntp/chronyd_specify_remote_server/rule.yml
+++ b/linux_os/guide/services/ntp/chronyd_specify_remote_server/rule.yml
@@ -37,7 +37,7 @@ references:
     nist: CM-6(a),AU-8(1)(a)
     pcidss: Req-10.4.3
     srg: SRG-OS-000355-GPOS-00143
-    stigid@rhel8: RHEL-08-030740
+    stigid@almalinux8: RHEL-08-030740
 
 ocil_clause: 'a remote time server is not configured'
 
diff --git a/linux_os/guide/services/ntp/service_chronyd_or_ntpd_enabled/ansible/shared.yml b/linux_os/guide/services/ntp/service_chronyd_or_ntpd_enabled/ansible/shared.yml
index 752528317..35c2e162b 100644
--- a/linux_os/guide/services/ntp/service_chronyd_or_ntpd_enabled/ansible/shared.yml
+++ b/linux_os/guide/services/ntp/service_chronyd_or_ntpd_enabled/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = Red Hat Enterprise Linux 8,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_almalinux
+# platform = Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_almalinux
 # reboot = false
 # strategy = enable
 # complexity = low
diff --git a/linux_os/guide/services/ntp/service_chronyd_or_ntpd_enabled/bash/shared.sh b/linux_os/guide/services/ntp/service_chronyd_or_ntpd_enabled/bash/shared.sh
index e2af37ad2..2a3ab74f5 100644
--- a/linux_os/guide/services/ntp/service_chronyd_or_ntpd_enabled/bash/shared.sh
+++ b/linux_os/guide/services/ntp/service_chronyd_or_ntpd_enabled/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Red Hat Enterprise Linux 8,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_almalinux
+# platform = Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_almalinux
 # reboot = false
 # strategy = enable
 # complexity = low
diff --git a/linux_os/guide/services/ntp/service_ntpd_enabled/rule.yml b/linux_os/guide/services/ntp/service_ntpd_enabled/rule.yml
index 722c975d6..e171b138c 100644
--- a/linux_os/guide/services/ntp/service_ntpd_enabled/rule.yml
+++ b/linux_os/guide/services/ntp/service_ntpd_enabled/rule.yml
@@ -48,7 +48,7 @@ template:
 
 platform: package[ntp]
 
-{{% if product in ["rhel8", "rhel9", "sle15"] %}}
+{{% if product in ["rhel8", "almalinux8", "rhel9", "sle15"] %}}
 warnings:
     - general:
         The 
ntp
 package is not available in {{{ full_name }}}. Please
diff --git a/linux_os/guide/services/obsolete/r_services/no_host_based_files/rule.yml b/linux_os/guide/services/obsolete/r_services/no_host_based_files/rule.yml
index 8ea49101f..7d4e47fb9 100644
--- a/linux_os/guide/services/obsolete/r_services/no_host_based_files/rule.yml
+++ b/linux_os/guide/services/obsolete/r_services/no_host_based_files/rule.yml
@@ -29,7 +29,7 @@ references:
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol7: OL07-00-040550
     stigid@ol8: OL08-00-010460
-    stigid@rhel8: RHEL-08-010460
+    stigid@almalinux8: RHEL-08-010460
     stigid@sle12: SLES-12-010410
     stigid@sle15: SLES-15-040030
 
diff --git a/linux_os/guide/services/obsolete/r_services/no_user_host_based_files/rule.yml b/linux_os/guide/services/obsolete/r_services/no_user_host_based_files/rule.yml
index e6cce8607..cb93701a4 100644
--- a/linux_os/guide/services/obsolete/r_services/no_user_host_based_files/rule.yml
+++ b/linux_os/guide/services/obsolete/r_services/no_user_host_based_files/rule.yml
@@ -32,7 +32,7 @@ references:
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol7: OL07-00-040540
     stigid@ol8: OL08-00-010470
-    stigid@rhel8: RHEL-08-010470
+    stigid@almalinux8: RHEL-08-010470
     stigid@sle12: SLES-12-010400
     stigid@sle15: SLES-15-040020
 
diff --git a/linux_os/guide/services/obsolete/r_services/package_rsh-server_removed/rule.yml b/linux_os/guide/services/obsolete/r_services/package_rsh-server_removed/rule.yml
index 3c2b23136..44a4266fb 100644
--- a/linux_os/guide/services/obsolete/r_services/package_rsh-server_removed/rule.yml
+++ b/linux_os/guide/services/obsolete/r_services/package_rsh-server_removed/rule.yml
@@ -36,7 +36,7 @@ references:
     srg: SRG-OS-000095-GPOS-00049
     stigid@ol7: OL07-00-020000
     stigid@ol8: OL08-00-040010
-    stigid@rhel8: RHEL-08-040010
+    stigid@almalinux8: RHEL-08-040010
     stigid@ubuntu2004: UBTU-20-010406
     stigid@ubuntu2204: UBTU-22-215030
 
@@ -47,7 +47,7 @@ template:
     vars:
         pkgname: rsh-server
 
-{{% if product in ["rhel8", "rhel9"] %}}
+{{% if product in ["rhel8", "almalinux8", "rhel9"] %}}
 warnings:
     - general:
         The package is not available in {{{ full_name }}}.
diff --git a/linux_os/guide/services/obsolete/r_services/package_rsh_removed/rule.yml b/linux_os/guide/services/obsolete/r_services/package_rsh_removed/rule.yml
index 011a419a9..de86972f8 100644
--- a/linux_os/guide/services/obsolete/r_services/package_rsh_removed/rule.yml
+++ b/linux_os/guide/services/obsolete/r_services/package_rsh_removed/rule.yml
@@ -59,7 +59,7 @@ template:
         pkgname@ubuntu2204: rsh-client
         pkgname@ubuntu2404: rsh-client
 
-{{% if product in ["rhel8", "rhel9"] %}}
+{{% if product in ["rhel8", "almalinux8", "rhel9"] %}}
 warnings:
     - general:
         The package is not available in {{{ full_name }}}.
diff --git a/linux_os/guide/services/obsolete/talk/package_talk-server_removed/rule.yml b/linux_os/guide/services/obsolete/talk/package_talk-server_removed/rule.yml
index a820ba060..2b38dc61f 100644
--- a/linux_os/guide/services/obsolete/talk/package_talk-server_removed/rule.yml
+++ b/linux_os/guide/services/obsolete/talk/package_talk-server_removed/rule.yml
@@ -29,7 +29,7 @@ template:
     vars:
         pkgname: talk-server
 
-{{% if product in ["rhel8", "rhel9"] %}}
+{{% if product in ["rhel8", "almalinux8", "rhel9"] %}}
 warnings:
     - general:
         The package is not available in {{{ full_name }}}.
diff --git a/linux_os/guide/services/obsolete/talk/package_talk_removed/rule.yml b/linux_os/guide/services/obsolete/talk/package_talk_removed/rule.yml
index 58c464869..4c9d3a00c 100644
--- a/linux_os/guide/services/obsolete/talk/package_talk_removed/rule.yml
+++ b/linux_os/guide/services/obsolete/talk/package_talk_removed/rule.yml
@@ -40,7 +40,7 @@ template:
     vars:
         pkgname: talk
 
-{{% if product in ["rhel8", "rhel9"] %}}
+{{% if product in ["rhel8", "almalinux8", "rhel9"] %}}
 warnings:
     - general:
         The package is not available in {{{ full_name }}}.
diff --git a/linux_os/guide/services/obsolete/telnet/package_telnet-server_removed/rule.yml b/linux_os/guide/services/obsolete/telnet/package_telnet-server_removed/rule.yml
index eb3db257a..e1affb1e8 100644
--- a/linux_os/guide/services/obsolete/telnet/package_telnet-server_removed/rule.yml
+++ b/linux_os/guide/services/obsolete/telnet/package_telnet-server_removed/rule.yml
@@ -48,7 +48,7 @@ references:
     srg: SRG-OS-000095-GPOS-00049
     stigid@ol7: OL07-00-021710
     stigid@ol8: OL08-00-040000
-    stigid@rhel8: RHEL-08-040000
+    stigid@almalinux8: RHEL-08-040000
     stigid@sle12: SLES-12-030000
     stigid@sle15: SLES-15-010180
 
diff --git a/linux_os/guide/services/obsolete/tftp/package_tftp-server_removed/rule.yml b/linux_os/guide/services/obsolete/tftp/package_tftp-server_removed/rule.yml
index 3f6b4f8cb..b2ded3e59 100644
--- a/linux_os/guide/services/obsolete/tftp/package_tftp-server_removed/rule.yml
+++ b/linux_os/guide/services/obsolete/tftp/package_tftp-server_removed/rule.yml
@@ -40,7 +40,7 @@ references:
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol7: OL07-00-040700
     stigid@ol8: OL08-00-040190
-    stigid@rhel8: RHEL-08-040190
+    stigid@almalinux8: RHEL-08-040190
 
 {{{ complete_ocil_entry_package(package=package_name) }}}
 
diff --git a/linux_os/guide/services/obsolete/tftp/tftpd_uses_secure_mode/rule.yml b/linux_os/guide/services/obsolete/tftp/tftpd_uses_secure_mode/rule.yml
index 8b3864392..0c9ad8711 100644
--- a/linux_os/guide/services/obsolete/tftp/tftpd_uses_secure_mode/rule.yml
+++ b/linux_os/guide/services/obsolete/tftp/tftpd_uses_secure_mode/rule.yml
@@ -6,7 +6,7 @@ title: 'Ensure tftp Daemon Uses Secure Mode'
 description: |-
     If running the Trivial File Transfer Protocol (TFTP) service is necessary,
     it should be configured to change its root directory at startup. To do so,
-    {{%- if product in ["ol7","rhel8","ol8","rhv4"] %}}
+    {{%- if product in ["ol7","rhel8", "almalinux8","ol8","rhv4"] %}}
     ensure /etc/xinetd.d/tftp includes -s as a command line argument,
     as shown in the following example:
     
server_args = -s {{{ xccdf_value("var_tftpd_secure_directory") }}}

@@ -45,10 +45,10 @@ references:
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol7: OL07-00-040720
     stigid@ol8: OL08-00-040350
-    stigid@rhel8: RHEL-08-040350
+    stigid@almalinux8: RHEL-08-040350
 
 ocil_clause: |-
-{{%- if product in ["ol7","rhel8","ol8","rhv4"] %}}
+{{%- if product in ["ol7","rhel8", "almalinux8","ol8","rhv4"] %}}
     '"server_args" line does not have a "-s" option, and a subdirectory is not assigned'
 {{%- else %}}
     'the "ExecStart" line does not have a "-s" option, and a subdirectory is not assigned'
@@ -58,7 +58,7 @@ ocil: |-
     Verify the TFTP daemon is configured to operate in secure mode.
 
     Check if a TFTP server is installed with the following command:
-    {{% if product in ["ol7","rhel8","ol8","rhv4"] %}}
+    {{% if product in ["ol7","rhel8", "almalinux8","ol8","rhv4"] %}}
     
$ rpm -qa | grep tftp

     {{% else %}}
     
$ sudo dnf list --installed tftp-server
@@ -68,7 +68,7 @@ ocil: |-
 
     If a TFTP server is not installed, this is Not Applicable.
     


-    {{% if product in ["ol7","rhel8","ol8","rhv4"] %}}
+    {{% if product in ["ol7","rhel8", "almalinux8","ol8","rhv4"] %}}
     If a TFTP server is installed, verify TFTP is configured by with
     the -s option by running the following command:
 
@@ -82,7 +82,7 @@ ocil: |-
     {{% endif %}}
 
 fixtext: |-
-    {{%- if product in ["ol7","rhel8","ol8","rhv4"] %}}
+    {{%- if product in ["ol7","rhel8", "almalinux8","ol8","rhv4"] %}}
     Configure the TFTP daemon to operate in secure mode by adding the following line to "/etc/xinetd.d/tftp" (or modify the line to have the required value):
 
     server_args = -s {{{ xccdf_value("var_tftpd_secure_directory") }}}
diff --git a/linux_os/guide/services/rng/service_rngd_enabled/rule.yml b/linux_os/guide/services/rng/service_rngd_enabled/rule.yml
index df5f18c3b..d4339ebfd 100644
--- a/linux_os/guide/services/rng/service_rngd_enabled/rule.yml
+++ b/linux_os/guide/services/rng/service_rngd_enabled/rule.yml
@@ -23,7 +23,7 @@ references:
     disa: CCI-000366
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol8: OL08-00-010473
-    stigid@rhel8: RHEL-08-010471
+    stigid@almalinux8: RHEL-08-010471
 
 {{% if product == "ol8" %}}
 platform: os_linux[ol]<8.4 or not runtime_kernel_fips_enabled
diff --git a/linux_os/guide/services/smb/configuring_samba/require_smb_client_signing/ansible/shared.yml b/linux_os/guide/services/smb/configuring_samba/require_smb_client_signing/ansible/shared.yml
index a66068605..f25b95045 100644
--- a/linux_os/guide/services/smb/configuring_samba/require_smb_client_signing/ansible/shared.yml
+++ b/linux_os/guide/services/smb/configuring_samba/require_smb_client_signing/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
 # reboot = false
 # strategy = configure
 # complexity = low
diff --git a/linux_os/guide/services/smb/configuring_samba/require_smb_client_signing/bash/shared.sh b/linux_os/guide/services/smb/configuring_samba/require_smb_client_signing/bash/shared.sh
index 9e1f01f53..d7d4c2651 100644
--- a/linux_os/guide/services/smb/configuring_samba/require_smb_client_signing/bash/shared.sh
+++ b/linux_os/guide/services/smb/configuring_samba/require_smb_client_signing/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel
+# platform = multi_platform_rhel,multi_platform_almalinux
 ######################################################################
 #By Luke "Brisk-OH" Brisk
 #luke.brisk@boeing.com or luke.brisk@gmail.com
diff --git a/linux_os/guide/services/snmp/snmp_configure_server/snmpd_no_rwusers/bash/shared.sh b/linux_os/guide/services/snmp/snmp_configure_server/snmpd_no_rwusers/bash/shared.sh
index a869e7ad6..2e9609296 100644
--- a/linux_os/guide/services/snmp/snmp_configure_server/snmpd_no_rwusers/bash/shared.sh
+++ b/linux_os/guide/services/snmp/snmp_configure_server/snmpd_no_rwusers/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Red Hat Enterprise Linux 8,multi_platform_fedora
+# platform = Red Hat Enterprise Linux 8,AlmaLinux OS 8,multi_platform_fedora
 
 if grep -s "rwuser" /etc/snmp/snmpd.conf | grep -qv "^#"; then
 	sed -i "/^\s*#/b;/rwuser/ s/^/#/" /etc/snmp/snmpd.conf
diff --git a/linux_os/guide/services/snmp/snmp_configure_server/snmpd_not_default_password/ansible/shared.yml b/linux_os/guide/services/snmp/snmp_configure_server/snmpd_not_default_password/ansible/shared.yml
index ca07eef0e..9a56d0833 100644
--- a/linux_os/guide/services/snmp/snmp_configure_server/snmpd_not_default_password/ansible/shared.yml
+++ b/linux_os/guide/services/snmp/snmp_configure_server/snmpd_not_default_password/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = debian 11,debian 10,multi_platform_fedora,Oracle Linux 7,Oracle Linux 8,multi_platform_rhel
+# platform = debian 11,debian 10,multi_platform_fedora,Oracle Linux 7,Oracle Linux 8,multi_platform_rhel,multi_platform_almalinux
 # reboot = false
 # strategy = configure
 # complexity = low
diff --git a/linux_os/guide/services/snmp/snmp_configure_server/snmpd_not_default_password/bash/shared.sh b/linux_os/guide/services/snmp/snmp_configure_server/snmpd_not_default_password/bash/shared.sh
index c54b259d0..78a682cc8 100644
--- a/linux_os/guide/services/snmp/snmp_configure_server/snmpd_not_default_password/bash/shared.sh
+++ b/linux_os/guide/services/snmp/snmp_configure_server/snmpd_not_default_password/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = debian 11,debian 10,multi_platform_fedora,Oracle Linux 7,Oracle Linux 8,multi_platform_rhel
+# platform = debian 11,debian 10,multi_platform_fedora,Oracle Linux 7,Oracle Linux 8,multi_platform_rhel,multi_platform_almalinux
 
 {{{ bash_instantiate_variables("var_snmpd_ro_string", "var_snmpd_rw_string") }}}
 
diff --git a/linux_os/guide/services/ssh/file_permissions_sshd_private_key/rule.yml b/linux_os/guide/services/ssh/file_permissions_sshd_private_key/rule.yml
index 8e73eb2e5..ecdc62c46 100644
--- a/linux_os/guide/services/ssh/file_permissions_sshd_private_key/rule.yml
+++ b/linux_os/guide/services/ssh/file_permissions_sshd_private_key/rule.yml
@@ -54,7 +54,7 @@ references:
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol7: OL07-00-040420
     stigid@ol8: OL08-00-010490
-    stigid@rhel8: RHEL-08-010490
+    stigid@almalinux8: RHEL-08-010490
     stigid@sle12: SLES-12-030220
     stigid@sle15: SLES-15-040250
 
diff --git a/linux_os/guide/services/ssh/file_permissions_sshd_pub_key/rule.yml b/linux_os/guide/services/ssh/file_permissions_sshd_pub_key/rule.yml
index 9e802982d..20d9545a2 100644
--- a/linux_os/guide/services/ssh/file_permissions_sshd_pub_key/rule.yml
+++ b/linux_os/guide/services/ssh/file_permissions_sshd_pub_key/rule.yml
@@ -38,7 +38,7 @@ references:
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol7: OL07-00-040410
     stigid@ol8: OL08-00-010480
-    stigid@rhel8: RHEL-08-010480
+    stigid@almalinux8: RHEL-08-010480
     stigid@sle12: SLES-12-030210
     stigid@sle15: SLES-15-040240
 
diff --git a/linux_os/guide/services/ssh/package_openssh-server_installed/rule.yml b/linux_os/guide/services/ssh/package_openssh-server_installed/rule.yml
index 27e2fe7ba..5cfd5d9c9 100644
--- a/linux_os/guide/services/ssh/package_openssh-server_installed/rule.yml
+++ b/linux_os/guide/services/ssh/package_openssh-server_installed/rule.yml
@@ -31,7 +31,7 @@ references:
     srg: SRG-OS-000423-GPOS-00187,SRG-OS-000424-GPOS-00188,SRG-OS-000425-GPOS-00189,SRG-OS-000426-GPOS-00190
     stigid@ol7: OL07-00-040300
     stigid@ol8: OL08-00-040159
-    stigid@rhel8: RHEL-08-040159
+    stigid@almalinux8: RHEL-08-040159
     stigid@ubuntu2004: UBTU-20-010042
     stigid@ubuntu2204: UBTU-22-255010
 
diff --git a/linux_os/guide/services/ssh/service_sshd_enabled/rule.yml b/linux_os/guide/services/ssh/service_sshd_enabled/rule.yml
index 46d2a4599..4ad07b099 100644
--- a/linux_os/guide/services/ssh/service_sshd_enabled/rule.yml
+++ b/linux_os/guide/services/ssh/service_sshd_enabled/rule.yml
@@ -40,7 +40,7 @@ references:
     srg: SRG-OS-000423-GPOS-00187,SRG-OS-000424-GPOS-00188,SRG-OS-000425-GPOS-00189,SRG-OS-000426-GPOS-00190
     stigid@ol7: OL07-00-040310
     stigid@ol8: OL08-00-040160
-    stigid@rhel8: RHEL-08-040160
+    stigid@almalinux8: RHEL-08-040160
     stigid@sle12: SLES-12-030100
     stigid@sle15: SLES-15-010530
     stigid@ubuntu2004: UBTU-20-010042
diff --git a/linux_os/guide/services/ssh/ssh_client/ssh_client_use_strong_rng_csh/ansible/shared.yml b/linux_os/guide/services/ssh/ssh_client/ssh_client_use_strong_rng_csh/ansible/shared.yml
index 1c878701e..41d44a72c 100644
--- a/linux_os/guide/services/ssh/ssh_client/ssh_client_use_strong_rng_csh/ansible/shared.yml
+++ b/linux_os/guide/services/ssh/ssh_client/ssh_client_use_strong_rng_csh/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = Red Hat Enterprise Linux 8,Oracle Linux 8
+# platform = Red Hat Enterprise Linux 8,AlmaLinux OS 8,Oracle Linux 8
 # reboot = false
 # strategy = configure
 # complexity = low
diff --git a/linux_os/guide/services/ssh/ssh_client/ssh_client_use_strong_rng_csh/bash/shared.sh b/linux_os/guide/services/ssh/ssh_client/ssh_client_use_strong_rng_csh/bash/shared.sh
index 3df859f35..cc0dd4f11 100644
--- a/linux_os/guide/services/ssh/ssh_client/ssh_client_use_strong_rng_csh/bash/shared.sh
+++ b/linux_os/guide/services/ssh/ssh_client/ssh_client_use_strong_rng_csh/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Red Hat Enterprise Linux 8,Oracle Linux 8
+# platform = Red Hat Enterprise Linux 8,AlmaLinux OS 8,Oracle Linux 8
 
 # put line into the file
 echo "setenv SSH_USE_STRONG_RNG 32" > /etc/profile.d/cc-ssh-strong-rng.csh
diff --git a/linux_os/guide/services/ssh/ssh_client/ssh_client_use_strong_rng_sh/ansible/shared.yml b/linux_os/guide/services/ssh/ssh_client/ssh_client_use_strong_rng_sh/ansible/shared.yml
index 29c646020..b8ff04b70 100644
--- a/linux_os/guide/services/ssh/ssh_client/ssh_client_use_strong_rng_sh/ansible/shared.yml
+++ b/linux_os/guide/services/ssh/ssh_client/ssh_client_use_strong_rng_sh/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = Red Hat Enterprise Linux 8,Oracle Linux 8
+# platform = Red Hat Enterprise Linux 8,AlmaLinux OS 8,Oracle Linux 8
 # reboot = false
 # strategy = configure
 # complexity = low
diff --git a/linux_os/guide/services/ssh/ssh_client/ssh_client_use_strong_rng_sh/bash/shared.sh b/linux_os/guide/services/ssh/ssh_client/ssh_client_use_strong_rng_sh/bash/shared.sh
index 13306db45..22d8b4ee0 100644
--- a/linux_os/guide/services/ssh/ssh_client/ssh_client_use_strong_rng_sh/bash/shared.sh
+++ b/linux_os/guide/services/ssh/ssh_client/ssh_client_use_strong_rng_sh/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Red Hat Enterprise Linux 8,Oracle Linux 8
+# platform = Red Hat Enterprise Linux 8,AlmaLinux OS 8,Oracle Linux 8
 
 # put line into the file
 echo "export SSH_USE_STRONG_RNG=32" > /etc/profile.d/cc-ssh-strong-rng.sh
diff --git a/linux_os/guide/services/ssh/ssh_client/ssh_keys_passphrase_protected/rule.yml b/linux_os/guide/services/ssh/ssh_client/ssh_keys_passphrase_protected/rule.yml
index 022d46803..1c9c8880b 100644
--- a/linux_os/guide/services/ssh/ssh_client/ssh_keys_passphrase_protected/rule.yml
+++ b/linux_os/guide/services/ssh/ssh_client/ssh_keys_passphrase_protected/rule.yml
@@ -26,7 +26,7 @@ references:
     disa: CCI-000186
     srg: SRG-OS-000067-GPOS-00035
     stigid@ol8: OL08-00-010100
-    stigid@rhel8: RHEL-08-010100
+    stigid@almalinux8: RHEL-08-010100
 
 ocil_clause: 'no ssh private key is accessible without a passcode'
 
diff --git a/linux_os/guide/services/ssh/ssh_server/disable_host_auth/kubernetes/shared.yml b/linux_os/guide/services/ssh/ssh_server/disable_host_auth/kubernetes/shared.yml
index 5a97f74df..104b27f3f 100644
--- a/linux_os/guide/services/ssh/ssh_server/disable_host_auth/kubernetes/shared.yml
+++ b/linux_os/guide/services/ssh/ssh_server/disable_host_auth/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
 apiVersion: machineconfiguration.openshift.io/v1
 kind: MachineConfig
 spec:
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_empty_passwords/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_disable_empty_passwords/rule.yml
index 3f4b9fb42..df175a70c 100644
--- a/linux_os/guide/services/ssh/ssh_server/sshd_disable_empty_passwords/rule.yml
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_disable_empty_passwords/rule.yml
@@ -53,7 +53,7 @@ references:
     srg: SRG-OS-000106-GPOS-00053,SRG-OS-000480-GPOS-00229,SRG-OS-000480-GPOS-00227
     stigid@ol7: OL07-00-010300
     stigid@ol8: OL08-00-020330
-    stigid@rhel8: RHEL-08-020330
+    stigid@almalinux8: RHEL-08-020330
     stigid@sle12: SLES-12-030150
     stigid@sle15: SLES-15-040440
     stigid@ubuntu2004: UBTU-20-010047
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_gssapi_auth/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_disable_gssapi_auth/rule.yml
index 45010c036..2aca7eeb8 100644
--- a/linux_os/guide/services/ssh/ssh_server/sshd_disable_gssapi_auth/rule.yml
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_disable_gssapi_auth/rule.yml
@@ -42,7 +42,7 @@ references:
     srg: SRG-OS-000364-GPOS-00151,SRG-OS-000480-GPOS-00227
     stigid@ol7: OL07-00-040430
     stigid@ol8: OL08-00-010522
-    stigid@rhel8: RHEL-08-010522
+    stigid@almalinux8: RHEL-08-010522
 
 {{{ complete_ocil_entry_sshd_option(default="yes", option="GSSAPIAuthentication", value="no") }}}
 
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_kerb_auth/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_disable_kerb_auth/rule.yml
index baa1a8c31..9591371cc 100644
--- a/linux_os/guide/services/ssh/ssh_server/sshd_disable_kerb_auth/rule.yml
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_disable_kerb_auth/rule.yml
@@ -43,7 +43,7 @@ references:
     srg: SRG-OS-000364-GPOS-00151,SRG-OS-000480-GPOS-00227
     stigid@ol7: OL07-00-040440
     stigid@ol8: OL08-00-010521
-    stigid@rhel8: RHEL-08-010521
+    stigid@almalinux8: RHEL-08-010521
 
 {{{ complete_ocil_entry_sshd_option(default="yes", option="KerberosAuthentication", value="no") }}}
 
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_root_login/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_disable_root_login/rule.yml
index 5ef44759f..0ec26af63 100644
--- a/linux_os/guide/services/ssh/ssh_server/sshd_disable_root_login/rule.yml
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_disable_root_login/rule.yml
@@ -50,7 +50,7 @@ references:
     srg: SRG-OS-000109-GPOS-00056,SRG-OS-000480-GPOS-00227,SRG-APP-000148-CTR-000335,SRG-APP-000190-CTR-000500
     stigid@ol7: OL07-00-040370
     stigid@ol8: OL08-00-010550
-    stigid@rhel8: RHEL-08-010550
+    stigid@almalinux8: RHEL-08-010550
     stigid@sle12: SLES-12-030140
     stigid@sle15: SLES-15-020040
 
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_user_known_hosts/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_disable_user_known_hosts/rule.yml
index 362fe2673..a091f8c9b 100644
--- a/linux_os/guide/services/ssh/ssh_server/sshd_disable_user_known_hosts/rule.yml
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_disable_user_known_hosts/rule.yml
@@ -39,7 +39,7 @@ references:
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol7: OL07-00-040380
     stigid@ol8: OL08-00-010520
-    stigid@rhel8: RHEL-08-010520
+    stigid@almalinux8: RHEL-08-010520
     stigid@sle12: SLES-12-030200
     stigid@sle15: SLES-15-040230
 
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_x11_forwarding/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_disable_x11_forwarding/rule.yml
index 9fa2cb3cd..cdd5e9a94 100644
--- a/linux_os/guide/services/ssh/ssh_server/sshd_disable_x11_forwarding/rule.yml
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_disable_x11_forwarding/rule.yml
@@ -44,7 +44,7 @@ references:
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol7: OL07-00-040710
     stigid@ol8: OL08-00-040340
-    stigid@rhel8: RHEL-08-040340
+    stigid@almalinux8: RHEL-08-040340
     stigid@sle15: SLES-15-040290
     stigid@ubuntu2004: UBTU-20-010048
     stigid@ubuntu2204: UBTU-22-255040
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_do_not_permit_user_env/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_do_not_permit_user_env/rule.yml
index 6c1a29f3f..ba96ded74 100644
--- a/linux_os/guide/services/ssh/ssh_server/sshd_do_not_permit_user_env/rule.yml
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_do_not_permit_user_env/rule.yml
@@ -48,7 +48,7 @@ references:
     srg: SRG-OS-000480-GPOS-00229
     stigid@ol7: OL07-00-010460
     stigid@ol8: OL08-00-010830
-    stigid@rhel8: RHEL-08-010830
+    stigid@almalinux8: RHEL-08-010830
     stigid@sle12: SLES-12-030151
     stigid@sle15: SLES-15-040440
     stigid@ubuntu2004: UBTU-20-010047
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_enable_strictmodes/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_enable_strictmodes/rule.yml
index 3320ebf99..15111b069 100644
--- a/linux_os/guide/services/ssh/ssh_server/sshd_enable_strictmodes/rule.yml
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_enable_strictmodes/rule.yml
@@ -43,7 +43,7 @@ references:
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol7: OL07-00-040450
     stigid@ol8: OL08-00-010500
-    stigid@rhel8: RHEL-08-010500
+    stigid@almalinux8: RHEL-08-010500
     stigid@sle12: SLES-12-030230
     stigid@sle15: SLES-15-040260
 
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_enable_warning_banner/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_enable_warning_banner/rule.yml
index 2437b9f0f..f845afee1 100644
--- a/linux_os/guide/services/ssh/ssh_server/sshd_enable_warning_banner/rule.yml
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_enable_warning_banner/rule.yml
@@ -46,7 +46,7 @@ references:
     srg: SRG-OS-000023-GPOS-00006,SRG-OS-000228-GPOS-00088
     stigid@ol7: OL07-00-040170
     stigid@ol8: OL08-00-010040
-    stigid@rhel8: RHEL-08-010040
+    stigid@almalinux8: RHEL-08-010040
     stigid@sle12: SLES-12-030050
     stigid@sle15: SLES-15-010040
 
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_print_last_log/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_print_last_log/rule.yml
index ef2ba3929..c0cbe8629 100644
--- a/linux_os/guide/services/ssh/ssh_server/sshd_print_last_log/rule.yml
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_print_last_log/rule.yml
@@ -38,7 +38,7 @@ references:
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol7: OL07-00-040360
     stigid@ol8: OL08-00-020350
-    stigid@rhel8: RHEL-08-020350
+    stigid@almalinux8: RHEL-08-020350
     stigid@sle12: SLES-12-030130
     stigid@sle15: SLES-15-020120
 
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/rule.yml
index 897603d8f..8d4d45030 100644
--- a/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/rule.yml
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/rule.yml
@@ -28,7 +28,7 @@ references:
     ospp: FCS_SSH_EXT.1.8
     srg: SRG-OS-000480-GPOS-00227,SRG-OS-000033-GPOS-00014
     stigid@ol8: OL08-00-040161
-    stigid@rhel8: RHEL-08-040161
+    stigid@almalinux8: RHEL-08-040161
 
 ocil_clause: 'it is commented out or is not set'
 
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/tests/rhel8_ospp_ok.pass.sh b/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/tests/rhel8_ospp_ok.pass.sh
index a31a14f8a..c0c2d6725 100644
--- a/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/tests/rhel8_ospp_ok.pass.sh
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/tests/rhel8_ospp_ok.pass.sh
@@ -1,4 +1,4 @@
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9
 # profiles = xccdf_org.ssgproject.content_profile_ospp
 
 mkdir -p /etc/ssh/sshd_config.d
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_set_idle_timeout/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_set_idle_timeout/rule.yml
index 1e9c04404..262cf38a6 100644
--- a/linux_os/guide/services/ssh/ssh_server/sshd_set_idle_timeout/rule.yml
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_set_idle_timeout/rule.yml
@@ -54,7 +54,7 @@ references:
     srg: SRG-OS-000126-GPOS-00066,SRG-OS-000163-GPOS-00072,SRG-OS-000279-GPOS-00109,SRG-OS-000395-GPOS-00175
     stigid@ol7: OL07-00-040320
     stigid@ol8: OL08-00-010201
-    stigid@rhel8: RHEL-08-010201
+    stigid@almalinux8: RHEL-08-010201
     stigid@sle12: SLES-12-030190
     stigid@sle15: SLES-15-010280
     stigid@ubuntu2004: UBTU-20-010037
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive/rule.yml
index 56e90a9e5..f8cc88f4c 100644
--- a/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive/rule.yml
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive/rule.yml
@@ -53,7 +53,7 @@ references:
     pcidss: Req-8.1.8
     srg: SRG-OS-000163-GPOS-00072,SRG-OS-000279-GPOS-00109
     stigid@ol8: OL08-00-010200
-    stigid@rhel8: RHEL-08-010200
+    stigid@almalinux8: RHEL-08-010200
     stigid@sle12: SLES-12-030191
     stigid@sle15: SLES-15-010320
     stigid@ubuntu2004: UBTU-20-010036
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/rule.yml
index 8a48ac77d..3bb124d42 100644
--- a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/rule.yml
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/rule.yml
@@ -47,7 +47,7 @@ references:
     srg: SRG-OS-000250-GPOS-00093
     stigid@ol7: OL07-00-040712
     stigid@ol8: OL08-00-040342
-    stigid@rhel8: RHEL-08-040342
+    stigid@almalinux8: RHEL-08-040342
     stigid@sle12: SLES-12-030270
     stigid@sle15: SLES-15-040450
     stigid@ubuntu2004: UBTU-20-010045
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/default_fips.pass.sh b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/default_fips.pass.sh
index 3fd2901a9..82981db09 100644
--- a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/default_fips.pass.sh
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/default_fips.pass.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 
 source common.sh
 
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_rng/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_rng/rule.yml
index 20d36dd38..5f1cc3ab5 100644
--- a/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_rng/rule.yml
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_rng/rule.yml
@@ -29,7 +29,7 @@ references:
     disa: CCI-000366
     srg: SRG-OS-000480-GPOS-00232,SRG-OS-000480-GPOS-00227
     stigid@ol8: OL08-00-010292
-    stigid@rhel8: RHEL-08-010292
+    stigid@almalinux8: RHEL-08-010292
 
 ocil: |-
     To determine whether the SSH service is configured to use strong entropy seed,
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_x11_use_localhost/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_x11_use_localhost/rule.yml
index 6fb515baf..62d97825a 100644
--- a/linux_os/guide/services/ssh/ssh_server/sshd_x11_use_localhost/rule.yml
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_x11_use_localhost/rule.yml
@@ -37,7 +37,7 @@ references:
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol7: OL07-00-040711
     stigid@ol8: OL08-00-040341
-    stigid@rhel8: RHEL-08-040341
+    stigid@almalinux8: RHEL-08-040341
     stigid@sle12: SLES-12-030261
     stigid@ubuntu2004: UBTU-20-010049
     stigid@ubuntu2204: UBTU-22-255045
diff --git a/linux_os/guide/services/sssd/sssd_certificate_verification/rule.yml b/linux_os/guide/services/sssd/sssd_certificate_verification/rule.yml
index abff8a19d..cb6b4e213 100644
--- a/linux_os/guide/services/sssd/sssd_certificate_verification/rule.yml
+++ b/linux_os/guide/services/sssd/sssd_certificate_verification/rule.yml
@@ -25,7 +25,7 @@ references:
     nist: IA-2(11)
     srg: SRG-OS-000375-GPOS-00160,SRG-OS-000377-GPOS-00162
     stigid@ol8: OL08-00-010400
-    stigid@rhel8: RHEL-08-010400
+    stigid@almalinux8: RHEL-08-010400
 
 ocil_clause: 'certificate_verification in sssd is not configured'
 
diff --git a/linux_os/guide/services/sssd/sssd_enable_certmap/rule.yml b/linux_os/guide/services/sssd/sssd_enable_certmap/rule.yml
index 0c4a9a86a..1c957d991 100644
--- a/linux_os/guide/services/sssd/sssd_enable_certmap/rule.yml
+++ b/linux_os/guide/services/sssd/sssd_enable_certmap/rule.yml
@@ -31,7 +31,7 @@ references:
    nist: IA-5 (2) (c)
    srg: SRG-OS-000068-GPOS-00036
    stigid@ol8: OL08-00-020090
-   stigid@rhel8: RHEL-08-020090
+   stigid@almalinux8: RHEL-08-020090
 
 warnings:
     - general: |-
diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/oval/shared.xml b/linux_os/guide/services/sssd/sssd_enable_smartcards/oval/shared.xml
index b8ebf0eb5..b6ce47ea9 100644
--- a/linux_os/guide/services/sssd/sssd_enable_smartcards/oval/shared.xml
+++ b/linux_os/guide/services/sssd/sssd_enable_smartcards/oval/shared.xml
@@ -9,7 +9,7 @@
       
       {{% endif %}}
-      {{% if product in ["ol8", "ol9", "rhel8", "rhel9"] %}}
+      {{% if product in ["ol8", "ol9", "rhel8", "almalinux8", "rhel9"] %}}
       
       {{% endif %}}
@@ -50,7 +50,7 @@
     ^.*allow_missing_name.*$
   
   {{% endif %}}
-  {{% if product in ["ol8", "ol9", "rhel8", "rhel9"] %}}
+  {{% if product in ["ol8", "ol9", "rhel8", "almalinux8", "rhel9"] %}}
   
diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/rule.yml b/linux_os/guide/services/sssd/sssd_enable_smartcards/rule.yml
index 4054fdd24..b1cc5b4bf 100644
--- a/linux_os/guide/services/sssd/sssd_enable_smartcards/rule.yml
+++ b/linux_os/guide/services/sssd/sssd_enable_smartcards/rule.yml
@@ -48,7 +48,7 @@ references:
     pcidss: Req-8.3
     srg: SRG-OS-000375-GPOS-00160,SRG-OS-000105-GPOS-00052,SRG-OS-000106-GPOS-00053,SRG-OS-000107-GPOS-00054,SRG-OS-000108-GPOS-00055
     stigid@ol8: OL08-00-020250
-    stigid@rhel8: RHEL-08-020250
+    stigid@almalinux8: RHEL-08-020250
 
 ocil_clause: 'smart cards are not enabled in SSSD'
 
diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_modified_pam.fail.sh b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_modified_pam.fail.sh
index 20d721658..2a4422daf 100644
--- a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_modified_pam.fail.sh
+++ b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_modified_pam.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect,sssd
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
 # remediation = none
 
 SSSD_FILE="/etc/sssd/sssd.conf"
diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_disabled.fail.sh b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_disabled.fail.sh
index ba800bcea..10d4d2975 100644
--- a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_disabled.fail.sh
+++ b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_disabled.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect,sssd
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
 
 SSSD_FILE="/etc/sssd/sssd.conf"
 echo "[pam]" > $SSSD_FILE
diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_enabled.pass.sh b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_enabled.pass.sh
index afd575dd8..a76a1a423 100644
--- a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_enabled.pass.sh
+++ b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_enabled.pass.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect,sssd
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
 
 SSSD_FILE="/etc/sssd/sssd.conf"
 echo "[pam]" > $SSSD_FILE
diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_enabled_conf_d.pass.sh b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_enabled_conf_d.pass.sh
index 05ecf8a8a..654864a62 100644
--- a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_enabled_conf_d.pass.sh
+++ b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_enabled_conf_d.pass.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect,sssd
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
 
 SSSD_FILE="/etc/sssd/conf.d/unused.conf"
 echo "[pam]" > $SSSD_FILE
diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_enabled_lower.pass.sh b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_enabled_lower.pass.sh
index 9758d9bda..998600da6 100644
--- a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_enabled_lower.pass.sh
+++ b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_enabled_lower.pass.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect,sssd
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
 
 SSSD_FILE="/etc/sssd/sssd.conf"
 echo "[pam]" > $SSSD_FILE
diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_false.fail.sh b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_false.fail.sh
index eb58f3dcf..4e4cc0fa0 100644
--- a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_false.fail.sh
+++ b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_false.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect,sssd
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
 
 SSSD_FILE="/etc/sssd/sssd.conf"
 echo "[pam]" > $SSSD_FILE
diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_false_conf_d.fail.sh b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_false_conf_d.fail.sh
index 262abd276..c6f2babd7 100644
--- a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_false_conf_d.fail.sh
+++ b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_false_conf_d.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect,sssd
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
 
 SSSD_FILE="/etc/sssd/conf.d/unused.conf"
 echo "[pam]" > $SSSD_FILE
diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_missing.fail.sh b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_missing.fail.sh
index d3fc7375f..2c189f569 100644
--- a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_missing.fail.sh
+++ b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_missing.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect,sssd
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
 
 SSSD_FILE="/etc/sssd/sssd.conf"
 echo "[pam]" > $SSSD_FILE
diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_missing_file.fail.sh b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_missing_file.fail.sh
index 456f06484..e6fb4c857 100644
--- a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_missing_file.fail.sh
+++ b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_missing_file.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect,sssd
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
 
 SSSD_FILE="/etc/sssd/sssd.conf"
 rm -f $SSSD_FILE
diff --git a/linux_os/guide/services/sssd/sssd_has_trust_anchor/rule.yml b/linux_os/guide/services/sssd/sssd_has_trust_anchor/rule.yml
index ceeecb8cb..09ff7a09b 100644
--- a/linux_os/guide/services/sssd/sssd_has_trust_anchor/rule.yml
+++ b/linux_os/guide/services/sssd/sssd_has_trust_anchor/rule.yml
@@ -37,7 +37,7 @@ references:
   nist: IA-5 (2) (a)
   srg: SRG-OS-000066-GPOS-00034,SRG-OS-000384-GPOS-00167
   stigid@ol8: OL08-00-010090
-  stigid@rhel8: RHEL-08-010090
+  stigid@almalinux8: RHEL-08-010090
 
 warnings:
     - general: |-
diff --git a/linux_os/guide/services/sssd/sssd_offline_cred_expiration/oval/shared.xml b/linux_os/guide/services/sssd/sssd_offline_cred_expiration/oval/shared.xml
index 89bba2055..e5967d9dd 100644
--- a/linux_os/guide/services/sssd/sssd_offline_cred_expiration/oval/shared.xml
+++ b/linux_os/guide/services/sssd/sssd_offline_cred_expiration/oval/shared.xml
@@ -4,7 +4,7 @@
     
       
-      {{% if product in ["ol8", "ol9", "rhel8", "rhel9"] %}}
+      {{% if product in ["ol8", "ol9", "rhel8", "almalinux8", "rhel9"] %}}
       
       {{% endif %}}
@@ -25,7 +25,7 @@
   
     1
   
-  {{% if product in ["ol8", "ol9", "rhel8", "rhel9"] %}}
+  {{% if product in ["ol8", "ol9", "rhel8", "almalinux8", "rhel9"] %}}
   
diff --git a/linux_os/guide/services/sssd/sssd_offline_cred_expiration/rule.yml b/linux_os/guide/services/sssd/sssd_offline_cred_expiration/rule.yml
index dfa576a1c..311e0cafa 100644
--- a/linux_os/guide/services/sssd/sssd_offline_cred_expiration/rule.yml
+++ b/linux_os/guide/services/sssd/sssd_offline_cred_expiration/rule.yml
@@ -5,7 +5,7 @@ title: 'Configure SSSD to Expire Offline Credentials'
 
 description: |-
     SSSD should be configured to expire offline credentials after 1 day.
-    {{% if product in ["ol8", "ol9", "rhel8", "rhel9"] %}}
+    {{% if product in ["ol8", "ol9", "rhel8", "almalinux8", "rhel9"] %}}
     Check if SSSD allows cached authentications with the following command:
     
     $ sudo grep cache_credentials /etc/sssd/sssd.conf
@@ -45,7 +45,7 @@ references:
     nist-csf: PR.AC-1,PR.AC-6,PR.AC-7
     srg: SRG-OS-000383-GPOS-00166
     stigid@ol8: OL08-00-020290
-    stigid@rhel8: RHEL-08-020290
+    stigid@almalinux8: RHEL-08-020290
     stigid@sle12: SLES-12-010680
     stigid@sle15: SLES-15-010500
     stigid@ubuntu2004: UBTU-20-010441
@@ -54,7 +54,7 @@ references:
 ocil_clause: 'it does not exist or is not configured properly'
 
 ocil: |-
-    {{% if product in ["ol8", "ol9", "rhel8", "rhel9"] %}}
+    {{% if product in ["ol8", "ol9", "rhel8", "almalinux8", "rhel9"] %}}
     Check if SSSD allows cached authentications with the following command:
     
     $ sudo grep cache_credentials /etc/sssd/sssd.conf
diff --git a/linux_os/guide/services/sssd/sssd_offline_cred_expiration/tests/cache_credentials_false.pass.sh b/linux_os/guide/services/sssd/sssd_offline_cred_expiration/tests/cache_credentials_false.pass.sh
index 7bf7526b9..418158aab 100644
--- a/linux_os/guide/services/sssd/sssd_offline_cred_expiration/tests/cache_credentials_false.pass.sh
+++ b/linux_os/guide/services/sssd/sssd_offline_cred_expiration/tests/cache_credentials_false.pass.sh
@@ -1,7 +1,7 @@
 #!/bin/bash
 # packages = sssd
 
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 source common.sh
 
 echo -e "[pam]\noffline_credentials_expiration = 2" >> $SSSD_CONF
diff --git a/linux_os/guide/services/usbguard/configure_usbguard_auditbackend/rule.yml b/linux_os/guide/services/usbguard/configure_usbguard_auditbackend/rule.yml
index c1e549877..611b62e64 100644
--- a/linux_os/guide/services/usbguard/configure_usbguard_auditbackend/rule.yml
+++ b/linux_os/guide/services/usbguard/configure_usbguard_auditbackend/rule.yml
@@ -27,7 +27,7 @@ references:
     ospp: FMT_SMF_EXT.1
     srg: SRG-OS-000062-GPOS-00031,SRG-OS-000471-GPOS-00215,SRG-APP-000141-CTR-000315
     stigid@ol8: OL08-00-030603
-    stigid@rhel8: RHEL-08-030603
+    stigid@almalinux8: RHEL-08-030603
 
 platform: package[usbguard]
 
diff --git a/linux_os/guide/services/usbguard/package_usbguard_installed/rule.yml b/linux_os/guide/services/usbguard/package_usbguard_installed/rule.yml
index 0ee956052..552fb175e 100644
--- a/linux_os/guide/services/usbguard/package_usbguard_installed/rule.yml
+++ b/linux_os/guide/services/usbguard/package_usbguard_installed/rule.yml
@@ -50,7 +50,7 @@ references:
     ospp: FMT_SMF_EXT.1
     srg: SRG-OS-000378-GPOS-00163,SRG-APP-000141-CTR-000315
     stigid@ol8: OL08-00-040139
-    stigid@rhel8: RHEL-08-040139
+    stigid@almalinux8: RHEL-08-040139
 
 ocil_clause: 'the package is not installed'
 
diff --git a/linux_os/guide/services/usbguard/service_usbguard_enabled/rule.yml b/linux_os/guide/services/usbguard/service_usbguard_enabled/rule.yml
index e8112110a..b42279c97 100644
--- a/linux_os/guide/services/usbguard/service_usbguard_enabled/rule.yml
+++ b/linux_os/guide/services/usbguard/service_usbguard_enabled/rule.yml
@@ -26,7 +26,7 @@ references:
     ospp: FMT_SMF_EXT.1
     srg: SRG-OS-000378-GPOS-00163,SRG-APP-000141-CTR-000315
     stigid@ol8: OL08-00-040141
-    stigid@rhel8: RHEL-08-040141
+    stigid@almalinux8: RHEL-08-040141
 
 ocil_clause: 'the service is not enabled'
 
diff --git a/linux_os/guide/services/usbguard/usbguard_generate_policy/rule.yml b/linux_os/guide/services/usbguard/usbguard_generate_policy/rule.yml
index c5d5738db..f1010c040 100644
--- a/linux_os/guide/services/usbguard/usbguard_generate_policy/rule.yml
+++ b/linux_os/guide/services/usbguard/usbguard_generate_policy/rule.yml
@@ -25,7 +25,7 @@ references:
     nist: CM-8(3)(a),IA-3
     srg: SRG-OS-000378-GPOS-00163
     stigid@ol8: OL08-00-040140
-    stigid@rhel8: RHEL-08-040140
+    stigid@almalinux8: RHEL-08-040140
 
 ocil_clause: 'there is no evidence that unauthorized peripherals are being blocked before establishing a connection'
 
diff --git a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_remove_packages/ansible/shared.yml b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_remove_packages/ansible/shared.yml
index 2a8bebbe1..cd47ddf3f 100644
--- a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_remove_packages/ansible/shared.yml
+++ b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_remove_packages/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = Red Hat Enterprise Linux 8,multi_platform_ol,multi_platform_almalinux
+# platform = Red Hat Enterprise Linux 8,AlmaLinux OS 8,multi_platform_ol,multi_platform_almalinux
 # reboot = true
 # strategy = restrict
 # complexity = low
diff --git a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_remove_packages/rule.yml b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_remove_packages/rule.yml
index 5d3f071b2..52c14053a 100644
--- a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_remove_packages/rule.yml
+++ b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_remove_packages/rule.yml
@@ -42,7 +42,7 @@ references:
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol7: OL07-00-040730
     stigid@ol8: OL08-00-040320
-    stigid@rhel8: RHEL-08-040320
+    stigid@almalinux8: RHEL-08-040320
 
 ocil_clause: 'xorg related packages are not removed and run level is not correctly configured'
 
diff --git a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/rule.yml b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/rule.yml
index cdf17da62..5725f1cc9 100644
--- a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/rule.yml
+++ b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/rule.yml
@@ -36,7 +36,7 @@ references:
     nist-csf: PR.AC-3,PR.PT-4
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol8: OL08-00-040321
-    stigid@rhel8: RHEL-08-040321
+    stigid@almalinux8: RHEL-08-040321
 
 ocil_clause: 'the system default target is not set to "multi-user.target" and the Information System Security Officer (ISSO) lacks a documented requirement for a graphical user interface'
 
diff --git a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/tests/correct_target.pass.sh b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/tests/correct_target.pass.sh
index e0bdca6be..9ce5132f6 100644
--- a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/tests/correct_target.pass.sh
+++ b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/tests/correct_target.pass.sh
@@ -1,4 +1,4 @@
 #!/bin/bash
-# platform = Oracle Linux 8,multi_platform_fedora,multi_platform_rhv,multi_platform_rhel,multi_platform_sle
+# platform = Oracle Linux 8,multi_platform_fedora,multi_platform_rhv,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
 
 systemctl set-default multi-user.target
diff --git a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/tests/correct_target_under_lib.pass.sh b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/tests/correct_target_under_lib.pass.sh
index 9ec0cae93..4487412e5 100644
--- a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/tests/correct_target_under_lib.pass.sh
+++ b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/tests/correct_target_under_lib.pass.sh
@@ -1,4 +1,4 @@
 #!/bin/bash
-# platform = Oracle Linux 8,multi_platform_fedora,multi_platform_rhv,multi_platform_rhel,multi_platform_sle
+# platform = Oracle Linux 8,multi_platform_fedora,multi_platform_rhv,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
 
 ln -sf /lib/systemd/system/multi-user.target /etc/systemd/system/default.target
diff --git a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/tests/wrong_target.fail.sh b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/tests/wrong_target.fail.sh
index 3df966d45..25eb0ca24 100644
--- a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/tests/wrong_target.fail.sh
+++ b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/tests/wrong_target.fail.sh
@@ -1,4 +1,4 @@
 #!/bin/bash
-# platform = Oracle Linux 8,multi_platform_fedora,multi_platform_rhel,multi_platform_rhv,multi_platform_sle
+# platform = Oracle Linux 8,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle
 
 systemctl set-default graphical.target
diff --git a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/tests/wrong_target_under_lib.fail.sh b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/tests/wrong_target_under_lib.fail.sh
index d3da2f113..a90d73d4b 100644
--- a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/tests/wrong_target_under_lib.fail.sh
+++ b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/tests/wrong_target_under_lib.fail.sh
@@ -1,4 +1,4 @@
 #!/bin/bash
-# platform = Oracle Linux 8,multi_platform_fedora,multi_platform_rhel,multi_platform_rhv,multi_platform_sle
+# platform = Oracle Linux 8,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle
 
 ln -sf /lib/systemd/system/graphical.target /etc/systemd/system/default.target
diff --git a/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/ansible/shared.yml
index 58d38f9a2..4eea80461 100644
--- a/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/ansible/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_slmicro
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_slmicro
 # reboot = false
 # strategy = unknown
 # complexity = low
diff --git a/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/bash/shared.sh b/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/bash/shared.sh
index bfa9ddc92..cd29e3739 100644
--- a/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/bash/shared.sh
+++ b/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
 
 {{{ bash_instantiate_variables("login_banner_text") }}}
 
diff --git a/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/kubernetes/shared.yml b/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/kubernetes/shared.yml
index c2feb1fbc..116c6cde5 100644
--- a/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/kubernetes/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_rhcos
+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhcos
 apiVersion: machineconfiguration.openshift.io/v1
 kind: MachineConfig
 metadata:
diff --git a/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/rule.yml b/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/rule.yml
index 88aa853a5..faf29e85a 100644
--- a/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/rule.yml
@@ -121,7 +121,7 @@ references:
     srg: SRG-OS-000023-GPOS-00006,SRG-OS-000228-GPOS-00088
     stigid@ol7: OL07-00-010050
     stigid@ol8: OL08-00-010060
-    stigid@rhel8: RHEL-08-010060
+    stigid@almalinux8: RHEL-08-010060
     stigid@sle12: SLES-12-010030
     stigid@sle15: SLES-15-010020
 
diff --git a/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/ansible/shared.yml
index 2a975b00b..09ecda363 100644
--- a/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/ansible/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro
 # reboot = false
 # strategy = unknown
 # complexity = low
diff --git a/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/bash/shared.sh b/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/bash/shared.sh
index 632aa10fd..b2ce651cd 100644
--- a/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/bash/shared.sh
+++ b/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
 
 {{{ bash_instantiate_variables("motd_banner_text") }}}
 
diff --git a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_banner_enabled/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_banner_enabled/ansible/shared.yml
index 5814a30bd..aa4aa4c5c 100644
--- a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_banner_enabled/ansible/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_banner_enabled/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
 # reboot = false
 # strategy = unknown
 # complexity = low
diff --git a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_banner_enabled/rule.yml b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_banner_enabled/rule.yml
index a1f30e5c3..62a7e0658 100644
--- a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_banner_enabled/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_banner_enabled/rule.yml
@@ -53,7 +53,7 @@ references:
     srg: SRG-OS-000023-GPOS-00006,SRG-OS-000228-GPOS-00088
     stigid@ol7: OL07-00-010030
     stigid@ol8: OL08-00-010049
-    stigid@rhel8: RHEL-08-010049
+    stigid@almalinux8: RHEL-08-010049
     stigid@sle12: SLES-12-010040
     stigid@sle15: SLES-15-010080
     stigid@ubuntu2004: UBTU-20-010002
diff --git a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/ansible/shared.yml
index 86aff54f9..b295782b0 100644
--- a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/ansible/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
 # reboot = false
 # strategy = unknown
 # complexity = low
diff --git a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/rule.yml b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/rule.yml
index 6be15fae6..afe502fd9 100644
--- a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/rule.yml
@@ -57,7 +57,7 @@ references:
     srg: SRG-OS-000023-GPOS-00006,SRG-OS-000228-GPOS-00088
     stigid@ol7: OL07-00-010040
     stigid@ol8: OL08-00-010050
-    stigid@rhel8: RHEL-08-010050
+    stigid@almalinux8: RHEL-08-010050
     stigid@sle12: SLES-12-010050
     stigid@sle15: SLES-15-010090
     stigid@ubuntu2004: UBTU-20-010003
diff --git a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/correct_value.pass.sh b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/correct_value.pass.sh
index 1b2e46eff..6c22561e3 100644
--- a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/correct_value.pass.sh
+++ b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/correct_value.pass.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = Oracle Linux 7,Oracle Linux 8,multi_platform_rhel
+# platform = Oracle Linux 7,Oracle Linux 8,multi_platform_rhel,multi_platform_almalinux
 # profiles = xccdf_org.ssgproject.content_profile_ncp
 # packages = dconf,gdm
 
diff --git a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/correct_value_stig.pass.sh b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/correct_value_stig.pass.sh
index a3e7ebc0e..c65609786 100644
--- a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/correct_value_stig.pass.sh
+++ b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/correct_value_stig.pass.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = Oracle Linux 7,Oracle Linux 8,multi_platform_rhel
+# platform = Oracle Linux 7,Oracle Linux 8,multi_platform_rhel,multi_platform_almalinux
 # profiles = xccdf_org.ssgproject.content_profile_stig
 # packages = dconf,gdm
 
diff --git a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/correct_value_stig_wrong_db.fail.sh b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/correct_value_stig_wrong_db.fail.sh
index 4af47e3e0..0fe73b672 100644
--- a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/correct_value_stig_wrong_db.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/correct_value_stig_wrong_db.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = Oracle Linux 7,Oracle Linux 8,multi_platform_rhel
+# platform = Oracle Linux 7,Oracle Linux 8,multi_platform_rhel,multi_platform_almalinux
 # profiles = xccdf_org.ssgproject.content_profile_stig
 # packages = dconf,gdm
 
diff --git a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/missing_value_stig.fail.sh b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/missing_value_stig.fail.sh
index e1abf408e..ea28b1697 100644
--- a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/missing_value_stig.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/missing_value_stig.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = Oracle Linux 7,Oracle Linux 8,multi_platform_rhel
+# platform = Oracle Linux 7,Oracle Linux 8,multi_platform_rhel,multi_platform_almalinux
 # profiles = xccdf_org.ssgproject.content_profile_stig
 # packages = dconf,gdm
 
diff --git a/linux_os/guide/system/accounts/accounts-pam/disallow_bypass_password_sudo/rule.yml b/linux_os/guide/system/accounts/accounts-pam/disallow_bypass_password_sudo/rule.yml
index b789b906e..18feffa3d 100644
--- a/linux_os/guide/system/accounts/accounts-pam/disallow_bypass_password_sudo/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/disallow_bypass_password_sudo/rule.yml
@@ -29,7 +29,7 @@ references:
     srg: SRG-OS-000373-GPOS-00156,SRG-OS-000373-GPOS-00157,SRG-OS-000373-GPOS-00158
     stigid@ol7: OL07-00-010344
     stigid@ol8: OL08-00-010385
-    stigid@rhel8: RHEL-08-010385
+    stigid@almalinux8: RHEL-08-010385
     stigid@sle12: SLES-12-010114
     stigid@sle15: SLES-15-020104
 
diff --git a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/rule.yml b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/rule.yml
index 60b2ae3a3..9d9f27880 100644
--- a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/rule.yml
@@ -54,7 +54,7 @@ references:
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol7: OL07-00-040530
     stigid@ol8: OL08-00-020340
-    stigid@rhel8: RHEL-08-020340
+    stigid@almalinux8: RHEL-08-020340
     stigid@sle12: SLES-12-010390
     stigid@sle15: SLES-15-020080
     stigid@ubuntu2004: UBTU-20-010453
diff --git a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_correct_options.pass.sh b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_correct_options.pass.sh
index 2cd897b71..ac95c2535 100644
--- a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_correct_options.pass.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_correct_options.pass.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9
 
 if authselect list-features sssd | grep -q with-silent-lastlog; then
     authselect select sssd --force
diff --git a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_modified_pam.fail.sh
index 60ede2a24..958bda4b9 100644
--- a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_modified_pam.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_modified_pam.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9
 # remediation = none
 
 authselect create-profile hardening -b sssd
diff --git a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_silent_lastlog.fail.sh b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_silent_lastlog.fail.sh
index 325d5860a..68371758c 100644
--- a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_silent_lastlog.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_silent_lastlog.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9
 
 if authselect list-features sssd | grep -q with-silent-lastlog; then
     authselect select sssd --force
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_password_auth/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_password_auth/rule.yml
index 533db0328..ef8174729 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_password_auth/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_password_auth/rule.yml
@@ -21,7 +21,7 @@ references:
     nist: AC-7 (a)
     srg: SRG-OS-000021-GPOS-00005
     stigid@ol8: OL08-00-020026
-    stigid@rhel8: RHEL-08-020026
+    stigid@almalinux8: RHEL-08-020026
 
 ocil_clause: 'the pam_faillock.so module is not present in the "/etc/pam.d/password-auth" file with the "preauth" line listed before pam_unix.so'
 
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_password_auth/tests/correct_value.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_password_auth/tests/correct_value.pass.sh
index 4abed18e2..609a92b7e 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_password_auth/tests/correct_value.pass.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_password_auth/tests/correct_value.pass.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect,pam
-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
 
 authselect create-profile test_profile -b sssd
 authselect select "custom/test_profile" --force
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_password_auth/tests/no_value.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_password_auth/tests/no_value.fail.sh
index 077479b8a..7be653143 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_password_auth/tests/no_value.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_password_auth/tests/no_value.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect,pam
-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
 
 authselect create-profile test_profile -b sssd
 authselect select "custom/test_profile" --force
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_system_auth/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_system_auth/rule.yml
index 5be40f349..0d7ca9097 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_system_auth/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_system_auth/rule.yml
@@ -21,7 +21,7 @@ references:
     nist: AC-7 (a)
     srg: SRG-OS-000021-GPOS-00005
     stigid@ol8: OL08-00-020025
-    stigid@rhel8: RHEL-08-020025
+    stigid@almalinux8: RHEL-08-020025
 
 ocil_clause: 'the pam_faillock.so module is not present in the "/etc/pam.d/system-auth" file with the "preauth" line listed before pam_unix.so'
 
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_system_auth/tests/correct_value.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_system_auth/tests/correct_value.pass.sh
index 4abed18e2..609a92b7e 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_system_auth/tests/correct_value.pass.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_system_auth/tests/correct_value.pass.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect,pam
-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
 
 authselect create-profile test_profile -b sssd
 authselect select "custom/test_profile" --force
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_system_auth/tests/no_value.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_system_auth/tests/no_value.fail.sh
index 077479b8a..7be653143 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_system_auth/tests/no_value.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_system_auth/tests/no_value.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect,pam
-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
 
 authselect create-profile test_profile -b sssd
 authselect select "custom/test_profile" --force
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_selinux_faillock_dir/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_selinux_faillock_dir/rule.yml
index e46b40d68..77a2a4d91 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_selinux_faillock_dir/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_selinux_faillock_dir/rule.yml
@@ -23,7 +23,7 @@ references:
     nist: AC-7 (a)
     srg: SRG-OS-000021-GPOS-00005
     stigid@ol8: OL08-00-020027,OL08-00-020028
-    stigid@rhel8: RHEL-08-020027,RHEL-08-020028
+    stigid@almalinux8: RHEL-08-020027,RHEL-08-020028
 
 platform: system_with_kernel
 
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/tests/conflicting_settings_authselect.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/tests/conflicting_settings_authselect.fail.sh
index 5e75c996c..b1a17491a 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/tests/conflicting_settings_authselect.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/tests/conflicting_settings_authselect.fail.sh
@@ -1,7 +1,7 @@
 
 #!/bin/bash
 # packages = authselect,pam
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9
 
 source common.sh
 
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/tests/expected_faillock_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/tests/expected_faillock_conf.pass.sh
index e1eb0a970..eb269ad8a 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/tests/expected_faillock_conf.pass.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/tests/expected_faillock_conf.pass.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect,pam
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9
 
 source common.sh
 
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/tests/expected_pam_files.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/tests/expected_pam_files.pass.sh
index 98037b3e3..83159420f 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/tests/expected_pam_files.pass.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/tests/expected_pam_files.pass.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect,pam
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9
 
 source common.sh
 
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/tests/missing_parameter.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/tests/missing_parameter.fail.sh
index f56bdbce2..f259fa052 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/tests/missing_parameter.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/tests/missing_parameter.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
 # packages = authselect,pam
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9
 
 source common.sh
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_conflict_settings.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_conflict_settings.fail.sh
index bef6bbcea..8b2b3429c 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_conflict_settings.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_conflict_settings.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,multi_platform_fedora
 # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
 
 remember_cnt=5
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_correct_value_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_correct_value_conf.pass.sh
index 111ed3df6..d20b8a280 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_correct_value_conf.pass.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_correct_value_conf.pass.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,multi_platform_fedora
 # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
 
 remember_cnt=5
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_correct_value_pam.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_correct_value_pam.pass.sh
index cc133d939..0ae03ccb2 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_correct_value_pam.pass.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_correct_value_pam.pass.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,multi_platform_fedora
 # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
 
 remember_cnt=5
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_missing_argument.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_missing_argument.fail.sh
index f8e697789..dcd33a2d4 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_missing_argument.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_missing_argument.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,multi_platform_fedora
 # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
 
 if authselect list-features sssd | grep -q with-pwhistory; then
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_missing_line.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_missing_line.fail.sh
index 5565977e7..f34cfd1ba 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_missing_line.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_missing_line.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,multi_platform_fedora
 # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
 
 if authselect list-features sssd | grep -q with-pwhistory; then
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_modified_pam.fail.sh
index e5af75fdc..4a5ee20de 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_modified_pam.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_modified_pam.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,multi_platform_fedora
 # remediation = none
 
 SYSTEM_AUTH_FILE="/etc/pam.d/system-auth"
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_wrong_control.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_wrong_control.fail.sh
index 7af3472d6..8701b0316 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_wrong_control.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_wrong_control.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,multi_platform_fedora
 # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
 
 if authselect list-features sssd | grep -q with-pwhistory; then
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_wrong_value_conf.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_wrong_value_conf.fail.sh
index f16643985..f65a7c392 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_wrong_value_conf.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_wrong_value_conf.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,multi_platform_fedora
 # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
 
 remember_cnt=3
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_wrong_value_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_wrong_value_pam.fail.sh
index debcc53ca..8718c546f 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_wrong_value_pam.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_wrong_value_pam.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,multi_platform_fedora
 # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
 
 remember_cnt=3
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_conflict_settings.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_conflict_settings.fail.sh
index fe238b41b..44e81de2c 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_conflict_settings.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_conflict_settings.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,multi_platform_fedora
 # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
 
 remember_cnt=5
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_correct_value_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_correct_value_conf.pass.sh
index bc6d5ab7f..6858384d5 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_correct_value_conf.pass.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_correct_value_conf.pass.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,multi_platform_fedora
 # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
 
 remember_cnt=5
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_correct_value_pam.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_correct_value_pam.pass.sh
index dd12efbc1..07c976def 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_correct_value_pam.pass.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_correct_value_pam.pass.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,multi_platform_fedora
 # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
 
 remember_cnt=5
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_missing_argument.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_missing_argument.fail.sh
index b97a9bfdb..a234e22db 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_missing_argument.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_missing_argument.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,multi_platform_fedora
 # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
 
 if authselect list-features sssd | grep -q with-pwhistory; then
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_missing_line.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_missing_line.fail.sh
index afdbbea49..cd0e0a99b 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_missing_line.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_missing_line.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,multi_platform_fedora
 # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
 
 if authselect list-features sssd | grep -q with-pwhistory; then
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_modified_pam.fail.sh
index e5af75fdc..4a5ee20de 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_modified_pam.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_modified_pam.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,multi_platform_fedora
 # remediation = none
 
 SYSTEM_AUTH_FILE="/etc/pam.d/system-auth"
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_wrong_control.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_wrong_control.fail.sh
index 6f8fba5a6..dae3533e4 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_wrong_control.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_wrong_control.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,multi_platform_fedora
 # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
 
 if authselect list-features sssd | grep -q with-pwhistory; then
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_wrong_value_conf.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_wrong_value_conf.fail.sh
index e25a158f7..7557f3734 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_wrong_value_conf.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_wrong_value_conf.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,multi_platform_fedora
 # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
 
 remember_cnt=3
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_wrong_value_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_wrong_value_pam.fail.sh
index 253d50de1..44cb00aed 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_wrong_value_pam.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_wrong_value_pam.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,multi_platform_fedora
 # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
 
 remember_cnt=3
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_conflict_settings.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_conflict_settings.fail.sh
index a18fa3d6c..dc979386a 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_conflict_settings.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_conflict_settings.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9
 # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
 
 remember_cnt=5
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_correct_value_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_correct_value_conf.pass.sh
index bc6d5ab7f..6858384d5 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_correct_value_conf.pass.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_correct_value_conf.pass.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,multi_platform_fedora
 # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
 
 remember_cnt=5
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_correct_value_pam.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_correct_value_pam.pass.sh
index dd12efbc1..07c976def 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_correct_value_pam.pass.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_correct_value_pam.pass.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,multi_platform_fedora
 # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
 
 remember_cnt=5
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_missing_argument.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_missing_argument.fail.sh
index 8ca16e11a..ab8314813 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_missing_argument.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_missing_argument.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,multi_platform_fedora
 # variables = var_password_pam_unix_remember=5
 
 if authselect list-features sssd | grep -q with-pwhistory; then
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_missing_line.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_missing_line.fail.sh
index bc3c429f1..e9cb443ce 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_missing_line.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_missing_line.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,multi_platform_fedora
 # variables = var_password_pam_unix_remember=5
 
 if authselect list-features sssd | grep -q with-pwhistory; then
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_modified_pam.fail.sh
index 02d30f17a..972319c00 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_modified_pam.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_modified_pam.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,multi_platform_fedora
 # remediation = none
 
 SYSTEM_AUTH_FILE="/etc/pam.d/system-auth"
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_pam_unix_legacy_correct.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_pam_unix_legacy_correct.pass.sh
index 7f6215029..7b162bf58 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_pam_unix_legacy_correct.pass.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_pam_unix_legacy_correct.pass.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,multi_platform_fedora
 # variables = var_password_pam_unix_remember=5
 
 remember_cnt=5
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_pam_unix_legacy_wrong.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_pam_unix_legacy_wrong.fail.sh
index dc53f50b0..cc92d879d 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_pam_unix_legacy_wrong.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_pam_unix_legacy_wrong.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,multi_platform_fedora
 # variables = var_password_pam_unix_remember=5
 
 remember_cnt=3
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_wrong_value_conf.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_wrong_value_conf.fail.sh
index e25a158f7..7557f3734 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_wrong_value_conf.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_wrong_value_conf.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,multi_platform_fedora
 # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
 
 remember_cnt=3
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_wrong_value_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_wrong_value_pam.fail.sh
index 253d50de1..44cb00aed 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_wrong_value_pam.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_wrong_value_pam.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,multi_platform_fedora
 # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
 
 remember_cnt=3
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/rule.yml
index a25e3c01a..0beff3a62 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/rule.yml
@@ -20,7 +20,7 @@ references:
     nist: AC-7 (a)
     srg: SRG-OS-000021-GPOS-00005
     stigid@ol8: OL08-00-020020,OL08-00-020021
-    stigid@rhel8: RHEL-08-020021
+    stigid@almalinux8: RHEL-08-020021
     stigid@ubuntu2004: UBTU-20-010072
     stigid@ubuntu2204: UBTU-22-411045
 
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/tests/conflicting_settings_authselect.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/tests/conflicting_settings_authselect.fail.sh
index 2ba38d0ad..bdd471cdc 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/tests/conflicting_settings_authselect.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/tests/conflicting_settings_authselect.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect,pam
-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
 
 source common.sh
 
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/tests/expected_faillock_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/tests/expected_faillock_conf.pass.sh
index bcfa1a721..2cb77dd13 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/tests/expected_faillock_conf.pass.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/tests/expected_faillock_conf.pass.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect,pam
-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
 
 source common.sh
 
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/rule.yml
index 52107ee48..9e8005709 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/rule.yml
@@ -49,7 +49,7 @@ references:
     srg: SRG-OS-000329-GPOS-00128,SRG-OS-000021-GPOS-00005
     stigid@ol7: OL07-00-010320
     stigid@ol8: OL08-00-020010,OL08-00-020011
-    stigid@rhel8: RHEL-08-020011
+    stigid@almalinux8: RHEL-08-020011
     stigid@ubuntu2004: UBTU-20-010072
     stigid@ubuntu2204: UBTU-22-411045
 
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/rule.yml
index 002a81b2f..3e374d471 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/rule.yml
@@ -39,7 +39,7 @@ references:
     srg: SRG-OS-000329-GPOS-00128,SRG-OS-000021-GPOS-00005
     stigid@ol7: OL07-00-010330
     stigid@ol8: OL08-00-020022,OL08-00-020023
-    stigid@rhel8: RHEL-08-020023
+    stigid@almalinux8: RHEL-08-020023
 
 {{% if product == "rhel8" %}}
 platform: os_linux[rhel]>=8.2
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/authselect_modified_pam.fail.sh
index b3232cc93..c5f163ad5 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/authselect_modified_pam.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/authselect_modified_pam.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,multi_platform_fedora
 # remediation = none
 
 SYSTEM_AUTH_FILE="/etc/pam.d/system-auth"
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/conflicting_settings_authselect.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/conflicting_settings_authselect.fail.sh
index 7a6fcb555..8dbcb0b0e 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/conflicting_settings_authselect.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/conflicting_settings_authselect.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect,pam
-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
 
 pam_files=("password-auth" "system-auth")
 
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/pam_faillock_conflicting_settings.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/pam_faillock_conflicting_settings.fail.sh
index 476c4e77e..f6954edcc 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/pam_faillock_conflicting_settings.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/pam_faillock_conflicting_settings.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
+# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,Oracle Linux 8
 # remediation = none
 
 authselect select sssd --force
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/pam_faillock_expected_faillock_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/pam_faillock_expected_faillock_conf.pass.sh
index 87bca6919..9218cbae7 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/pam_faillock_expected_faillock_conf.pass.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/pam_faillock_expected_faillock_conf.pass.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
+# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,Oracle Linux 8
 
 authselect select sssd --force
 authselect enable-feature with-faillock
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
index 7c702d669..c362b825c 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
+# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,Oracle Linux 8
 # remediation = none
 
 authselect select sssd --force
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/rule.yml
index 586a32611..98880bb53 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/rule.yml
@@ -34,7 +34,7 @@ references:
     nist: AC-7(b),AC-7(a),AC-7.1(ii)
     srg: SRG-OS-000021-GPOS-00005,SRG-OS-000329-GPOS-00128
     stigid@ol8: OL08-00-020016,OL08-00-020017
-    stigid@rhel8: RHEL-08-020016,RHEL-08-020017
+    stigid@almalinux8: RHEL-08-020016,RHEL-08-020017
 
 ocil_clause: 'the "dir" option is not set to a non-default documented tally log directory, is missing or commented out'
 
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/conflicting_settings_authselect.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/conflicting_settings_authselect.fail.sh
index 679e47bcc..d2b79007b 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/conflicting_settings_authselect.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/conflicting_settings_authselect.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect,pam
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9
 
 source common.sh
 
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/expected_faillock_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/expected_faillock_conf.pass.sh
index 6bb763cf5..d8e1df6c5 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/expected_faillock_conf.pass.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/expected_faillock_conf.pass.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect,pam
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9
 
 source common.sh
 
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/expected_pam_files.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/expected_pam_files.pass.sh
index 2894185b0..eb1c136fd 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/expected_pam_files.pass.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/expected_pam_files.pass.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect,pam
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9
 
 source common.sh
 
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/missing_dir_in_authfail.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/missing_dir_in_authfail.fail.sh
index 3953a7567..19d7c7eb7 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/missing_dir_in_authfail.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/missing_dir_in_authfail.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect,pam
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9
 
 source common.sh
 
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/missing_dir_in_preauth.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/missing_dir_in_preauth.fail.sh
index 303cf124f..21086eef2 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/missing_dir_in_preauth.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/missing_dir_in_preauth.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect,pam
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9
 
 source common.sh
 
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/wrong_faillock_conf.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/wrong_faillock_conf.fail.sh
index 2f08a7d47..82a5d8691 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/wrong_faillock_conf.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/wrong_faillock_conf.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect,pam
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9
 
 source common.sh
 
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/wrong_pam_files.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/wrong_pam_files.fail.sh
index 45724e5e1..bef66604a 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/wrong_pam_files.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/wrong_pam_files.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect,pam
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9
 
 source common.sh
 
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/ansible/shared.yml
index fd8e44443..0ee343e12 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/ansible/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9
 # reboot = false
 # strategy = restrict
 # complexity = low
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/bash/shared.sh
index e9c09b713..a83028a8c 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/bash/shared.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9
 
 {{{ bash_pam_faillock_enable() }}}
 {{{ bash_pam_faillock_parameter_value("local_users_only", "") }}}
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_disabled.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_disabled.fail.sh
index 856bd56ea..367b9dfd1 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_disabled.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_disabled.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,Oracle Linux 8
 
 authselect select sssd --force
 authselect disable-feature with-faillock
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_expected_faillock_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_expected_faillock_conf.pass.sh
index 075791de6..cf3453b23 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_expected_faillock_conf.pass.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_expected_faillock_conf.pass.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,Oracle Linux 8
 
 authselect select sssd --force
 authselect enable-feature with-faillock
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
index 978cccce6..0657d167c 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,Oracle Linux 8
 # remediation = none
 
 authselect select sssd --force
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_not_required_pam_files.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_not_required_pam_files.fail.sh
index 053f91100..d707b423b 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_not_required_pam_files.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_not_required_pam_files.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,Oracle Linux 8
 # remediation = none
 
 # This test scenario manually modify the pam_faillock.so entries in auth section from
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/rule.yml
index bea8688ac..c51ab4edf 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/rule.yml
@@ -45,7 +45,7 @@ references:
     srg: SRG-OS-000329-GPOS-00128,SRG-OS-000021-GPOS-00005
     stigid@ol7: OL07-00-010320
     stigid@ol8: OL08-00-020012,OL08-00-020013
-    stigid@rhel8: RHEL-08-020012,RHEL-08-020013
+    stigid@almalinux8: RHEL-08-020012,RHEL-08-020013
     stigid@ubuntu2004: UBTU-20-010072
     stigid@ubuntu2204: UBTU-22-411045
 
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/rule.yml
index 71ca92bfa..4e6b05a6f 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/rule.yml
@@ -29,7 +29,7 @@ references:
     disa: CCI-002238,CCI-000044
     srg: SRG-OS-000329-GPOS-00128,SRG-OS-000021-GPOS-00005
     stigid@ol8: OL08-00-020018,OL08-00-020019
-    stigid@rhel8: RHEL-08-020018,RHEL-08-020019
+    stigid@almalinux8: RHEL-08-020018,RHEL-08-020019
     stigid@ubuntu2004: UBTU-20-010072
     stigid@ubuntu2204: UBTU-22-411045
 
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/tests/expected_faillock_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/tests/expected_faillock_conf.pass.sh
index fdd0c4c06..2b5882f42 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/tests/expected_faillock_conf.pass.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/tests/expected_faillock_conf.pass.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9
 
 source common.sh
 
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/tests/missing_parameter_password_auth.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/tests/missing_parameter_password_auth.fail.sh
index f73c751f5..7995b6a85 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/tests/missing_parameter_password_auth.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/tests/missing_parameter_password_auth.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9
 
 source common.sh
 
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/tests/missing_parameter_system_auth.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/tests/missing_parameter_system_auth.fail.sh
index 514b2bb37..96c299dca 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/tests/missing_parameter_system_auth.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/tests/missing_parameter_system_auth.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9
 
 source common.sh
 
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/rule.yml
index e52bd8b76..517b16e01 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/rule.yml
@@ -50,7 +50,7 @@ references:
     srg: SRG-OS-000329-GPOS-00128,SRG-OS-000021-GPOS-00005
     stigid@ol7: OL07-00-010320
     stigid@ol8: OL08-00-020014,OL08-00-020015
-    stigid@rhel8: RHEL-08-020014,RHEL-08-020015
+    stigid@almalinux8: RHEL-08-020014,RHEL-08-020015
     stigid@ubuntu2004: UBTU-20-010072
     stigid@ubuntu2204: UBTU-22-411045
 
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dcredit/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dcredit/rule.yml
index 567144b30..b7a49ab06 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dcredit/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dcredit/rule.yml
@@ -48,7 +48,7 @@ references:
     srg: SRG-OS-000071-GPOS-00039
     stigid@ol7: OL07-00-010140
     stigid@ol8: OL08-00-020130
-    stigid@rhel8: RHEL-08-020130
+    stigid@almalinux8: RHEL-08-020130
     stigid@ubuntu2004: UBTU-20-010052
     stigid@ubuntu2204: UBTU-22-611020
 
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dictcheck/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dictcheck/rule.yml
index c4c55f3e1..5a6e73f66 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dictcheck/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dictcheck/rule.yml
@@ -30,7 +30,7 @@ references:
     nist: IA-5(c),IA-5(1)(a),CM-6(a),IA-5(4)
     srg: SRG-OS-000480-GPOS-00225,SRG-OS-000072-GPOS-00040
     stigid@ol8: OL08-00-020300
-    stigid@rhel8: RHEL-08-020300
+    stigid@almalinux8: RHEL-08-020300
     stigid@ubuntu2004: UBTU-20-010056
     stigid@ubuntu2204: UBTU-22-611030
 
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_difok/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_difok/rule.yml
index b63e93fc0..371477acc 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_difok/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_difok/rule.yml
@@ -46,7 +46,7 @@ references:
     srg: SRG-OS-000072-GPOS-00040
     stigid@ol7: OL07-00-010160
     stigid@ol8: OL08-00-020170
-    stigid@rhel8: RHEL-08-020170
+    stigid@almalinux8: RHEL-08-020170
     stigid@ubuntu2004: UBTU-20-010053
     stigid@ubuntu2204: UBTU-22-611040
 
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_lcredit/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_lcredit/rule.yml
index 0c3e42332..ab86031c9 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_lcredit/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_lcredit/rule.yml
@@ -48,7 +48,7 @@ references:
     srg: SRG-OS-000070-GPOS-00038
     stigid@ol7: OL07-00-010130
     stigid@ol8: OL08-00-020120
-    stigid@rhel8: RHEL-08-020120
+    stigid@almalinux8: RHEL-08-020120
     stigid@ubuntu2004: UBTU-20-010051
     stigid@ubuntu2204: UBTU-22-611015
 
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_maxclassrepeat/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_maxclassrepeat/rule.yml
index b8eed2243..e246512fb 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_maxclassrepeat/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_maxclassrepeat/rule.yml
@@ -38,7 +38,7 @@ references:
     srg: SRG-OS-000072-GPOS-00040,SRG-OS-000730-GPOS-00190
     stigid@ol7: OL07-00-010190
     stigid@ol8: OL08-00-020140
-    stigid@rhel8: RHEL-08-020140
+    stigid@almalinux8: RHEL-08-020140
 
 ocil_clause: the value of "maxclassrepeat" is set to "0", more than "{{{ xccdf_value("var_password_pam_maxclassrepeat") }}}" or is commented out
 
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_maxrepeat/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_maxrepeat/rule.yml
index 157b451d6..6a035cef9 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_maxrepeat/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_maxrepeat/rule.yml
@@ -40,7 +40,7 @@ references:
     srg: SRG-OS-000072-GPOS-00040
     stigid@ol7: OL07-00-010180
     stigid@ol8: OL08-00-020150
-    stigid@rhel8: RHEL-08-020150
+    stigid@almalinux8: RHEL-08-020150
 
 ocil_clause: the value of "maxrepeat" is set to more than "{{{ xccdf_value("var_password_pam_maxrepeat") }}}" or is commented out
 
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minclass/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minclass/rule.yml
index 4905d163d..46efc5f68 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minclass/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minclass/rule.yml
@@ -55,7 +55,7 @@ references:
     srg: SRG-OS-000072-GPOS-00040
     stigid@ol7: OL07-00-010170
     stigid@ol8: OL08-00-020160
-    stigid@rhel8: RHEL-08-020160
+    stigid@almalinux8: RHEL-08-020160
 
 ocil_clause: the value of "minclass" is set to less than "{{{ xccdf_value("var_password_pam_minclass") }}}" or is commented out
 
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minlen/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minlen/rule.yml
index 3d4440cda..8bb8c77e6 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minlen/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minlen/rule.yml
@@ -48,7 +48,7 @@ references:
     srg: SRG-OS-000078-GPOS-00046
     stigid@ol7: OL07-00-010280
     stigid@ol8: OL08-00-020230
-    stigid@rhel8: RHEL-08-020230
+    stigid@almalinux8: RHEL-08-020230
     stigid@ubuntu2004: UBTU-20-010054
     stigid@ubuntu2204: UBTU-22-611035
 
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ocredit/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ocredit/rule.yml
index 84ee603a8..813faf411 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ocredit/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ocredit/rule.yml
@@ -49,7 +49,7 @@ references:
     srg: SRG-OS-000266-GPOS-00101
     stigid@ol7: OL07-00-010150
     stigid@ol8: OL08-00-020280
-    stigid@rhel8: RHEL-08-020280
+    stigid@almalinux8: RHEL-08-020280
     stigid@ubuntu2004: UBTU-20-010055
     stigid@ubuntu2204: UBTU-22-611025
 
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/rule.yml
index 482760bcc..996b89192 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/rule.yml
@@ -24,7 +24,7 @@ references:
     disa: CCI-004066
     srg: SRG-OS-000069-GPOS-00037,SRG-OS-000070-GPOS-00038,SRG-OS-000480-GPOS-00227
     stigid@ol8: OL08-00-020100
-    stigid@rhel8: RHEL-08-020100
+    stigid@almalinux8: RHEL-08-020100
 
 ocil_clause: 'pam_pwquality.so is not enabled in password-auth'
 
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_commented_entry.fail.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_commented_entry.fail.sh
index 81d2955d3..6ace9a2c9 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_commented_entry.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_commented_entry.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,multi_platform_fedora
 
 authselect create-profile hardening -b sssd
 CUSTOM_PROFILE="custom/hardening"
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_correct_entry.pass.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_correct_entry.pass.sh
index 4bb7a4872..7ae4c5a93 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_correct_entry.pass.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_correct_entry.pass.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,multi_platform_fedora
 
 authselect create-profile hardening -b sssd
 CUSTOM_PROFILE="custom/hardening"
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_missing_entry.fail.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_missing_entry.fail.sh
index 32ce46407..0348434c3 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_missing_entry.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_missing_entry.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,multi_platform_fedora
 
 authselect create-profile hardening -b sssd
 CUSTOM_PROFILE="custom/hardening"
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_modified_pam.fail.sh
index 0f9b75cec..eaed0c75b 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_modified_pam.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_modified_pam.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,multi_platform_fedora
 # remediation = none
 
 SYSTEM_AUTH_FILE="/etc/pam.d/password-auth"
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_wrong_control.fail.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_wrong_control.fail.sh
index 61c28f2d6..5b42939c5 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_wrong_control.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_wrong_control.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,multi_platform_fedora
 
 authselect create-profile hardening -b sssd
 CUSTOM_PROFILE="custom/hardening"
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/rule.yml
index ce5973eaf..40ff808eb 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/rule.yml
@@ -24,7 +24,7 @@ references:
     disa: CCI-000366
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol8: OL08-00-020101
-    stigid@rhel8: RHEL-08-020101
+    stigid@almalinux8: RHEL-08-020101
 
 ocil_clause: 'pam_pwquality.so is not enabled in system-auth'
 
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_commented_entry.fail.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_commented_entry.fail.sh
index f68622be4..441bcc209 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_commented_entry.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_commented_entry.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,multi_platform_fedora
 
 authselect create-profile hardening -b sssd
 CUSTOM_PROFILE="custom/hardening"
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_correct_entry.pass.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_correct_entry.pass.sh
index 0de6065a2..7da0be2e2 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_correct_entry.pass.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_correct_entry.pass.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,multi_platform_fedora
 
 authselect create-profile hardening -b sssd
 CUSTOM_PROFILE="custom/hardening"
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_missing_entry.fail.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_missing_entry.fail.sh
index 03a4ef295..4a7614157 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_missing_entry.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_missing_entry.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,multi_platform_fedora
 
 authselect create-profile hardening -b sssd
 CUSTOM_PROFILE="custom/hardening"
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_modified_pam.fail.sh
index ae0ed105d..520609ec4 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_modified_pam.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_modified_pam.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,multi_platform_fedora
 # remediation = none
 
 SYSTEM_AUTH_FILE="/etc/pam.d/system-auth"
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_wrong_control.fail.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_wrong_control.fail.sh
index 60ebfdeba..83086ac66 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_wrong_control.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_wrong_control.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,multi_platform_fedora
 
 authselect create-profile hardening -b sssd
 CUSTOM_PROFILE="custom/hardening"
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/rule.yml
index 1fe3c52f0..302cff28b 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/rule.yml
@@ -47,7 +47,7 @@ references:
     srg: SRG-OS-000069-GPOS-00037,SRG-OS-000480-GPOS-00227
     stigid@ol7: OL07-00-010119
     stigid@ol8: OL08-00-020102,OL08-00-020103,OL08-00-020104
-    stigid@rhel8: RHEL-08-020104
+    stigid@almalinux8: RHEL-08-020104
     stigid@ubuntu2004: UBTU-20-010057
     stigid@ubuntu2204: UBTU-22-611045
 
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_commented.fail.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_commented.fail.sh
index c61f9b6d5..e7cccaed5 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_commented.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_commented.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
 # variables = var_password_pam_retry=3
 
 source common.sh
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_correct.pass.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_correct.pass.sh
index 601d32759..bc4453182 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_correct.pass.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_correct.pass.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
 # variables = var_password_pam_retry=3
 
 source common.sh
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_correct_with_space.pass.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_correct_with_space.pass.sh
index e4f1de0cc..18be59047 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_correct_with_space.pass.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_correct_with_space.pass.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
 # variables = var_password_pam_retry=3
 
 source common.sh
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_overriden.fail.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_overriden.fail.sh
index d70521e76..d24de47b6 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_overriden.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_overriden.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
 # variables = var_password_pam_retry=3
 
 source common.sh
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_wrong.fail.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_wrong.fail.sh
index dc7fe32d1..3313d5dea 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_wrong.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_wrong.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
 # variables = var_password_pam_retry=3
 
 source common.sh
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ucredit/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ucredit/rule.yml
index fa55c67d0..aa1626c3c 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ucredit/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ucredit/rule.yml
@@ -45,7 +45,7 @@ references:
     srg: SRG-OS-000069-GPOS-00037,SRG-OS-000070-GPOS-00038
     stigid@ol7: OL07-00-010120
     stigid@ol8: OL08-00-020110
-    stigid@rhel8: RHEL-08-020110
+    stigid@almalinux8: RHEL-08-020110
     stigid@ubuntu2004: UBTU-20-010050
     stigid@ubuntu2204: UBTU-22-611010
 
diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/rule.yml b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/rule.yml
index 8b667cc7a..f97c98f35 100644
--- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/rule.yml
@@ -45,7 +45,7 @@ references:
     srg: SRG-OS-000073-GPOS-00041
     stigid@ol7: OL07-00-010210
     stigid@ol8: OL08-00-010110
-    stigid@rhel8: RHEL-08-010110
+    stigid@almalinux8: RHEL-08-010110
     stigid@sle12: SLES-12-010210
     stigid@sle15: SLES-15-010260
     stigid@ubuntu2004: UBTU-20-010404
diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/rule.yml b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/rule.yml
index d03a7af44..6c7b680dd 100644
--- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/rule.yml
@@ -50,7 +50,7 @@ references:
     srg: SRG-OS-000073-GPOS-00041,SRG-OS-000120-GPOS-00061
     stigid@ol7: OL07-00-010200
     stigid@ol8: OL08-00-010160
-    stigid@rhel8: RHEL-08-010160
+    stigid@almalinux8: RHEL-08-010160
 
 ocil_clause: 'it does not'
 
diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_correct_value.pass.sh b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_correct_value.pass.sh
index ee1213c2d..c2aca7ae1 100644
--- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_correct_value.pass.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_correct_value.pass.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
 # variables = var_password_hashing_algorithm_pam=sha512
 
 authselect create-profile hardening -b sssd
diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_incorrect_option.fail.sh b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_incorrect_option.fail.sh
index 8d6be38f4..ce2bcce19 100644
--- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_incorrect_option.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_incorrect_option.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
 # variables = var_password_hashing_algorithm_pam=sha512
 
 authselect create-profile hardening -b sssd
diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_missing_option.fail.sh b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_missing_option.fail.sh
index 13f217f02..efb422075 100644
--- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_missing_option.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_missing_option.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
 # variables = var_password_hashing_algorithm_pam=sha512
 
 authselect create-profile hardening -b sssd
diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_modified_pam.fail.sh
index 5632949e2..fbfe8a0a4 100644
--- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_modified_pam.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_modified_pam.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
 # variables = var_password_hashing_algorithm_pam=sha512
 # remediation = none
 
diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_multiple_options.fail.sh b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_multiple_options.fail.sh
index 7f6ff9a97..581c81c47 100644
--- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_multiple_options.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_multiple_options.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
 # variables = var_password_hashing_algorithm_pam=sha512
 
 authselect create-profile hardening -b sssd
diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_wrong_control.fail.sh b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_wrong_control.fail.sh
index 10a02eb86..77029c277 100644
--- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_wrong_control.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_wrong_control.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
 # variables = var_password_hashing_algorithm_pam=sha512
 
 authselect create-profile hardening -b sssd
diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/rule.yml b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/rule.yml
index dbc370188..bf39a6136 100644
--- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/rule.yml
@@ -65,7 +65,7 @@ references:
     srg: SRG-OS-000073-GPOS-00041,SRG-OS-000120-GPOS-00061
     stigid@ol7: OL07-00-010200
     stigid@ol8: OL08-00-010159
-    stigid@rhel8: RHEL-08-010159
+    stigid@almalinux8: RHEL-08-010159
     stigid@sle12: SLES-12-010230
     stigid@sle15: SLES-15-020170
     stigid@ubuntu2204: UBTU-22-611055
diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_correct_value.pass.sh b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_correct_value.pass.sh
index 264df72f1..725cd27ab 100644
--- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_correct_value.pass.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_correct_value.pass.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
 # variables = var_password_hashing_algorithm_pam=sha512
 
 authselect create-profile hardening -b sssd
diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_incorrect_option.fail.sh b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_incorrect_option.fail.sh
index c5e65c44e..8d606b5ea 100644
--- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_incorrect_option.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_incorrect_option.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
 # variables = var_password_hashing_algorithm_pam=sha512
 
 authselect create-profile hardening -b sssd
diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_missing_option.fail.sh b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_missing_option.fail.sh
index c61e9828d..652f95adb 100644
--- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_missing_option.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_missing_option.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
 # variables = var_password_hashing_algorithm_pam=sha512
 
 authselect create-profile hardening -b sssd
diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_modified_pam.fail.sh
index 6499ed205..c94da4ca0 100644
--- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_modified_pam.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_modified_pam.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
 # variables = var_password_hashing_algorithm_pam=sha512
 # remediation = none
 
diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_multiple_options.fail.sh b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_multiple_options.fail.sh
index 6b5b5767a..01fafdbb9 100644
--- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_multiple_options.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_multiple_options.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
 # variables = var_password_hashing_algorithm_pam=sha512
 
 authselect create-profile hardening -b sssd
diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_wrong_control.fail.sh b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_wrong_control.fail.sh
index a1a9ec1ec..c273c78f4 100644
--- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_wrong_control.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_wrong_control.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
 # variables = var_password_hashing_algorithm_pam=sha512
 
 authselect create-profile hardening -b sssd
diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_min_rounds_logindefs/rule.yml b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_min_rounds_logindefs/rule.yml
index 28426471d..39b28a4db 100644
--- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_min_rounds_logindefs/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_min_rounds_logindefs/rule.yml
@@ -36,7 +36,7 @@ references:
     nist@sle12: IA-5(1)(c),IA-5(1).1(v),IA-7,IA-7.1
     srg: SRG-OS-000073-GPOS-00041,SRG-OS-000120-GPOS-00061
     stigid@ol8: OL08-00-010130
-    stigid@rhel8: RHEL-08-010130
+    stigid@almalinux8: RHEL-08-010130
     stigid@sle12: SLES-12-010240
     stigid@sle15: SLES-15-020190
 
diff --git a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_burstaction/kubernetes/shared.yml b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_burstaction/kubernetes/shared.yml
index 3045574e5..7ce6bb466 100644
--- a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_burstaction/kubernetes/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_burstaction/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
 apiVersion: machineconfiguration.openshift.io/v1
 kind: MachineConfig
 spec:
diff --git a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_burstaction/rule.yml b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_burstaction/rule.yml
index 33db7fb17..de7bf122c 100644
--- a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_burstaction/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_burstaction/rule.yml
@@ -71,7 +71,7 @@ references:
     ospp: FAU_GEN.1.2
     srg: SRG-OS-000324-GPOS-00125,SRG-OS-000480-GPOS-00227
     stigid@ol8: OL08-00-040172
-    stigid@rhel8: RHEL-08-040172
+    stigid@almalinux8: RHEL-08-040172
     stigid@sle15: SLES-15-040062
     stigid@ubuntu2004: UBTU-20-010460
     stigid@ubuntu2204: UBTU-22-211015
diff --git a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/kubernetes/shared.yml b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/kubernetes/shared.yml
index 517c83c6e..041e9a29c 100644
--- a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/kubernetes/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
 # reboot = true
 # strategy = restrict
 # complexity = low
diff --git a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/rule.yml b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/rule.yml
index ae3a3ab28..1449c55de 100644
--- a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/rule.yml
@@ -76,7 +76,7 @@ references:
     srg: SRG-OS-000324-GPOS-00125,SRG-OS-000480-GPOS-00227
     stigid@ol7: OL07-00-020230
     stigid@ol8: OL08-00-040170
-    stigid@rhel8: RHEL-08-040170
+    stigid@almalinux8: RHEL-08-040170
     stigid@sle12: SLES-12-010610
     stigid@sle15: SLES-15-040060
     stigid@ubuntu2004: UBTU-20-010460
diff --git a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/tests/masked.pass.sh b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/tests/masked.pass.sh
index f8c47e96a..d0aaabaf7 100644
--- a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/tests/masked.pass.sh
+++ b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/tests/masked.pass.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = Oracle Linux 7,Oracle Linux 8,multi_platform_rhel,multi_platform_fedora,multi_platform_ubuntu
+# platform = Oracle Linux 7,Oracle Linux 8,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ubuntu
 
 systemctl disable --now ctrl-alt-del.target
 systemctl mask --now ctrl-alt-del.target
diff --git a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/tests/not_masked.fail.sh b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/tests/not_masked.fail.sh
index 41eed9737..992dc2304 100644
--- a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/tests/not_masked.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/tests/not_masked.fail.sh
@@ -1,4 +1,4 @@
 #!/bin/bash
-# platform = Oracle Linux 7,Oracle Linux 8,multi_platform_rhel,multi_platform_fedora,multi_platform_ubuntu
+# platform = Oracle Linux 7,Oracle Linux 8,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ubuntu
 
 systemctl unmask ctrl-alt-del.target
diff --git a/linux_os/guide/system/accounts/accounts-physical/logind_session_timeout/rule.yml b/linux_os/guide/system/accounts/accounts-physical/logind_session_timeout/rule.yml
index 6dc5eae7e..fbf4edf7b 100644
--- a/linux_os/guide/system/accounts/accounts-physical/logind_session_timeout/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-physical/logind_session_timeout/rule.yml
@@ -42,7 +42,7 @@ references:
     pcidss: Req-8.1.8
     srg: SRG-OS-000163-GPOS-00072
     stigid@ol8: OL08-00-020035
-    stigid@rhel8: RHEL-08-020035
+    stigid@almalinux8: RHEL-08-020035
 
 ocil_clause: "the option is not configured"
 
diff --git a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/rule.yml b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/rule.yml
index f3473796d..2f77035b4 100644
--- a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/rule.yml
@@ -44,7 +44,7 @@ references:
     srg: SRG-OS-000080-GPOS-00048
     stigid@ol7: OL07-00-010481
     stigid@ol8: OL08-00-010152
-    stigid@rhel8: RHEL-08-010152
+    stigid@almalinux8: RHEL-08-010152
 
 ocil_clause: 'the output is different'
 
@@ -52,7 +52,7 @@ ocil: |-
     To check if authentication is required for emergency mode, run the following command:
     
$ grep sulogin /usr/lib/systemd/system/emergency.service

     The output should be similar to the following, and the line must begin with
-    {{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "sle12", "sle15", "slmicro5"] -%}}
+    {{% if product in ["fedora", "ol8", "ol9", "rhel8", "almalinux8", "rhel9", "sle12", "sle15", "slmicro5"] -%}}
         ExecStart and /usr/lib/systemd/systemd-sulogin-shell.
         
ExecStart=-/usr/lib/systemd/systemd-sulogin-shell emergency

     {{%- else -%}}
@@ -80,7 +80,7 @@ fixtext: |-
     Configure {{{ full_name }}} to require authentication for system emergency mode.
 
     Add or edit the following line in "/usr/lib/systemd/system/emergency.service":
-    {{% if product in ["fedora", "ol8", "ol9", "kylinserver10", "openeuler2203", "rhel8", "rhel9", "sle12", "sle15", "slmicro5"] -%}}
+    {{% if product in ["fedora", "ol8", "ol9", "kylinserver10", "openeuler2203", "rhel8", "almalinux8", "rhel9", "sle12", "sle15", "slmicro5"] -%}}
     ExecStart=-/usr/lib/systemd/systemd-sulogin-shell emergency
     {{%- else -%}}
     ExecStart=-/bin/sh -c "/sbin/sulogin; /usr/bin/systemctl --fail --no-block default"
diff --git a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/correct_value.pass.sh b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/correct_value.pass.sh
index bce932b72..1975adea7 100644
--- a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/correct_value.pass.sh
+++ b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/correct_value.pass.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,multi_platform_fedora
 
 service_file="/usr/lib/systemd/system/emergency.service"
 sulogin="/usr/lib/systemd/systemd-sulogin-shell"
diff --git a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/correct_value_dropin.pass.sh b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/correct_value_dropin.pass.sh
index 19345cfcf..374e76ec6 100644
--- a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/correct_value_dropin.pass.sh
+++ b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/correct_value_dropin.pass.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro
+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro
 rm -f /etc/systemd/system/emergency.service
 mkdir -p /etc/systemd/system/emergency.service.d/
 cat << EOF > /etc/systemd/system/emergency.service.d/10-automatus.conf
diff --git a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/wrong_value.fail.sh b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/wrong_value.fail.sh
index d9fdc678f..a4f6ea6a9 100644
--- a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/wrong_value.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/wrong_value.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
 
 service_file="/usr/lib/systemd/system/emergency.service"
 sulogin="/bin/bash"
diff --git a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/wrong_value_dropin.fail.sh b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/wrong_value_dropin.fail.sh
index da0d857f6..a7d75247c 100644
--- a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/wrong_value_dropin.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/wrong_value_dropin.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro
+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro
 rm -f /etc/systemd/system/emergency.service
 mkdir -p /etc/systemd/system/emergency.service.d/
 cat << EOF > /etc/systemd/system/emergency.service.d/10-oscap.conf
diff --git a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/rule.yml b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/rule.yml
index bc0beb98a..808242a86 100644
--- a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/rule.yml
@@ -47,7 +47,7 @@ references:
     srg: SRG-OS-000080-GPOS-00048
     stigid@ol7: OL07-00-010481
     stigid@ol8: OL08-00-010151
-    stigid@rhel8: RHEL-08-010151
+    stigid@almalinux8: RHEL-08-010151
 
 ocil_clause: 'the output is different'
 
diff --git a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/correct_dropin.pass.sh b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/correct_dropin.pass.sh
index 07b8e331a..850cd60d9 100644
--- a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/correct_dropin.pass.sh
+++ b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/correct_dropin.pass.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,multi_platform_rhel
+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux
 rm -rf /etc/systemd/system/rescue.service.d
 mkdir -p /etc/systemd/system/rescue.service.d
 cat << EOF > /etc/systemd/system/rescue.service.d/10-automatus.conf
diff --git a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/correct_value.pass.sh b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/correct_value.pass.sh
index f735f3270..027fbbe3d 100644
--- a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/correct_value.pass.sh
+++ b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/correct_value.pass.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_ol
+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol
 
 service_file="/usr/lib/systemd/system/rescue.service"
 sulogin="/usr/lib/systemd/systemd-sulogin-shell"
diff --git a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/wrong_dropin.fail.sh b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/wrong_dropin.fail.sh
index 4557b0512..043753f03 100644
--- a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/wrong_dropin.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/wrong_dropin.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,multi_platform_rhel
+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux
 
 rm -rf /etc/systemd/system/rescue.service.d
 mkdir -p /etc/systemd/system/rescue.service.d
diff --git a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/wrong_value.fail.sh b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/wrong_value.fail.sh
index 63b9b08b5..15abe6cec 100644
--- a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/wrong_value.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/wrong_value.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
 
 service_file="/usr/lib/systemd/system/rescue.service"
 sulogin="/bin/bash"
diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_exec_tmux/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_exec_tmux/ansible/shared.yml
index 75395cf61..1dcee69f3 100644
--- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_exec_tmux/ansible/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_exec_tmux/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
 # reboot = false
 # strategy = configure
 # complexity = low
diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_tmux/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_tmux/ansible/shared.yml
index f47326940..42d591752 100644
--- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_tmux/ansible/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_tmux/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
 # reboot = false
 # strategy = configure
 # complexity = low
diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_after_time/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_after_time/ansible/shared.yml
index dc63eb653..dc6931307 100644
--- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_after_time/ansible/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_after_time/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
 # reboot = false
 # strategy = restrict
 # complexity = low
diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/tests/correct.pass.sh b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/tests/correct.pass.sh
index ddfb97fa4..717b54925 100644
--- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/tests/correct.pass.sh
+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/tests/correct.pass.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8,multi_platform_fedora
 
 echo 'set -g lock-command vlock' >> '/etc/tmux.conf'
 chmod 0644 "/etc/tmux.conf"
diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/tests/file_empty.fail.sh b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/tests/file_empty.fail.sh
index 38bf0f874..b7bb160e7 100644
--- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/tests/file_empty.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/tests/file_empty.fail.sh
@@ -1,4 +1,4 @@
 #!/bin/bash
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8,multi_platform_fedora
 
 echo > '/etc/tmux.conf'
diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/tests/line_commented.fail.sh b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/tests/line_commented.fail.sh
index 5c630fa9e..cae086fe0 100644
--- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/tests/line_commented.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/tests/line_commented.fail.sh
@@ -1,4 +1,4 @@
 #!/bin/bash
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8,multi_platform_fedora
 
 echo '# set -g lock-command vlock' >> '/etc/tmux.conf'
diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/tests/wrong_permissions.fail.sh b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/tests/wrong_permissions.fail.sh
index ec984bb94..d00fdfe3a 100644
--- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/tests/wrong_permissions.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/tests/wrong_permissions.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8,multi_platform_fedora
 
 echo 'set -g lock-command vlock' >> '/etc/tmux.conf'
 chmod 0600 "/etc/tmux.conf"
diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/tests/wrong_value.fail.sh b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/tests/wrong_value.fail.sh
index acd297d55..c572519d0 100644
--- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/tests/wrong_value.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/tests/wrong_value.fail.sh
@@ -1,4 +1,4 @@
 #!/bin/bash
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8,multi_platform_fedora
 
 echo 'set -g lock-command locker' >> '/etc/tmux.conf'
diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_keybinding/tests/alternative_value.pass.sh b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_keybinding/tests/alternative_value.pass.sh
index 0b31379f0..778d63d74 100644
--- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_keybinding/tests/alternative_value.pass.sh
+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_keybinding/tests/alternative_value.pass.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = Oracle Linux 8,multi_platform_rhel,multi_platform_fedora
+# platform = Oracle Linux 8,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
 
 echo 'bind W lock-session' >> '/etc/tmux.conf'
 chmod 0644 "/etc/tmux.conf"
diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_keybinding/tests/correct.pass.sh b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_keybinding/tests/correct.pass.sh
index e38203195..55a8aff57 100644
--- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_keybinding/tests/correct.pass.sh
+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_keybinding/tests/correct.pass.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = Oracle Linux 8,multi_platform_rhel,multi_platform_fedora
+# platform = Oracle Linux 8,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
 # packages = tmux
 
 echo 'bind X lock-session' >> '/etc/tmux.conf'
diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_keybinding/tests/file_empty.fail.sh b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_keybinding/tests/file_empty.fail.sh
index 45458b6f2..87e6ded51 100644
--- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_keybinding/tests/file_empty.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_keybinding/tests/file_empty.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = Oracle Linux 8,multi_platform_rhel,multi_platform_fedora
+# platform = Oracle Linux 8,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
 # packages = tmux
 
 echo > '/etc/tmux.conf'
diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_keybinding/tests/line_commented.fail.sh b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_keybinding/tests/line_commented.fail.sh
index 93ed8cbf4..bff755146 100644
--- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_keybinding/tests/line_commented.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_keybinding/tests/line_commented.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = Oracle Linux 8,multi_platform_rhel,multi_platform_fedora
+# platform = Oracle Linux 8,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
 # packages = tmux
 
 echo '# bind X lock-session' >> '/etc/tmux.conf'
diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_keybinding/tests/wrong_permissions.fail.sh b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_keybinding/tests/wrong_permissions.fail.sh
index da006625e..8e02e36e8 100644
--- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_keybinding/tests/wrong_permissions.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_keybinding/tests/wrong_permissions.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = Oracle Linux 8,multi_platform_rhel,multi_platform_fedora
+# platform = Oracle Linux 8,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
 # packages = tmux
 
 echo 'bind X lock-session' >> '/etc/tmux.conf'
diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/no_tmux_in_shells/kubernetes/shared.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/no_tmux_in_shells/kubernetes/shared.yml
index 6b2d6cd5e..c20712c9f 100644
--- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/no_tmux_in_shells/kubernetes/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/no_tmux_in_shells/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
 apiVersion: machineconfiguration.openshift.io/v1
 kind: MachineConfig
 spec:
diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/force_opensc_card_drivers/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/force_opensc_card_drivers/ansible/shared.yml
index 1a9d35f69..9a5753d98 100644
--- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/force_opensc_card_drivers/ansible/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/force_opensc_card_drivers/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhv,multi_platform_ol,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhv,multi_platform_ol,multi_platform_sle
 # reboot = false
 # strategy = configure
 # complexity = low
diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/install_smartcard_packages/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/install_smartcard_packages/rule.yml
index 0e85d913e..73feb8d95 100644
--- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/install_smartcard_packages/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/install_smartcard_packages/rule.yml
@@ -55,7 +55,7 @@ references:
     srg: SRG-OS-000105-GPOS-00052,SRG-OS-000375-GPOS-00160,SRG-OS-000375-GPOS-00161,SRG-OS-000377-GPOS-00162
     stigid@ol7: OL07-00-041001
     stigid@ol8: OL08-00-010390
-    stigid@rhel8: RHEL-08-010390
+    stigid@almalinux8: RHEL-08-010390
     stigid@sle12: SLES-12-030500
     stigid@sle15: SLES-15-010460
     stigid@ubuntu2004: UBTU-20-010063
diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/package_opensc_installed/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/package_opensc_installed/rule.yml
index 7ee9a73fd..ae05d045b 100644
--- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/package_opensc_installed/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/package_opensc_installed/rule.yml
@@ -35,7 +35,7 @@ references:
     nist: CM-6(a)
     srg: SRG-OS-000375-GPOS-00160,SRG-OS-000376-GPOS-00161
     stigid@ol8: OL08-00-010410
-    stigid@rhel8: RHEL-08-010410
+    stigid@almalinux8: RHEL-08-010410
     stigid@ubuntu2004: UBTU-20-010064
     stigid@ubuntu2204: UBTU-22-612015
 
diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/ansible/shared.yml
index 08b89bf8f..cea27ab4d 100644
--- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/ansible/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_sle,multi_platform_slmicro,multi_platform_rhel
+# platform = multi_platform_sle,multi_platform_slmicro,multi_platform_rhel,multi_platform_almalinux
 # reboot = false
 # strategy = restrict
 # complexity = low
diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/bash/shared.sh b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/bash/shared.sh
index 2efee65ed..7d6faf484 100644
--- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/bash/shared.sh
+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Red Hat Enterprise Linux 8,multi_platform_ol,multi_platform_sle,multi_platform_slmicro
+# platform = Red Hat Enterprise Linux 8,AlmaLinux OS 8,multi_platform_ol,multi_platform_sle,multi_platform_slmicro
 
 {{{ bash_package_install("pam_pkcs11") }}}
 
diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/tests/commented.fail.sh b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/tests/commented.fail.sh
index c2afecc19..652fbedb7 100644
--- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/tests/commented.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/tests/commented.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_ubuntu,multi_platform_rhel
+# platform = multi_platform_ubuntu,multi_platform_rhel,multi_platform_almalinux
 # packages = openssl-pkcs11
 
 if [ ! -f /etc/pam_pkcs11/pam_pkcs11.conf ]; then
diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/tests/correct.pass.sh b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/tests/correct.pass.sh
index d7103cc0a..68c252f78 100644
--- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/tests/correct.pass.sh
+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/tests/correct.pass.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_ubuntu
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu
 # packages = openssl-pkcs11
 
 if [ ! -f /etc/pam_pkcs11/pam_pkcs11.conf ]; then
diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/tests/missing_ocsp.fail.sh b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/tests/missing_ocsp.fail.sh
index c0cc3c94f..6db041b04 100644
--- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/tests/missing_ocsp.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/tests/missing_ocsp.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_ubuntu
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu
 # packages = openssl-pkcs11
 
 if [ ! -f /etc/pam_pkcs11/pam_pkcs11.conf ]; then
diff --git a/linux_os/guide/system/accounts/accounts-physical/service_debug-shell_disabled/rule.yml b/linux_os/guide/system/accounts/accounts-physical/service_debug-shell_disabled/rule.yml
index ee3d8e635..d4a3a520e 100644
--- a/linux_os/guide/system/accounts/accounts-physical/service_debug-shell_disabled/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-physical/service_debug-shell_disabled/rule.yml
@@ -36,7 +36,7 @@ references:
     ospp: FIA_UAU.1
     srg: SRG-OS-000324-GPOS-00125,SRG-OS-000480-GPOS-00227
     stigid@ol8: OL08-00-040180
-    stigid@rhel8: RHEL-08-040180
+    stigid@almalinux8: RHEL-08-040180
 
 ocil_clause: |-
     {{{ ocil_clause_service_disabled(service="debug-shell") }}}
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/ansible/shared.yml
index 84f13bfea..709b9e923 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/ansible/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro
 # reboot = false
 # strategy = restrict
 # complexity = low
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/bash/shared.sh b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/bash/shared.sh
index 77aa71dd9..b3bfff528 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/bash/shared.sh
+++ b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle,multi_platform_slmicro
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle,multi_platform_slmicro
 
 {{{ bash_instantiate_variables("var_account_disable_post_pw_expiration") }}}
 
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/rule.yml
index 5b61d3b83..dea58e7bd 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/rule.yml
@@ -53,7 +53,7 @@ references:
     srg: SRG-OS-000118-GPOS-00060
     stigid@ol7: OL07-00-010310
     stigid@ol8: OL08-00-020260
-    stigid@rhel8: RHEL-08-020260
+    stigid@almalinux8: RHEL-08-020260
     stigid@sle12: SLES-12-010340
     stigid@sle15: SLES-15-020050
     stigid@ubuntu2004: UBTU-20-010409
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_temp_expire_date/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_temp_expire_date/rule.yml
index 96ae3e33c..6b1558013 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_temp_expire_date/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_temp_expire_date/rule.yml
@@ -45,7 +45,7 @@ references:
     srg: SRG-OS-000123-GPOS-00064,SRG-OS-000002-GPOS-00002
     stigid@ol7: OL07-00-010271
     stigid@ol8: OL08-00-020000,OL08-00-020270
-    stigid@rhel8: RHEL-08-020000,RHEL-08-020270
+    stigid@almalinux8: RHEL-08-020000,RHEL-08-020270
     stigid@sle12: SLES-12-010331
     stigid@sle15: SLES-15-020061
     stigid@ubuntu2004: UBTU-20-010000
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/account_unique_id/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/account_unique_id/rule.yml
index cc677e619..d97703614 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/account_unique_id/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/account_unique_id/rule.yml
@@ -28,7 +28,7 @@ references:
     pcidss: Req-8.1.1
     srg: SRG-OS-000104-GPOS-00051,SRG-OS-000121-GPOS-00062
     stigid@ol8: OL08-00-020240
-    stigid@rhel8: RHEL-08-020240
+    stigid@almalinux8: RHEL-08-020240
     stigid@sle12: SLES-12-010640
     stigid@sle15: SLES-15-010230
 
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/accounts_authorized_local_users/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/accounts_authorized_local_users/rule.yml
index de8bfee0f..08390822e 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/accounts_authorized_local_users/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/accounts_authorized_local_users/rule.yml
@@ -38,7 +38,7 @@ references:
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol7: OL07-00-020270
     stigid@ol8: OL08-00-020320
-    stigid@rhel8: RHEL-08-020320
+    stigid@almalinux8: RHEL-08-020320
     stigid@sle12: SLES-12-010630
     stigid@sle15: SLES-15-020090
 
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/accounts_authorized_local_users/tests/default.pass.sh b/linux_os/guide/system/accounts/accounts-restrictions/accounts_authorized_local_users/tests/default.pass.sh
index aa147fdce..bb8288f5b 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/accounts_authorized_local_users/tests/default.pass.sh
+++ b/linux_os/guide/system/accounts/accounts-restrictions/accounts_authorized_local_users/tests/default.pass.sh
@@ -1,5 +1,5 @@
 #! /bin/bash
-# platform = multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
 # variables = var_accounts_authorized_local_users_regex=^(root|bin|daemon|adm|lp|sync|shutdown|halt|mail|operator|games|ftp|nobody|pegasus|systemd-bus-proxy|systemd-network|dbus|polkitd|abrt|unbound|tss|libstoragemgmt|rpc|colord|usbmuxd$|pcp|saslauth|geoclue|setroubleshoot|rtkit|chrony|qemu|radvd|rpcuser|nfsnobody|pulse|gdm|gnome-initial-setup|postfix|avahi|ntp|sshd|tcpdump|oprofile|uuidd)$
 
 var_accounts_authorized_local_users_regex="^(root|bin|daemon|adm|lp|sync|shutdown|halt|mail|operator|games|ftp|nobody|pegasus|systemd-bus-proxy|systemd-network|dbus|polkitd|abrt|unbound|tss|libstoragemgmt|rpc|colord|usbmuxd$|pcp|saslauth|geoclue|setroubleshoot|rtkit|chrony|qemu|radvd|rpcuser|nfsnobody|pulse|gdm|gnome-initial-setup|postfix|avahi|ntp|sshd|tcpdump|oprofile|uuidd)$"
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_maximum_age_login_defs/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_maximum_age_login_defs/ansible/shared.yml
index c4c2f7ba0..e03ccee7a 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_maximum_age_login_defs/ansible/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_maximum_age_login_defs/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_debian
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_debian
 # reboot = false
 # strategy = restrict
 # complexity = low
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_maximum_age_login_defs/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_maximum_age_login_defs/rule.yml
index cd2f88ecd..66ffb0802 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_maximum_age_login_defs/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_maximum_age_login_defs/rule.yml
@@ -53,7 +53,7 @@ references:
     srg: SRG-OS-000076-GPOS-00044
     stigid@ol7: OL07-00-010250
     stigid@ol8: OL08-00-020200
-    stigid@rhel8: RHEL-08-020200
+    stigid@almalinux8: RHEL-08-020200
     stigid@sle12: SLES-12-010280
     stigid@sle15: SLES-15-020220
     stigid@ubuntu2004: UBTU-20-010008
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_minimum_age_login_defs/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_minimum_age_login_defs/ansible/shared.yml
index 6e22e90d7..bfd7508ad 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_minimum_age_login_defs/ansible/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_minimum_age_login_defs/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro
 # reboot = false
 # strategy = restrict
 # complexity = low
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_minimum_age_login_defs/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_minimum_age_login_defs/rule.yml
index 3ae34ae92..0305558ac 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_minimum_age_login_defs/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_minimum_age_login_defs/rule.yml
@@ -52,7 +52,7 @@ references:
     srg: SRG-OS-000075-GPOS-00043
     stigid@ol7: OL07-00-010230
     stigid@ol8: OL08-00-020190
-    stigid@rhel8: RHEL-08-020190
+    stigid@almalinux8: RHEL-08-020190
     stigid@sle12: SLES-12-010260
     stigid@sle15: SLES-15-020200
     stigid@ubuntu2004: UBTU-20-010007
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/ansible/shared.yml
index b04d7cdb8..0d5a5831e 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/ansible/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
 # reboot = false
 # strategy = restrict
 # complexity = low
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/bash/shared.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/bash/shared.sh
index dcc5de3f1..268aafbab 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/bash/shared.sh
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
 
 {{{ bash_instantiate_variables("var_accounts_password_minlen_login_defs") }}}
 {{{ bash_replace_or_append('/etc/login.defs', '^PASS_MIN_LEN', "$var_accounts_password_minlen_login_defs", '%s %s') }}}
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/rule.yml
index 2abaa2581..71f3d6a22 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/rule.yml
@@ -46,7 +46,7 @@ references:
     nist-csf: PR.AC-1,PR.AC-6,PR.AC-7
     srg: SRG-OS-000078-GPOS-00046
     stigid@ol8: OL08-00-020231
-    stigid@rhel8: RHEL-08-020231
+    stigid@almalinux8: RHEL-08-020231
 
 ocil_clause: 'it is not set to the required value'
 
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/tests/password_minlen_10.fail.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/tests/password_minlen_10.fail.sh
index cb388dd9b..7165ee165 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/tests/password_minlen_10.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/tests/password_minlen_10.fail.sh
@@ -1,7 +1,7 @@
 #!/bin/bash
 #
 # profiles = xccdf_org.ssgproject.content_profile_ospp
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8,multi_platform_fedora
 
 if grep -q "^PASS_MIN_LEN" /etc/login.defs; then
 	sed -i "s/^PASS_MIN_LEN.*/PASS_MIN_LEN 10/" /etc/login.defs
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/tests/password_minlen_12.pass.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/tests/password_minlen_12.pass.sh
index 7aaac8c68..f04bf9a1f 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/tests/password_minlen_12.pass.sh
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/tests/password_minlen_12.pass.sh
@@ -1,7 +1,7 @@
 #!/bin/bash
 #
 # profiles = xccdf_org.ssgproject.content_profile_ospp
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 
 if grep -q "^PASS_MIN_LEN" /etc/login.defs; then
 	sed -i "s/^PASS_MIN_LEN.*/PASS_MIN_LEN 12/" /etc/login.defs
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/tests/password_minlen_15.pass.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/tests/password_minlen_15.pass.sh
index 89ab4795b..f054cf4dc 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/tests/password_minlen_15.pass.sh
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/tests/password_minlen_15.pass.sh
@@ -1,7 +1,7 @@
 #!/bin/bash
 #
 # profiles = xccdf_org.ssgproject.content_profile_ospp
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8,multi_platform_fedora
 
 if grep -q "^PASS_MIN_LEN" /etc/login.defs; then
 	sed -i "s/^PASS_MIN_LEN.*/PASS_MIN_LEN 15/" /etc/login.defs
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/tests/password_minlen_commented.fail.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/tests/password_minlen_commented.fail.sh
index 00649b0bf..3f79a8312 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/tests/password_minlen_commented.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/tests/password_minlen_commented.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 #
 # profiles = xccdf_org.ssgproject.content_profile_ospp
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8,multi_platform_fedora
 
 sed -i "s/.*PASS_MIN_LEN.*/#PASS_MIN_LEN 12/" /etc/login.defs
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/tests/password_minlen_not_there.fail.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/tests/password_minlen_not_there.fail.sh
index 3772aee13..543968f0c 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/tests/password_minlen_not_there.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/tests/password_minlen_not_there.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 #
 # profiles = xccdf_org.ssgproject.content_profile_ospp
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8,multi_platform_fedora
 
 sed -i "/^PASS_MIN_LEN.*/d" /etc/login.defs
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/ansible/shared.yml
index 18974ea6c..d72de8a97 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/ansible/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ol
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ol
 # reboot = false
 # strategy = restrict
 # complexity = low
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/bash/shared.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/bash/shared.sh
index 7d6bc11f9..0a8561b81 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/bash/shared.sh
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
 # reboot = false
 # strategy = restrict
 # complexity = low
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/rule.yml
index 19d5c5245..99c9a6284 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/rule.yml
@@ -36,7 +36,7 @@ references:
     srg: SRG-OS-000076-GPOS-00044
     stigid@ol7: OL07-00-010260
     stigid@ol8: OL08-00-020210
-    stigid@rhel8: RHEL-08-020210
+    stigid@almalinux8: RHEL-08-020210
     stigid@sle12: SLES-12-010290
     stigid@sle15: SLES-15-020230
 
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_root/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_root/ansible/shared.yml
index ebcb5ac04..674369a42 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_root/ansible/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_root/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel
+# platform = multi_platform_rhel,multi_platform_almalinux
 # reboot = false
 # strategy = restrict
 # complexity = low
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_root/bash/shared.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_root/bash/shared.sh
index 7bdb759f6..dd157f1e3 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_root/bash/shared.sh
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_root/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_debian
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_debian
 # reboot = false
 # strategy = restrict
 # complexity = low
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_min_life_existing/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_min_life_existing/rule.yml
index 9214435a8..53db14105 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_min_life_existing/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_min_life_existing/rule.yml
@@ -37,7 +37,7 @@ references:
     srg: SRG-OS-000075-GPOS-00043
     stigid@ol7: OL07-00-010240
     stigid@ol8: OL08-00-020180
-    stigid@rhel8: RHEL-08-020180
+    stigid@almalinux8: RHEL-08-020180
     stigid@sle12: SLES-12-010270
     stigid@sle15: SLES-15-020210
 
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_warn_age_login_defs/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_warn_age_login_defs/ansible/shared.yml
index 8df20d253..ad8320347 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_warn_age_login_defs/ansible/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_warn_age_login_defs/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro
 # reboot = false
 # strategy = restrict
 # complexity = low
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_all_shadowed_sha512/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_all_shadowed_sha512/rule.yml
index 984b43911..d7330ce74 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_all_shadowed_sha512/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_all_shadowed_sha512/rule.yml
@@ -40,7 +40,7 @@ references:
     nist: IA-5(1)(c),IA-5(1).1(v),IA-7,IA-7.1
     srg:  SRG-OS-000073-GPOS-00041,SRG-OS-000120-GPOS-00061
     stigid@ol8: OL08-00-010120
-    stigid@rhel8: RHEL-08-010120
+    stigid@almalinux8: RHEL-08-010120
     stigid@sle12: SLES-12-010220
     stigid@sle15: SLES-15-020180
 
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/ansible/shared.yml
index 82110016d..2a73ed386 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/ansible/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
 # reboot = false
 # strategy = configure
 # complexity = low
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/bash/shared.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/bash/shared.sh
index 7374c21e8..0a9f303d4 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/bash/shared.sh
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_debian
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_debian
 
 {{{ bash_instantiate_variables("var_password_pam_unix_rounds") }}}
 
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_argument_missing.fail.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_argument_missing.fail.sh
index 3e24ba16a..288476511 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_argument_missing.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_argument_missing.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,multi_platform_fedora
 # variables = var_password_pam_unix_rounds=65536
 
 authselect create-profile hardening -b sssd
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_correct_value.pass.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_correct_value.pass.sh
index 39690d88d..6e467c55d 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_correct_value.pass.sh
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_correct_value.pass.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,multi_platform_fedora
 # variables = var_password_pam_unix_rounds=65536
 
 ROUNDS=65536
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_default_rounds.fail.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_default_rounds.fail.sh
index eabb4af89..c9bc404b0 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_default_rounds.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_default_rounds.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,multi_platform_fedora
 # variables = var_password_pam_unix_rounds=5000
 
 authselect create-profile hardening -b sssd
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_modified_pam.fail.sh
index 9c99fc307..c1683d3ba 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_modified_pam.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_modified_pam.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,multi_platform_fedora
 # remediation = none
 # variables = var_password_pam_unix_rounds=65536
 
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_wrong_control.fail.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_wrong_control.fail.sh
index dc8b11e2d..ab25779d7 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_wrong_control.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_wrong_control.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,multi_platform_fedora
 # variables = var_password_pam_unix_rounds=65536
 
 ROUNDS=65536
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_wrong_value.fail.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_wrong_value.fail.sh
index 96bcc3e23..916696231 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_wrong_value.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_wrong_value.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,multi_platform_fedora
 # variables = var_password_pam_unix_rounds=65536
 
 ROUNDS=4000
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/ansible/shared.yml
index c0b520bdf..70ab14cba 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/ansible/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
 # reboot = false
 # strategy = configure
 # complexity = low
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/bash/shared.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/bash/shared.sh
index 8316e495a..bf8a4c240 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/bash/shared.sh
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
 
 {{{ bash_instantiate_variables("var_password_pam_unix_rounds") }}}
 
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_argument_missing.fail.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_argument_missing.fail.sh
index 3da866412..4f0f07d9c 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_argument_missing.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_argument_missing.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,multi_platform_fedora
 # variables = var_password_pam_unix_rounds=65536
 
 authselect create-profile hardening -b sssd
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_correct_value.pass.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_correct_value.pass.sh
index 67a052f98..bfc9776b9 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_correct_value.pass.sh
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_correct_value.pass.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,multi_platform_fedora
 # variables = var_password_pam_unix_rounds=65536
 
 ROUNDS=65536
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_default_rounds.fail.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_default_rounds.fail.sh
index 1bbd39228..879540c6c 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_default_rounds.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_default_rounds.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,multi_platform_fedora
 # variables = var_password_pam_unix_rounds=5000
 
 authselect create-profile hardening -b sssd
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_modified_pam.fail.sh
index 3e62935b5..1ed7daf81 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_modified_pam.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_modified_pam.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,multi_platform_fedora
 # remediation = none
 # variables = var_password_pam_unix_rounds=65536
 
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_wrong_control.fail.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_wrong_control.fail.sh
index 85bbbdb7f..63159c408 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_wrong_control.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_wrong_control.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,multi_platform_fedora
 # variables = var_password_pam_unix_rounds=65536
 
 ROUNDS=65536
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_wrong_value.fail.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_wrong_value.fail.sh
index 244799045..9757a3ee8 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_wrong_value.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_wrong_value.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,multi_platform_fedora
 # variables = var_password_pam_unix_rounds=65536
 
 ROUNDS=4000
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/ansible/shared.yml
index 117a42585..b41d01a89 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/ansible/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu
 # reboot = false
 # strategy = configure
 # complexity = low
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/bash/shared.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/bash/shared.sh
index 9c097499f..2c80371bc 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/bash/shared.sh
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
 # reboot = false
 # strategy = configure
 # complexity = low
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/kubernetes/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/kubernetes/shared.yml
index ad3133b1f..eac1b843a 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/kubernetes/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_rhcos
 apiVersion: machineconfiguration.openshift.io/v1
 kind: MachineConfig
 spec:
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/rule.yml
index d148d9a9f..9eb5f7177 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/rule.yml
@@ -53,7 +53,7 @@ references:
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol7: OL07-00-010290
     stigid@ol8: OL08-00-020331,OL08-00-020332
-    stigid@rhel8: RHEL-08-020331,RHEL-08-020332
+    stigid@almalinux8: RHEL-08-020331,RHEL-08-020332
     stigid@sle12: SLES-12-010231
     stigid@sle15: SLES-15-020300
     stigid@ubuntu2004: UBTU-20-010463
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/tests/authselect_modified_pam.fail.sh
index 1dd45236b..ccb3e92aa 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/tests/authselect_modified_pam.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/tests/authselect_modified_pam.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,multi_platform_fedora
 # remediation = none
 
 SYSTEM_AUTH_FILE="/etc/pam.d/system-auth"
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/tests/authselect_nullok_absent.pass.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/tests/authselect_nullok_absent.pass.sh
index 0dfb32e31..740f25fd9 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/tests/authselect_nullok_absent.pass.sh
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/tests/authselect_nullok_absent.pass.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,multi_platform_fedora
 
 SYSTEM_AUTH_FILE="/etc/pam.d/system-auth"
 
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/tests/authselect_nullok_present.fail.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/tests/authselect_nullok_present.fail.sh
index 9dc5d7677..337522d82 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/tests/authselect_nullok_present.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/tests/authselect_nullok_present.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,multi_platform_fedora
 
 SYSTEM_AUTH_FILE="/etc/pam.d/system-auth"
 
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords_etc_shadow/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords_etc_shadow/rule.yml
index 55c7149f5..861c85d5f 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords_etc_shadow/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords_etc_shadow/rule.yml
@@ -38,7 +38,7 @@ references:
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol7: OL07-00-010291
     stigid@ol8: OL08-00-010121
-    stigid@rhel8: RHEL-08-010121
+    stigid@almalinux8: RHEL-08-010121
     stigid@sle12: SLES-12-010221
     stigid@sle15: SLES-15-020181
     stigid@ubuntu2004: UBTU-20-010462
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/accounts_no_uid_except_zero/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/accounts_no_uid_except_zero/rule.yml
index bf1f82e2c..4367b1109 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/accounts_no_uid_except_zero/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/accounts_no_uid_except_zero/rule.yml
@@ -52,7 +52,7 @@ references:
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol7: OL07-00-020310
     stigid@ol8: OL08-00-040200
-    stigid@rhel8: RHEL-08-040200
+    stigid@almalinux8: RHEL-08-040200
     stigid@sle12: SLES-12-010650
     stigid@sle15: SLES-15-020100
 
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/accounts_root_gid_zero/tests/other_user_uid_0.fail.sh b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/accounts_root_gid_zero/tests/other_user_uid_0.fail.sh
index ba82e5ddb..ddbac0bcf 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/accounts_root_gid_zero/tests/other_user_uid_0.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/accounts_root_gid_zero/tests/other_user_uid_0.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_rhel,multi_platform_ubuntu
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu
 # Remediation doesn't fix the rule, only locks passwords
 # of non-root accounts with uid 0.
 # remediation = none
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/ensure_pam_wheel_group_empty/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/ensure_pam_wheel_group_empty/ansible/shared.yml
index 987fb5d8b..8b5d81151 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/ensure_pam_wheel_group_empty/ansible/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/ensure_pam_wheel_group_empty/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
 # reboot = false
 # strategy = restrict
 # complexity = low
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/ensure_pam_wheel_group_empty/bash/shared.sh b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/ensure_pam_wheel_group_empty/bash/shared.sh
index df4c8338b..481ceb571 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/ensure_pam_wheel_group_empty/bash/shared.sh
+++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/ensure_pam_wheel_group_empty/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
 
 {{{ bash_instantiate_variables("var_pam_wheel_group_for_su") }}}
 
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/no_direct_root_logins/kubernetes/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/no_direct_root_logins/kubernetes/shared.yml
index 8f87bf06e..6bed5ef5a 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/no_direct_root_logins/kubernetes/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/no_direct_root_logins/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
 apiVersion: machineconfiguration.openshift.io/v1
 kind: MachineConfig
 spec:
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/restrict_serial_port_logins/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/restrict_serial_port_logins/ansible/shared.yml
index 5f9c92aac..119219eb0 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/restrict_serial_port_logins/ansible/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/restrict_serial_port_logins/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
 # reboot = false
 # strategy = restrict
 # complexity = low
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/securetty_root_login_console_only/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/securetty_root_login_console_only/ansible/shared.yml
index 429a8dcd1..8cafea67b 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/securetty_root_login_console_only/ansible/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/securetty_root_login_console_only/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_rhv,multi_platform_slmicro
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_slmicro
 # reboot = false
 # strategy = restrict
 # complexity = low
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_for_su/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_for_su/ansible/shared.yml
index e7f5c730c..8f06c6cfa 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_for_su/ansible/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_for_su/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
 # reboot = false
 # strategy = restrict
 # complexity = low
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_for_su/bash/shared.sh b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_for_su/bash/shared.sh
index bd1ba1ccb..d139fdda4 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_for_su/bash/shared.sh
+++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_for_su/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
 
 # uncomment the option if commented
 sed '/^[[:space:]]*#[[:space:]]*auth[[:space:]]\+required[[:space:]]\+pam_wheel\.so[[:space:]]\+use_uid$/s/^[[:space:]]*#//' -i /etc/pam.d/su
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_group_for_su/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_group_for_su/ansible/shared.yml
index 9bbbb9585..766df9993 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_group_for_su/ansible/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_group_for_su/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
 # reboot = false
 # strategy = restrict
 # complexity = low
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_group_for_su/bash/shared.sh b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_group_for_su/bash/shared.sh
index cb7530b38..c33fd385c 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_group_for_su/bash/shared.sh
+++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_group_for_su/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
 {{{ bash_instantiate_variables("var_pam_wheel_group_for_su") }}}
 
 PAM_CONF=/etc/pam.d/su
diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_have_homedir_login_defs/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_have_homedir_login_defs/rule.yml
index 1c0e2ca28..54ebaf547 100644
--- a/linux_os/guide/system/accounts/accounts-session/accounts_have_homedir_login_defs/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-session/accounts_have_homedir_login_defs/rule.yml
@@ -30,7 +30,7 @@ references:
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol7: OL07-00-020610
     stigid@ol8: OL08-00-010760
-    stigid@rhel8: RHEL-08-010760
+    stigid@almalinux8: RHEL-08-010760
     stigid@sle12: SLES-12-010720
     stigid@sle15: SLES-15-020110
 
diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_logon_fail_delay/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_logon_fail_delay/rule.yml
index 0b8be731c..03bb75239 100644
--- a/linux_os/guide/system/accounts/accounts-session/accounts_logon_fail_delay/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-session/accounts_logon_fail_delay/rule.yml
@@ -32,7 +32,7 @@ references:
     srg: SRG-OS-000480-GPOS-00226
     stigid@ol7: OL07-00-010430
     stigid@ol8: OL08-00-020310
-    stigid@rhel8: RHEL-08-020310
+    stigid@almalinux8: RHEL-08-020310
     stigid@sle12: SLES-12-010140
 
 ocil_clause: 'the value of "FAIL_DELAY" is not set to "{{{ xccdf_value("var_accounts_fail_delay") }}}" or greater, or the line is commented out'
diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_max_concurrent_login_sessions/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_max_concurrent_login_sessions/rule.yml
index 477afdbe7..1ccd6d5c0 100644
--- a/linux_os/guide/system/accounts/accounts-session/accounts_max_concurrent_login_sessions/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-session/accounts_max_concurrent_login_sessions/rule.yml
@@ -39,7 +39,7 @@ references:
     srg: SRG-OS-000027-GPOS-00008
     stigid@ol7: OL07-00-040000
     stigid@ol8: OL08-00-020024
-    stigid@rhel8: RHEL-08-020024
+    stigid@almalinux8: RHEL-08-020024
     stigid@sle12: SLES-12-010120
     stigid@sle15: SLES-15-020020
     stigid@ubuntu2004: UBTU-20-010400
diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_tmp/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_tmp/ansible/shared.yml
index d3798de62..19761e09d 100644
--- a/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_tmp/ansible/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_tmp/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_sle
+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
 # reboot = false
 # strategy = restrict
 # complexity = low
diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_var_tmp/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_var_tmp/ansible/shared.yml
index da628bc5e..90f23cb90 100644
--- a/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_var_tmp/ansible/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_var_tmp/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_sle
+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
 # reboot = false
 # strategy = restrict
 # complexity = low
diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_user_dot_no_world_writable_programs/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_user_dot_no_world_writable_programs/rule.yml
index ebab6010f..edb1e218c 100644
--- a/linux_os/guide/system/accounts/accounts-session/accounts_user_dot_no_world_writable_programs/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-session/accounts_user_dot_no_world_writable_programs/rule.yml
@@ -33,7 +33,7 @@ references:
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol7: OL07-00-020730
     stigid@ol8: OL08-00-010660
-    stigid@rhel8: RHEL-08-010660
+    stigid@almalinux8: RHEL-08-010660
     stigid@sle12: SLES-12-010780
     stigid@sle15: SLES-15-040130
 
diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_user_home_paths_only/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_user_home_paths_only/rule.yml
index a59cb8c08..efdacd07b 100644
--- a/linux_os/guide/system/accounts/accounts-session/accounts_user_home_paths_only/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-session/accounts_user_home_paths_only/rule.yml
@@ -34,7 +34,7 @@ references:
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol7: OL07-00-020720
     stigid@ol8: OL08-00-010690
-    stigid@rhel8: RHEL-08-010690
+    stigid@almalinux8: RHEL-08-010690
     stigid@sle12: SLES-12-010770
     stigid@sle15: SLES-15-040120
 
diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_defined/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_defined/rule.yml
index 4cc4bd31d..ab4719ded 100644
--- a/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_defined/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_defined/rule.yml
@@ -30,7 +30,7 @@ references:
     disa: CCI-000366
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol8: OL08-00-010720
-    stigid@rhel8: RHEL-08-010720
+    stigid@almalinux8: RHEL-08-010720
     stigid@sle12: SLES-12-010710
     stigid@sle15: SLES-15-040070
 
diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_exists/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_exists/rule.yml
index aa2283271..eb22b9c2a 100644
--- a/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_exists/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_exists/rule.yml
@@ -36,7 +36,7 @@ references:
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol7: OL07-00-020620
     stigid@ol8: OL08-00-010750
-    stigid@rhel8: RHEL-08-010750
+    stigid@almalinux8: RHEL-08-010750
     stigid@sle12: SLES-12-010730
     stigid@sle15: SLES-15-040080
 
diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_users_home_files_groupownership/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_users_home_files_groupownership/rule.yml
index 71cb3ec5d..da5ade2a6 100644
--- a/linux_os/guide/system/accounts/accounts-session/accounts_users_home_files_groupownership/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-session/accounts_users_home_files_groupownership/rule.yml
@@ -32,7 +32,7 @@ references:
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol7: OL07-00-020670
     stigid@ol8: OL08-00-010741
-    stigid@rhel8: RHEL-08-010741
+    stigid@almalinux8: RHEL-08-010741
 
 ocil_clause: 'the group ownership is incorrect'
 
diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_users_home_files_permissions/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_users_home_files_permissions/rule.yml
index e04ce08d0..cbc6752ad 100644
--- a/linux_os/guide/system/accounts/accounts-session/accounts_users_home_files_permissions/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-session/accounts_users_home_files_permissions/rule.yml
@@ -31,7 +31,7 @@ references:
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol7: OL07-00-020680
     stigid@ol8: OL08-00-010731
-    stigid@rhel8: RHEL-08-010731
+    stigid@almalinux8: RHEL-08-010731
 
 ocil_clause: 'home directory files or folders have incorrect permissions'
 
diff --git a/linux_os/guide/system/accounts/accounts-session/file_groupownership_home_directories/rule.yml b/linux_os/guide/system/accounts/accounts-session/file_groupownership_home_directories/rule.yml
index efd83d032..4043bc31e 100644
--- a/linux_os/guide/system/accounts/accounts-session/file_groupownership_home_directories/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-session/file_groupownership_home_directories/rule.yml
@@ -39,7 +39,7 @@ references:
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol7: OL07-00-020650
     stigid@ol8: OL08-00-010740
-    stigid@rhel8: RHEL-08-010740
+    stigid@almalinux8: RHEL-08-010740
     stigid@sle12: SLES-12-010750
     stigid@sle15: SLES-15-040100
 
diff --git a/linux_os/guide/system/accounts/accounts-session/file_permission_user_init_files_root/rule.yml b/linux_os/guide/system/accounts/accounts-session/file_permission_user_init_files_root/rule.yml
index 40ab5475c..e1f07da16 100644
--- a/linux_os/guide/system/accounts/accounts-session/file_permission_user_init_files_root/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-session/file_permission_user_init_files_root/rule.yml
@@ -25,7 +25,7 @@ identifiers:
 references:
     disa: CCI-000366
     srg: SRG-OS-000480-GPOS-00227
-    stigid@rhel8: RHEL-08-010770
+    stigid@almalinux8: RHEL-08-010770
 
 ocil_clause: 'they are not 0740 or more permissive'
 
diff --git a/linux_os/guide/system/accounts/accounts-session/file_permissions_home_directories/rule.yml b/linux_os/guide/system/accounts/accounts-session/file_permissions_home_directories/rule.yml
index ddc2943a9..8d71a23f6 100644
--- a/linux_os/guide/system/accounts/accounts-session/file_permissions_home_directories/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-session/file_permissions_home_directories/rule.yml
@@ -33,7 +33,7 @@ references:
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol7: OL07-00-020630
     stigid@ol8: OL08-00-010730
-    stigid@rhel8: RHEL-08-010730
+    stigid@almalinux8: RHEL-08-010730
     stigid@sle12: SLES-12-010740
     stigid@sle15: SLES-15-040090
 
diff --git a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_bashrc/rule.yml b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_bashrc/rule.yml
index f0f585a72..990c857e9 100644
--- a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_bashrc/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_bashrc/rule.yml
@@ -47,7 +47,7 @@ references:
     nist-csf: PR.IP-2
     srg: SRG-OS-000480-GPOS-00228,SRG-OS-000480-GPOS-00227
     stigid@ol8: OL08-00-020353
-    stigid@rhel8: RHEL-08-020353
+    stigid@almalinux8: RHEL-08-020353
 
 platform: package[bash]
 
diff --git a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_bashrc/tests/stig_correct.pass.sh b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_bashrc/tests/stig_correct.pass.sh
index 5dac9eec3..7e31e6291 100644
--- a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_bashrc/tests/stig_correct.pass.sh
+++ b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_bashrc/tests/stig_correct.pass.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # profiles = xccdf_org.ssgproject.content_profile_stig
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 # packages = bash
 
 sed -i '/umask/d' /etc/bashrc
diff --git a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_csh_cshrc/rule.yml b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_csh_cshrc/rule.yml
index 07be79451..07193cc9f 100644
--- a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_csh_cshrc/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_csh_cshrc/rule.yml
@@ -33,7 +33,7 @@ references:
     nist-csf: PR.IP-2
     srg: SRG-OS-000480-GPOS-00228,SRG-OS-000480-GPOS-00227
     stigid@ol8: OL08-00-020353
-    stigid@rhel8: RHEL-08-020353
+    stigid@almalinux8: RHEL-08-020353
 
 ocil_clause: 'the value for the "umask" parameter is not "{{{ xccdf_value("var_accounts_user_umask") }}}", or the "umask" parameter is missing or is commented out'
 
diff --git a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_csh_cshrc/tests/stig_correct.pass.sh b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_csh_cshrc/tests/stig_correct.pass.sh
index 04f6247a8..c81ef7ee7 100644
--- a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_csh_cshrc/tests/stig_correct.pass.sh
+++ b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_csh_cshrc/tests/stig_correct.pass.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # profiles = xccdf_org.ssgproject.content_profile_stig
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 
 sed -i '/umask/d' /etc/csh.cshrc
 echo "umask 077" >> /etc/csh.cshrc
diff --git a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_login_defs/rule.yml b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_login_defs/rule.yml
index 223eb3926..77c8898c7 100644
--- a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_login_defs/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_login_defs/rule.yml
@@ -40,7 +40,7 @@ references:
     srg: SRG-OS-000480-GPOS-00228
     stigid@ol7: OL07-00-020240
     stigid@ol8: OL08-00-020351
-    stigid@rhel8: RHEL-08-020351
+    stigid@almalinux8: RHEL-08-020351
     stigid@sle12: SLES-12-010620
     stigid@sle15: SLES-15-040420
     stigid@ubuntu2004: UBTU-20-010016
diff --git a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_profile/rule.yml b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_profile/rule.yml
index 3a6b2ea70..c4d1fa151 100644
--- a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_profile/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_profile/rule.yml
@@ -43,7 +43,7 @@ references:
     nist-csf: PR.IP-2
     srg: SRG-OS-000480-GPOS-00228,SRG-OS-000480-GPOS-00227
     stigid@ol8: OL08-00-020353
-    stigid@rhel8: RHEL-08-020353
+    stigid@almalinux8: RHEL-08-020353
 
 ocil_clause: |-
     the value for the "umask" parameter is not "{{{ xccdf_value("var_accounts_user_umask") }}}",
diff --git a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_interactive_users/rule.yml b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_interactive_users/rule.yml
index 29c5612cc..5d5c3f6fe 100644
--- a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_interactive_users/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_interactive_users/rule.yml
@@ -27,7 +27,7 @@ references:
     srg: SRG-OS-000480-GPOS-00227,SRG-OS-000480-GPOS-00228
     stigid@ol7: OL07-00-021040
     stigid@ol8: OL08-00-020352
-    stigid@rhel8: RHEL-08-020352
+    stigid@almalinux8: RHEL-08-020352
 
 ocil_clause: 'any local interactive user initialization files are found to have a umask statement that sets a value less restrictive than "077"'
 
diff --git a/linux_os/guide/system/accounts/enable_authselect/ansible/shared.yml b/linux_os/guide/system/accounts/enable_authselect/ansible/shared.yml
index 7f399477a..0c427d51c 100644
--- a/linux_os/guide/system/accounts/enable_authselect/ansible/shared.yml
+++ b/linux_os/guide/system/accounts/enable_authselect/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora,multi_platform_ol,multi_platform_almalinux
+# platform = Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,multi_platform_fedora,multi_platform_ol,multi_platform_almalinux
 # reboot = false
 # strategy = configure
 # complexity = low
diff --git a/linux_os/guide/system/accounts/enable_authselect/tests/not_remediable.fail.sh b/linux_os/guide/system/accounts/enable_authselect/tests/not_remediable.fail.sh
index 53528d634..c9e459347 100644
--- a/linux_os/guide/system/accounts/enable_authselect/tests/not_remediable.fail.sh
+++ b/linux_os/guide/system/accounts/enable_authselect/tests/not_remediable.fail.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_almalinux
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,multi_platform_almalinux
 # packages = authselect,pam
 # remediation = none
 
diff --git a/linux_os/guide/system/accounts/enable_authselect/tests/remediable.fail.sh b/linux_os/guide/system/accounts/enable_authselect/tests/remediable.fail.sh
index 468c958cb..156cc6191 100644
--- a/linux_os/guide/system/accounts/enable_authselect/tests/remediable.fail.sh
+++ b/linux_os/guide/system/accounts/enable_authselect/tests/remediable.fail.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_almalinux
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,multi_platform_almalinux
 # packages = authselect,pam
 
 rm -f /etc/pam.d/{fingerprint-auth,password-auth,postlogin,smartcard-auth,system-auth}
diff --git a/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/tests/arg_not_there.fail.sh b/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/tests/arg_not_there.fail.sh
index 50abc5732..06507fba6 100644
--- a/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/tests/arg_not_there.fail.sh
+++ b/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/tests/arg_not_there.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # Based on shared/templates/grub2_bootloader_argument/tests/arg_not_there.fail.sh
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 
 # Removes audit argument from kernel command line in /boot/grub2/grubenv
 file="/boot/grub2/grubenv"
diff --git a/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/tests/arg_not_there_grubenv.fail.sh b/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/tests/arg_not_there_grubenv.fail.sh
index 5a204756e..a7506d65e 100644
--- a/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/tests/arg_not_there_grubenv.fail.sh
+++ b/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/tests/arg_not_there_grubenv.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 # Based on shared/templates/grub2_bootloader_argument/tests/arg_not_there_grubenv.fail.sh
 
 # Fake the kernel compile config, this is necessary when the distro's kernel is already compiled
diff --git a/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/tests/wrong_value.fail.sh b/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/tests/wrong_value.fail.sh
index c4213caf8..2248a137c 100644
--- a/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/tests/wrong_value.fail.sh
+++ b/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/tests/wrong_value.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # Based on shared/templates/grub2_bootloader_argument/tests/wrong_value.fail.sh
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 
 # Break the argument in kernel command line in /boot/grub2/grubenv
 file="/boot/grub2/grubenv"
diff --git a/linux_os/guide/system/bootloader-grub2/grub2_pti_argument/rule.yml b/linux_os/guide/system/bootloader-grub2/grub2_pti_argument/rule.yml
index 43ac06be3..66e36e2fb 100644
--- a/linux_os/guide/system/bootloader-grub2/grub2_pti_argument/rule.yml
+++ b/linux_os/guide/system/bootloader-grub2/grub2_pti_argument/rule.yml
@@ -27,7 +27,7 @@ references:
     nist: SI-16
     srg: SRG-OS-000433-GPOS-00193,SRG-OS-000095-GPOS-00049
     stigid@ol8: OL08-00-040004
-    stigid@rhel8: RHEL-08-040004
+    stigid@almalinux8: RHEL-08-040004
 
 ocil_clause: 'Kernel page-table isolation is not enabled'
 
diff --git a/linux_os/guide/system/bootloader-grub2/grub2_vsyscall_argument/rule.yml b/linux_os/guide/system/bootloader-grub2/grub2_vsyscall_argument/rule.yml
index 28da623cf..1ff7ac639 100644
--- a/linux_os/guide/system/bootloader-grub2/grub2_vsyscall_argument/rule.yml
+++ b/linux_os/guide/system/bootloader-grub2/grub2_vsyscall_argument/rule.yml
@@ -26,7 +26,7 @@ references:
     ospp: FPT_ASLR_EXT.1
     srg: SRG-OS-000480-GPOS-00227,SRG-OS-000134-GPOS-00068
     stigid@ol8: OL08-00-010422
-    stigid@rhel8: RHEL-08-010422
+    stigid@almalinux8: RHEL-08-010422
 
 ocil_clause: 'vsyscalls are enabled'
 
diff --git a/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_admin_username/rule.yml b/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_admin_username/rule.yml
index 9f8cc264b..a09401d2b 100644
--- a/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_admin_username/rule.yml
+++ b/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_admin_username/rule.yml
@@ -46,7 +46,7 @@ references:
     srg: SRG-OS-000080-GPOS-00048
     stigid@ol7: OL07-00-010483
     stigid@ol8: OL08-00-010149
-    stigid@rhel8: RHEL-08-010149
+    stigid@almalinux8: RHEL-08-010149
 
 ocil_clause: 'superuser account is not set or is set to root, admin, administrator or any other existing user name'
 
diff --git a/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_password/oval/shared.xml b/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_password/oval/shared.xml
index f5b957e88..b678a4e70 100644
--- a/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_password/oval/shared.xml
+++ b/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_password/oval/shared.xml
@@ -3,7 +3,7 @@
     {{{ oval_metadata("The grub2 boot loader should have password protection enabled.") }}}
 
     
-      {{% if product in ["ol7", "ol8", "ol9", "rhel8"] %}}
+      {{% if product in ["ol7", "ol8", "ol9", "rhel8", "almalinux8"] %}}
       
       {{% else %}}
       
diff --git a/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_password/rule.yml b/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_password/rule.yml
index a2b97c4ee..b47703542 100644
--- a/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_password/rule.yml
+++ b/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_password/rule.yml
@@ -65,7 +65,7 @@ references:
     srg: SRG-OS-000080-GPOS-00048
     stigid@ol7: OL07-00-010482
     stigid@ol8: OL08-00-010150
-    stigid@rhel8: RHEL-08-010150
+    stigid@almalinux8: RHEL-08-010150
     stigid@sle12: SLES-12-010430
     stigid@sle15: SLES-15-010190
     stigid@ubuntu2004: UBTU-20-010009
diff --git a/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_admin_username/rule.yml b/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_admin_username/rule.yml
index 83be376b8..e2e004587 100644
--- a/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_admin_username/rule.yml
+++ b/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_admin_username/rule.yml
@@ -47,7 +47,7 @@ references:
     srg: SRG-OS-000080-GPOS-00048
     stigid@ol7: OL07-00-010492
     stigid@ol8: OL08-00-010141
-    stigid@rhel8: RHEL-08-010141
+    stigid@almalinux8: RHEL-08-010141
 
 ocil_clause: 'superuser account is not set or is set to an existing name or to a common name'
 
diff --git a/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_password/rule.yml b/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_password/rule.yml
index 831aa6ec3..4ac763e2a 100644
--- a/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_password/rule.yml
+++ b/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_password/rule.yml
@@ -67,7 +67,7 @@ references:
     srg: SRG-OS-000080-GPOS-00048
     stigid@ol7: OL07-00-010491
     stigid@ol8: OL08-00-010140
-    stigid@rhel8: RHEL-08-010140
+    stigid@almalinux8: RHEL-08-010140
     stigid@sle12: SLES-12-010440
     stigid@sle15: SLES-15-010200
     stigid@ubuntu2004: UBTU-20-010009
diff --git a/linux_os/guide/system/bootloader-zipl/zipl_audit_argument/tests/correct_option.pass.sh b/linux_os/guide/system/bootloader-zipl/zipl_audit_argument/tests/correct_option.pass.sh
index 7a828837f..87f430c10 100644
--- a/linux_os/guide/system/bootloader-zipl/zipl_audit_argument/tests/correct_option.pass.sh
+++ b/linux_os/guide/system/bootloader-zipl/zipl_audit_argument/tests/correct_option.pass.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 
 # Make sure boot loader entries contain audit=1
 for file in /boot/loader/entries/*.conf
diff --git a/linux_os/guide/system/bootloader-zipl/zipl_audit_argument/tests/missing_in_cmdline.fail.sh b/linux_os/guide/system/bootloader-zipl/zipl_audit_argument/tests/missing_in_cmdline.fail.sh
index 3af83d30d..3c6e66c5a 100644
--- a/linux_os/guide/system/bootloader-zipl/zipl_audit_argument/tests/missing_in_cmdline.fail.sh
+++ b/linux_os/guide/system/bootloader-zipl/zipl_audit_argument/tests/missing_in_cmdline.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 
 # Make sure boot loader entries contain audit=1
 for file in /boot/loader/entries/*.conf
diff --git a/linux_os/guide/system/bootloader-zipl/zipl_audit_argument/tests/missing_in_entry.fail.sh b/linux_os/guide/system/bootloader-zipl/zipl_audit_argument/tests/missing_in_entry.fail.sh
index 5650cc0a7..653dc2126 100644
--- a/linux_os/guide/system/bootloader-zipl/zipl_audit_argument/tests/missing_in_entry.fail.sh
+++ b/linux_os/guide/system/bootloader-zipl/zipl_audit_argument/tests/missing_in_entry.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 
 # Remove audit=1 from all boot entries
 sed -Ei 's/(^options.*\s)audit=1(.*?)$/\1\2/' /boot/loader/entries/*
diff --git a/linux_os/guide/system/bootloader-zipl/zipl_bls_entries_only/tests/image_configured.fail.sh b/linux_os/guide/system/bootloader-zipl/zipl_bls_entries_only/tests/image_configured.fail.sh
index e3adb9963..a32311839 100644
--- a/linux_os/guide/system/bootloader-zipl/zipl_bls_entries_only/tests/image_configured.fail.sh
+++ b/linux_os/guide/system/bootloader-zipl/zipl_bls_entries_only/tests/image_configured.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = Red Hat Enterprise Linux 8
+# platform = Red Hat Enterprise Linux 8,AlmaLinux OS 8
 # remediation = none
 
 # Make sure no image configured in zipl config file
diff --git a/linux_os/guide/system/bootloader-zipl/zipl_bls_entries_only/tests/no_image.pass.sh b/linux_os/guide/system/bootloader-zipl/zipl_bls_entries_only/tests/no_image.pass.sh
index 47626442f..a983219d0 100644
--- a/linux_os/guide/system/bootloader-zipl/zipl_bls_entries_only/tests/no_image.pass.sh
+++ b/linux_os/guide/system/bootloader-zipl/zipl_bls_entries_only/tests/no_image.pass.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = Red Hat Enterprise Linux 8
+# platform = Red Hat Enterprise Linux 8,AlmaLinux OS 8
 # remediation = none
 
 # Make sure no image configured in zipl config file
diff --git a/linux_os/guide/system/bootloader-zipl/zipl_bootmap_is_up_to_date/tests/newer_boot_entry.fail.sh b/linux_os/guide/system/bootloader-zipl/zipl_bootmap_is_up_to_date/tests/newer_boot_entry.fail.sh
index 728c6b7bd..2eb819c46 100644
--- a/linux_os/guide/system/bootloader-zipl/zipl_bootmap_is_up_to_date/tests/newer_boot_entry.fail.sh
+++ b/linux_os/guide/system/bootloader-zipl/zipl_bootmap_is_up_to_date/tests/newer_boot_entry.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = Red Hat Enterprise Linux 8
+# platform = Red Hat Enterprise Linux 8,AlmaLinux OS 8
 # remediation = none
 
 touch /etc/zipl.conf
diff --git a/linux_os/guide/system/bootloader-zipl/zipl_bootmap_is_up_to_date/tests/newer_zipl_conf.fail.sh b/linux_os/guide/system/bootloader-zipl/zipl_bootmap_is_up_to_date/tests/newer_zipl_conf.fail.sh
index 1ae4d631e..2388eb880 100644
--- a/linux_os/guide/system/bootloader-zipl/zipl_bootmap_is_up_to_date/tests/newer_zipl_conf.fail.sh
+++ b/linux_os/guide/system/bootloader-zipl/zipl_bootmap_is_up_to_date/tests/newer_zipl_conf.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = Red Hat Enterprise Linux 8
+# platform = Red Hat Enterprise Linux 8,AlmaLinux OS 8
 # remediation = none
 
 touch /boot/loader/entries/*.conf # Update current existing entries
diff --git a/linux_os/guide/system/bootloader-zipl/zipl_bootmap_is_up_to_date/tests/up_to_date.pass.sh b/linux_os/guide/system/bootloader-zipl/zipl_bootmap_is_up_to_date/tests/up_to_date.pass.sh
index 7981ba8c5..41d205b33 100644
--- a/linux_os/guide/system/bootloader-zipl/zipl_bootmap_is_up_to_date/tests/up_to_date.pass.sh
+++ b/linux_os/guide/system/bootloader-zipl/zipl_bootmap_is_up_to_date/tests/up_to_date.pass.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = Red Hat Enterprise Linux 8
+# platform = Red Hat Enterprise Linux 8,AlmaLinux OS 8
 # remediation = none
 
 touch /etc/zipl.conf
diff --git a/linux_os/guide/system/bootloader-zipl/zipl_init_on_alloc_argument/tests/correct_option.pass.sh b/linux_os/guide/system/bootloader-zipl/zipl_init_on_alloc_argument/tests/correct_option.pass.sh
index 50cf1b78f..bbf06f220 100644
--- a/linux_os/guide/system/bootloader-zipl/zipl_init_on_alloc_argument/tests/correct_option.pass.sh
+++ b/linux_os/guide/system/bootloader-zipl/zipl_init_on_alloc_argument/tests/correct_option.pass.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux OS 8, Red Hat Enterprise Linux 9
 
 # Make sure boot loader entries contain init_on_alloc=1
 for file in /boot/loader/entries/*.conf
diff --git a/linux_os/guide/system/bootloader-zipl/zipl_init_on_alloc_argument/tests/missing_in_cmdline.fail.sh b/linux_os/guide/system/bootloader-zipl/zipl_init_on_alloc_argument/tests/missing_in_cmdline.fail.sh
index 7c0d91547..2232b2a23 100644
--- a/linux_os/guide/system/bootloader-zipl/zipl_init_on_alloc_argument/tests/missing_in_cmdline.fail.sh
+++ b/linux_os/guide/system/bootloader-zipl/zipl_init_on_alloc_argument/tests/missing_in_cmdline.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux OS 8, Red Hat Enterprise Linux 9
 
 # Make sure boot loader entries contain init_on_alloc=1
 for file in /boot/loader/entries/*.conf
diff --git a/linux_os/guide/system/bootloader-zipl/zipl_init_on_alloc_argument/tests/missing_in_entry.fail.sh b/linux_os/guide/system/bootloader-zipl/zipl_init_on_alloc_argument/tests/missing_in_entry.fail.sh
index 9d330c919..235a05e16 100644
--- a/linux_os/guide/system/bootloader-zipl/zipl_init_on_alloc_argument/tests/missing_in_entry.fail.sh
+++ b/linux_os/guide/system/bootloader-zipl/zipl_init_on_alloc_argument/tests/missing_in_entry.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux OS 8, Red Hat Enterprise Linux 9
 
 # Remove init_on_alloc=1 from all boot entries
 sed -Ei 's/(^options.*\s)init_on_alloc=1(.*?)$/\1\2/' /boot/loader/entries/*
diff --git a/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/ansible/shared.yml b/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/ansible/shared.yml
index 5585e0eaf..a298acf01 100644
--- a/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/ansible/shared.yml
+++ b/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9
 # reboot = true
 # strategy = configure
 # complexity = medium
diff --git a/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/bash/shared.sh b/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/bash/shared.sh
index 0d90d58db..98a2ffba9 100644
--- a/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/bash/shared.sh
+++ b/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9
 
 # Correct BLS option using grubby, which is a thin wrapper around BLS operations
 grubby --update-kernel=ALL --remove-args="systemd.debug-shell"
diff --git a/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/tests/argument_missing.pass.sh b/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/tests/argument_missing.pass.sh
index 4649db979..7f13146ca 100644
--- a/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/tests/argument_missing.pass.sh
+++ b/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/tests/argument_missing.pass.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 
 # Make sure boot loader entries don't contain systemd.debug-shell
 sed -Ei 's/(^options.*)\s\bsystemd.debug-shell\b\S*(.*?)$/\1\2/' /boot/loader/entries/*
diff --git a/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/tests/configured_in_cmdline.fail.sh b/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/tests/configured_in_cmdline.fail.sh
index faac856fb..36e19d282 100644
--- a/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/tests/configured_in_cmdline.fail.sh
+++ b/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/tests/configured_in_cmdline.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 
 # Make sure boot loader entries doesn't contain systemd.debug-shell
 sed -Ei 's/(^options.*)\s\bsystemd.debug-shell\b\S*(.*?)$/\1\2/' /boot/loader/entries/*
diff --git a/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/tests/configured_in_entry.fail.sh b/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/tests/configured_in_entry.fail.sh
index fe07a37d0..ba14e7c53 100644
--- a/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/tests/configured_in_entry.fail.sh
+++ b/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/tests/configured_in_entry.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 
 # Remove systemd.debug-shell from all boot entries
 sed -Ei 's/(^options.*)\s\bsystemd.debug-shell\b\S*(.*?)$/\1\2/' /boot/loader/entries/*
diff --git a/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/tests/multiple_configured_in_cmdline.fail.sh b/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/tests/multiple_configured_in_cmdline.fail.sh
index 0c2febb03..5b5dbf360 100644
--- a/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/tests/multiple_configured_in_cmdline.fail.sh
+++ b/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/tests/multiple_configured_in_cmdline.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 
 # Make sure boot loader entries doesn't contain systemd.debug-shell
 sed -Ei 's/(^options.*)\s\bsystemd.debug-shell\b\S*(.*?)$/\1\2/' /boot/loader/entries/*
diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/bash/shared.sh b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/bash/shared.sh
index 8fa32223f..89e411a7f 100644
--- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/bash/shared.sh
+++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
 
 if ! grep -s "^\s*cron\.\*\s*/var/log/cron$" /etc/rsyslog.conf /etc/rsyslog.d/*.conf; then
 	mkdir -p /etc/rsyslog.d
diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/rule.yml b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/rule.yml
index 3be9ad9b1..3e3d91f5d 100644
--- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/rule.yml
+++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/rule.yml
@@ -38,7 +38,7 @@ references:
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol7: OL07-00-021100
     stigid@ol8: OL08-00-030010
-    stigid@rhel8: RHEL-08-030010
+    stigid@almalinux8: RHEL-08-030010
 
 ocil_clause: 'cron is not logging to rsyslog'
 
diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdriverauthmode/ansible/shared.yml b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdriverauthmode/ansible/shared.yml
index 4e321fecb..2818c4ca1 100644
--- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdriverauthmode/ansible/shared.yml
+++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdriverauthmode/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
 # reboot = false
 # strategy = configure
 # complexity = low
diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdriverauthmode/bash/shared.sh b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdriverauthmode/bash/shared.sh
index 3933f28b4..d71a075f1 100644
--- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdriverauthmode/bash/shared.sh
+++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdriverauthmode/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
 # reboot = false
 # strategy = configure
 # complexity = low
diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdriverauthmode/rule.yml b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdriverauthmode/rule.yml
index 4ee12c8cf..09ff8638c 100644
--- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdriverauthmode/rule.yml
+++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdriverauthmode/rule.yml
@@ -33,7 +33,7 @@ references:
     nist: AU-4(1)
     srg: SRG-OS-000342-GPOS-00133,SRG-OS-000479-GPOS-00224
     stigid@ol8: OL08-00-030720
-    stigid@rhel8: RHEL-08-030720
+    stigid@almalinux8: RHEL-08-030720
 
 ocil_clause: '$ActionSendStreamDriverAuthMode in /etc/rsyslog.conf is not set to x509/name'
 
diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdrivermode/rule.yml b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdrivermode/rule.yml
index 564ec19cc..c9cbe3e4f 100644
--- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdrivermode/rule.yml
+++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdrivermode/rule.yml
@@ -34,7 +34,7 @@ references:
     nist: AU-4(1)
     srg: SRG-OS-000342-GPOS-00133,SRG-OS-000479-GPOS-00224
     stigid@ol8: OL08-00-030710
-    stigid@rhel8: RHEL-08-030710
+    stigid@almalinux8: RHEL-08-030710
 
 ocil_clause: 'rsyslogd ActionSendStreamDriverMode is not set to 1'
 
diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_defaultnetstreamdriver/rule.yml b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_defaultnetstreamdriver/rule.yml
index 7b9dcc0be..20aa3afaf 100644
--- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_defaultnetstreamdriver/rule.yml
+++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_defaultnetstreamdriver/rule.yml
@@ -34,7 +34,7 @@ references:
     nist: AU-4(1)
     srg: SRG-OS-000342-GPOS-00133,SRG-OS-000479-GPOS-00224
     stigid@ol8: OL08-00-030710
-    stigid@rhel8: RHEL-08-030710
+    stigid@almalinux8: RHEL-08-030710
 
 ocil_clause: 'rsyslogd DefaultNetstreamDriver not set to gtls'
 
diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_remote_access_monitoring/rule.yml b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_remote_access_monitoring/rule.yml
index c1f2165a1..d92008f40 100644
--- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_remote_access_monitoring/rule.yml
+++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_remote_access_monitoring/rule.yml
@@ -35,7 +35,7 @@ references:
     nist: AC-17(1)
     srg: SRG-OS-000032-GPOS-00013
     stigid@ol8: OL08-00-010070
-    stigid@rhel8: RHEL-08-010070
+    stigid@almalinux8: RHEL-08-010070
     stigid@ubuntu2004: UBTU-20-010403
     stigid@ubuntu2204: UBTU-22-652015
 
diff --git a/linux_os/guide/system/logging/journald/journald_disable_forward_to_syslog/rule.yml b/linux_os/guide/system/logging/journald/journald_disable_forward_to_syslog/rule.yml
index 6b1f74424..b514ff79d 100644
--- a/linux_os/guide/system/logging/journald/journald_disable_forward_to_syslog/rule.yml
+++ b/linux_os/guide/system/logging/journald/journald_disable_forward_to_syslog/rule.yml
@@ -13,7 +13,7 @@ platform: package[systemd]
 
 severity: medium
 
-{{%- if product in ["rhel8", "rhel9", "sle15"] %}}
+{{%- if product in ["rhel8", "almalinux8", "rhel9", "sle15"] %}}
 template:
     name: systemd_dropin_configuration
     vars:
diff --git a/linux_os/guide/system/logging/log_rotation/ensure_logrotate_activated/kubernetes/shared.yml b/linux_os/guide/system/logging/log_rotation/ensure_logrotate_activated/kubernetes/shared.yml
index 892523fc4..9fbba1ccb 100644
--- a/linux_os/guide/system/logging/log_rotation/ensure_logrotate_activated/kubernetes/shared.yml
+++ b/linux_os/guide/system/logging/log_rotation/ensure_logrotate_activated/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_rhcos
+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhcos
 # reboot = true
 # strategy = restrict
 # complexity = low
diff --git a/linux_os/guide/system/logging/log_rotation/timer_logrotate_enabled/rule.yml b/linux_os/guide/system/logging/log_rotation/timer_logrotate_enabled/rule.yml
index ef960d4ab..4d6eaa42e 100644
--- a/linux_os/guide/system/logging/log_rotation/timer_logrotate_enabled/rule.yml
+++ b/linux_os/guide/system/logging/log_rotation/timer_logrotate_enabled/rule.yml
@@ -53,7 +53,7 @@ template:
         timername: logrotate
         packagename: logrotate
 
-{{% if product in ["rhel8"] %}}
+{{% if product in ["rhel8", "almalinux8"] %}}
 warnings:
     - general:
         The Systemd unit logrotate.timer does not exist in
diff --git a/linux_os/guide/system/logging/package_rsyslog-gnutls_installed/rule.yml b/linux_os/guide/system/logging/package_rsyslog-gnutls_installed/rule.yml
index 14abf739b..f41d894f3 100644
--- a/linux_os/guide/system/logging/package_rsyslog-gnutls_installed/rule.yml
+++ b/linux_os/guide/system/logging/package_rsyslog-gnutls_installed/rule.yml
@@ -28,7 +28,7 @@ references:
     disa: CCI-000366,CCI-000803
     srg: SRG-OS-000480-GPOS-00227,SRG-OS-000120-GPOS-00061
     stigid@ol8: OL08-00-030680
-    stigid@rhel8: RHEL-08-030680
+    stigid@almalinux8: RHEL-08-030680
 
 ocil_clause: 'the package is not installed'
 
diff --git a/linux_os/guide/system/logging/package_rsyslog_installed/rule.yml b/linux_os/guide/system/logging/package_rsyslog_installed/rule.yml
index 54fe1e568..fd6124899 100644
--- a/linux_os/guide/system/logging/package_rsyslog_installed/rule.yml
+++ b/linux_os/guide/system/logging/package_rsyslog_installed/rule.yml
@@ -33,7 +33,7 @@ references:
     nist-csf: PR.PT-1
     srg: SRG-OS-000479-GPOS-00224,SRG-OS-000051-GPOS-00024,SRG-OS-000480-GPOS-00227
     stigid@ol8: OL08-00-030670
-    stigid@rhel8: RHEL-08-030670
+    stigid@almalinux8: RHEL-08-030670
 
 ocil_clause: 'the package is not installed'
 
diff --git a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/ansible/shared.yml b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/ansible/shared.yml
index f42709ef5..8b35da68b 100644
--- a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/ansible/shared.yml
+++ b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_ol
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol
 # reboot = false
 # strategy = restrict
 # complexity = low
diff --git a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/bash/shared.sh b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/bash/shared.sh
index f2019bb9a..a12ceb5c1 100644
--- a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/bash/shared.sh
+++ b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_ol,multi_platform_ubuntu
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_ubuntu
 
 {{{ bash_instantiate_variables("rsyslog_remote_loghost_address") }}}
 
diff --git a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/rule.yml b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/rule.yml
index 58909be6e..9cf411641 100644
--- a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/rule.yml
+++ b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/rule.yml
@@ -61,7 +61,7 @@ references:
     srg: SRG-OS-000479-GPOS-00224,SRG-OS-000480-GPOS-00227,SRG-OS-000342-GPOS-00133
     stigid@ol7: OL07-00-031000
     stigid@ol8: OL08-00-030690
-    stigid@rhel8: RHEL-08-030690
+    stigid@almalinux8: RHEL-08-030690
     stigid@sle12: SLES-12-030340
     stigid@sle15: SLES-15-010580
 
diff --git a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls/ansible/shared.yml b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls/ansible/shared.yml
index d6e2b2564..323d3ffaa 100644
--- a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls/ansible/shared.yml
+++ b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
 # reboot = false
 # strategy = configure
 # complexity = low
diff --git a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls/bash/shared.sh b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls/bash/shared.sh
index ee1cbf7ea..eb4e5adc4 100644
--- a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls/bash/shared.sh
+++ b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
 # reboot = false
 # strategy = configure
 # complexity = low
diff --git a/linux_os/guide/system/logging/service_rsyslog_enabled/rule.yml b/linux_os/guide/system/logging/service_rsyslog_enabled/rule.yml
index 5a6036bac..706df5c2d 100644
--- a/linux_os/guide/system/logging/service_rsyslog_enabled/rule.yml
+++ b/linux_os/guide/system/logging/service_rsyslog_enabled/rule.yml
@@ -35,7 +35,7 @@ references:
     nist-csf: DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.DS-4,PR.PT-1
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol8: OL08-00-010561
-    stigid@rhel8: RHEL-08-010561
+    stigid@almalinux8: RHEL-08-010561
     stigid@ubuntu2004: UBTU-20-010432
     stigid@ubuntu2204: UBTU-22-652010
 
diff --git a/linux_os/guide/system/network/network-firewalld/firewalld-backend/rule.yml b/linux_os/guide/system/network/network-firewalld/firewalld-backend/rule.yml
index c1bec3fa3..8d459b934 100644
--- a/linux_os/guide/system/network/network-firewalld/firewalld-backend/rule.yml
+++ b/linux_os/guide/system/network/network-firewalld/firewalld-backend/rule.yml
@@ -27,7 +27,7 @@ references:
     nist: SC-5
     srg: SRG-OS-000420-GPOS-00186
     stigid@ol8: OL08-00-040150
-    stigid@rhel8: RHEL-08-040150
+    stigid@almalinux8: RHEL-08-040150
 
 ocil_clause: 'the "nftables" is not set as the "firewallbackend"'
 
diff --git a/linux_os/guide/system/network/network-firewalld/firewalld_activation/package_firewalld_installed/rule.yml b/linux_os/guide/system/network/network-firewalld/firewalld_activation/package_firewalld_installed/rule.yml
index a6e40a13b..d2099cef4 100644
--- a/linux_os/guide/system/network/network-firewalld/firewalld_activation/package_firewalld_installed/rule.yml
+++ b/linux_os/guide/system/network/network-firewalld/firewalld_activation/package_firewalld_installed/rule.yml
@@ -37,7 +37,7 @@ references:
     srg: SRG-OS-000096-GPOS-00050,SRG-OS-000297-GPOS-00115,SRG-OS-000298-GPOS-00116,SRG-OS-000480-GPOS-00227,SRG-OS-000480-GPOS-00232
     stigid@ol7: OL07-00-040520
     stigid@ol8: OL08-00-040100
-    stigid@rhel8: RHEL-08-040100
+    stigid@almalinux8: RHEL-08-040100
     stigid@sle15: SLES-15-010220
 
 ocil_clause: 'the package is not installed'
diff --git a/linux_os/guide/system/network/network-firewalld/firewalld_activation/service_firewalld_enabled/rule.yml b/linux_os/guide/system/network/network-firewalld/firewalld_activation/service_firewalld_enabled/rule.yml
index b8ee45417..ed5a13255 100644
--- a/linux_os/guide/system/network/network-firewalld/firewalld_activation/service_firewalld_enabled/rule.yml
+++ b/linux_os/guide/system/network/network-firewalld/firewalld_activation/service_firewalld_enabled/rule.yml
@@ -42,7 +42,7 @@ references:
     srg: SRG-OS-000096-GPOS-00050,SRG-OS-000297-GPOS-00115,SRG-OS-000480-GPOS-00227,SRG-OS-000480-GPOS-00231,SRG-OS-000480-GPOS-00232
     stigid@ol7: OL07-00-040520
     stigid@ol8: OL08-00-040101
-    stigid@rhel8: RHEL-08-040101
+    stigid@almalinux8: RHEL-08-040101
     stigid@sle15: SLES-15-010220
 
 ocil_clause: '{{{ ocil_clause_service_enabled("firewalld") }}}'
diff --git a/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configure_firewalld_ports/rule.yml b/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configure_firewalld_ports/rule.yml
index 8b5f098f8..d09fa36b6 100644
--- a/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configure_firewalld_ports/rule.yml
+++ b/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configure_firewalld_ports/rule.yml
@@ -49,7 +49,7 @@ references:
     srg: SRG-OS-000096-GPOS-00050,SRG-OS-000297-GPOS-00115
     stigid@ol7: OL07-00-040100
     stigid@ol8: OL08-00-040030
-    stigid@rhel8: RHEL-08-040030
+    stigid@almalinux8: RHEL-08-040030
 
 ocil_clause: 'there are additional ports, protocols, or services that are not in the PPSM CLSA, or there are ports, protocols, or services that are prohibited by the PPSM Category Assurance List (CAL), or there are no firewall rules configured'
 
diff --git a/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configure_firewalld_rate_limiting/ansible/shared.yml b/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configure_firewalld_rate_limiting/ansible/shared.yml
index b136bce25..84b4e1cca 100644
--- a/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configure_firewalld_rate_limiting/ansible/shared.yml
+++ b/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configure_firewalld_rate_limiting/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = Red Hat Enterprise Linux 8,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ol
+# platform = Red Hat Enterprise Linux 8,AlmaLinux OS 8,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ol
 # reboot = false
 # strategy = configure
 # complexity = low
diff --git a/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configured_firewalld_default_deny/rule.yml b/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configured_firewalld_default_deny/rule.yml
index 9c8e18823..b4fd81cf7 100644
--- a/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configured_firewalld_default_deny/rule.yml
+++ b/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configured_firewalld_default_deny/rule.yml
@@ -24,7 +24,7 @@ references:
     nist: AC-17 (1)
     srg: SRG-OS-000297-GPOS-00115
     stigid@ol8: OL08-00-040090
-    stigid@rhel8: RHEL-08-040090
+    stigid@almalinux8: RHEL-08-040090
 
 ocil_clause: 'no zones are active on the interfaces or if the target is set to a different option other than "DROP"'
 
diff --git a/linux_os/guide/system/network/network-firewalld/ruleset_modifications/set_firewalld_default_zone/rule.yml b/linux_os/guide/system/network/network-firewalld/ruleset_modifications/set_firewalld_default_zone/rule.yml
index 6c2b02d72..ed3ecc734 100644
--- a/linux_os/guide/system/network/network-firewalld/ruleset_modifications/set_firewalld_default_zone/rule.yml
+++ b/linux_os/guide/system/network/network-firewalld/ruleset_modifications/set_firewalld_default_zone/rule.yml
@@ -44,7 +44,7 @@ references:
     nist-csf: PR.IP-1,PR.PT-3
     pcidss: Req-1.4
     srg: SRG-OS-000480-GPOS-00227
-    stigid@rhel8: RHEL-08-040090
+    stigid@almalinux8: RHEL-08-040090
 
 ocil_clause: 'the default zone is not set to DROP'
 
diff --git a/linux_os/guide/system/network/network-iptables/iptables_ruleset_modifications/ip6tables_rules_for_open_ports/sce/shared.sh b/linux_os/guide/system/network/network-iptables/iptables_ruleset_modifications/ip6tables_rules_for_open_ports/sce/shared.sh
index 94cb0e893..d13183224 100644
--- a/linux_os/guide/system/network/network-iptables/iptables_ruleset_modifications/ip6tables_rules_for_open_ports/sce/shared.sh
+++ b/linux_os/guide/system/network/network-iptables/iptables_ruleset_modifications/ip6tables_rules_for_open_ports/sce/shared.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_rhel,multi_platform_ubuntu
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu
 # check-import = stdout
 
 result=$XCCDF_RESULT_PASS
diff --git a/linux_os/guide/system/network/network-iptables/iptables_ruleset_modifications/iptables_rules_for_open_ports/sce/shared.sh b/linux_os/guide/system/network/network-iptables/iptables_ruleset_modifications/iptables_rules_for_open_ports/sce/shared.sh
index b2a8e350c..e97d0f4a5 100644
--- a/linux_os/guide/system/network/network-iptables/iptables_ruleset_modifications/iptables_rules_for_open_ports/sce/shared.sh
+++ b/linux_os/guide/system/network/network-iptables/iptables_ruleset_modifications/iptables_rules_for_open_ports/sce/shared.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_rhel,multi_platform_ubuntu
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu
 # check-import = stdout
 
 result=$XCCDF_RESULT_PASS
diff --git a/linux_os/guide/system/network/network-iptables/package_iptables_installed/tests/rhel8.fail.sh b/linux_os/guide/system/network/network-iptables/package_iptables_installed/tests/rhel8.fail.sh
index 784d5722b..26c869e22 100644
--- a/linux_os/guide/system/network/network-iptables/package_iptables_installed/tests/rhel8.fail.sh
+++ b/linux_os/guide/system/network/network-iptables/package_iptables_installed/tests/rhel8.fail.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
 #!/bin/bash
 
 mkdir -p "/etc"
diff --git a/linux_os/guide/system/network/network-iptables/package_iptables_installed/tests/rhel9.2.notapplicable.sh b/linux_os/guide/system/network/network-iptables/package_iptables_installed/tests/rhel9.2.notapplicable.sh
index 3b1d0fafd..1fa04dced 100644
--- a/linux_os/guide/system/network/network-iptables/package_iptables_installed/tests/rhel9.2.notapplicable.sh
+++ b/linux_os/guide/system/network/network-iptables/package_iptables_installed/tests/rhel9.2.notapplicable.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
 #!/bin/bash
 
 mkdir -p "/etc"
diff --git a/linux_os/guide/system/network/network-iptables/package_iptables_installed/tests/rhel9.notapplicable.sh b/linux_os/guide/system/network/network-iptables/package_iptables_installed/tests/rhel9.notapplicable.sh
index d6394d7b1..8ed3c31ff 100644
--- a/linux_os/guide/system/network/network-iptables/package_iptables_installed/tests/rhel9.notapplicable.sh
+++ b/linux_os/guide/system/network/network-iptables/package_iptables_installed/tests/rhel9.notapplicable.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
 #!/bin/bash
 
 mkdir -p "/etc"
diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/network_ipv6_privacy_extensions/bash/shared.sh b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/network_ipv6_privacy_extensions/bash/shared.sh
index d787fbbbf..d209806d8 100644
--- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/network_ipv6_privacy_extensions/bash/shared.sh
+++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/network_ipv6_privacy_extensions/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_ol
+# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol
 
 # enable randomness in ipv6 address generation
 for interface in /etc/sysconfig/network-scripts/ifcfg-*
diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra/kubernetes/shared.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra/kubernetes/shared.yml
index 87306fedb..88e2884bc 100644
--- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra/kubernetes/shared.yml
+++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
 apiVersion: machineconfiguration.openshift.io/v1
 kind: MachineConfig
 spec:
diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra/rule.yml
index 828c4a36e..79d9b9105 100644
--- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra/rule.yml
+++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra/rule.yml
@@ -35,7 +35,7 @@ references:
     nist-csf: PR.IP-1,PR.PT-3
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol8: OL08-00-040261
-    stigid@rhel8: RHEL-08-040261
+    stigid@almalinux8: RHEL-08-040261
 
 {{{ complete_ocil_entry_sysctl_option_value(sysctl="net.ipv6.conf.all.accept_ra", value="0") }}}
 
diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_redirects/kubernetes/shared.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_redirects/kubernetes/shared.yml
index 8792fc668..2c7c4b025 100644
--- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_redirects/kubernetes/shared.yml
+++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_redirects/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
 apiVersion: machineconfiguration.openshift.io/v1
 kind: MachineConfig
 spec:
diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_redirects/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_redirects/rule.yml
index fbe90dd61..f121e9287 100644
--- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_redirects/rule.yml
+++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_redirects/rule.yml
@@ -35,7 +35,7 @@ references:
     nist-csf: PR.IP-1,PR.PT-3
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol8: OL08-00-040280
-    stigid@rhel8: RHEL-08-040280
+    stigid@almalinux8: RHEL-08-040280
     stigid@sle12: SLES-12-030363
     stigid@sle15: SLES-15-040341
 
diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_source_route/kubernetes/shared.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_source_route/kubernetes/shared.yml
index e222b1c88..85b92ce90 100644
--- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_source_route/kubernetes/shared.yml
+++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_source_route/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
 apiVersion: machineconfiguration.openshift.io/v1
 kind: MachineConfig
 spec:
diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_source_route/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_source_route/rule.yml
index 70f3f6e3e..1a1cf4ebd 100644
--- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_source_route/rule.yml
+++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_source_route/rule.yml
@@ -44,7 +44,7 @@ references:
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol7: OL07-00-040830
     stigid@ol8: OL08-00-040240
-    stigid@rhel8: RHEL-08-040240
+    stigid@almalinux8: RHEL-08-040240
     stigid@sle12: SLES-12-030361
     stigid@sle15: SLES-15-040310
 
diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_forwarding/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_forwarding/rule.yml
index ad75ea331..0dbf6969a 100644
--- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_forwarding/rule.yml
+++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_forwarding/rule.yml
@@ -36,7 +36,7 @@ references:
     nist-csf: DE.CM-1,PR.DS-4,PR.IP-1,PR.PT-3
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol8: OL08-00-040260
-    stigid@rhel8: RHEL-08-040260
+    stigid@almalinux8: RHEL-08-040260
     stigid@sle12: SLES-12-030364
     stigid@sle15: SLES-15-040381
 
diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra/kubernetes/shared.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra/kubernetes/shared.yml
index 4ed2c480c..f59b6d7c3 100644
--- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra/kubernetes/shared.yml
+++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
 apiVersion: machineconfiguration.openshift.io/v1
 kind: MachineConfig
 spec:
diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra/rule.yml
index cd8d1b6d1..158c2f42e 100644
--- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra/rule.yml
+++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra/rule.yml
@@ -35,7 +35,7 @@ references:
     nist-csf: PR.IP-1,PR.PT-3
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol8: OL08-00-040262
-    stigid@rhel8: RHEL-08-040262
+    stigid@almalinux8: RHEL-08-040262
 
 {{{ complete_ocil_entry_sysctl_option_value(sysctl="net.ipv6.conf.default.accept_ra", value="0") }}}
 
diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_redirects/kubernetes/shared.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_redirects/kubernetes/shared.yml
index 845b013ed..063776b85 100644
--- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_redirects/kubernetes/shared.yml
+++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_redirects/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
 apiVersion: machineconfiguration.openshift.io/v1
 kind: MachineConfig
 spec:
diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_redirects/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_redirects/rule.yml
index eee34c1fb..fbaa2b4e7 100644
--- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_redirects/rule.yml
+++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_redirects/rule.yml
@@ -38,7 +38,7 @@ references:
     nist@slmicro5: CM-6(b),CM-6.1(iv)
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol8: OL08-00-040210
-    stigid@rhel8: RHEL-08-040210
+    stigid@almalinux8: RHEL-08-040210
     stigid@sle12: SLES-12-030401
     stigid@sle15: SLES-15-040350
 
diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_source_route/kubernetes/shared.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_source_route/kubernetes/shared.yml
index e2951d845..0335df123 100644
--- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_source_route/kubernetes/shared.yml
+++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_source_route/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
 apiVersion: machineconfiguration.openshift.io/v1
 kind: MachineConfig
 spec:
diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_source_route/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_source_route/rule.yml
index 5769dbd05..da095360f 100644
--- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_source_route/rule.yml
+++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_source_route/rule.yml
@@ -44,7 +44,7 @@ references:
     pcidss: Req-1.4.3
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol8: OL08-00-040250
-    stigid@rhel8: RHEL-08-040250
+    stigid@almalinux8: RHEL-08-040250
     stigid@sle12: SLES-12-030362
     stigid@sle15: SLES-15-040321
 
diff --git a/linux_os/guide/system/network/network-ipv6/disabling_ipv6/grub2_ipv6_disable_argument/tests/arg_not_there_rhel8.fail.sh b/linux_os/guide/system/network/network-ipv6/disabling_ipv6/grub2_ipv6_disable_argument/tests/arg_not_there_rhel8.fail.sh
index 5d8daaa6b..4ed7925d6 100644
--- a/linux_os/guide/system/network/network-ipv6/disabling_ipv6/grub2_ipv6_disable_argument/tests/arg_not_there_rhel8.fail.sh
+++ b/linux_os/guide/system/network/network-ipv6/disabling_ipv6/grub2_ipv6_disable_argument/tests/arg_not_there_rhel8.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = Red Hat Enterprise Linux 8
+# platform = Red Hat Enterprise Linux 8,AlmaLinux OS 8
 
 # Removes ipv6.disable argument from kernel command line in /boot/grub2/grubenv
 file="/boot/grub2/grubenv"
diff --git a/linux_os/guide/system/network/network-ipv6/disabling_ipv6/grub2_ipv6_disable_argument/tests/correct_grubenv.pass.sh b/linux_os/guide/system/network/network-ipv6/disabling_ipv6/grub2_ipv6_disable_argument/tests/correct_grubenv.pass.sh
index 0e84a458c..c53165964 100644
--- a/linux_os/guide/system/network/network-ipv6/disabling_ipv6/grub2_ipv6_disable_argument/tests/correct_grubenv.pass.sh
+++ b/linux_os/guide/system/network/network-ipv6/disabling_ipv6/grub2_ipv6_disable_argument/tests/correct_grubenv.pass.sh
@@ -1,4 +1,4 @@
 #!/bin/bash
-# platform = Red Hat Enterprise Linux 8
+# platform = Red Hat Enterprise Linux 8,AlmaLinux OS 8
 
 grub2-editenv - set "$(grub2-editenv - list | grep kernelopts) ipv6.disable=1"
diff --git a/linux_os/guide/system/network/network-ipv6/disabling_ipv6/grub2_ipv6_disable_argument/tests/wrong_value_rhel8.fail.sh b/linux_os/guide/system/network/network-ipv6/disabling_ipv6/grub2_ipv6_disable_argument/tests/wrong_value_rhel8.fail.sh
index db339c353..dc0a3890c 100644
--- a/linux_os/guide/system/network/network-ipv6/disabling_ipv6/grub2_ipv6_disable_argument/tests/wrong_value_rhel8.fail.sh
+++ b/linux_os/guide/system/network/network-ipv6/disabling_ipv6/grub2_ipv6_disable_argument/tests/wrong_value_rhel8.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = Red Hat Enterprise Linux 8
+# platform = Red Hat Enterprise Linux 8,AlmaLinux OS 8
 
 # Break the ipv6.disable argument in kernel command line in /boot/grub2/grubenv
 file="/boot/grub2/grubenv"
diff --git a/linux_os/guide/system/network/network-ipv6/disabling_ipv6/network_ipv6_disable_rpc/bash/shared.sh b/linux_os/guide/system/network/network-ipv6/disabling_ipv6/network_ipv6_disable_rpc/bash/shared.sh
index 2bd1bdbca..63ab3fe59 100644
--- a/linux_os/guide/system/network/network-ipv6/disabling_ipv6/network_ipv6_disable_rpc/bash/shared.sh
+++ b/linux_os/guide/system/network/network-ipv6/disabling_ipv6/network_ipv6_disable_rpc/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_ol
+# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol
 
 # Drop 'tcp6' and 'udp6' entries from /etc/netconfig to prevent RPC
 # services for NFSv4 from attempting to start IPv6 network listeners
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_redirects/kubernetes/shared.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_redirects/kubernetes/shared.yml
index 6bb6de134..1f0664a02 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_redirects/kubernetes/shared.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_redirects/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
 apiVersion: machineconfiguration.openshift.io/v1
 kind: MachineConfig
 spec:
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_redirects/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_redirects/rule.yml
index df7f490e8..09f2ff035 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_redirects/rule.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_redirects/rule.yml
@@ -44,7 +44,7 @@ references:
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol7: OL07-00-040641
     stigid@ol8: OL08-00-040279
-    stigid@rhel8: RHEL-08-040279
+    stigid@almalinux8: RHEL-08-040279
     stigid@sle12: SLES-12-030390
     stigid@sle15: SLES-15-040330
 
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_source_route/kubernetes/shared.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_source_route/kubernetes/shared.yml
index b3d72bb4a..b89b8a35a 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_source_route/kubernetes/shared.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_source_route/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
 apiVersion: machineconfiguration.openshift.io/v1
 kind: MachineConfig
 spec:
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_source_route/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_source_route/rule.yml
index c961e0c3b..0e49daf93 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_source_route/rule.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_source_route/rule.yml
@@ -45,7 +45,7 @@ references:
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol7: OL07-00-040610
     stigid@ol8: OL08-00-040239
-    stigid@rhel8: RHEL-08-040239
+    stigid@almalinux8: RHEL-08-040239
     stigid@sle12: SLES-12-030360
     stigid@sle15: SLES-15-040300
 
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_forwarding/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_forwarding/rule.yml
index f1ed28560..2e9441e35 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_forwarding/rule.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_forwarding/rule.yml
@@ -22,7 +22,7 @@ references:
     nist: CM-6(b)
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol8: OL08-00-040259
-    stigid@rhel8: RHEL-08-040259
+    stigid@almalinux8: RHEL-08-040259
 
 ocil_clause: 'IP forwarding value is "1" and the system is not router'
 
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_log_martians/kubernetes/shared.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_log_martians/kubernetes/shared.yml
index 70e767cc4..fbe1a27a2 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_log_martians/kubernetes/shared.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_log_martians/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
 apiVersion: machineconfiguration.openshift.io/v1
 kind: MachineConfig
 spec:
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/kubernetes/shared.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/kubernetes/shared.yml
index c64da37a3..08535e5a1 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/kubernetes/shared.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
 apiVersion: machineconfiguration.openshift.io/v1
 kind: MachineConfig
 spec:
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/rule.yml
index 40c6dceaa..079130101 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/rule.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/rule.yml
@@ -42,7 +42,7 @@ references:
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol7: OL07-00-040611
     stigid@ol8: OL08-00-040285
-    stigid@rhel8: RHEL-08-040285
+    stigid@almalinux8: RHEL-08-040285
 
 ocil: |-
     The runtime status of the net.ipv4.conf.all.rp_filter parameter can be queried
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/tests/value_1.pass.sh b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/tests/value_1.pass.sh
index 583b70a3b..d9bca3de6 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/tests/value_1.pass.sh
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/tests/value_1.pass.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
 
 # Clean sysctl config directories
 rm -rf /usr/lib/sysctl.d/* /run/sysctl.d/* /etc/sysctl.d/*
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/tests/value_2.pass.sh b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/tests/value_2.pass.sh
index ef545976d..bf1ccb250 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/tests/value_2.pass.sh
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/tests/value_2.pass.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
 
 # Clean sysctl config directories
 rm -rf /usr/lib/sysctl.d/* /run/sysctl.d/* /etc/sysctl.d/*
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_secure_redirects/kubernetes/shared.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_secure_redirects/kubernetes/shared.yml
index 8b075d55e..0dd17a34b 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_secure_redirects/kubernetes/shared.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_secure_redirects/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
 apiVersion: machineconfiguration.openshift.io/v1
 kind: MachineConfig
 spec:
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_redirects/kubernetes/shared.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_redirects/kubernetes/shared.yml
index 2bfbd9e46..8ea37100a 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_redirects/kubernetes/shared.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_redirects/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
 apiVersion: machineconfiguration.openshift.io/v1
 kind: MachineConfig
 spec:
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_redirects/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_redirects/rule.yml
index 510267791..85f40cc6b 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_redirects/rule.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_redirects/rule.yml
@@ -44,7 +44,7 @@ references:
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol7: OL07-00-040640
     stigid@ol8: OL08-00-040209
-    stigid@rhel8: RHEL-08-040209
+    stigid@almalinux8: RHEL-08-040209
     stigid@sle12: SLES-12-030400
     stigid@sle15: SLES-15-040340
 
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_source_route/kubernetes/shared.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_source_route/kubernetes/shared.yml
index aa7d1562b..08668d03c 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_source_route/kubernetes/shared.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_source_route/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
 apiVersion: machineconfiguration.openshift.io/v1
 kind: MachineConfig
 spec:
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_source_route/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_source_route/rule.yml
index f8c615f97..3d3426e6f 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_source_route/rule.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_source_route/rule.yml
@@ -46,7 +46,7 @@ references:
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol7: OL07-00-040620
     stigid@ol8: OL08-00-040249
-    stigid@rhel8: RHEL-08-040249
+    stigid@almalinux8: RHEL-08-040249
     stigid@sle12: SLES-12-030370
     stigid@sle15: SLES-15-040320
 
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_log_martians/kubernetes/shared.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_log_martians/kubernetes/shared.yml
index 3a60ab17c..728ddb817 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_log_martians/kubernetes/shared.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_log_martians/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
 apiVersion: machineconfiguration.openshift.io/v1
 kind: MachineConfig
 spec:
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_rp_filter/kubernetes/shared.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_rp_filter/kubernetes/shared.yml
index b6e53de36..0b652c7cf 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_rp_filter/kubernetes/shared.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_rp_filter/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
 apiVersion: machineconfiguration.openshift.io/v1
 kind: MachineConfig
 spec:
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_secure_redirects/kubernetes/shared.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_secure_redirects/kubernetes/shared.yml
index aeb67c4e0..f47a8ab67 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_secure_redirects/kubernetes/shared.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_secure_redirects/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
 apiVersion: machineconfiguration.openshift.io/v1
 kind: MachineConfig
 spec:
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_echo_ignore_broadcasts/kubernetes/shared.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_echo_ignore_broadcasts/kubernetes/shared.yml
index 52d74441b..08c8c256d 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_echo_ignore_broadcasts/kubernetes/shared.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_echo_ignore_broadcasts/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
 apiVersion: machineconfiguration.openshift.io/v1
 kind: MachineConfig
 spec:
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_echo_ignore_broadcasts/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_echo_ignore_broadcasts/rule.yml
index 994d5b677..5cbc5bd7c 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_echo_ignore_broadcasts/rule.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_echo_ignore_broadcasts/rule.yml
@@ -44,7 +44,7 @@ references:
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol7: OL07-00-040630
     stigid@ol8: OL08-00-040230
-    stigid@rhel8: RHEL-08-040230
+    stigid@almalinux8: RHEL-08-040230
     stigid@sle12: SLES-12-030380
 
 {{{ complete_ocil_entry_sysctl_option_value(sysctl="net.ipv4.icmp_echo_ignore_broadcasts", value="1") }}}
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_ignore_bogus_error_responses/kubernetes/shared.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_ignore_bogus_error_responses/kubernetes/shared.yml
index 9e3a85af9..d4f4d31cb 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_ignore_bogus_error_responses/kubernetes/shared.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_ignore_bogus_error_responses/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
 apiVersion: machineconfiguration.openshift.io/v1
 kind: MachineConfig
 spec:
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_syncookies/kubernetes/shared.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_syncookies/kubernetes/shared.yml
index 0c8dae788..a26df0c5a 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_syncookies/kubernetes/shared.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_syncookies/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
 apiVersion: machineconfiguration.openshift.io/v1
 kind: MachineConfig
 spec:
diff --git a/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_all_send_redirects/kubernetes/shared.yml b/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_all_send_redirects/kubernetes/shared.yml
index ea1db12fe..5d8b19f68 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_all_send_redirects/kubernetes/shared.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_all_send_redirects/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
 apiVersion: machineconfiguration.openshift.io/v1
 kind: MachineConfig
 spec:
diff --git a/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_all_send_redirects/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_all_send_redirects/rule.yml
index 5568a6bf3..46d4b3346 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_all_send_redirects/rule.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_all_send_redirects/rule.yml
@@ -43,7 +43,7 @@ references:
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol7: OL07-00-040660
     stigid@ol8: OL08-00-040220
-    stigid@rhel8: RHEL-08-040220
+    stigid@almalinux8: RHEL-08-040220
     stigid@sle12: SLES-12-030420
     stigid@sle15: SLES-15-040370
 
diff --git a/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_default_send_redirects/kubernetes/shared.yml b/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_default_send_redirects/kubernetes/shared.yml
index b54e3d12b..125464d7a 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_default_send_redirects/kubernetes/shared.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_default_send_redirects/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
 apiVersion: machineconfiguration.openshift.io/v1
 kind: MachineConfig
 spec:
diff --git a/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_default_send_redirects/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_default_send_redirects/rule.yml
index 1d18537ff..cb247969e 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_default_send_redirects/rule.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_default_send_redirects/rule.yml
@@ -43,7 +43,7 @@ references:
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol7: OL07-00-040650
     stigid@ol8: OL08-00-040270
-    stigid@rhel8: RHEL-08-040270
+    stigid@almalinux8: RHEL-08-040270
     stigid@sle12: SLES-12-030410
     stigid@sle15: SLES-15-040360
 
diff --git a/linux_os/guide/system/network/network-nftables/set_nftables_table/sce/shared.sh b/linux_os/guide/system/network/network-nftables/set_nftables_table/sce/shared.sh
index 89d344c4f..1a926adaa 100644
--- a/linux_os/guide/system/network/network-nftables/set_nftables_table/sce/shared.sh
+++ b/linux_os/guide/system/network/network-nftables/set_nftables_table/sce/shared.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_rhel,multi_platform_ubuntu
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu
 # check-import = stdout
 
 tbl_output=$(nft list tables | grep inet)
diff --git a/linux_os/guide/system/network/network-uncommon/kernel_module_atm_disabled/rule.yml b/linux_os/guide/system/network/network-uncommon/kernel_module_atm_disabled/rule.yml
index 6e06e0c6d..b228978f3 100644
--- a/linux_os/guide/system/network/network-uncommon/kernel_module_atm_disabled/rule.yml
+++ b/linux_os/guide/system/network/network-uncommon/kernel_module_atm_disabled/rule.yml
@@ -26,7 +26,7 @@ references:
     nist: AC-18
     srg: SRG-OS-000095-GPOS-00049,SRG-OS-000480-GPOS-00227
     stigid@ol8: OL08-00-040021
-    stigid@rhel8: RHEL-08-040021
+    stigid@almalinux8: RHEL-08-040021
 
 {{{ complete_ocil_entry_module_disable(module="atm") }}}
 
diff --git a/linux_os/guide/system/network/network-uncommon/kernel_module_can_disabled/rule.yml b/linux_os/guide/system/network/network-uncommon/kernel_module_can_disabled/rule.yml
index 433d01012..63ad0a2c4 100644
--- a/linux_os/guide/system/network/network-uncommon/kernel_module_can_disabled/rule.yml
+++ b/linux_os/guide/system/network/network-uncommon/kernel_module_can_disabled/rule.yml
@@ -27,7 +27,7 @@ references:
     ospp: FMT_SMF_EXT.1
     srg: SRG-OS-000095-GPOS-00049,SRG-OS-000480-GPOS-00227
     stigid@ol8: OL08-00-040022
-    stigid@rhel8: RHEL-08-040022
+    stigid@almalinux8: RHEL-08-040022
 
 {{{ complete_ocil_entry_module_disable(module="can") }}}
 
diff --git a/linux_os/guide/system/network/network-uncommon/kernel_module_dccp_disabled/tests/missing_blacklist.fail.sh b/linux_os/guide/system/network/network-uncommon/kernel_module_dccp_disabled/tests/missing_blacklist.fail.sh
index 57cc29270..4b1b2805e 100644
--- a/linux_os/guide/system/network/network-uncommon/kernel_module_dccp_disabled/tests/missing_blacklist.fail.sh
+++ b/linux_os/guide/system/network/network-uncommon/kernel_module_dccp_disabled/tests/missing_blacklist.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_rhel,multi_platform_ol
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol
 
 rm -f /etc/modprobe.d/dccp-blacklist.conf
 echo "install {{{ KERNMODULE }}} /bin/true" > /etc/modprobe.d/{{{ KERNMODULE }}}.conf
diff --git a/linux_os/guide/system/network/network-uncommon/kernel_module_firewire-core_disabled/rule.yml b/linux_os/guide/system/network/network-uncommon/kernel_module_firewire-core_disabled/rule.yml
index c4b6bb2e8..61804c3ed 100644
--- a/linux_os/guide/system/network/network-uncommon/kernel_module_firewire-core_disabled/rule.yml
+++ b/linux_os/guide/system/network/network-uncommon/kernel_module_firewire-core_disabled/rule.yml
@@ -25,7 +25,7 @@ references:
     nist: AC-18
     srg: SRG-OS-000095-GPOS-00049
     stigid@ol8: OL08-00-040026
-    stigid@rhel8: RHEL-08-040026
+    stigid@almalinux8: RHEL-08-040026
 
 {{{ complete_ocil_entry_module_disable(module="firewire-core") }}}
 
diff --git a/linux_os/guide/system/network/network-uncommon/kernel_module_sctp_disabled/rule.yml b/linux_os/guide/system/network/network-uncommon/kernel_module_sctp_disabled/rule.yml
index 5894d44b8..aff09bca3 100644
--- a/linux_os/guide/system/network/network-uncommon/kernel_module_sctp_disabled/rule.yml
+++ b/linux_os/guide/system/network/network-uncommon/kernel_module_sctp_disabled/rule.yml
@@ -45,7 +45,7 @@ references:
     pcidss: Req-1.4.2
     srg: SRG-OS-000095-GPOS-00049,SRG-OS-000480-GPOS-00227
     stigid@ol8: OL08-00-040023
-    stigid@rhel8: RHEL-08-040023
+    stigid@almalinux8: RHEL-08-040023
 
 {{{ complete_ocil_entry_module_disable(module="sctp") }}}
 
diff --git a/linux_os/guide/system/network/network-uncommon/kernel_module_tipc_disabled/rule.yml b/linux_os/guide/system/network/network-uncommon/kernel_module_tipc_disabled/rule.yml
index 3d0417c01..bbae29491 100644
--- a/linux_os/guide/system/network/network-uncommon/kernel_module_tipc_disabled/rule.yml
+++ b/linux_os/guide/system/network/network-uncommon/kernel_module_tipc_disabled/rule.yml
@@ -41,7 +41,7 @@ references:
     ospp: FMT_SMF_EXT.1
     srg: SRG-OS-000095-GPOS-00049
     stigid@ol8: OL08-00-040024
-    stigid@rhel8: RHEL-08-040024
+    stigid@almalinux8: RHEL-08-040024
 
 {{{ complete_ocil_entry_module_disable(module="tipc") }}}
 
diff --git a/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_bluetooth_disabled/rule.yml b/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_bluetooth_disabled/rule.yml
index 69f5aac25..862928602 100644
--- a/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_bluetooth_disabled/rule.yml
+++ b/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_bluetooth_disabled/rule.yml
@@ -37,7 +37,7 @@ references:
     ospp: FMT_SMF_EXT.1
     srg: SRG-OS-000095-GPOS-00049,SRG-OS-000300-GPOS-00118
     stigid@ol8: OL08-00-040111
-    stigid@rhel8: RHEL-08-040111
+    stigid@almalinux8: RHEL-08-040111
 
 {{{ complete_ocil_entry_module_disable(module="bluetooth") }}}
 
diff --git a/linux_os/guide/system/network/network-wireless/wireless_software/wireless_disable_interfaces/rule.yml b/linux_os/guide/system/network/network-wireless/wireless_software/wireless_disable_interfaces/rule.yml
index 256ab8558..1b614d432 100644
--- a/linux_os/guide/system/network/network-wireless/wireless_software/wireless_disable_interfaces/rule.yml
+++ b/linux_os/guide/system/network/network-wireless/wireless_software/wireless_disable_interfaces/rule.yml
@@ -64,7 +64,7 @@ references:
     srg: SRG-OS-000299-GPOS-00117,SRG-OS-000300-GPOS-00118,SRG-OS-000424-GPOS-00188,SRG-OS-000481-GPOS-000481
     stigid@ol7: OL07-00-041010
     stigid@ol8: OL08-00-040110
-    stigid@rhel8: RHEL-08-040110
+    stigid@almalinux8: RHEL-08-040110
     stigid@sle12: SLES-12-030450
     stigid@sle15: SLES-15-010380
     stigid@ubuntu2004: UBTU-20-010455
diff --git a/linux_os/guide/system/network/network_configure_name_resolution/rule.yml b/linux_os/guide/system/network/network_configure_name_resolution/rule.yml
index 171d87a34..6fbdacd90 100644
--- a/linux_os/guide/system/network/network_configure_name_resolution/rule.yml
+++ b/linux_os/guide/system/network/network_configure_name_resolution/rule.yml
@@ -52,7 +52,7 @@ references:
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol7: OL07-00-040600
     stigid@ol8: OL08-00-010680
-    stigid@rhel8: RHEL-08-010680
+    stigid@almalinux8: RHEL-08-010680
 
 ocil_clause: 'less than two lines are returned that are not commented out'
 
diff --git a/linux_os/guide/system/network/network_configure_name_resolution/tests/dns_not_in_nsswitch_and_resolv_is_empty.pass.sh b/linux_os/guide/system/network/network_configure_name_resolution/tests/dns_not_in_nsswitch_and_resolv_is_empty.pass.sh
index 0f2d15979..27572472b 100644
--- a/linux_os/guide/system/network/network_configure_name_resolution/tests/dns_not_in_nsswitch_and_resolv_is_empty.pass.sh
+++ b/linux_os/guide/system/network/network_configure_name_resolution/tests/dns_not_in_nsswitch_and_resolv_is_empty.pass.sh
@@ -1,3 +1,3 @@
-# platform = multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
 
 source common.sh
diff --git a/linux_os/guide/system/network/network_configure_name_resolution/tests/dns_not_in_nsswitch_and_resolv_isnt_empty.fail.sh b/linux_os/guide/system/network/network_configure_name_resolution/tests/dns_not_in_nsswitch_and_resolv_isnt_empty.fail.sh
index 469db24e9..671a4d019 100644
--- a/linux_os/guide/system/network/network_configure_name_resolution/tests/dns_not_in_nsswitch_and_resolv_isnt_empty.fail.sh
+++ b/linux_os/guide/system/network/network_configure_name_resolution/tests/dns_not_in_nsswitch_and_resolv_isnt_empty.fail.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
 
 source common.sh
 
diff --git a/linux_os/guide/system/network/network_disable_zeroconf/bash/shared.sh b/linux_os/guide/system/network/network_disable_zeroconf/bash/shared.sh
index 7e8b5abc0..63e5790c3 100644
--- a/linux_os/guide/system/network/network_disable_zeroconf/bash/shared.sh
+++ b/linux_os/guide/system/network/network_disable_zeroconf/bash/shared.sh
@@ -1,2 +1,2 @@
-# platform = Red Hat Enterprise Linux 8
+# platform = Red Hat Enterprise Linux 8,AlmaLinux OS 8
 echo "NOZEROCONF=yes" >> /etc/sysconfig/network
diff --git a/linux_os/guide/system/network/network_nmcli_permissions/ansible/shared.yml b/linux_os/guide/system/network/network_nmcli_permissions/ansible/shared.yml
index 045befe2b..315b51926 100644
--- a/linux_os/guide/system/network/network_nmcli_permissions/ansible/shared.yml
+++ b/linux_os/guide/system/network/network_nmcli_permissions/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 10,multi_platform_ol,multi_platform_rhv,multi_platform_fedora
+# platform = Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 10,multi_platform_ol,multi_platform_rhv,multi_platform_fedora
 # reboot = false
 # strategy = restrict
 # complexity = low
diff --git a/linux_os/guide/system/network/network_sniffer_disabled/rule.yml b/linux_os/guide/system/network/network_sniffer_disabled/rule.yml
index df4ca9bba..260aba38b 100644
--- a/linux_os/guide/system/network/network_sniffer_disabled/rule.yml
+++ b/linux_os/guide/system/network/network_sniffer_disabled/rule.yml
@@ -46,7 +46,7 @@ references:
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol7: OL07-00-040670
     stigid@ol8: OL08-00-040330
-    stigid@rhel8: RHEL-08-040330
+    stigid@almalinux8: RHEL-08-040330
     stigid@sle12: SLES-12-030440
     stigid@sle15: SLES-15-040390
 
diff --git a/linux_os/guide/system/permissions/files/dir_perms_world_writable_root_owned/rule.yml b/linux_os/guide/system/permissions/files/dir_perms_world_writable_root_owned/rule.yml
index de314e8b2..aa32dfeba 100644
--- a/linux_os/guide/system/permissions/files/dir_perms_world_writable_root_owned/rule.yml
+++ b/linux_os/guide/system/permissions/files/dir_perms_world_writable_root_owned/rule.yml
@@ -25,7 +25,7 @@ identifiers:
 references:
     disa: CCI-000366,CCI-001090
     srg: SRG-OS-000480-GPOS-00227,SRG-OS-000138-GPOS-00069
-    stigid@rhel8: RHEL-08-010700
+    stigid@almalinux8: RHEL-08-010700
 
 ocil_clause: 'there are world-writable directories not owned by root'
 
diff --git a/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/ansible/shared.yml b/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/ansible/shared.yml
index 33caa81c9..df5b4eacb 100644
--- a/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/ansible/shared.yml
+++ b/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_sle,multi_platform_slmicro,multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_sle,multi_platform_slmicro,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
 # reboot = false
 # strategy = restrict
 # complexity = low
diff --git a/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/bash/shared.sh b/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/bash/shared.sh
index e488cceeb..f36b06f69 100644
--- a/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/bash/shared.sh
+++ b/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
+# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
 df --local -P | awk '{if (NR!=1) print $6}' \
 | xargs -I '$6' find '$6' -xdev -type d \
 \( -perm -0002 -a ! -perm -1000 \) 2>/dev/null \
diff --git a/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/rule.yml b/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/rule.yml
index 9859dc367..f8fc1b274 100644
--- a/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/rule.yml
+++ b/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/rule.yml
@@ -52,7 +52,7 @@ references:
     nist-csf: PR.AC-4,PR.DS-5
     srg: SRG-OS-000138-GPOS-00069
     stigid@ol8: OL08-00-010190
-    stigid@rhel8: RHEL-08-010190
+    stigid@almalinux8: RHEL-08-010190
     stigid@sle12: SLES-12-010460
     stigid@sle15: SLES-15-010300
     stigid@ubuntu2004: UBTU-20-010411
diff --git a/linux_os/guide/system/permissions/files/dir_perms_world_writable_system_owned_group/rule.yml b/linux_os/guide/system/permissions/files/dir_perms_world_writable_system_owned_group/rule.yml
index 7a11abcd6..78cee0a4f 100644
--- a/linux_os/guide/system/permissions/files/dir_perms_world_writable_system_owned_group/rule.yml
+++ b/linux_os/guide/system/permissions/files/dir_perms_world_writable_system_owned_group/rule.yml
@@ -38,7 +38,7 @@ references:
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol7: OL07-00-021030
     stigid@ol8: OL08-00-010710
-    stigid@rhel8: RHEL-08-010710
+    stigid@almalinux8: RHEL-08-010710
     stigid@sle12: SLES-12-010830
     stigid@sle15: SLES-15-040180
 
diff --git a/linux_os/guide/system/permissions/files/file_permissions_ungroupowned/rule.yml b/linux_os/guide/system/permissions/files/file_permissions_ungroupowned/rule.yml
index ab43399f3..47441d49e 100644
--- a/linux_os/guide/system/permissions/files/file_permissions_ungroupowned/rule.yml
+++ b/linux_os/guide/system/permissions/files/file_permissions_ungroupowned/rule.yml
@@ -51,7 +51,7 @@ references:
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol7: OL07-00-020330
     stigid@ol8: OL08-00-010790
-    stigid@rhel8: RHEL-08-010790
+    stigid@almalinux8: RHEL-08-010790
     stigid@sle12: SLES-12-010700
     stigid@sle15: SLES-15-040410
 
diff --git a/linux_os/guide/system/permissions/files/no_files_unowned_by_user/rule.yml b/linux_os/guide/system/permissions/files/no_files_unowned_by_user/rule.yml
index 3dd27b8e2..23c09f7fe 100644
--- a/linux_os/guide/system/permissions/files/no_files_unowned_by_user/rule.yml
+++ b/linux_os/guide/system/permissions/files/no_files_unowned_by_user/rule.yml
@@ -48,7 +48,7 @@ references:
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol7: OL07-00-020320
     stigid@ol8: OL08-00-010780
-    stigid@rhel8: RHEL-08-010780
+    stigid@almalinux8: RHEL-08-010780
     stigid@sle12: SLES-12-010690
     stigid@sle15: SLES-15-040400
 
diff --git a/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_groupowner_var_log/rule.yml b/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_groupowner_var_log/rule.yml
index c85245e66..0b39eac37 100644
--- a/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_groupowner_var_log/rule.yml
+++ b/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_groupowner_var_log/rule.yml
@@ -28,7 +28,7 @@ references:
     disa: CCI-001314
     srg: SRG-OS-000206-GPOS-00084,SRG-APP-000118-CTR-000240
     stigid@ol8: OL08-00-010260
-    stigid@rhel8: RHEL-08-010260
+    stigid@almalinux8: RHEL-08-010260
     stigid@ubuntu2004: UBTU-20-010417
     stigid@ubuntu2204: UBTU-22-232125
 
diff --git a/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_groupowner_var_log_messages/rule.yml b/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_groupowner_var_log_messages/rule.yml
index 68849bd25..69c223210 100644
--- a/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_groupowner_var_log_messages/rule.yml
+++ b/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_groupowner_var_log_messages/rule.yml
@@ -19,7 +19,7 @@ references:
     disa: CCI-001314
     srg: SRG-OS-000206-GPOS-00084
     stigid@ol8: OL08-00-010230
-    stigid@rhel8: RHEL-08-010230
+    stigid@almalinux8: RHEL-08-010230
 
 ocil_clause: '{{{ ocil_clause_file_group_owner(file="/var/log/messages", group="root") }}}'
 
diff --git a/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_owner_var_log/rule.yml b/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_owner_var_log/rule.yml
index c098f043b..45b57fc15 100644
--- a/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_owner_var_log/rule.yml
+++ b/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_owner_var_log/rule.yml
@@ -21,7 +21,7 @@ references:
     disa: CCI-001314
     srg: SRG-OS-000206-GPOS-00084,SRG-APP-000118-CTR-000240
     stigid@ol8: OL08-00-010250
-    stigid@rhel8: RHEL-08-010250
+    stigid@almalinux8: RHEL-08-010250
     stigid@ubuntu2004: UBTU-20-010418
     stigid@ubuntu2204: UBTU-22-232120
 
diff --git a/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_owner_var_log_messages/rule.yml b/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_owner_var_log_messages/rule.yml
index b17311a24..70dafa9d8 100644
--- a/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_owner_var_log_messages/rule.yml
+++ b/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_owner_var_log_messages/rule.yml
@@ -19,7 +19,7 @@ references:
     disa: CCI-001314
     srg: SRG-OS-000206-GPOS-00084
     stigid@ol8: OL08-00-010220
-    stigid@rhel8: RHEL-08-010220
+    stigid@almalinux8: RHEL-08-010220
 
 ocil_clause: '{{{ ocil_clause_file_owner(file="/var/log/messages", owner="root") }}}'
 
diff --git a/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_permissions_var_log/rule.yml b/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_permissions_var_log/rule.yml
index 54ff93140..217aa64e9 100644
--- a/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_permissions_var_log/rule.yml
+++ b/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_permissions_var_log/rule.yml
@@ -22,7 +22,7 @@ references:
     disa: CCI-001314
     srg: SRG-OS-000206-GPOS-00084,SRG-APP-000118-CTR-000240
     stigid@ol8: OL08-00-010240
-    stigid@rhel8: RHEL-08-010240
+    stigid@almalinux8: RHEL-08-010240
     stigid@ubuntu2004: UBTU-20-010419
     stigid@ubuntu2204: UBTU-22-232025
 
diff --git a/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_permissions_var_log_messages/rule.yml b/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_permissions_var_log_messages/rule.yml
index a764107f5..550e23636 100644
--- a/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_permissions_var_log_messages/rule.yml
+++ b/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_permissions_var_log_messages/rule.yml
@@ -20,7 +20,7 @@ references:
     disa: CCI-001314
     srg: SRG-OS-000206-GPOS-00084
     stigid@ol8: OL08-00-010210
-    stigid@rhel8: RHEL-08-010210
+    stigid@almalinux8: RHEL-08-010210
 
 ocil_clause: '{{{ ocil_clause_file_permissions(file="/var/log/messages", perms="-rw-------") }}}'
 
diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/rule.yml
index b06834e4f..fe1277bff 100644
--- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/rule.yml
+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/rule.yml
@@ -40,7 +40,7 @@ references:
     nist: CM-5(6),CM-5(6).1
     srg: SRG-OS-000259-GPOS-00100
     stigid@ol8: OL08-00-010351
-    stigid@rhel8: RHEL-08-010351
+    stigid@almalinux8: RHEL-08-010351
     stigid@sle12: SLES-12-010876
     stigid@sle15: SLES-15-010356
     stigid@ubuntu2004: UBTU-20-010431
diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_library_dirs/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_library_dirs/rule.yml
index 3fcdad610..b44ebf7de 100644
--- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_library_dirs/rule.yml
+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_library_dirs/rule.yml
@@ -39,7 +39,7 @@ references:
     nist: CM-5(6),CM-5(6).1
     srg: SRG-OS-000259-GPOS-00100
     stigid@ol8: OL08-00-010341
-    stigid@rhel8: RHEL-08-010341
+    stigid@almalinux8: RHEL-08-010341
     stigid@sle12: SLES-12-010874
     stigid@sle15: SLES-15-010354
     stigid@ubuntu2004: UBTU-20-010429
diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_library_dirs/tests/correct_owner.pass.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_library_dirs/tests/correct_owner.pass.sh
index d2b47d989..9f25146b9 100644
--- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_library_dirs/tests/correct_owner.pass.sh
+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_library_dirs/tests/correct_owner.pass.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
 DIRS="/lib /lib64 /usr/lib /usr/lib64"
 for dirPath in $DIRS; do
 	find "$dirPath" -type d -exec chown root '{}' \;
diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_library_dirs/tests/incorrect_owner.fail.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_library_dirs/tests/incorrect_owner.fail.sh
index 542184ae8..9cdfbf737 100644
--- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_library_dirs/tests/incorrect_owner.fail.sh
+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_library_dirs/tests/incorrect_owner.fail.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
 groupadd nogroup
 DIRS="/lib /lib64"
 for dirPath in $DIRS; do
diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/rule.yml
index f76b5b354..3abf4036c 100644
--- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/rule.yml
+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/rule.yml
@@ -46,7 +46,7 @@ references:
     nist: CM-5,CM-5(6),CM-5(6).1
     srg: SRG-OS-000259-GPOS-00100
     stigid@ol8: OL08-00-010331
-    stigid@rhel8: RHEL-08-010331
+    stigid@almalinux8: RHEL-08-010331
     stigid@sle12: SLES-12-010872
     stigid@sle15: SLES-15-010352
     stigid@ubuntu2004: UBTU-20-010427
diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/all_dirs_ok.pass.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/all_dirs_ok.pass.sh
index 5f8dcd2eb..7980d87b5 100644
--- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/all_dirs_ok.pass.sh
+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/all_dirs_ok.pass.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
 DIRS="/lib /lib64 /usr/lib /usr/lib64"
 for dirPath in $DIRS; do
 	find "$dirPath" -perm /022 -type d -exec chmod go-w '{}' \;
diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/owner_only_writable_dir.pass.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/owner_only_writable_dir.pass.sh
index c3cd0944b..3c41df40c 100644
--- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/owner_only_writable_dir.pass.sh
+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/owner_only_writable_dir.pass.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
 DIRS="/lib /lib64 /usr/lib /usr/lib64"
 for dirPath in $DIRS; do
     chmod -R 755 "$dirPath"
diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/world_writable_dir_on_lib.fail.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/world_writable_dir_on_lib.fail.sh
index 90ae74be6..243a8e16e 100644
--- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/world_writable_dir_on_lib.fail.sh
+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/world_writable_dir_on_lib.fail.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
 DIRS="/lib /lib64"
 for dirPath in $DIRS; do
 	mkdir -p "$dirPath/testme" && chmod 777  "$dirPath/testme"
diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/world_writable_dir_on_usr_lib.fail.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/world_writable_dir_on_usr_lib.fail.sh
index ebaf9b766..858020d51 100644
--- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/world_writable_dir_on_usr_lib.fail.sh
+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/world_writable_dir_on_usr_lib.fail.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
 DIRS="/usr/lib /usr/lib64"
 for dirPath in $DIRS; do
 	mkdir -p "$dirPath/testme" && chmod 777 "$dirPath/testme"
diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/ansible/shared.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/ansible/shared.yml
index 8e9fc7b8b..7ce862d34 100644
--- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/ansible/shared.yml
+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro
 # reboot = false
 # strategy = restrict
 # complexity = medium
diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/bash/shared.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/bash/shared.sh
index 126824999..853c50bb1 100644
--- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/bash/shared.sh
+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro
 
 for SYSCMDFILES in /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin
 do
diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/rule.yml
index 11733e096..d8d55c32e 100644
--- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/rule.yml
+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/rule.yml
@@ -46,7 +46,7 @@ references:
     nist: CM-5(6),CM-5(6).1
     srg: SRG-OS-000259-GPOS-00100
     stigid@ol8: OL08-00-010320
-    stigid@rhel8: RHEL-08-010320
+    stigid@almalinux8: RHEL-08-010320
     stigid@sle12: SLES-12-010882
     stigid@sle15: SLES-15-010361
     stigid@ubuntu2004: UBTU-20-010458
diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_binary_dirs/ansible/shared.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_binary_dirs/ansible/shared.yml
index bfa87de9e..8e2e64479 100644
--- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_binary_dirs/ansible/shared.yml
+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_binary_dirs/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_ol,multi_platform_sle,multi_platform_slmicro
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_sle,multi_platform_slmicro
 # reboot = false
 # strategy = restrict
 # complexity = medium
diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_binary_dirs/bash/shared.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_binary_dirs/bash/shared.sh
index c01f262cb..2f899a4ae 100644
--- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_binary_dirs/bash/shared.sh
+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_binary_dirs/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_ol,multi_platform_sle,multi_platform_slmicro
+# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_sle,multi_platform_slmicro
 find /bin/ \
 /usr/bin/ \
 /usr/local/bin/ \
diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_binary_dirs/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_binary_dirs/rule.yml
index 563c8a91b..82d19056c 100644
--- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_binary_dirs/rule.yml
+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_binary_dirs/rule.yml
@@ -44,7 +44,7 @@ references:
     nist-csf: PR.AC-4,PR.DS-5
     srg: SRG-OS-000259-GPOS-00100
     stigid@ol8: OL08-00-010310
-    stigid@rhel8: RHEL-08-010310
+    stigid@almalinux8: RHEL-08-010310
     stigid@sle12: SLES-12-010879
     stigid@sle15: SLES-15-010359
     stigid@ubuntu2004: UBTU-20-010457
diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/rule.yml
index 2f00b19b3..6d4a7e6b0 100644
--- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/rule.yml
+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/rule.yml
@@ -45,7 +45,7 @@ references:
     nist-csf: PR.AC-4,PR.DS-5
     srg: SRG-OS-000259-GPOS-00100
     stigid@ol8: OL08-00-010340
-    stigid@rhel8: RHEL-08-010340
+    stigid@almalinux8: RHEL-08-010340
     stigid@sle12: SLES-12-010873
     stigid@sle15: SLES-15-010353
     stigid@ubuntu2004: UBTU-20-010428
diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/correct_owner.pass.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/correct_owner.pass.sh
index 9c3fa6fe9..78ab97152 100644
--- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/correct_owner.pass.sh
+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/correct_owner.pass.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
 
 for SYSLIBDIRS in /lib /lib64 /usr/lib /usr/lib64
 do
diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/incorrect_owner.fail.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/incorrect_owner.fail.sh
index 02867684c..8b274eded 100644
--- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/incorrect_owner.fail.sh
+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/incorrect_owner.fail.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
 
 useradd user_test
 for TESTFILE in /lib/test_me /lib64/test_me /usr/lib/test_me /usr/lib64/test_me
diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/incorrect_owner_within_dir.fail.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/incorrect_owner_within_dir.fail.sh
index 81d8a339e..70345d4e7 100644
--- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/incorrect_owner_within_dir.fail.sh
+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/incorrect_owner_within_dir.fail.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
 
 useradd user_test
 
diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/incorrect_symlink.pass.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/incorrect_symlink.pass.sh
index 3382568ce..b4f4bd0a0 100644
--- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/incorrect_symlink.pass.sh
+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/incorrect_symlink.pass.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
 
 useradd user_test
 
diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/ansible/shared.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/ansible/shared.yml
index ab6d35c79..f37c06f86 100644
--- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/ansible/shared.yml
+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_ol,multi_platform_sle,multi_platform_slmicro
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_sle,multi_platform_slmicro
 # reboot = false
 # strategy = restrict
 # complexity = medium
diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/bash/shared.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/bash/shared.sh
index 6eef84def..984fb7f55 100644
--- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/bash/shared.sh
+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_ol,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
+# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
 DIRS="/bin /usr/bin /usr/local/bin /sbin /usr/sbin /usr/local/sbin /usr/libexec"
 for dirPath in $DIRS; do
 	find "$dirPath" -perm /022 -exec chmod go-w '{}' \;
diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/rule.yml
index bc98cf038..196623fa3 100644
--- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/rule.yml
+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/rule.yml
@@ -44,7 +44,7 @@ references:
     nist-csf: PR.AC-4,PR.DS-5
     srg: SRG-OS-000259-GPOS-00100
     stigid@ol8: OL08-00-010300
-    stigid@rhel8: RHEL-08-010300
+    stigid@almalinux8: RHEL-08-010300
     stigid@sle12: SLES-12-010878
     stigid@sle15: SLES-15-010358
     stigid@ubuntu2004: UBTU-20-010456
diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_library_dirs/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_library_dirs/rule.yml
index 82aad077f..03f3313c2 100644
--- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_library_dirs/rule.yml
+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_library_dirs/rule.yml
@@ -45,7 +45,7 @@ references:
     nist-csf: PR.AC-4,PR.DS-5
     srg: SRG-OS-000259-GPOS-00100
     stigid@ol8: OL08-00-010330
-    stigid@rhel8: RHEL-08-010330
+    stigid@almalinux8: RHEL-08-010330
     stigid@sle12: SLES-12-010871
     stigid@sle15: SLES-15-010351
     stigid@ubuntu2004: UBTU-20-010426
diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/rule.yml
index 7dc898b83..285bc507a 100644
--- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/rule.yml
+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/rule.yml
@@ -44,7 +44,7 @@ references:
     nist: CM-5(6),CM-5(6).1
     srg: SRG-OS-000259-GPOS-00100
     stigid@ol8: OL08-00-010350
-    stigid@rhel8: RHEL-08-010350
+    stigid@almalinux8: RHEL-08-010350
     stigid@sle12: SLES-12-010875
     stigid@sle15: SLES-15-010355
     stigid@ubuntu2004: UBTU-20-010430
diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/tests/correct_groupowner.pass.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/tests/correct_groupowner.pass.sh
index 5356d3742..a85c88001 100644
--- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/tests/correct_groupowner.pass.sh
+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/tests/correct_groupowner.pass.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_sle,multi_platform_rhel,multi_platform_fedora,multi_platform_ubuntu
+# platform = multi_platform_sle,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ubuntu
 
 for SYSLIBDIRS in /lib /lib64 /usr/lib /usr/lib64
 do
diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/tests/incorrect_groupowner.fail.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/tests/incorrect_groupowner.fail.sh
index 7352b60aa..fc84e065c 100644
--- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/tests/incorrect_groupowner.fail.sh
+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/tests/incorrect_groupowner.fail.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_sle,multi_platform_rhel,multi_platform_fedora,multi_platform_ubuntu
+# platform = multi_platform_sle,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ubuntu
 
 groupadd group_test
 for TESTFILE in /lib/test_me /lib64/test_me /usr/lib/test_me /usr/lib64/test_me
diff --git a/linux_os/guide/system/permissions/files/sysctl_fs_protected_hardlinks/kubernetes/shared.yml b/linux_os/guide/system/permissions/files/sysctl_fs_protected_hardlinks/kubernetes/shared.yml
index b0d594003..4a71eccda 100644
--- a/linux_os/guide/system/permissions/files/sysctl_fs_protected_hardlinks/kubernetes/shared.yml
+++ b/linux_os/guide/system/permissions/files/sysctl_fs_protected_hardlinks/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
 apiVersion: machineconfiguration.openshift.io/v1
 kind: MachineConfig
 spec:
diff --git a/linux_os/guide/system/permissions/files/sysctl_fs_protected_hardlinks/rule.yml b/linux_os/guide/system/permissions/files/sysctl_fs_protected_hardlinks/rule.yml
index 52d4fa75d..44ec247a9 100644
--- a/linux_os/guide/system/permissions/files/sysctl_fs_protected_hardlinks/rule.yml
+++ b/linux_os/guide/system/permissions/files/sysctl_fs_protected_hardlinks/rule.yml
@@ -26,7 +26,7 @@ references:
     nist: CM-6(a),AC-6(1)
     srg: SRG-OS-000312-GPOS-00122,SRG-OS-000312-GPOS-00123,SRG-OS-000324-GPOS-00125
     stigid@ol8: OL08-00-010374
-    stigid@rhel8: RHEL-08-010374
+    stigid@almalinux8: RHEL-08-010374
 
 {{{ complete_ocil_entry_sysctl_option_value(sysctl="fs.protected_hardlinks", value="1") }}}
 
diff --git a/linux_os/guide/system/permissions/files/sysctl_fs_protected_symlinks/kubernetes/shared.yml b/linux_os/guide/system/permissions/files/sysctl_fs_protected_symlinks/kubernetes/shared.yml
index 5ce0decba..b7a4243e4 100644
--- a/linux_os/guide/system/permissions/files/sysctl_fs_protected_symlinks/kubernetes/shared.yml
+++ b/linux_os/guide/system/permissions/files/sysctl_fs_protected_symlinks/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
 apiVersion: machineconfiguration.openshift.io/v1
 kind: MachineConfig
 spec:
diff --git a/linux_os/guide/system/permissions/files/sysctl_fs_protected_symlinks/rule.yml b/linux_os/guide/system/permissions/files/sysctl_fs_protected_symlinks/rule.yml
index a3c4423d3..3570174cd 100644
--- a/linux_os/guide/system/permissions/files/sysctl_fs_protected_symlinks/rule.yml
+++ b/linux_os/guide/system/permissions/files/sysctl_fs_protected_symlinks/rule.yml
@@ -28,7 +28,7 @@ references:
     nist: CM-6(a),AC-6(1)
     srg: SRG-OS-000312-GPOS-00122,SRG-OS-000312-GPOS-00123,SRG-OS-000324-GPOS-00125
     stigid@ol8: OL08-00-010373
-    stigid@rhel8: RHEL-08-010373
+    stigid@almalinux8: RHEL-08-010373
 
 {{{ complete_ocil_entry_sysctl_option_value(sysctl="fs.protected_symlinks", value="1") }}}
 
diff --git a/linux_os/guide/system/permissions/mounting/kernel_module_cramfs_disabled/rule.yml b/linux_os/guide/system/permissions/mounting/kernel_module_cramfs_disabled/rule.yml
index 6665bc106..64fcfd1c6 100644
--- a/linux_os/guide/system/permissions/mounting/kernel_module_cramfs_disabled/rule.yml
+++ b/linux_os/guide/system/permissions/mounting/kernel_module_cramfs_disabled/rule.yml
@@ -47,7 +47,7 @@ references:
     nist-csf: PR.IP-1,PR.PT-3
     srg: SRG-OS-000095-GPOS-00049
     stigid@ol8: OL08-00-040025
-    stigid@rhel8: RHEL-08-040025
+    stigid@almalinux8: RHEL-08-040025
 
 {{{ complete_ocil_entry_module_disable(module="cramfs") }}}
 
diff --git a/linux_os/guide/system/permissions/mounting/kernel_module_usb-storage_disabled/rule.yml b/linux_os/guide/system/permissions/mounting/kernel_module_usb-storage_disabled/rule.yml
index 41cc22203..fa358683f 100644
--- a/linux_os/guide/system/permissions/mounting/kernel_module_usb-storage_disabled/rule.yml
+++ b/linux_os/guide/system/permissions/mounting/kernel_module_usb-storage_disabled/rule.yml
@@ -45,7 +45,7 @@ references:
     srg: SRG-OS-000114-GPOS-00059,SRG-OS-000378-GPOS-00163,SRG-OS-000480-GPOS-00227,SRG-APP-000141-CTR-000315
     stigid@ol7: OL07-00-020100
     stigid@ol8: OL08-00-040080
-    stigid@rhel8: RHEL-08-040080
+    stigid@almalinux8: RHEL-08-040080
     stigid@sle12: SLES-12-010580
     stigid@sle15: SLES-15-010480
     stigid@ubuntu2004: UBTU-20-010461
diff --git a/linux_os/guide/system/permissions/mounting/service_autofs_disabled/rule.yml b/linux_os/guide/system/permissions/mounting/service_autofs_disabled/rule.yml
index 821fe53eb..cb21162df 100644
--- a/linux_os/guide/system/permissions/mounting/service_autofs_disabled/rule.yml
+++ b/linux_os/guide/system/permissions/mounting/service_autofs_disabled/rule.yml
@@ -52,7 +52,7 @@ references:
     srg: SRG-OS-000114-GPOS-00059,SRG-OS-000378-GPOS-00163,SRG-OS-000480-GPOS-00227
     stigid@ol7: OL07-00-020110
     stigid@ol8: OL08-00-040070
-    stigid@rhel8: RHEL-08-040070
+    stigid@almalinux8: RHEL-08-040070
     stigid@sle12: SLES-12-010590
     stigid@sle15: SLES-15-010240
 
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_boot_efi_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_boot_efi_nosuid/rule.yml
index 27488ed67..f8721eeaf 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_boot_efi_nosuid/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_boot_efi_nosuid/rule.yml
@@ -26,7 +26,7 @@ references:
     nist: CM-6(b),CM-6.1(iv)
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol8: OL08-00-010572
-    stigid@rhel8: RHEL-08-010572
+    stigid@almalinux8: RHEL-08-010572
 
 template:
     name: mount_option
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_boot_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_boot_nosuid/rule.yml
index ab03c0740..0290b265c 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_boot_nosuid/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_boot_nosuid/rule.yml
@@ -31,7 +31,7 @@ references:
     nist-csf: PR.IP-1,PR.PT-2,PR.PT-3
     srg: SRG-OS-000368-GPOS-00154,SRG-OS-000480-GPOS-00227
     stigid@ol8: OL08-00-010571
-    stigid@rhel8: RHEL-08-010571
+    stigid@almalinux8: RHEL-08-010571
 
 
 template:
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_nodev/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_nodev/rule.yml
index cb069b664..7f7c7344a 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_nodev/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_nodev/rule.yml
@@ -44,7 +44,7 @@ references:
     srg: SRG-OS-000368-GPOS-00154
     stigid@ol7: OL07-00-021024
     stigid@ol8: OL08-00-040120
-    stigid@rhel8: RHEL-08-040120
+    stigid@almalinux8: RHEL-08-040120
 
 
 template:
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_noexec/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_noexec/rule.yml
index 85814150c..54da72820 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_noexec/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_noexec/rule.yml
@@ -46,7 +46,7 @@ references:
     srg: SRG-OS-000368-GPOS-00154
     stigid@ol7: OL07-00-021024
     stigid@ol8: OL08-00-040122
-    stigid@rhel8: RHEL-08-040122
+    stigid@almalinux8: RHEL-08-040122
 
 
 fixtext: |-
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_nosuid/rule.yml
index 3b082433e..70b12f809 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_nosuid/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_nosuid/rule.yml
@@ -44,7 +44,7 @@ references:
     srg: SRG-OS-000368-GPOS-00154
     stigid@ol7: OL07-00-021024
     stigid@ol8: OL08-00-040121
-    stigid@rhel8: RHEL-08-040121
+    stigid@almalinux8: RHEL-08-040121
 
 
 template:
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_home_noexec/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_home_noexec/rule.yml
index 6890b0be5..065a41791 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_home_noexec/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_home_noexec/rule.yml
@@ -27,7 +27,7 @@ references:
     nist: CM-6(b)
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol8: OL08-00-010590
-    stigid@rhel8: RHEL-08-010590
+    stigid@almalinux8: RHEL-08-010590
 
 
 {{{ complete_ocil_entry_mount_option("/home", "noexec") }}}
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_home_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_home_nosuid/rule.yml
index 3e6f52571..21762a831 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_home_nosuid/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_home_nosuid/rule.yml
@@ -37,7 +37,7 @@ references:
     srg: SRG-OS-000368-GPOS-00154,SRG-OS-000480-GPOS-00227
     stigid@ol7: OL07-00-021000
     stigid@ol8: OL08-00-010570
-    stigid@rhel8: RHEL-08-010570
+    stigid@almalinux8: RHEL-08-010570
     stigid@sle12: SLES-12-010790
     stigid@sle15: SLES-15-040140
 
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_nodev_nonroot_local_partitions/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_nodev_nonroot_local_partitions/rule.yml
index d40dfb95b..d5a41d09a 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_nodev_nonroot_local_partitions/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_nodev_nonroot_local_partitions/rule.yml
@@ -45,7 +45,7 @@ references:
     nist-csf: PR.IP-1,PR.PT-3
     srg: SRG-OS-000368-GPOS-00154,SRG-OS-000480-GPOS-00227
     stigid@ol8: OL08-00-010580
-    stigid@rhel8: RHEL-08-010580
+    stigid@almalinux8: RHEL-08-010580
 
 
 fixtext: |-
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_nodev_removable_partitions/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_nodev_removable_partitions/rule.yml
index 614f3f509..99a15bf85 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_nodev_removable_partitions/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_nodev_removable_partitions/rule.yml
@@ -44,7 +44,7 @@ references:
     nist-csf: PR.AC-3,PR.AC-6,PR.IP-1,PR.PT-2,PR.PT-3
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol8: OL08-00-010600
-    stigid@rhel8: RHEL-08-010600
+    stigid@almalinux8: RHEL-08-010600
 
 
 ocil_clause: 'a file system found in "/etc/fstab" refers to removable media and it does not have the "nodev" option set'
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_noexec_removable_partitions/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_noexec_removable_partitions/rule.yml
index fdab534f2..85e964135 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_noexec_removable_partitions/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_noexec_removable_partitions/rule.yml
@@ -41,7 +41,7 @@ references:
     nist-csf: PR.AC-3,PR.AC-6,PR.IP-1,PR.PT-2,PR.PT-3
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol8: OL08-00-010610
-    stigid@rhel8: RHEL-08-010610
+    stigid@almalinux8: RHEL-08-010610
 
 ocil_clause: 'removable media partitions are present'
 
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_nosuid_removable_partitions/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_nosuid_removable_partitions/rule.yml
index 94b0d8c9b..ba4747ff8 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_nosuid_removable_partitions/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_nosuid_removable_partitions/rule.yml
@@ -44,7 +44,7 @@ references:
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol7: OL07-00-021010
     stigid@ol8: OL08-00-010620
-    stigid@rhel8: RHEL-08-010620
+    stigid@almalinux8: RHEL-08-010620
     stigid@sle12: SLES-12-010800
     stigid@sle15: SLES-15-040150
 
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_tmp_nodev/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_tmp_nodev/rule.yml
index dc812a92e..7ed0cedca 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_tmp_nodev/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_tmp_nodev/rule.yml
@@ -41,7 +41,7 @@ references:
     nist-csf: PR.IP-1,PR.PT-2,PR.PT-3
     srg: SRG-OS-000368-GPOS-00154
     stigid@ol8: OL08-00-040123
-    stigid@rhel8: RHEL-08-040123
+    stigid@almalinux8: RHEL-08-040123
 
 platform: mount[tmp]
 
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_tmp_noexec/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_tmp_noexec/rule.yml
index 46aedbad4..f999bcbe7 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_tmp_noexec/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_tmp_noexec/rule.yml
@@ -40,7 +40,7 @@ references:
     nist-csf: PR.IP-1,PR.PT-2,PR.PT-3
     srg: SRG-OS-000368-GPOS-00154
     stigid@ol8: OL08-00-040125
-    stigid@rhel8: RHEL-08-040125
+    stigid@almalinux8: RHEL-08-040125
 
 platform: mount[tmp]
 
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_tmp_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_tmp_nosuid/rule.yml
index 3a16538b1..b8f9c393e 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_tmp_nosuid/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_tmp_nosuid/rule.yml
@@ -41,7 +41,7 @@ references:
     nist-csf: PR.IP-1,PR.PT-2,PR.PT-3
     srg: SRG-OS-000368-GPOS-00154
     stigid@ol8: OL08-00-040124
-    stigid@rhel8: RHEL-08-040124
+    stigid@almalinux8: RHEL-08-040124
 
 platform: mount[tmp]
 
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nodev/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nodev/rule.yml
index a0afbcf72..6a6e2295d 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nodev/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nodev/rule.yml
@@ -33,7 +33,7 @@ references:
     ospp: FMT_SMF_EXT.1
     srg: SRG-OS-000368-GPOS-00154
     stigid@ol8: OL08-00-040129
-    stigid@rhel8: RHEL-08-040129
+    stigid@almalinux8: RHEL-08-040129
 
 platform: mount[var-log-audit]
 
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_noexec/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_noexec/rule.yml
index eeb5906df..89c74f415 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_noexec/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_noexec/rule.yml
@@ -31,7 +31,7 @@ references:
     ospp: FMT_SMF_EXT.1
     srg: SRG-OS-000368-GPOS-00154
     stigid@ol8: OL08-00-040131
-    stigid@rhel8: RHEL-08-040131
+    stigid@almalinux8: RHEL-08-040131
 
 platform: mount[var-log-audit]
 
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nosuid/rule.yml
index bd5ed3cea..35e9e12fd 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nosuid/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nosuid/rule.yml
@@ -32,7 +32,7 @@ references:
     ospp: FMT_SMF_EXT.1
     srg: SRG-OS-000368-GPOS-00154
     stigid@ol8: OL08-00-040130
-    stigid@rhel8: RHEL-08-040130
+    stigid@almalinux8: RHEL-08-040130
 
 platform: mount[var-log-audit]
 
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_log_nodev/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_log_nodev/rule.yml
index 442b0a1e1..c5315f31d 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_var_log_nodev/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_var_log_nodev/rule.yml
@@ -32,7 +32,7 @@ references:
     nist-csf: PR.IP-1,PR.PT-2,PR.PT-3
     srg: SRG-OS-000368-GPOS-00154
     stigid@ol8: OL08-00-040126
-    stigid@rhel8: RHEL-08-040126
+    stigid@almalinux8: RHEL-08-040126
 
 platform: mount[var-log]
 
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_log_noexec/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_log_noexec/rule.yml
index e827606dd..cbc9b46ce 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_var_log_noexec/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_var_log_noexec/rule.yml
@@ -32,7 +32,7 @@ references:
     nist-csf: PR.IP-1,PR.PT-2,PR.PT-3
     srg: SRG-OS-000368-GPOS-00154
     stigid@ol8: OL08-00-040128
-    stigid@rhel8: RHEL-08-040128
+    stigid@almalinux8: RHEL-08-040128
 
 platform: mount[var-log]
 
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_log_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_log_nosuid/rule.yml
index c83aad907..461b4b057 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_var_log_nosuid/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_var_log_nosuid/rule.yml
@@ -33,7 +33,7 @@ references:
     nist-csf: PR.IP-1,PR.PT-2,PR.PT-3
     srg: SRG-OS-000368-GPOS-00154
     stigid@ol8: OL08-00-040127
-    stigid@rhel8: RHEL-08-040127
+    stigid@almalinux8: RHEL-08-040127
 
 platform: mount[var-log]
 
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_bind/bash/shared.sh b/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_bind/bash/shared.sh
index 59e39270d..5c154d333 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_bind/bash/shared.sh
+++ b/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_bind/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
 
 # Delete particular /etc/fstab's row if /var/tmp is already configured to
 # represent a mount point (for some device or filesystem other than /tmp)
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_nodev/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_nodev/rule.yml
index 50d698334..69da8f741 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_nodev/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_nodev/rule.yml
@@ -34,7 +34,7 @@ references:
     disa: CCI-001764
     srg: SRG-OS-000368-GPOS-00154
     stigid@ol8: OL08-00-040132
-    stigid@rhel8: RHEL-08-040132
+    stigid@almalinux8: RHEL-08-040132
 
 platform: mount[var-tmp]
 
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_noexec/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_noexec/rule.yml
index 86ee15056..ba75368df 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_noexec/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_noexec/rule.yml
@@ -34,7 +34,7 @@ references:
     disa: CCI-001764
     srg: SRG-OS-000368-GPOS-00154
     stigid@ol8: OL08-00-040134
-    stigid@rhel8: RHEL-08-040134
+    stigid@almalinux8: RHEL-08-040134
 
 platform: mount[var-tmp]
 
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_nosuid/rule.yml
index 100582899..a91f84707 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_nosuid/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_nosuid/rule.yml
@@ -34,7 +34,7 @@ references:
     disa: CCI-001764
     srg: SRG-OS-000368-GPOS-00154
     stigid@ol8: OL08-00-040133
-    stigid@rhel8: RHEL-08-040133
+    stigid@almalinux8: RHEL-08-040133
 
 platform: mount[var-tmp]
 
diff --git a/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_backtraces/kubernetes/shared.yml b/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_backtraces/kubernetes/shared.yml
index d94802273..554e34e00 100644
--- a/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_backtraces/kubernetes/shared.yml
+++ b/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_backtraces/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
 apiVersion: machineconfiguration.openshift.io/v1
 kind: MachineConfig
 spec:
diff --git a/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_backtraces/rule.yml b/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_backtraces/rule.yml
index 2b0604d10..ba1290f14 100644
--- a/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_backtraces/rule.yml
+++ b/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_backtraces/rule.yml
@@ -40,7 +40,7 @@ references:
     pcidss: Req-3.2
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol8: OL08-00-010675
-    stigid@rhel8: RHEL-08-010675
+    stigid@almalinux8: RHEL-08-010675
 
 ocil_clause: 'the "ProcessSizeMax" item is missing, commented out, or the value is anything other than "0" and the need for core dumps is not documented with the Information System Security Officer (ISSO) as an operational requirement for all domains that have the "core" item assigned'
 
diff --git a/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_storage/kubernetes/shared.yml b/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_storage/kubernetes/shared.yml
index d94802273..554e34e00 100644
--- a/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_storage/kubernetes/shared.yml
+++ b/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_storage/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
 apiVersion: machineconfiguration.openshift.io/v1
 kind: MachineConfig
 spec:
diff --git a/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_storage/rule.yml b/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_storage/rule.yml
index 3ba3a22cf..a54e77860 100644
--- a/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_storage/rule.yml
+++ b/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_storage/rule.yml
@@ -40,7 +40,7 @@ references:
     pcidss: Req-3.2
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol8: OL08-00-010674
-    stigid@rhel8: RHEL-08-010674
+    stigid@almalinux8: RHEL-08-010674
 
 ocil_clause: Storage is not set to none or is commented out and the need for core dumps is not documented with the Information System Security Officer (ISSO) as an operational requirement for all domains that have the "core" item assigned
 
diff --git a/linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/bash/shared.sh b/linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/bash/shared.sh
index c57a01958..f75667220 100644
--- a/linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/bash/shared.sh
+++ b/linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_ol,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
+# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
 SECURITY_LIMITS_FILE="/etc/security/limits.conf"
 
 if grep -qE '^\s*\*\s+hard\s+core' $SECURITY_LIMITS_FILE; then
diff --git a/linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/kubernetes/shared.yml b/linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/kubernetes/shared.yml
index 41cbd1197..481afa583 100644
--- a/linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/kubernetes/shared.yml
+++ b/linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
 apiVersion: machineconfiguration.openshift.io/v1
 kind: MachineConfig
 spec:
diff --git a/linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/rule.yml b/linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/rule.yml
index af0fcf370..78d0ce41a 100644
--- a/linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/rule.yml
+++ b/linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/rule.yml
@@ -40,7 +40,7 @@ references:
     nist-csf: DE.CM-1,PR.DS-4
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol8: OL08-00-010673
-    stigid@rhel8: RHEL-08-010673
+    stigid@almalinux8: RHEL-08-010673
 
 ocil_clause: 'the "core" item is missing, commented out, or the value is anything other than "0" and the need for core dumps is not documented with the Information System Security Officer (ISSO) as an operational requirement for all domains that have the "core"'
 
diff --git a/linux_os/guide/system/permissions/restrictions/coredumps/service_systemd-coredump_disabled/rule.yml b/linux_os/guide/system/permissions/restrictions/coredumps/service_systemd-coredump_disabled/rule.yml
index 429f6fe9c..245a55c5a 100644
--- a/linux_os/guide/system/permissions/restrictions/coredumps/service_systemd-coredump_disabled/rule.yml
+++ b/linux_os/guide/system/permissions/restrictions/coredumps/service_systemd-coredump_disabled/rule.yml
@@ -29,7 +29,7 @@ references:
     ospp: FMT_SMF_EXT.1
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol8: OL08-00-010672
-    stigid@rhel8: RHEL-08-010672
+    stigid@almalinux8: RHEL-08-010672
 
 ocil_clause: unit systemd-coredump.socket is not masked or running
 
@@ -51,7 +51,7 @@ template:
     name: socket_disabled
     vars:
         socketname: systemd-coredump
-{{% if product in ["ol8", "rhel8"] %}}
+{{% if product in ["ol8", "rhel8", "almalinux8"] %}}
         packagename: systemd
 {{% else %}}
         packagename: systemd-udev
diff --git a/linux_os/guide/system/permissions/restrictions/daemon_umask/umask_for_daemons/bash/shared.sh b/linux_os/guide/system/permissions/restrictions/daemon_umask/umask_for_daemons/bash/shared.sh
index c191c94e8..65747635e 100644
--- a/linux_os/guide/system/permissions/restrictions/daemon_umask/umask_for_daemons/bash/shared.sh
+++ b/linux_os/guide/system/permissions/restrictions/daemon_umask/umask_for_daemons/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Red Hat Enterprise Linux 8
+# platform = Red Hat Enterprise Linux 8,AlmaLinux OS 8
 
 {{{ bash_instantiate_variables("var_umask_for_daemons") }}}
 
diff --git a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/kubernetes/shared.yml b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/kubernetes/shared.yml
index 415b0486d..02b1e991a 100644
--- a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/kubernetes/shared.yml
+++ b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
 apiVersion: machineconfiguration.openshift.io/v1
 kind: MachineConfig
 spec:
diff --git a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/rule.yml b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/rule.yml
index 95f13e13b..58e9d0573 100644
--- a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/rule.yml
+++ b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/rule.yml
@@ -29,7 +29,7 @@ references:
     ospp: FMT_SMF_EXT.1
     srg: SRG-OS-000132-GPOS-00067,SRG-OS-000433-GPOS-00192,SRG-OS-000480-GPOS-00227
     stigid@ol8: OL08-00-040283
-    stigid@rhel8: RHEL-08-040283
+    stigid@almalinux8: RHEL-08-040283
     stigid@sle12: SLES-12-030320
     stigid@sle15: SLES-15-010540
 
diff --git a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/tests/value_1.pass.sh b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/tests/value_1.pass.sh
index 70189666c..22f9e966b 100644
--- a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/tests/value_1.pass.sh
+++ b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/tests/value_1.pass.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
 
 # Clean sysctl config directories
 rm -rf /usr/lib/sysctl.d/* /run/sysctl.d/* /etc/sysctl.d/*
diff --git a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/tests/value_2.pass.sh b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/tests/value_2.pass.sh
index 209395fa9..23cce30a8 100644
--- a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/tests/value_2.pass.sh
+++ b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/tests/value_2.pass.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
 
 # Clean sysctl config directories
 rm -rf /usr/lib/sysctl.d/* /run/sysctl.d/* /etc/sysctl.d/*
diff --git a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_randomize_va_space/kubernetes/shared.yml b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_randomize_va_space/kubernetes/shared.yml
index 7a4c107b2..22e209120 100644
--- a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_randomize_va_space/kubernetes/shared.yml
+++ b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_randomize_va_space/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
 apiVersion: machineconfiguration.openshift.io/v1
 kind: MachineConfig
 spec:
diff --git a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_randomize_va_space/rule.yml b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_randomize_va_space/rule.yml
index 061d44762..17c71d655 100644
--- a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_randomize_va_space/rule.yml
+++ b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_randomize_va_space/rule.yml
@@ -38,7 +38,7 @@ references:
     srg: SRG-OS-000433-GPOS-00193,SRG-OS-000480-GPOS-00227,SRG-APP-000450-CTR-001105
     stigid@ol7: OL07-00-040201
     stigid@ol8: OL08-00-010430
-    stigid@rhel8: RHEL-08-010430
+    stigid@almalinux8: RHEL-08-010430
     stigid@sle12: SLES-12-030330
     stigid@sle15: SLES-15-010550
     stigid@ubuntu2004: UBTU-20-010448
diff --git a/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/rule.yml b/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/rule.yml
index 9b2f76c37..0bd35153b 100644
--- a/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/rule.yml
+++ b/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/rule.yml
@@ -39,7 +39,7 @@ references:
     nist-csf: PR.IP-1
     srg: SRG-OS-000433-GPOS-00192,SRG-APP-000450-CTR-001105
     stigid@ol8: OL08-00-010420
-    stigid@rhel8: RHEL-08-010420
+    stigid@almalinux8: RHEL-08-010420
     stigid@ubuntu2004: UBTU-20-010447
     stigid@ubuntu2204: UBTU-22-213025
 
diff --git a/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/tests/correct_value.pass.sh b/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/tests/correct_value.pass.sh
index 6d87da5f2..021acd31f 100755
--- a/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/tests/correct_value.pass.sh
+++ b/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/tests/correct_value.pass.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
 # remediation = none
 
 cp /proc/cpuinfo /tmp/cpuinfo
diff --git a/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/tests/wrong_value.fail.sh b/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/tests/wrong_value.fail.sh
index 3260539b3..29d22d491 100755
--- a/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/tests/wrong_value.fail.sh
+++ b/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/tests/wrong_value.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
 # remediation = none
 
 cp /proc/cpuinfo /tmp/cpuinfo
diff --git a/linux_os/guide/system/permissions/restrictions/kernel_module_uvcvideo_disabled/rule.yml b/linux_os/guide/system/permissions/restrictions/kernel_module_uvcvideo_disabled/rule.yml
index 8507ac283..5bed242df 100644
--- a/linux_os/guide/system/permissions/restrictions/kernel_module_uvcvideo_disabled/rule.yml
+++ b/linux_os/guide/system/permissions/restrictions/kernel_module_uvcvideo_disabled/rule.yml
@@ -20,7 +20,7 @@ references:
     nist: CM-7 (a),CM-7 (5) (b)
     srg: SRG-OS-000095-GPOS-00049,SRG-OS-000370-GPOS-00155
     stigid@ol8: OL08-00-040020
-    stigid@rhel8: RHEL-08-040020
+    stigid@almalinux8: RHEL-08-040020
 
 platform: system_with_kernel
 
diff --git a/linux_os/guide/system/permissions/restrictions/poisoning/grub2_page_poison_argument/rule.yml b/linux_os/guide/system/permissions/restrictions/poisoning/grub2_page_poison_argument/rule.yml
index 5140236fd..0ebe35402 100644
--- a/linux_os/guide/system/permissions/restrictions/poisoning/grub2_page_poison_argument/rule.yml
+++ b/linux_os/guide/system/permissions/restrictions/poisoning/grub2_page_poison_argument/rule.yml
@@ -28,7 +28,7 @@ references:
     nist: CM-6(a)
     srg: SRG-OS-000480-GPOS-00227,SRG-OS-000134-GPOS-00068
     stigid@ol8: OL08-00-010421
-    stigid@rhel8: RHEL-08-010421
+    stigid@almalinux8: RHEL-08-010421
 
 ocil_clause: 'page allocator poisoning is not enabled'
 
diff --git a/linux_os/guide/system/permissions/restrictions/poisoning/grub2_slub_debug_argument/rule.yml b/linux_os/guide/system/permissions/restrictions/poisoning/grub2_slub_debug_argument/rule.yml
index c2ea1a898..46a463b73 100644
--- a/linux_os/guide/system/permissions/restrictions/poisoning/grub2_slub_debug_argument/rule.yml
+++ b/linux_os/guide/system/permissions/restrictions/poisoning/grub2_slub_debug_argument/rule.yml
@@ -28,7 +28,7 @@ references:
     nist: CM-6(a)
     srg: SRG-OS-000433-GPOS-00192,SRG-OS-000134-GPOS-00068
     stigid@ol8: OL08-00-010423
-    stigid@rhel8: RHEL-08-010423
+    stigid@almalinux8: RHEL-08-010423
 
 ocil_clause: 'SLUB/SLAB poisoning is not enabled'
 
diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_pattern/kubernetes/shared.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_pattern/kubernetes/shared.yml
index 88c683445..fa9b2020d 100644
--- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_pattern/kubernetes/shared.yml
+++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_pattern/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
 apiVersion: machineconfiguration.openshift.io/v1
 kind: MachineConfig
 spec:
diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_pattern/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_pattern/rule.yml
index b555eca8f..3aa33caff 100644
--- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_pattern/rule.yml
+++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_pattern/rule.yml
@@ -28,7 +28,7 @@ references:
     nist: SC-7(10)
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol8: OL08-00-010671
-    stigid@rhel8: RHEL-08-010671
+    stigid@almalinux8: RHEL-08-010671
 
 ocil_clause:  |-
     the returned line does not have a value of "|/bin/false", or a line is not
diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_dmesg_restrict/kubernetes/shared.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_dmesg_restrict/kubernetes/shared.yml
index 36e025cc3..e97acde11 100644
--- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_dmesg_restrict/kubernetes/shared.yml
+++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_dmesg_restrict/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
 apiVersion: machineconfiguration.openshift.io/v1
 kind: MachineConfig
 spec:
diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_dmesg_restrict/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_dmesg_restrict/rule.yml
index 651e3bc35..c90a6b377 100644
--- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_dmesg_restrict/rule.yml
+++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_dmesg_restrict/rule.yml
@@ -29,7 +29,7 @@ references:
     srg: SRG-OS-000132-GPOS-00067,SRG-OS-000138-GPOS-00069,SRG-APP-000243-CTR-000600
     stigid@ol7: OL07-00-010375
     stigid@ol8: OL08-00-010375
-    stigid@rhel8: RHEL-08-010375
+    stigid@almalinux8: RHEL-08-010375
     stigid@sle12: SLES-12-010375
     stigid@sle15: SLES-15-010375
     stigid@ubuntu2004: UBTU-20-010401
diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_kexec_load_disabled/kubernetes/shared.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_kexec_load_disabled/kubernetes/shared.yml
index 505b3c12b..cdf18e6dd 100644
--- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_kexec_load_disabled/kubernetes/shared.yml
+++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_kexec_load_disabled/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
 apiVersion: machineconfiguration.openshift.io/v1
 kind: MachineConfig
 spec:
diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_kexec_load_disabled/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_kexec_load_disabled/rule.yml
index c763c7d05..dc016bd74 100644
--- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_kexec_load_disabled/rule.yml
+++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_kexec_load_disabled/rule.yml
@@ -23,7 +23,7 @@ references:
     ospp: FMT_SMF_EXT.1
     srg: SRG-OS-000480-GPOS-00227,SRG-OS-000366-GPOS-00153
     stigid@ol8: OL08-00-010372
-    stigid@rhel8: RHEL-08-010372
+    stigid@almalinux8: RHEL-08-010372
 
 {{{ complete_ocil_entry_sysctl_option_value(sysctl="kernel.kexec_load_disabled", value="1") }}}
 
diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_perf_event_paranoid/kubernetes/shared.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_perf_event_paranoid/kubernetes/shared.yml
index 0541e59a7..50020c28c 100644
--- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_perf_event_paranoid/kubernetes/shared.yml
+++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_perf_event_paranoid/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
 apiVersion: machineconfiguration.openshift.io/v1
 kind: MachineConfig
 spec:
diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_perf_event_paranoid/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_perf_event_paranoid/rule.yml
index d4143e029..4b95ee738 100644
--- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_perf_event_paranoid/rule.yml
+++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_perf_event_paranoid/rule.yml
@@ -24,7 +24,7 @@ references:
     ospp: FMT_SMF_EXT.1
     srg: SRG-OS-000132-GPOS-00067,SRG-OS-000138-GPOS-00069,SRG-APP-000243-CTR-000600
     stigid@ol8: OL08-00-010376
-    stigid@rhel8: RHEL-08-010376
+    stigid@almalinux8: RHEL-08-010376
 
 {{{ complete_ocil_entry_sysctl_option_value(sysctl="kernel.perf_event_paranoid", value="2") }}}
 
diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled/kubernetes/shared.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled/kubernetes/shared.yml
index 2e24d9211..7b706bb32 100644
--- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled/kubernetes/shared.yml
+++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
 apiVersion: machineconfiguration.openshift.io/v1
 kind: MachineConfig
 spec:
diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled/rule.yml
index 874bc113e..19d513681 100644
--- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled/rule.yml
+++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled/rule.yml
@@ -22,7 +22,7 @@ references:
     nist: AC-6,SC-7(10)
     srg: SRG-OS-000132-GPOS-00067,SRG-OS-000480-GPOS-00227
     stigid@ol8: OL08-00-040281
-    stigid@rhel8: RHEL-08-040281
+    stigid@almalinux8: RHEL-08-040281
 
 {{{ complete_ocil_entry_sysctl_option_value(sysctl="kernel.unprivileged_bpf_disabled", value="1") }}}
 
diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_yama_ptrace_scope/kubernetes/shared.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_yama_ptrace_scope/kubernetes/shared.yml
index ceafd4839..7006e2066 100644
--- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_yama_ptrace_scope/kubernetes/shared.yml
+++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_yama_ptrace_scope/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
 apiVersion: machineconfiguration.openshift.io/v1
 kind: MachineConfig
 spec:
diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_yama_ptrace_scope/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_yama_ptrace_scope/rule.yml
index 498e93e15..b3b830191 100644
--- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_yama_ptrace_scope/rule.yml
+++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_yama_ptrace_scope/rule.yml
@@ -27,7 +27,7 @@ references:
     ospp: FMT_SMF_EXT.1
     srg: SRG-OS-000132-GPOS-00067,SRG-OS-000480-GPOS-00227
     stigid@ol8: OL08-00-040282
-    stigid@rhel8: RHEL-08-040282
+    stigid@almalinux8: RHEL-08-040282
 
 {{{ complete_ocil_entry_sysctl_option_value(sysctl="kernel.yama.ptrace_scope", value="1") }}}
 
diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_net_core_bpf_jit_harden/kubernetes/shared.yml b/linux_os/guide/system/permissions/restrictions/sysctl_net_core_bpf_jit_harden/kubernetes/shared.yml
index 7519b7740..af6c30abd 100644
--- a/linux_os/guide/system/permissions/restrictions/sysctl_net_core_bpf_jit_harden/kubernetes/shared.yml
+++ b/linux_os/guide/system/permissions/restrictions/sysctl_net_core_bpf_jit_harden/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
 apiVersion: machineconfiguration.openshift.io/v1
 kind: MachineConfig
 spec:
diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_net_core_bpf_jit_harden/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_net_core_bpf_jit_harden/rule.yml
index 2b4394608..c94003cf9 100644
--- a/linux_os/guide/system/permissions/restrictions/sysctl_net_core_bpf_jit_harden/rule.yml
+++ b/linux_os/guide/system/permissions/restrictions/sysctl_net_core_bpf_jit_harden/rule.yml
@@ -23,7 +23,7 @@ references:
     nist: CM-6,SC-7(10)
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol8: OL08-00-040286
-    stigid@rhel8: RHEL-08-040286
+    stigid@almalinux8: RHEL-08-040286
 
 {{{ complete_ocil_entry_sysctl_option_value(sysctl="net.core.bpf_jit_harden", value="2") }}}
 
diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_user_max_user_namespaces/kubernetes/shared.yml b/linux_os/guide/system/permissions/restrictions/sysctl_user_max_user_namespaces/kubernetes/shared.yml
index fdd4fb83e..3274d5b36 100644
--- a/linux_os/guide/system/permissions/restrictions/sysctl_user_max_user_namespaces/kubernetes/shared.yml
+++ b/linux_os/guide/system/permissions/restrictions/sysctl_user_max_user_namespaces/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
 apiVersion: machineconfiguration.openshift.io/v1
 kind: MachineConfig
 spec:
diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_user_max_user_namespaces/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_user_max_user_namespaces/rule.yml
index ae6678e66..dd45e6327 100644
--- a/linux_os/guide/system/permissions/restrictions/sysctl_user_max_user_namespaces/rule.yml
+++ b/linux_os/guide/system/permissions/restrictions/sysctl_user_max_user_namespaces/rule.yml
@@ -35,7 +35,7 @@ references:
     ospp: FMT_SMF_EXT.1
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol8: OL08-00-040284
-    stigid@rhel8: RHEL-08-040284
+    stigid@almalinux8: RHEL-08-040284
 
 ocil: |
     Verify that {{{ full_name }}} disables the use of user namespaces with the following commands:
diff --git a/linux_os/guide/system/selinux/package_libselinux_installed/tests/custom-package-removed.fail.sh b/linux_os/guide/system/selinux/package_libselinux_installed/tests/custom-package-removed.fail.sh
index 2520d3dcc..ed0bc9538 100644
--- a/linux_os/guide/system/selinux/package_libselinux_installed/tests/custom-package-removed.fail.sh
+++ b/linux_os/guide/system/selinux/package_libselinux_installed/tests/custom-package-removed.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
 
 # Package libselinux cannot be uninstalled normally
 # as it would cause removal of sudo package which is
diff --git a/linux_os/guide/system/selinux/package_policycoreutils_installed/rule.yml b/linux_os/guide/system/selinux/package_policycoreutils_installed/rule.yml
index 5c6e7417e..93471f2bb 100644
--- a/linux_os/guide/system/selinux/package_policycoreutils_installed/rule.yml
+++ b/linux_os/guide/system/selinux/package_policycoreutils_installed/rule.yml
@@ -32,7 +32,7 @@ references:
     disa: CCI-000366,CCI-001084
     srg: SRG-OS-000480-GPOS-00227,SRG-OS-000134-GPOS-00068
     stigid@ol8: OL08-00-010171
-    stigid@rhel8: RHEL-08-010171
+    stigid@almalinux8: RHEL-08-010171
 
 ocil_clause: 'the policycoreutils package is not installed'
 
diff --git a/linux_os/guide/system/selinux/selinux_policytype/rule.yml b/linux_os/guide/system/selinux/selinux_policytype/rule.yml
index 0ce6648a9..a16729287 100644
--- a/linux_os/guide/system/selinux/selinux_policytype/rule.yml
+++ b/linux_os/guide/system/selinux/selinux_policytype/rule.yml
@@ -51,7 +51,7 @@ references:
     srg: SRG-OS-000445-GPOS-00199,SRG-APP-000233-CTR-000585
     stigid@ol7: OL07-00-020220
     stigid@ol8: OL08-00-010450
-    stigid@rhel8: RHEL-08-010450
+    stigid@almalinux8: RHEL-08-010450
 
 ocil_clause: 'the loaded policy name is not "{{{ xccdf_value("var_selinux_policy_name") }}}"'
 
diff --git a/linux_os/guide/system/selinux/selinux_state/rule.yml b/linux_os/guide/system/selinux/selinux_state/rule.yml
index ba0a43a4a..edbcdfa2b 100644
--- a/linux_os/guide/system/selinux/selinux_state/rule.yml
+++ b/linux_os/guide/system/selinux/selinux_state/rule.yml
@@ -44,7 +44,7 @@ references:
     srg: SRG-OS-000445-GPOS-00199,SRG-OS-000134-GPOS-00068
     stigid@ol7: OL07-00-020210
     stigid@ol8: OL08-00-010170
-    stigid@rhel8: RHEL-08-010170
+    stigid@almalinux8: RHEL-08-010170
 
 ocil_clause: 'SELINUX is not set to enforcing'
 
diff --git a/linux_os/guide/system/selinux/selinux_user_login_roles/rule.yml b/linux_os/guide/system/selinux/selinux_user_login_roles/rule.yml
index 9d751d635..058fc3bf6 100644
--- a/linux_os/guide/system/selinux/selinux_user_login_roles/rule.yml
+++ b/linux_os/guide/system/selinux/selinux_user_login_roles/rule.yml
@@ -40,7 +40,7 @@ references:
     srg: SRG-OS-000324-GPOS-00125
     stigid@ol7: OL07-00-020020
     stigid@ol8: OL08-00-040400
-    stigid@rhel8: RHEL-08-040400
+    stigid@almalinux8: RHEL-08-040400
 
 ocil_clause: 'non-admin users are not confined correctly'
 
diff --git a/linux_os/guide/system/software/disk_partitioning/encrypt_partitions/rule.yml b/linux_os/guide/system/software/disk_partitioning/encrypt_partitions/rule.yml
index 50884551a..0b81bbf55 100644
--- a/linux_os/guide/system/software/disk_partitioning/encrypt_partitions/rule.yml
+++ b/linux_os/guide/system/software/disk_partitioning/encrypt_partitions/rule.yml
@@ -80,7 +80,7 @@ references:
     nist@sle15: SC-28,SC-28.1
     srg: SRG-OS-000405-GPOS-00184,SRG-OS-000185-GPOS-00079,SRG-OS-000404-GPOS-00183
     stigid@ol8: OL08-00-010030
-    stigid@rhel8: RHEL-08-010030
+    stigid@almalinux8: RHEL-08-010030
     stigid@sle12: SLES-12-010450
     stigid@sle15: SLES-15-010330
     stigid@ubuntu2004: UBTU-20-010414
diff --git a/linux_os/guide/system/software/disk_partitioning/partition_for_home/rule.yml b/linux_os/guide/system/software/disk_partitioning/partition_for_home/rule.yml
index 1539bc866..17093daf8 100644
--- a/linux_os/guide/system/software/disk_partitioning/partition_for_home/rule.yml
+++ b/linux_os/guide/system/software/disk_partitioning/partition_for_home/rule.yml
@@ -42,7 +42,7 @@ references:
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol7: OL07-00-021310
     stigid@ol8: OL08-00-010800
-    stigid@rhel8: RHEL-08-010800
+    stigid@almalinux8: RHEL-08-010800
     stigid@sle12: SLES-12-010850
     stigid@sle15: SLES-15-040200
 
diff --git a/linux_os/guide/system/software/disk_partitioning/partition_for_tmp/rule.yml b/linux_os/guide/system/software/disk_partitioning/partition_for_tmp/rule.yml
index 4ac7375e0..7d8c344ef 100644
--- a/linux_os/guide/system/software/disk_partitioning/partition_for_tmp/rule.yml
+++ b/linux_os/guide/system/software/disk_partitioning/partition_for_tmp/rule.yml
@@ -37,7 +37,7 @@ references:
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol7: OL07-00-021340
     stigid@ol8: OL08-00-010543
-    stigid@rhel8: RHEL-08-010543
+    stigid@almalinux8: RHEL-08-010543
 
 {{{ complete_ocil_entry_separate_partition(part="/tmp") }}}
 
diff --git a/linux_os/guide/system/software/disk_partitioning/partition_for_var/rule.yml b/linux_os/guide/system/software/disk_partitioning/partition_for_var/rule.yml
index f74455ae9..76897321e 100644
--- a/linux_os/guide/system/software/disk_partitioning/partition_for_var/rule.yml
+++ b/linux_os/guide/system/software/disk_partitioning/partition_for_var/rule.yml
@@ -41,7 +41,7 @@ references:
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol7: OL07-00-021320
     stigid@ol8: OL08-00-010540
-    stigid@rhel8: RHEL-08-010540
+    stigid@almalinux8: RHEL-08-010540
     stigid@sle12: SLES-12-010860
     stigid@sle15: SLES-15-040210
 
diff --git a/linux_os/guide/system/software/disk_partitioning/partition_for_var_log/rule.yml b/linux_os/guide/system/software/disk_partitioning/partition_for_var_log/rule.yml
index 2aa64e3b0..838ff5c90 100644
--- a/linux_os/guide/system/software/disk_partitioning/partition_for_var_log/rule.yml
+++ b/linux_os/guide/system/software/disk_partitioning/partition_for_var_log/rule.yml
@@ -38,7 +38,7 @@ references:
     nist-csf: PR.PT-1,PR.PT-4
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol8: OL08-00-010541
-    stigid@rhel8: RHEL-08-010541
+    stigid@almalinux8: RHEL-08-010541
 
 {{{ complete_ocil_entry_separate_partition(part="/var/log") }}}
 
diff --git a/linux_os/guide/system/software/disk_partitioning/partition_for_var_log_audit/rule.yml b/linux_os/guide/system/software/disk_partitioning/partition_for_var_log_audit/rule.yml
index 1cbfe4024..1f18a3ba2 100644
--- a/linux_os/guide/system/software/disk_partitioning/partition_for_var_log_audit/rule.yml
+++ b/linux_os/guide/system/software/disk_partitioning/partition_for_var_log_audit/rule.yml
@@ -46,7 +46,7 @@ references:
     srg: SRG-OS-000341-GPOS-00132,SRG-OS-000480-GPOS-00227,SRG-APP-000357-CTR-000800
     stigid@ol7: OL07-00-021330
     stigid@ol8: OL08-00-010542
-    stigid@rhel8: RHEL-08-010542
+    stigid@almalinux8: RHEL-08-010542
     stigid@sle12: SLES-12-010870
     stigid@sle15: SLES-15-030810
 
diff --git a/linux_os/guide/system/software/disk_partitioning/partition_for_var_tmp/rule.yml b/linux_os/guide/system/software/disk_partitioning/partition_for_var_tmp/rule.yml
index 0fe3f728a..b78fd700f 100644
--- a/linux_os/guide/system/software/disk_partitioning/partition_for_var_tmp/rule.yml
+++ b/linux_os/guide/system/software/disk_partitioning/partition_for_var_tmp/rule.yml
@@ -32,7 +32,7 @@ references:
     disa: CCI-000366
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol8: OL08-00-010544
-    stigid@rhel8: RHEL-08-010544
+    stigid@almalinux8: RHEL-08-010544
 
 {{{ complete_ocil_entry_separate_partition(part="/var/tmp") }}}
 
diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_restart_shutdown/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_restart_shutdown/ansible/shared.yml
index c3baa1b80..be83f158f 100644
--- a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_restart_shutdown/ansible/shared.yml
+++ b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_restart_shutdown/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
 # reboot = false
 # strategy = unknown
 # complexity = low
diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_user_list/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_user_list/ansible/shared.yml
index 917fc7dc4..bc1d7c63c 100644
--- a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_user_list/ansible/shared.yml
+++ b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_user_list/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
 # reboot = false
 # strategy = unknown
 # complexity = low
diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_user_list/rule.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_user_list/rule.yml
index 1f62e436c..10278a708 100644
--- a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_user_list/rule.yml
+++ b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_user_list/rule.yml
@@ -43,7 +43,7 @@ references:
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol7: OL07-00-010063
     stigid@ol8: OL08-00-020032
-    stigid@rhel8: RHEL-08-020032
+    stigid@almalinux8: RHEL-08-020032
 
 ocil_clause: 'disable-user-list has not been configured or is not disabled'
 
diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_enable_smartcard_auth/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_enable_smartcard_auth/ansible/shared.yml
index f5d68f1c3..91f02c0d4 100644
--- a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_enable_smartcard_auth/ansible/shared.yml
+++ b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_enable_smartcard_auth/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
 # reboot = false
 # strategy = unknown
 # complexity = low
diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_lock_screen_on_smartcard_removal/rule.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_lock_screen_on_smartcard_removal/rule.yml
index ea6da5dbd..3d2395dd0 100644
--- a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_lock_screen_on_smartcard_removal/rule.yml
+++ b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_lock_screen_on_smartcard_removal/rule.yml
@@ -33,7 +33,7 @@ references:
     disa: CCI-000057,CCI-000056
     srg: SRG-OS-000028-GPOS-00009,SRG-OS-000030-GPOS-00011
     stigid@ol8: OL08-00-020050
-    stigid@rhel8: RHEL-08-020050
+    stigid@almalinux8: RHEL-08-020050
 
 ocil_clause: 'removal-action has not been configured'
 
diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_login_retries/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_login_retries/ansible/shared.yml
index 45e6c24aa..e06d9600f 100644
--- a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_login_retries/ansible/shared.yml
+++ b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_login_retries/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
 # reboot = false
 # strategy = unknown
 # complexity = low
diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_automatic_login/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_automatic_login/ansible/shared.yml
index 6b19c8138..1f656f5a8 100644
--- a/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_automatic_login/ansible/shared.yml
+++ b/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_automatic_login/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
 # reboot = false
 # strategy = unknown
 # complexity = low
diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_automatic_login/rule.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_automatic_login/rule.yml
index 163bc2196..255da2cff 100644
--- a/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_automatic_login/rule.yml
+++ b/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_automatic_login/rule.yml
@@ -36,7 +36,7 @@ references:
     srg: SRG-OS-000480-GPOS-00229
     stigid@ol7: OL07-00-010440
     stigid@ol8: OL08-00-010820
-    stigid@rhel8: RHEL-08-010820
+    stigid@almalinux8: RHEL-08-010820
 
 ocil_clause: 'GDM allows users to automatically login'
 
diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_guest_login/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_guest_login/ansible/shared.yml
index ef2933c52..0d72f6f65 100644
--- a/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_guest_login/ansible/shared.yml
+++ b/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_guest_login/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
 # reboot = false
 # strategy = unknown
 # complexity = low
diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_guest_login/bash/shared.sh b/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_guest_login/bash/shared.sh
index 52d6589cb..34b6cab0d 100644
--- a/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_guest_login/bash/shared.sh
+++ b/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_guest_login/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Red Hat Enterprise Linux 8,multi_platform_fedora,multi_platform_ol
+# platform = Red Hat Enterprise Linux 8,AlmaLinux OS 8,multi_platform_fedora,multi_platform_ol
 
 if rpm --quiet -q gdm
 then
diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_xdmcp/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_xdmcp/ansible/shared.yml
index 0ca67c74a..332a5018a 100644
--- a/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_xdmcp/ansible/shared.yml
+++ b/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_xdmcp/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
 # reboot = false
 # strategy = unknown
 # complexity = low
diff --git a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount/ansible/shared.yml
index 60417ff4e..0af05e798 100644
--- a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount/ansible/shared.yml
+++ b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
 # reboot = false
 # strategy = unknown
 # complexity = low
diff --git a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount_open/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount_open/ansible/shared.yml
index ac168ef9f..69ecfa6a7 100644
--- a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount_open/ansible/shared.yml
+++ b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount_open/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
 # reboot = false
 # strategy = unknown
 # complexity = low
diff --git a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_autorun/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_autorun/ansible/shared.yml
index 51e4063c3..3591b7266 100644
--- a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_autorun/ansible/shared.yml
+++ b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_autorun/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
 # reboot = false
 # strategy = unknown
 # complexity = low
diff --git a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_thumbnailers/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_thumbnailers/ansible/shared.yml
index 33460b61c..04074e66b 100644
--- a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_thumbnailers/ansible/shared.yml
+++ b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_thumbnailers/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
 # reboot = false
 # strategy = unknown
 # complexity = low
diff --git a/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_create/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_create/ansible/shared.yml
index 4e389aa5c..254db9bfe 100644
--- a/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_create/ansible/shared.yml
+++ b/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_create/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
 # reboot = false
 # strategy = unknown
 # complexity = low
diff --git a/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_notification/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_notification/ansible/shared.yml
index c3922e5b0..40515598a 100644
--- a/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_notification/ansible/shared.yml
+++ b/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_notification/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
 # reboot = false
 # strategy = unknown
 # complexity = low
diff --git a/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_credential_prompt/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_credential_prompt/ansible/shared.yml
index 09eed8367..601191b49 100644
--- a/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_credential_prompt/ansible/shared.yml
+++ b/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_credential_prompt/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
 # reboot = false
 # strategy = unknown
 # complexity = low
diff --git a/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_encryption/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_encryption/ansible/shared.yml
index bf1efbe61..efa5b96a6 100644
--- a/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_encryption/ansible/shared.yml
+++ b/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_encryption/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
 # reboot = false
 # strategy = unknown
 # complexity = low
diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_enabled/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_enabled/ansible/shared.yml
index f7c7b4379..95781d5ab 100644
--- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_enabled/ansible/shared.yml
+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_enabled/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
 # reboot = false
 # strategy = unknown
 # complexity = low
diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_locked/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_locked/ansible/shared.yml
index d3f144c89..ae170b802 100644
--- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_locked/ansible/shared.yml
+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_locked/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
 # reboot = false
 # strategy = unknown
 # complexity = low
diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_delay/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_delay/ansible/shared.yml
index 5b08acff4..d1af90b16 100644
--- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_delay/ansible/shared.yml
+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_delay/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
 # reboot = false
 # strategy = unknown
 # complexity = low
diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_delay/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_delay/rule.yml
index 1daf160b9..0373651ce 100644
--- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_delay/rule.yml
+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_delay/rule.yml
@@ -46,7 +46,7 @@ references:
     srg: SRG-OS-000029-GPOS-00010,SRG-OS-000031-GPOS-00012
     stigid@ol7: OL07-00-010070
     stigid@ol8: OL08-00-020060
-    stigid@rhel8: RHEL-08-020060
+    stigid@almalinux8: RHEL-08-020060
     stigid@sle12: SLES-12-010080
     stigid@sle15: SLES-15-010120
     stigid@ubuntu2204: UBTU-22-271025
diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_delay/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_delay/ansible/shared.yml
index 9d034e519..2c45806b4 100644
--- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_delay/ansible/shared.yml
+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_delay/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
 # reboot = false
 # strategy = unknown
 # complexity = low
diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_delay/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_delay/rule.yml
index 4341b6a35..88da01dd6 100644
--- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_delay/rule.yml
+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_delay/rule.yml
@@ -38,7 +38,7 @@ references:
     srg: SRG-OS-000029-GPOS-00010,SRG-OS-000031-GPOS-00012
     stigid@ol7: OL07-00-010110
     stigid@ol8: OL08-00-020031
-    stigid@rhel8: RHEL-08-020031
+    stigid@almalinux8: RHEL-08-020031
     stigid@ubuntu2204: UBTU-22-271025
 
 ocil_clause: 'the screensaver lock delay is missing, or is set to a value greater than {{{ xccdf_value("var_screensaver_lock_delay") }}}'
diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_enabled/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_enabled/ansible/shared.yml
index d04e6893f..5b9cba007 100644
--- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_enabled/ansible/shared.yml
+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_enabled/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
 # reboot = false
 # strategy = unknown
 # complexity = low
diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_enabled/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_enabled/rule.yml
index 654825af0..015e80773 100644
--- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_enabled/rule.yml
+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_enabled/rule.yml
@@ -54,7 +54,7 @@ references:
     srg: SRG-OS-000028-GPOS-00009,SRG-OS-000030-GPOS-00011
     stigid@ol7: OL07-00-010060
     stigid@ol8: OL08-00-020030,OL08-00-020082
-    stigid@rhel8: RHEL-08-020030
+    stigid@almalinux8: RHEL-08-020030
     stigid@sle12: SLES-12-010060
     stigid@sle15: SLES-15-010100
     stigid@ubuntu2004: UBTU-20-010004
diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_locked/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_locked/ansible/shared.yml
index 34ff91ab3..875abf68d 100644
--- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_locked/ansible/shared.yml
+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_locked/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
 # reboot = false
 # strategy = unknown
 # complexity = low
diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_locked/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_locked/rule.yml
index 2a5e4079a..02c981e1e 100644
--- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_locked/rule.yml
+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_locked/rule.yml
@@ -36,7 +36,7 @@ references:
     pcidss: Req-8.1.8
     srg: SRG-OS-000028-GPOS-00009,SRG-OS-000030-GPOS-00011
     stigid@ol7: OL07-00-010062
-    stigid@rhel8: RHEL-08-020082
+    stigid@almalinux8: RHEL-08-020082
 
 ocil_clause: 'screensaver locking is not locked'
 
diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_mode_blank/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_mode_blank/ansible/shared.yml
index 4dbe2b3c8..7313b6bcd 100644
--- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_mode_blank/ansible/shared.yml
+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_mode_blank/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
 # reboot = false
 # strategy = unknown
 # complexity = low
diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_info/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_info/ansible/shared.yml
index 606e00c5f..792db4ca4 100644
--- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_info/ansible/shared.yml
+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_info/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
 # reboot = false
 # strategy = unknown
 # complexity = low
diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_locks/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_locks/ansible/shared.yml
index ed7d98843..a41cb7151 100644
--- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_locks/ansible/shared.yml
+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_locks/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
 # reboot = false
 # strategy = unknown
 # complexity = low
diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_locks/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_locks/rule.yml
index 9cc43aab3..c3b1eef55 100644
--- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_locks/rule.yml
+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_locks/rule.yml
@@ -38,7 +38,7 @@ references:
     srg: SRG-OS-000029-GPOS-00010,SRG-OS-000031-GPOS-00012
     stigid@ol7: OL07-00-010081
     stigid@ol8: OL08-00-020080
-    stigid@rhel8: RHEL-08-020080
+    stigid@almalinux8: RHEL-08-020080
 
 ocil_clause: 'GNOME3 session settings are not locked or configured properly'
 
diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_session_idle_user_locks/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_session_idle_user_locks/ansible/shared.yml
index c379700ad..6d91cec21 100644
--- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_session_idle_user_locks/ansible/shared.yml
+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_session_idle_user_locks/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
 # reboot = false
 # strategy = unknown
 # complexity = low
diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_session_idle_user_locks/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_session_idle_user_locks/rule.yml
index d0b55e52f..9a20f4f0c 100644
--- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_session_idle_user_locks/rule.yml
+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_session_idle_user_locks/rule.yml
@@ -41,7 +41,7 @@ references:
     srg: SRG-OS-000029-GPOS-00010,SRG-OS-000031-GPOS-00012
     stigid@ol7: OL07-00-010082
     stigid@ol8: OL08-00-020081
-    stigid@rhel8: RHEL-08-020081
+    stigid@almalinux8: RHEL-08-020081
     stigid@sle12: SLES-12-010080
     stigid@sle15: SLES-15-010120
 
diff --git a/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_ctrlaltdel_reboot/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_ctrlaltdel_reboot/ansible/shared.yml
index 9830ea565..c0913adb5 100644
--- a/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_ctrlaltdel_reboot/ansible/shared.yml
+++ b/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_ctrlaltdel_reboot/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
 # reboot = false
 # strategy = unknown
 # complexity = low
diff --git a/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_ctrlaltdel_reboot/rule.yml b/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_ctrlaltdel_reboot/rule.yml
index 4c84a707c..9c2a07a78 100644
--- a/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_ctrlaltdel_reboot/rule.yml
+++ b/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_ctrlaltdel_reboot/rule.yml
@@ -45,7 +45,7 @@ references:
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol7: OL07-00-020231
     stigid@ol8: OL08-00-040171
-    stigid@rhel8: RHEL-08-040171
+    stigid@almalinux8: RHEL-08-040171
     stigid@ubuntu2004: UBTU-20-010459
     stigid@ubuntu2204: UBTU-22-271030
 
diff --git a/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_geolocation/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_geolocation/ansible/shared.yml
index fa4f578ef..f0d0708d1 100644
--- a/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_geolocation/ansible/shared.yml
+++ b/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_geolocation/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
 # reboot = false
 # strategy = unknown
 # complexity = low
diff --git a/linux_os/guide/system/software/gnome/group.yml b/linux_os/guide/system/software/gnome/group.yml
index c7617bc43..7de8de33c 100644
--- a/linux_os/guide/system/software/gnome/group.yml
+++ b/linux_os/guide/system/software/gnome/group.yml
@@ -12,7 +12,7 @@ description: |-
     {{% if 'ol' in product %}}
     Oracle Linux Graphical environment.
     {{% else %}}
-    Red Hat Graphical environment.
+    AlmaLinux Graphical environment.
     {{% endif %}}
     


     For more information on GNOME and the GNOME Project, see {{{ weblink(link="https://www.gnome.org") }}}.
diff --git a/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_vendor_supported/oval/shared.xml b/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_vendor_supported/oval/shared.xml
index e0b7e6db5..e493211ea 100644
--- a/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_vendor_supported/oval/shared.xml
+++ b/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_vendor_supported/oval/shared.xml
@@ -4,6 +4,7 @@
         The operating system installed on the system is supported by a vendor that provides security patches.
       ") }}}
     
+      
       
       
       
diff --git a/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_vendor_supported/rule.yml b/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_vendor_supported/rule.yml
index 8b47069e6..5da8ae82c 100644
--- a/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_vendor_supported/rule.yml
+++ b/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_vendor_supported/rule.yml
@@ -8,6 +8,9 @@ description: |-
 {{% if 'ol' in product %}}
     Oracle Linux is supported by Oracle Corporation. As the Oracle
     Linux vendor, Oracle Corporation is responsible for providing security patches.
+{{% elif product == "almalinux8" %}}
+    AlmaLinux is supported by AlmaLinux. As the AlmaLinux
+    vendor, AlmaLinux is responsible for providing security patches.
 {{% elif product in ["sle12", "sle15", "slmicro5"] %}}
     SUSE Linux Enterprise is supported by SUSE. As the SUSE Linux Enterprise
     vendor, SUSE is responsible for providing security patches.
@@ -48,7 +51,7 @@ references:
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol7: OL07-00-020250
     stigid@ol8: OL08-00-010000
-    stigid@rhel8: RHEL-08-010000
+    stigid@almalinux8: RHEL-08-010000
     stigid@sle12: SLES-12-010000
     stigid@sle15: SLES-15-010000
 
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/rule.yml
index da8686d40..78ac0f50b 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/rule.yml
+++ b/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/rule.yml
@@ -32,7 +32,7 @@ references:
     nist: SC-13,SC-12(2),SC-12(3)
     srg: SRG-OS-000423-GPOS-00187,SRG-OS-000426-GPOS-00190
     stigid@ol8: OL08-00-010020
-    stigid@rhel8: RHEL-08-010020
+    stigid@almalinux8: RHEL-08-010020
 
 ocil_clause: |-
     BIND is installed and the BIND config file doesn't contain the
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/absent.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/absent.fail.sh
index c7385d2c3..7bff0fb5e 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/absent.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/absent.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = bind
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9
 
 
 BIND_CONF='/etc/named.conf'
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/bind_not_installed.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/bind_not_installed.pass.sh
index b00bbfe21..c76ee772f 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/bind_not_installed.pass.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/bind_not_installed.pass.sh
@@ -1,4 +1,4 @@
 #!/bin/bash
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9
 
 {{{ bash_package_remove("bind") }}}
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/no_config_file.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/no_config_file.fail.sh
index 4f9c749eb..bea1a8eb8 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/no_config_file.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/no_config_file.fail.sh
@@ -1,7 +1,7 @@
 #!/bin/bash
 # packages = bind
 # 
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9
 # We don't remediate anything if the config file is missing completely.
 # remediation = none
 
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/ok.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/ok.pass.sh
index 34a32a73b..5477b796d 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/ok.pass.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/ok.pass.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = bind
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9
 
 BIND_CONF='/etc/named.conf'
 
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/overrides.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/overrides.fail.sh
index 290e5fb07..1a43afa0e 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/overrides.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/overrides.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = bind
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9
 
 
 BIND_CONF='/etc/named.conf'
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/kubernetes/shared.yml b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/kubernetes/shared.yml
index dd096ab41..b180ed3b3 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/kubernetes/shared.yml
+++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/kubernetes/shared.yml
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
 # reboot = true
 # strategy = restrict
 # complexity = low
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/rule.yml
index e5b8bd84f..443aae23e 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/rule.yml
+++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/rule.yml
@@ -68,7 +68,7 @@ references:
     ospp: FCS_COP.1(1),FCS_COP.1(2),FCS_COP.1(3),FCS_COP.1(4),FCS_CKM.1,FCS_CKM.2,FCS_TLSC_EXT.1
     srg: SRG-OS-000396-GPOS-00176,SRG-OS-000393-GPOS-00173,SRG-OS-000394-GPOS-00174
     stigid@ol8: OL08-00-010020
-    stigid@rhel8: RHEL-08-010020
+    stigid@almalinux8: RHEL-08-010020
 
 ocil_clause: 'cryptographic policy is not configured or is configured incorrectly'
 
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/cis_l2.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/cis_l2.pass.sh
index 7fca85ed5..2446c842e 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/cis_l2.pass.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/cis_l2.pass.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 # profiles = xccdf_org.ssgproject.content_profile_cis,xccdf_org.ssgproject.content_profile_cis_workstation_l2
 # packages = crypto-policies-scripts
 
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/config_and_current_same_time.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/config_and_current_same_time.pass.sh
index 8a4fd001c..72305d4a7 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/config_and_current_same_time.pass.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/config_and_current_same_time.pass.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
 # packages = crypto-policies-scripts
 
 # IMPORTANT: This is a false negative scenario.
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/config_newer_than_current.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/config_newer_than_current.fail.sh
index 86f92f01d..446899d74 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/config_newer_than_current.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/config_newer_than_current.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
 # packages = crypto-policies-scripts
 
 update-crypto-policies --set "DEFAULT"
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/missing_nss_config.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/missing_nss_config.fail.sh
index eabefa55c..77fef76c7 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/missing_nss_config.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/missing_nss_config.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
 # profiles = xccdf_org.ssgproject.content_profile_ospp
 # packages = crypto-policies-scripts
 
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/missing_policy.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/missing_policy.fail.sh
index 261dc3f96..14162c91b 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/missing_policy.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/missing_policy.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9
 # profiles = xccdf_org.ssgproject.content_profile_ospp, xccdf_org.ssgproject.content_profile_standard
 # packages = crypto-policies-scripts
 
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/missing_policy_file.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/missing_policy_file.fail.sh
index 356aa3ffe..d68c61790 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/missing_policy_file.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/missing_policy_file.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9
 # profiles = xccdf_org.ssgproject.content_profile_ospp, xccdf_org.ssgproject.content_profile_standard
 # packages = crypto-policies-scripts
 
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/nss_config_as_file.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/nss_config_as_file.pass.sh
index 311b8ef26..105040173 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/nss_config_as_file.pass.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/nss_config_as_file.pass.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
 # profiles = xccdf_org.ssgproject.content_profile_ospp
 # packages = crypto-policies-scripts
 
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/nss_config_as_symlink.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/nss_config_as_symlink.pass.sh
index adfd91745..282d77221 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/nss_config_as_symlink.pass.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/nss_config_as_symlink.pass.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
 # profiles = xccdf_org.ssgproject.content_profile_ospp
 # packages = crypto-policies-scripts
 
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_default_nosha1_set.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_default_nosha1_set.pass.sh
index a2107d146..d9c3f0b6a 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_default_nosha1_set.pass.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_default_nosha1_set.pass.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9
 # profiles = xccdf_org.ssgproject.content_profile_e8
 # packages = crypto-policies-scripts
 
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_default_set.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_default_set.pass.sh
index b06e035fa..6635de3dc 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_default_set.pass.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_default_set.pass.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9
 # profiles = xccdf_org.ssgproject.content_profile_standard
 # packages = crypto-policies-scripts
 
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_fips_ospp_set.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_fips_ospp_set.pass.sh
index 4437e369a..a35996eba 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_fips_ospp_set.pass.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_fips_ospp_set.pass.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
 # profiles = xccdf_org.ssgproject.content_profile_ospp
 # packages = crypto-policies-scripts
 
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/wrong_policy.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/wrong_policy.fail.sh
index 9461c3ddd..54a9e50d6 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/wrong_policy.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/wrong_policy.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9
 # profiles = xccdf_org.ssgproject.content_profile_ospp, xccdf_org.ssgproject.content_profile_standard
 # packages = crypto-policies-scripts
 
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_gnutls_tls_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/configure_gnutls_tls_crypto_policy/rule.yml
index 55b77f667..19f3893df 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_gnutls_tls_crypto_policy/rule.yml
+++ b/linux_os/guide/system/software/integrity/crypto/configure_gnutls_tls_crypto_policy/rule.yml
@@ -29,7 +29,7 @@ references:
     nist: AC-17(2)
     srg: SRG-OS-000250-GPOS-00093,SRG-OS-000423-GPOS-00187
     stigid@ol8: OL08-00-010295
-    stigid@rhel8: RHEL-08-010295
+    stigid@almalinux8: RHEL-08-010295
 
 ocil_clause: 'cryptographic policy for gnutls is not configured or is configured incorrectly'
 
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_gnutls_tls_crypto_policy/tests/correct.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_gnutls_tls_crypto_policy/tests/correct.pass.sh
index 79d8682d3..6b261f2b3 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_gnutls_tls_crypto_policy/tests/correct.pass.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_gnutls_tls_crypto_policy/tests/correct.pass.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8,multi_platform_fedora
 
 configfile=/etc/crypto-policies/back-ends/gnutls.config
 
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_gnutls_tls_crypto_policy/tests/empty_policy.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_gnutls_tls_crypto_policy/tests/empty_policy.fail.sh
index 3084ec761..c85240dc3 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_gnutls_tls_crypto_policy/tests/empty_policy.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_gnutls_tls_crypto_policy/tests/empty_policy.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8,multi_platform_fedora
 
 configfile=/etc/crypto-policies/back-ends/gnutls.config
 
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_gnutls_tls_crypto_policy/tests/incorrect_policy.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_gnutls_tls_crypto_policy/tests/incorrect_policy.fail.sh
index bfaadc713..c4b209ce9 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_gnutls_tls_crypto_policy/tests/incorrect_policy.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_gnutls_tls_crypto_policy/tests/incorrect_policy.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8,multi_platform_fedora
 
 configfile=/etc/crypto-policies/back-ends/gnutls.config
 
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_gnutls_tls_crypto_policy/tests/missing_file.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_gnutls_tls_crypto_policy/tests/missing_file.fail.sh
index 3776d35aa..d1c88830e 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_gnutls_tls_crypto_policy/tests/missing_file.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_gnutls_tls_crypto_policy/tests/missing_file.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8,multi_platform_fedora
 
 configfile=/etc/crypto-policies/back-ends/gnutls.config
 
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/rule.yml
index f7785a436..dce2f358a 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/rule.yml
+++ b/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/rule.yml
@@ -30,7 +30,7 @@ references:
     nist: SC-13,SC-12(2),SC-12(3)
     srg: SRG-OS-000120-GPOS-00061
     stigid@ol8: OL08-00-010020
-    stigid@rhel8: RHEL-08-010020
+    stigid@almalinux8: RHEL-08-010020
 
 ocil_clause: 'the symlink does not exist or points to a different target'
 
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/tests/kerberos_correct_policy.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/tests/kerberos_correct_policy.pass.sh
index 4834387dc..fdf9d4547 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/tests/kerberos_correct_policy.pass.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/tests/kerberos_correct_policy.pass.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9
 
 rm -f /etc/krb5.conf.d/crypto-policies
 ln -s /etc/crypto-policies/back-ends/krb5.config /etc/krb5.conf.d/crypto-policies
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/tests/kerberos_missing_policy.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/tests/kerberos_missing_policy.fail.sh
index 97ccc0590..2f77ad9d5 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/tests/kerberos_missing_policy.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/tests/kerberos_missing_policy.fail.sh
@@ -1,4 +1,4 @@
 #!/bin/bash
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9
 
 rm -f /etc/krb5.conf.d/crypto-policies
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/tests/kerberos_wrong_policy.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/tests/kerberos_wrong_policy.fail.sh
index 4eb5348f2..2437eb0a9 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/tests/kerberos_wrong_policy.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/tests/kerberos_wrong_policy.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9
 
 rm -f /etc/krb5.conf.d/crypto-policies
 ln -s /etc/crypto-policies/back-ends/openssh.config /etc/krb5.conf.d/crypto-policies
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/rule.yml
index eebc3f626..40cc3e8fb 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/rule.yml
+++ b/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/rule.yml
@@ -36,7 +36,7 @@ references:
     pcidss: Req-2.2
     srg: SRG-OS-000033-GPOS-00014
     stigid@ol8: OL08-00-010020
-    stigid@rhel8: RHEL-08-010020
+    stigid@almalinux8: RHEL-08-010020
 
 ocil_clause: |-
     the "IPsec" service is active and the ipsec configuration file does not contain does not contain include /etc/crypto-policies/back-ends/libreswan.config
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/libreswan_not_installed.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/libreswan_not_installed.pass.sh
index 9379b5ff3..413c8e12d 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/libreswan_not_installed.pass.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/libreswan_not_installed.pass.sh
@@ -1,4 +1,4 @@
 #!/bin/bash
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9
 
 {{{ bash_package_remove("libreswan") }}}
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/line_commented.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/line_commented.fail.sh
index 439da4978..022175e8c 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/line_commented.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/line_commented.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = libreswan
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9
 
 
 cp ipsec.conf /etc
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/line_is_there.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/line_is_there.pass.sh
index fbc8f1001..bac77db76 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/line_is_there.pass.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/line_is_there.pass.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = libreswan
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9
 
 
 cp ipsec.conf /etc
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/line_not_there.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/line_not_there.fail.sh
index 70f822342..e51b8c54e 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/line_not_there.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/line_not_there.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = libreswan
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9
 
 
 cp ipsec.conf /etc
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/wrong_value.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/wrong_value.fail.sh
index 2863c6102..495d4eab8 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/wrong_value.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/wrong_value.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = libreswan
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9
 
 
 cp ipsec.conf /etc
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/rule.yml
index 20101a46a..65845042a 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/rule.yml
+++ b/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/rule.yml
@@ -46,7 +46,7 @@ references:
     pcidss: Req-2.2
     srg: SRG-OS-000250-GPOS-00093
     stigid@ol8: OL08-00-010293
-    stigid@rhel8: RHEL-08-010293
+    stigid@almalinux8: RHEL-08-010293
 
 ocil_clause: |-
     the OpenSSL config file doesn't contain the whole section,
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/include_with_equal_sign.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/include_with_equal_sign.pass.sh
index 8ccb6cef9..cdf72ad5d 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/include_with_equal_sign.pass.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/include_with_equal_sign.pass.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9
 
 . common.sh
 
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/nothing.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/nothing.fail.sh
index edeca90f0..825e9d317 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/nothing.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/nothing.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_sle
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,multi_platform_sle
 
 . common.sh
 
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/ok.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/ok.pass.sh
index 8c509ef32..1fa987aeb 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/ok.pass.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/ok.pass.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_sle
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,multi_platform_sle
 
 . common.sh
 
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/section_not_include.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/section_not_include.fail.sh
index 1c9342e23..ea97c0c2e 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/section_not_include.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/section_not_include.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_sle
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,multi_platform_sle
 
 . common.sh
 
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/wrong.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/wrong.fail.sh
index 1b2ea8d80..085f6172d 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/wrong.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/wrong.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_sle
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,multi_platform_sle
 
 . common.sh
 
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/rule.yml
index 189529be0..770a9a9fa 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/rule.yml
+++ b/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/rule.yml
@@ -45,7 +45,7 @@ references:
     nist: AC-17(2)
     srg: SRG-OS-000125-GPOS-00065,SRG-OS-000250-GPOS-00093,SRG-OS-000393-GPOS-00173,SRG-OS-000394-GPOS-00174
     stigid@ol8: OL08-00-010294
-    stigid@rhel8: RHEL-08-010294
+    stigid@almalinux8: RHEL-08-010294
 
 ocil_clause: 'cryptographic policy for openssl is not configured or is configured incorrectly'
 
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/correct.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/correct.pass.sh
index 48ccb9b98..8737c085c 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/correct.pass.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/correct.pass.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,Oracle Linux 8,Red Hat Enterprise Linux 8
+# platform = multi_platform_fedora,Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 
 configfile=/etc/crypto-policies/back-ends/opensslcnf.config
 
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/correct_commented.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/correct_commented.fail.sh
index 8d84292b3..596fc1a1d 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/correct_commented.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/correct_commented.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,Oracle Linux 8,Red Hat Enterprise Linux 8
+# platform = multi_platform_fedora,Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 
 configfile=/etc/crypto-policies/back-ends/opensslcnf.config
 
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/correct_followed_by_incorrect.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/correct_followed_by_incorrect.fail.sh
index 3a17e7865..0628c5a37 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/correct_followed_by_incorrect.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/correct_followed_by_incorrect.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,Oracle Linux 8,Red Hat Enterprise Linux 8
+# platform = multi_platform_fedora,Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 
 configfile=/etc/crypto-policies/back-ends/opensslcnf.config
 
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/empty_policy.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/empty_policy.fail.sh
index 209a6bd40..942a24877 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/empty_policy.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/empty_policy.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,Oracle Linux 8,Red Hat Enterprise Linux 8
+# platform = multi_platform_fedora,Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 
 configfile=/etc/crypto-policies/back-ends/opensslcnf.config
 
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/incorrect_followed_by_correct.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/incorrect_followed_by_correct.pass.sh
index 26d67f1e9..5b1007a3e 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/incorrect_followed_by_correct.pass.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/incorrect_followed_by_correct.pass.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,Oracle Linux 8,Red Hat Enterprise Linux 8
+# platform = multi_platform_fedora,Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 
 configfile=/etc/crypto-policies/back-ends/opensslcnf.config
 
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/incorrect_policy.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/incorrect_policy.fail.sh
index a8fb8a6b8..b22446eec 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/incorrect_policy.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/incorrect_policy.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,Oracle Linux 8,Red Hat Enterprise Linux 8
+# platform = multi_platform_fedora,Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 
 configfile=/etc/crypto-policies/back-ends/opensslcnf.config
 
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/missing_file.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/missing_file.fail.sh
index 1593ce8ae..948525def 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/missing_file.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/missing_file.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,Oracle Linux 8,Red Hat Enterprise Linux 8
+# platform = multi_platform_fedora,Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 
 configfile=/etc/crypto-policies/back-ends/opensslcnf.config
 
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/rule.yml
index d16504f26..e843d36e2 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/rule.yml
+++ b/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/rule.yml
@@ -33,7 +33,7 @@ references:
     pcidss: Req-2.2
     srg: SRG-OS-000250-GPOS-00093
     stigid@ol8: OL08-00-010287
-    stigid@rhel8: RHEL-08-010287
+    stigid@almalinux8: RHEL-08-010287
 
 ocil_clause: 'the CRYPTO_POLICY variable is set or is not commented out in the /etc/sysconfig/sshd'
 
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/absent.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/absent.pass.sh
index 96ae6a064..0d48f0866 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/absent.pass.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/absent.pass.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 #
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9
 
 SSH_CONF="/etc/sysconfig/sshd"
 
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/case_insensitive_present.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/case_insensitive_present.fail.sh
index 6ab33f749..524bfa25f 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/case_insensitive_present.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/case_insensitive_present.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 #
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9
 
 SSH_CONF="/etc/sysconfig/sshd"
 
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/comment.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/comment.pass.sh
index bcea9badc..7cd346822 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/comment.pass.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/comment.pass.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 #
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9
 
 SSH_CONF="/etc/sysconfig/sshd"
 
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/no_config_file.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/no_config_file.pass.sh
index ea6d23ee1..abcf16f6d 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/no_config_file.pass.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/no_config_file.pass.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 #
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9
 
 SSH_CONF="/etc/sysconfig/sshd"
 
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/overrides.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/overrides.fail.sh
index a6e7c89da..5bb0037d0 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/overrides.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/overrides.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 #
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9
 
 SSH_CONF="/etc/sysconfig/sshd"
 
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/ansible/shared.yml b/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/ansible/shared.yml
index d530f4b76..948225470 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/ansible/shared.yml
+++ b/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = Red Hat Enterprise Linux 8
+# platform = Red Hat Enterprise Linux 8,AlmaLinux OS 8
 # reboot = true
 # strategy = restrict
 # complexity = low
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/bash/shared.sh b/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/bash/shared.sh
index cd7c4fb6c..8476281a3 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/bash/shared.sh
+++ b/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Virtualization 4,multi_platform_fedora
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Virtualization 4,multi_platform_fedora
 
 cp="Ciphersuites = TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256"
 file="/etc/crypto-policies/local.d/opensslcnf-ospp.config"
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/tests/correct.pass.sh b/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/tests/correct.pass.sh
index 0debb6c70..40c9d7cba 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/tests/correct.pass.sh
+++ b/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/tests/correct.pass.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 
 configfile=/etc/crypto-policies/back-ends/opensslcnf.config
 
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/tests/correct_commented.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/tests/correct_commented.fail.sh
index b1f745b69..e8d13c094 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/tests/correct_commented.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/tests/correct_commented.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 
 configfile=/etc/crypto-policies/back-ends/opensslcnf.config
 
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/tests/correct_followed_by_incorrect.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/tests/correct_followed_by_incorrect.fail.sh
index a01e5d137..9bf36062d 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/tests/correct_followed_by_incorrect.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/tests/correct_followed_by_incorrect.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 
 configfile=/etc/crypto-policies/back-ends/opensslcnf.config
 
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/tests/empty_policy.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/tests/empty_policy.fail.sh
index d6fa6598a..25c59176a 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/tests/empty_policy.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/tests/empty_policy.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 
 configfile=/etc/crypto-policies/back-ends/opensslcnf.config
 
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/tests/incorrect_followed_by_correct.pass.sh b/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/tests/incorrect_followed_by_correct.pass.sh
index 573375dce..3b7e4d562 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/tests/incorrect_followed_by_correct.pass.sh
+++ b/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/tests/incorrect_followed_by_correct.pass.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 
 configfile=/etc/crypto-policies/back-ends/opensslcnf.config
 
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/tests/incorrect_policy.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/tests/incorrect_policy.fail.sh
index eecad423a..4c8717285 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/tests/incorrect_policy.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/tests/incorrect_policy.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 
 configfile=/etc/crypto-policies/back-ends/opensslcnf.config
 
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/tests/missing_file.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/tests/missing_file.fail.sh
index 7a3b7c32e..b902cf760 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/tests/missing_file.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/tests/missing_file.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 
 configfile=/etc/crypto-policies/back-ends/opensslcnf.config
 
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/commented_cipher.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/commented_cipher.fail.sh
index 17bf0e679..aac1d2d78 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/commented_cipher.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/commented_cipher.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 
 file="/etc/ssh/ssh_config.d/02-ospp.conf"
 echo -e "Match final all\n\
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/commented_gssapi.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/commented_gssapi.fail.sh
index 9b8e954f2..6b76f9c7d 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/commented_gssapi.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/commented_gssapi.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 
 file="/etc/ssh/ssh_config.d/02-ospp.conf"
 echo -e "Match final all\n\
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/commented_kex.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/commented_kex.fail.sh
index 63538daac..4773a5633 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/commented_kex.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/commented_kex.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 
 file="/etc/ssh/ssh_config.d/02-ospp.conf"
 echo -e "Match final all\n\
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/commented_macs.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/commented_macs.fail.sh
index 4460f1910..004d32540 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/commented_macs.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/commented_macs.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 
 file="/etc/ssh/ssh_config.d/02-ospp.conf"
 echo -e "Match final all\n\
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/commented_match.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/commented_match.fail.sh
index 7c54b4244..7532e78d1 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/commented_match.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/commented_match.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 
 file="/etc/ssh/ssh_config.d/02-ospp.conf"
 echo -e "#Match final all\n\
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/commented_pubkey.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/commented_pubkey.fail.sh
index 9da3614e8..fb3aa50b3 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/commented_pubkey.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/commented_pubkey.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 
 file="/etc/ssh/ssh_config.d/02-ospp.conf"
 echo -e "Match final all\n\
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/commented_rekey.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/commented_rekey.fail.sh
index 3c198dd33..8c1e96b8c 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/commented_rekey.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/commented_rekey.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 
 file="/etc/ssh/ssh_config.d/02-ospp.conf"
 echo -e "Match final all\n\
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/config_before_match_all.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/config_before_match_all.fail.sh
index 05bccf0f0..15a612223 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/config_before_match_all.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/config_before_match_all.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 
 file="/etc/ssh/ssh_config.d/02-ospp.conf"
 echo -e "Ciphers aes256-ctr,aes256-cbc,aes128-ctr,aes128-cbc\n\
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/correct.pass.sh b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/correct.pass.sh
index 7a7b44aa6..a3ddb66f0 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/correct.pass.sh
+++ b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/correct.pass.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 
 file="/etc/ssh/ssh_config.d/02-ospp.conf"
 echo -e "Match final all\n\
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/missing.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/missing.fail.sh
index 352c09202..4a9852eab 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/missing.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/missing.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 
 file="/etc/ssh/ssh_config.d/02-ospp.conf"
 rm -f "$file"
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/missing_ciphers.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/missing_ciphers.fail.sh
index 7e433ef02..b453a5f5d 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/missing_ciphers.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/missing_ciphers.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 
 file="/etc/ssh/ssh_config.d/02-ospp.conf"
 echo -e "Match final all\n\
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/missing_gssapi.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/missing_gssapi.fail.sh
index 5b9c44d10..374615673 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/missing_gssapi.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/missing_gssapi.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 
 file="/etc/ssh/ssh_config.d/02-ospp.conf"
 echo -e "Match final all\n\
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/missing_kex.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/missing_kex.fail.sh
index 40957c0fc..eaa14323c 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/missing_kex.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/missing_kex.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 
 file="/etc/ssh/ssh_config.d/02-ospp.conf"
 echo -e "Match final all\n\
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/missing_macs.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/missing_macs.fail.sh
index ec44ce925..f4da72ea4 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/missing_macs.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/missing_macs.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 
 file="/etc/ssh/ssh_config.d/02-ospp.conf"
 echo -e "Match final all\n\
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/missing_match.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/missing_match.fail.sh
index 1310f724a..500896349 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/missing_match.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/missing_match.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 
 file="/etc/ssh/ssh_config.d/02-ospp.conf"
 echo -e "RekeyLimit 512M 1h\n\
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/missing_pubkey.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/missing_pubkey.fail.sh
index d4ec1fe7a..21f230b73 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/missing_pubkey.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/missing_pubkey.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 
 file="/etc/ssh/ssh_config.d/02-ospp.conf"
 echo -e "Match final all\n\
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/missing_rekey.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/missing_rekey.fail.sh
index 91976a672..68d97fa62 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/missing_rekey.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/missing_rekey.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 
 file="/etc/ssh/ssh_config.d/02-ospp.conf"
 echo -e "Match final all\n\
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/redefined_gssapi.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/redefined_gssapi.fail.sh
index 259cf23a8..98e53ae6d 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/redefined_gssapi.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/redefined_gssapi.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 
 file="/etc/ssh/ssh_config.d/02-ospp.conf"
 echo -e "Match final all\n\
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/redefined_gssapi.pass.sh b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/redefined_gssapi.pass.sh
index c933ac991..e46dc9214 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/redefined_gssapi.pass.sh
+++ b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/redefined_gssapi.pass.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 
 file="/etc/ssh/ssh_config.d/02-ospp.conf"
 echo -e "Match final all\n\
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/supercompliant_cipher.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/supercompliant_cipher.fail.sh
index 7ff44b61f..6f5ab070f 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/supercompliant_cipher.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/supercompliant_cipher.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 
 file="/etc/ssh/ssh_config.d/02-ospp.conf"
 echo -e "Match final all\n\
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/supercompliant_kex.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/supercompliant_kex.fail.sh
index 24e709eae..34b5d0763 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/supercompliant_kex.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/supercompliant_kex.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 
 file="/etc/ssh/ssh_config.d/02-ospp.conf"
 echo -e "Match final all\n\
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/supercompliant_macs.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/supercompliant_macs.fail.sh
index a25f9a304..0df6350f6 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/supercompliant_macs.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/supercompliant_macs.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 
 file="/etc/ssh/ssh_config.d/02-ospp.conf"
 echo -e "Match final all\n\
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/supercompliant_pubkey.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/supercompliant_pubkey.fail.sh
index 269d73db7..9309bf2f3 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/supercompliant_pubkey.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/supercompliant_pubkey.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 
 file="/etc/ssh/ssh_config.d/02-ospp.conf"
 echo -e "Match final all\n\
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/wrong_ciphers.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/wrong_ciphers.fail.sh
index 2f7ca2692..ded3e3475 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/wrong_ciphers.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/wrong_ciphers.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 
 file="/etc/ssh/ssh_config.d/02-ospp.conf"
 echo -e "Match final all\n\
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/wrong_kex.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/wrong_kex.fail.sh
index 77ea3eaa6..ccc995658 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/wrong_kex.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/wrong_kex.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 
 file="/etc/ssh/ssh_config.d/02-ospp.conf"
 echo -e "Match final all\n\
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/wrong_macs.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/wrong_macs.fail.sh
index 3e1a9f78d..5f07bb87f 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/wrong_macs.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/wrong_macs.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 
 file="/etc/ssh/ssh_config.d/02-ospp.conf"
 echo -e "Match final all\n\
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/wrong_pubkey.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/wrong_pubkey.fail.sh
index b6ff5881d..1303a0bf3 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/wrong_pubkey.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/wrong_pubkey.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 
 file="/etc/ssh/ssh_config.d/02-ospp.conf"
 echo -e "Match final all\n\
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/ansible/shared.yml b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/ansible/shared.yml
index 3234911f5..7213fca2d 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/ansible/shared.yml
+++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,multi_platform_fedora
 # reboot = true
 # strategy = restrict
 # complexity = low
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/bash/shared.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/bash/shared.sh
index 6db8f9654..8a986c8c1 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/bash/shared.sh
+++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8,multi_platform_fedora
 
 {{{ bash_instantiate_variables("sshd_approved_ciphers") }}}
 
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/rule.yml
index 4f2429fec..377144c32 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/rule.yml
+++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/rule.yml
@@ -31,7 +31,7 @@ references:
     nist: AC-17(2)
     srg: SRG-OS-000033-GPOS-00014,SRG-OS-000125-GPOS-00065,SRG-OS-000250-GPOS-00093,SRG-OS-000393-GPOS-00173,SRG-OS-000394-GPOS-00174,SRG-OS-000423-GPOS-00187
     stigid@ol8: OL08-00-010020
-    stigid@rhel8: RHEL-08-010020
+    stigid@almalinux8: RHEL-08-010020
 
 ocil_clause: 'Crypto Policy for OpenSSH client is not configured correctly'
 
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_correct.pass.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_correct.pass.sh
index c657d38e4..eae98c675 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_correct.pass.sh
+++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_correct.pass.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,multi_platform_fedora
 # variables = sshd_approved_ciphers=aes256-ctr,aes192-ctr,aes128-ctr
 
 sshd_approved_ciphers=aes256-ctr,aes192-ctr,aes128-ctr
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_correct_commented.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_correct_commented.fail.sh
index 47db65982..37a181623 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_correct_commented.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_correct_commented.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,multi_platform_fedora
 # variables = sshd_approved_ciphers=aes256-ctr,aes192-ctr,aes128-ctr
 
 sshd_approved_ciphers=aes256-ctr,aes192-ctr,aes128-ctr
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_correct_followed_by_incorrect_commented.pass.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_correct_followed_by_incorrect_commented.pass.sh
index 48df6a59e..c2d19d237 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_correct_followed_by_incorrect_commented.pass.sh
+++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_correct_followed_by_incorrect_commented.pass.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,multi_platform_fedora
 # variables = sshd_approved_ciphers=aes256-ctr,aes192-ctr,aes128-ctr
 
 sshd_approved_ciphers=aes256-ctr,aes192-ctr,aes128-ctr
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_empty_file.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_empty_file.fail.sh
index 5d8ccfabc..5fa05499b 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_empty_file.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_empty_file.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,multi_platform_fedora
 # variables = sshd_approved_ciphers=aes256-ctr,aes192-ctr,aes128-ctr
 
 configfile=/etc/crypto-policies/back-ends/openssh.config
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_empty_policy.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_empty_policy.fail.sh
index 3ed3703ad..b91f06095 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_empty_policy.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_empty_policy.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,multi_platform_fedora
 # variables = sshd_approved_ciphers=aes256-ctr,aes192-ctr,aes128-ctr
 
 configfile=/etc/crypto-policies/back-ends/openssh.config
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_incorrect_followed_by_correct_commented.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_incorrect_followed_by_correct_commented.fail.sh
index 8581790de..8e48ad862 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_incorrect_followed_by_correct_commented.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_incorrect_followed_by_correct_commented.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,multi_platform_fedora
 # variables = sshd_approved_ciphers=aes256-ctr,aes192-ctr,aes128-ctr
 
 sshd_approved_ciphers=aes256-ctr,aes192-ctr,aes128-ctr
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_incorrect_policy.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_incorrect_policy.fail.sh
index ccc41132d..ffe418964 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_incorrect_policy.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_incorrect_policy.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,multi_platform_fedora
 # variables = sshd_approved_ciphers=aes256-ctr,aes192-ctr,aes128-ctr
 
 incorrect_sshd_approved_ciphers=aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,aes256-ctr,aes256-cbc
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_missing_file.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_missing_file.fail.sh
index 1a198d67d..28e1f4239 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_missing_file.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_missing_file.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,multi_platform_fedora
 # variables = sshd_approved_ciphers=aes256-ctr,aes192-ctr,aes128-ctr
 
 configfile=/etc/crypto-policies/back-ends/openssh.config
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/ansible/shared.yml b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/ansible/shared.yml
index e83aeb894..b1c1a548e 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/ansible/shared.yml
+++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8,multi_platform_fedora
 # reboot = true
 # strategy = restrict
 # complexity = low
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/bash/shared.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/bash/shared.sh
index 365136d0c..b6386ea66 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/bash/shared.sh
+++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8,multi_platform_fedora
 
 {{{ bash_instantiate_variables("sshd_approved_ciphers") }}}
 
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/oval/shared.xml b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/oval/shared.xml
index 41994d946..3fc7c8a03 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/oval/shared.xml
+++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/oval/shared.xml
@@ -16,7 +16,7 @@
 
   
     {{{ PATH }}}
-    {{%- if product in ["ol8", "rhel8"] -%}}
+    {{%- if product in ["ol8", "rhel8", "almalinux8"] -%}}
     ^(?!#).*-oCiphers=([^\s']+).*$
     {{%- else -%}}
     ^(?!#).*Ciphers\s+([^\s']+).*$
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/rule.yml
index 5d5b47d86..e45953b86 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/rule.yml
+++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/rule.yml
@@ -31,7 +31,7 @@ references:
     nist: AC-17(2)
     srg: SRG-OS-000125-GPOS-00065,SRG-OS-000250-GPOS-00093
     stigid@ol8: OL08-00-010291
-    stigid@rhel8: RHEL-08-010291
+    stigid@almalinux8: RHEL-08-010291
 
 ocil_clause: 'Crypto Policy for OpenSSH Server is not configured correctly'
 
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/tests/rhel8_stig_correct.pass.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/tests/rhel8_stig_correct.pass.sh
index 34b69406a..e9db9581c 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/tests/rhel8_stig_correct.pass.sh
+++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/tests/rhel8_stig_correct.pass.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 # variables = sshd_approved_ciphers=aes256-ctr,aes192-ctr,aes128-ctr,aes256-gcm@openssh.com,aes128-gcm@openssh.com
 
 sshd_approved_ciphers=aes256-ctr,aes192-ctr,aes128-ctr,aes256-gcm@openssh.com,aes128-gcm@openssh.com
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/tests/rhel8_stig_empty_policy.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/tests/rhel8_stig_empty_policy.fail.sh
index 60b4616ce..0eb1eb684 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/tests/rhel8_stig_empty_policy.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/tests/rhel8_stig_empty_policy.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 # variables = sshd_approved_ciphers=aes256-ctr,aes192-ctr,aes128-ctr,aes256-gcm@openssh.com,aes128-gcm@openssh.com
 
 configfile=/etc/crypto-policies/back-ends/opensshserver.config
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/tests/rhel8_stig_incorrect_policy.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/tests/rhel8_stig_incorrect_policy.fail.sh
index 3eca150b3..0204aeef4 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/tests/rhel8_stig_incorrect_policy.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/tests/rhel8_stig_incorrect_policy.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 # variables = sshd_approved_ciphers=aes256-ctr,aes192-ctr,aes128-ctr,aes256-gcm@openssh.com,aes128-gcm@openssh.com
 
 configfile=/etc/crypto-policies/back-ends/opensshserver.config
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/tests/rhel8_stig_missing_file.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/tests/rhel8_stig_missing_file.fail.sh
index f8659efcf..d7ebad288 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/tests/rhel8_stig_missing_file.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/tests/rhel8_stig_missing_file.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 # variables = sshd_approved_ciphers=aes256-ctr,aes192-ctr,aes128-ctr,aes256-gcm@openssh.com,aes128-gcm@openssh.com
 
 configfile=/etc/crypto-policies/back-ends/opensshserver.config
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/bash/shared.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/bash/shared.sh
index 7a9a2a5e9..0c3343149 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/bash/shared.sh
+++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Virtualization 4,multi_platform_fedora
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Virtualization 4,multi_platform_fedora
 
 cp="CRYPTO_POLICY='-oCiphers=aes256-ctr,aes128-ctr,aes256-cbc,aes128-cbc -oMACs=hmac-sha2-512,hmac-sha2-256 -oGSSAPIKeyExchange=no -oKexAlgorithms=ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256,diffie-hellman-group14-sha1 -oHostKeyAlgorithms=ssh-rsa,ecdsa-sha2-nistp384,ecdsa-sha2-nistp256 -oPubkeyAcceptedKeyTypes=rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp384,ecdsa-sha2-nistp256'"
 file=/etc/crypto-policies/local.d/opensshserver-ospp.config
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/tests/correct.pass.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/tests/correct.pass.sh
index d0541b7ab..00a3a11e6 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/tests/correct.pass.sh
+++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/tests/correct.pass.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 
 configfile=/etc/crypto-policies/back-ends/opensshserver.config
 
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/tests/correct_commented.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/tests/correct_commented.fail.sh
index 44434606d..b12acbab8 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/tests/correct_commented.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/tests/correct_commented.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 
 configfile=/etc/crypto-policies/back-ends/opensshserver.config
 
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/tests/correct_followed_by_incorrect.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/tests/correct_followed_by_incorrect.fail.sh
index a92227669..e52946e02 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/tests/correct_followed_by_incorrect.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/tests/correct_followed_by_incorrect.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 
 configfile=/etc/crypto-policies/back-ends/opensshserver.config
 
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/tests/empty_file.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/tests/empty_file.fail.sh
index b1e285f9b..237e32c8b 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/tests/empty_file.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/tests/empty_file.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 
 configfile=/etc/crypto-policies/back-ends/opensshserver.config
 
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/tests/empty_policy.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/tests/empty_policy.fail.sh
index 754195e43..de5500adb 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/tests/empty_policy.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/tests/empty_policy.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 
 configfile=/etc/crypto-policies/back-ends/opensshserver.config
 
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/tests/incorrect_followed_by_correct.pass.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/tests/incorrect_followed_by_correct.pass.sh
index 8bf264dcd..378503a0f 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/tests/incorrect_followed_by_correct.pass.sh
+++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/tests/incorrect_followed_by_correct.pass.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 
 configfile=/etc/crypto-policies/back-ends/opensshserver.config
 
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/tests/incorrect_policy.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/tests/incorrect_policy.fail.sh
index a76346699..81ae97a3e 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/tests/incorrect_policy.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/tests/incorrect_policy.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 
 configfile=/etc/crypto-policies/back-ends/opensshserver.config
 
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/tests/missing_file.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/tests/missing_file.fail.sh
index 1928d2cfe..ad090c367 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/tests/missing_file.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/tests/missing_file.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 
 configfile=/etc/crypto-policies/back-ends/opensshserver.config
 
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/ansible/shared.yml b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/ansible/shared.yml
index c1ea94ce0..8afe5ea62 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/ansible/shared.yml
+++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8,multi_platform_fedora
 # reboot = true
 # strategy = restrict
 # complexity = low
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/bash/shared.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/bash/shared.sh
index 451da4db3..01f233fc4 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/bash/shared.sh
+++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8,multi_platform_fedora
 
 {{{ bash_instantiate_variables("sshd_approved_macs") }}}
 
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/rule.yml
index 902ef3559..d25a25aca 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/rule.yml
+++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/rule.yml
@@ -29,7 +29,7 @@ references:
     nist: AC-17(2)
     srg: SRG-OS-000125-GPOS-00065,SRG-OS-000250-GPOS-00093
     stigid@ol8: OL08-00-010290
-    stigid@rhel8: RHEL-08-010020
+    stigid@almalinux8: RHEL-08-010020
 
 ocil_clause: 'Crypto Policy for OpenSSH client is not configured correctly'
 
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_correct.pass.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_correct.pass.sh
index 49d18486f..99f92bed4 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_correct.pass.sh
+++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_correct.pass.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8,multi_platform_fedora
 # variables = sshd_approved_macs=hmac-sha2-512,hmac-sha2-256,hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com
 
 sshd_approved_macs=hmac-sha2-512,hmac-sha2-256,hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_correct_commented.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_correct_commented.fail.sh
index b068e2ea4..bc991d899 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_correct_commented.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_correct_commented.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8,multi_platform_fedora
 # variables = sshd_approved_macs=hmac-sha2-512,hmac-sha2-256,hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com
 
 sshd_approved_macs=hmac-sha2-512,hmac-sha2-256,hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_correct_followed_by_incorrect_commented.pass.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_correct_followed_by_incorrect_commented.pass.sh
index f57f42270..364985b8a 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_correct_followed_by_incorrect_commented.pass.sh
+++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_correct_followed_by_incorrect_commented.pass.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8,multi_platform_fedora
 # variables = sshd_approved_macs=hmac-sha2-512,hmac-sha2-256,hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com
 
 sshd_approved_macs=hmac-sha2-512,hmac-sha2-256,hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_empty_file.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_empty_file.fail.sh
index 32d81d353..454f95db7 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_empty_file.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_empty_file.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8,multi_platform_fedora
 # profiles = xccdf_org.ssgproject.content_profile_stig
 
 configfile=/etc/crypto-policies/back-ends/openssh.config
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_empty_policy.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_empty_policy.fail.sh
index be78ed116..67b7439bf 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_empty_policy.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_empty_policy.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8,multi_platform_fedora
 # profiles = xccdf_org.ssgproject.content_profile_stig
 
 configfile=/etc/crypto-policies/back-ends/openssh.config
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_incorrect_followed_by_correct_commented.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_incorrect_followed_by_correct_commented.fail.sh
index 999463e1c..9fd9ee429 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_incorrect_followed_by_correct_commented.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_incorrect_followed_by_correct_commented.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8,multi_platform_fedora
 # variables = sshd_approved_macs=hmac-sha2-512,hmac-sha2-256,hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com
 
 sshd_approved_macs=hmac-sha2-512,hmac-sha2-256,hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_incorrect_policy.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_incorrect_policy.fail.sh
index 0114a63ab..dcef5de40 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_incorrect_policy.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_incorrect_policy.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8,multi_platform_fedora
 # profiles = xccdf_org.ssgproject.content_profile_stig
 
 configfile=/etc/crypto-policies/back-ends/openssh.config
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_missing_file.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_missing_file.fail.sh
index 4f335aebc..e50f36bfa 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_missing_file.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_missing_file.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8,multi_platform_fedora
 # profiles = xccdf_org.ssgproject.content_profile_stig
 
 configfile=/etc/crypto-policies/back-ends/openssh.config
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/ansible/shared.yml b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/ansible/shared.yml
index 6a0e45947..ee0d1a562 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/ansible/shared.yml
+++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8,multi_platform_fedora
 # reboot = true
 # strategy = restrict
 # complexity = low
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/bash/shared.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/bash/shared.sh
index 18388a11a..44fe61f7c 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/bash/shared.sh
+++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8,multi_platform_fedora
 
 {{{ bash_instantiate_variables("sshd_approved_macs") }}}
 
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/rule.yml
index d7c054c99..d2b719876 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/rule.yml
+++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/rule.yml
@@ -29,7 +29,7 @@ references:
     nist: AC-17(2)
     srg: SRG-OS-000125-GPOS-00065,SRG-OS-000250-GPOS-00093
     stigid@ol8: OL08-00-010290
-    stigid@rhel8: RHEL-08-010290
+    stigid@almalinux8: RHEL-08-010290
 
 ocil_clause: 'Crypto Policy for OpenSSH Server is not configured correctly'
 
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/tests/rhel8_stig_correct.pass.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/tests/rhel8_stig_correct.pass.sh
index df9a2844e..68b1fbcc3 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/tests/rhel8_stig_correct.pass.sh
+++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/tests/rhel8_stig_correct.pass.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 # variables = sshd_approved_macs=hmac-sha2-512,hmac-sha2-256,hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com
 
 sshd_approved_macs=hmac-sha2-512,hmac-sha2-256,hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/tests/rhel8_stig_empty_policy.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/tests/rhel8_stig_empty_policy.fail.sh
index eef727791..af6f0a110 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/tests/rhel8_stig_empty_policy.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/tests/rhel8_stig_empty_policy.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 # variables = sshd_approved_macs=hmac-sha2-512,hmac-sha2-256,hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com
 
 configfile=/etc/crypto-policies/back-ends/opensshserver.config
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/tests/rhel8_stig_incorrect_policy.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/tests/rhel8_stig_incorrect_policy.fail.sh
index ec6f07dbc..8d62444f6 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/tests/rhel8_stig_incorrect_policy.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/tests/rhel8_stig_incorrect_policy.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 # variables = sshd_approved_macs=hmac-sha2-512,hmac-sha2-256,hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com
 
 configfile=/etc/crypto-policies/back-ends/opensshserver.config
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/tests/rhel8_stig_missing_file.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/tests/rhel8_stig_missing_file.fail.sh
index ee314357d..2e714d227 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/tests/rhel8_stig_missing_file.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/tests/rhel8_stig_missing_file.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 # variables = sshd_approved_macs=hmac-sha2-512,hmac-sha2-256,hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com
 
 configfile=/etc/crypto-policies/back-ends/opensshserver.config
diff --git a/linux_os/guide/system/software/integrity/crypto/openssl_use_strong_entropy/bash/shared.sh b/linux_os/guide/system/software/integrity/crypto/openssl_use_strong_entropy/bash/shared.sh
index beec02c93..b0240f449 100644
--- a/linux_os/guide/system/software/integrity/crypto/openssl_use_strong_entropy/bash/shared.sh
+++ b/linux_os/guide/system/software/integrity/crypto/openssl_use_strong_entropy/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Red Hat Enterprise Linux 8,Oracle Linux 8
+# platform = Red Hat Enterprise Linux 8,AlmaLinux OS 8,Oracle Linux 8
 
 cat > /etc/profile.d/openssl-rand.sh <<- 'EOM'
 {{{ openssl_strong_entropy_config_file() }}}
diff --git a/linux_os/guide/system/software/integrity/crypto/openssl_use_strong_entropy/tests/correct.pass.sh b/linux_os/guide/system/software/integrity/crypto/openssl_use_strong_entropy/tests/correct.pass.sh
index e7902ee46..e96a7538a 100644
--- a/linux_os/guide/system/software/integrity/crypto/openssl_use_strong_entropy/tests/correct.pass.sh
+++ b/linux_os/guide/system/software/integrity/crypto/openssl_use_strong_entropy/tests/correct.pass.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 
 cat > /etc/profile.d/openssl-rand.sh <<- 'EOM'
 # provide a default -rand /dev/random option to openssl commands that
diff --git a/linux_os/guide/system/software/integrity/crypto/openssl_use_strong_entropy/tests/file_missing.fail.sh b/linux_os/guide/system/software/integrity/crypto/openssl_use_strong_entropy/tests/file_missing.fail.sh
index cddf984f1..c2947a51f 100644
--- a/linux_os/guide/system/software/integrity/crypto/openssl_use_strong_entropy/tests/file_missing.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/openssl_use_strong_entropy/tests/file_missing.fail.sh
@@ -1,4 +1,4 @@
 #!/bin/bash
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 
 rm -f /etc/profile.d/openssl-rand.sh
diff --git a/linux_os/guide/system/software/integrity/crypto/openssl_use_strong_entropy/tests/file_modified.fail.sh b/linux_os/guide/system/software/integrity/crypto/openssl_use_strong_entropy/tests/file_modified.fail.sh
index 298c79dc0..d501c7a5b 100644
--- a/linux_os/guide/system/software/integrity/crypto/openssl_use_strong_entropy/tests/file_modified.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/openssl_use_strong_entropy/tests/file_modified.fail.sh
@@ -1,4 +1,4 @@
 #!/bin/bash
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 
 echo "wrong data" > /etc/profile.d/openssl-rand.sh
diff --git a/linux_os/guide/system/software/integrity/disable_prelink/ansible/shared.yml b/linux_os/guide/system/software/integrity/disable_prelink/ansible/shared.yml
index 782c94b4d..7a4862443 100644
--- a/linux_os/guide/system/software/integrity/disable_prelink/ansible/shared.yml
+++ b/linux_os/guide/system/software/integrity/disable_prelink/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro
 # reboot = false
 # strategy = restrict
 # complexity = low
diff --git a/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_endpoint_security_software/package_mcafeetp_installed/rule.yml b/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_endpoint_security_software/package_mcafeetp_installed/rule.yml
index 88d8a4312..dde17fabc 100644
--- a/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_endpoint_security_software/package_mcafeetp_installed/rule.yml
+++ b/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_endpoint_security_software/package_mcafeetp_installed/rule.yml
@@ -33,7 +33,7 @@ references:
     disa: CCI-001263,CCI-000366
     nist: SI-2(2)
     srg: SRG-OS-000191-GPOS-00080
-    stigid@rhel8: RHEL-08-010001
+    stigid@almalinux8: RHEL-08-010001
     stigid@ubuntu2004: UBTU-20-010415
 
 ocil_clause: 'the package is not installed'
diff --git a/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/rule.yml b/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/rule.yml
index 187038823..df95eb3df 100644
--- a/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/rule.yml
+++ b/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/rule.yml
@@ -39,7 +39,7 @@ references:
     ospp: FCS_RBG_EXT.1
     srg: SRG-OS-000478-GPOS-00223
     stigid@ol8: OL08-00-010020
-    stigid@rhel8: RHEL-08-010020
+    stigid@almalinux8: RHEL-08-010020
 
 ocil_clause: 'the Dracut FIPS module is not enabled'
 
diff --git a/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/tests/fips_dracut_module_missing.fail.sh b/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/tests/fips_dracut_module_missing.fail.sh
index 9c232fc94..f3d71ee21 100644
--- a/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/tests/fips_dracut_module_missing.fail.sh
+++ b/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/tests/fips_dracut_module_missing.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = crypto-policies-scripts
-# platform = multi_platform_rhel,Red Hat Virtualization 4,multi_platform_ol
+# platform = multi_platform_rhel,multi_platform_almalinux,Red Hat Virtualization 4,multi_platform_ol
 
 fips-mode-setup --enable
 FIPS_CONF="/etc/dracut.conf.d/40-fips.conf"
diff --git a/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/tests/fips_dracut_module_present.pass.sh b/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/tests/fips_dracut_module_present.pass.sh
index b92e82236..138d2c997 100644
--- a/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/tests/fips_dracut_module_present.pass.sh
+++ b/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/tests/fips_dracut_module_present.pass.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = crypto-policies-scripts
-# platform = multi_platform_rhel,Red Hat Virtualization 4,multi_platform_ol
+# platform = multi_platform_rhel,multi_platform_almalinux,Red Hat Virtualization 4,multi_platform_ol
 
 fips-mode-setup --enable
 FIPS_CONF="/etc/dracut.conf.d/40-fips.conf"
diff --git a/linux_os/guide/system/software/integrity/fips/enable_fips_mode/oval/shared.xml b/linux_os/guide/system/software/integrity/fips/enable_fips_mode/oval/shared.xml
index ca46a3606..16261f584 100644
--- a/linux_os/guide/system/software/integrity/fips/enable_fips_mode/oval/shared.xml
+++ b/linux_os/guide/system/software/integrity/fips/enable_fips_mode/oval/shared.xml
@@ -55,7 +55,7 @@
               
             
-            {{% if product in ["ol8", "rhel8"] %}}
+            {{% if product in ["ol8", "rhel8", "almalinux8"] %}}
             
             {{% else %}}
@@ -128,7 +128,7 @@ to a crypto policy module that further restricts the modified crypto policy.">
   {{%- endif %}}
   
 
-  {{% if product in ["ol8","rhel8"] %}}
+  {{% if product in ["ol8","rhel8", "almalinux8"] %}}
   
diff --git a/linux_os/guide/system/software/integrity/fips/enable_fips_mode/rule.yml b/linux_os/guide/system/software/integrity/fips/enable_fips_mode/rule.yml
index 1687fcac9..8d2f9271a 100644
--- a/linux_os/guide/system/software/integrity/fips/enable_fips_mode/rule.yml
+++ b/linux_os/guide/system/software/integrity/fips/enable_fips_mode/rule.yml
@@ -59,7 +59,7 @@ references:
     ospp: FCS_COP.1(1),FCS_COP.1(2),FCS_COP.1(3),FCS_COP.1(4),FCS_CKM.1,FCS_CKM.2,FCS_TLSC_EXT.1,FCS_RBG_EXT.1
     srg: SRG-OS-000478-GPOS-00223,SRG-OS-000396-GPOS-00176
     stigid@ol8: OL08-00-010020
-    stigid@rhel8: RHEL-08-010020
+    stigid@almalinux8: RHEL-08-010020
 
 ocil_clause: 'FIPS mode is not enabled'
 
diff --git a/linux_os/guide/system/software/integrity/fips/sysctl_crypto_fips_enabled/rule.yml b/linux_os/guide/system/software/integrity/fips/sysctl_crypto_fips_enabled/rule.yml
index 61093f4b2..4041785ef 100644
--- a/linux_os/guide/system/software/integrity/fips/sysctl_crypto_fips_enabled/rule.yml
+++ b/linux_os/guide/system/software/integrity/fips/sysctl_crypto_fips_enabled/rule.yml
@@ -41,7 +41,7 @@ references:
     nist: SC-12(2),SC-12(3),IA-7,SC-13,CM-6(a),SC-12
     srg: SRG-OS-000033-GPOS-00014,SRG-OS-000125-GPOS-00065,SRG-OS-000250-GPOS-00093,SRG-OS-000393-GPOS-00173,SRG-OS-000394-GPOS-00174,SRG-OS-000396-GPOS-00176,SRG-OS-000423-GPOS-00187,SRG-OS-000478-GPOS-00223
     stigid@ol8: OL08-00-010020
-    stigid@rhel8: RHEL-08-010020
+    stigid@almalinux8: RHEL-08-010020
 
 ocil_clause: 'crypto.fips_enabled is not 1'
 
diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_build_database/bash/shared.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_build_database/bash/shared.sh
index b320fccb5..5e1c5b637 100644
--- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_build_database/bash/shared.sh
+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_build_database/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro
 
 {{% if 'sle' in product or 'slmicro' in produc %}}
 zypper -q --no-remote ref
diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_build_database/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_build_database/rule.yml
index 7cef39f6c..cb13929ea 100644
--- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_build_database/rule.yml
+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_build_database/rule.yml
@@ -62,7 +62,7 @@ references:
     srg: SRG-OS-000445-GPOS-00199
     stigid@ol7: OL07-00-020029
     stigid@ol8: OL08-00-010359
-    stigid@rhel8: RHEL-08-010359
+    stigid@almalinux8: RHEL-08-010359
     stigid@sle12: SLES-12-010499
     stigid@sle15: SLES-15-010419
     stigid@ubuntu2004: UBTU-20-010450
diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/ansible/shared.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/ansible/shared.yml
index c78b92690..39bab2902 100644
--- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/ansible/shared.yml
+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
 # reboot = false
 # strategy = restrict
 # complexity = low
diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/bash/shared.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/bash/shared.sh
index eb25eaa3a..1c4e85445 100644
--- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/bash/shared.sh
+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
 # reboot = false
 # strategy = restrict
 # complexity = low
diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/rule.yml
index 054ccc597..bb33da7f5 100644
--- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/rule.yml
+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/rule.yml
@@ -43,7 +43,7 @@ references:
     nist: AU-9(3),AU-9(3).1
     srg: SRG-OS-000278-GPOS-00108
     stigid@ol8: OL08-00-030650
-    stigid@rhel8: RHEL-08-030650
+    stigid@almalinux8: RHEL-08-030650
     stigid@sle12: SLES-12-010540
     stigid@sle15: SLES-15-030630
     stigid@ubuntu2004: UBTU-20-010205
diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/correct.pass.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/correct.pass.sh
index 1b0c304be..fe181733a 100644
--- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/correct.pass.sh
+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/correct.pass.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_ubuntu
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu
 # packages = aide
 
 aide --init
diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/correct_with_selinux.pass.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/correct_with_selinux.pass.sh
index 236c0cebf..f91dce305 100644
--- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/correct_with_selinux.pass.sh
+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/correct_with_selinux.pass.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_ubuntu
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu
 # packages = aide
 
 declare -a bins
diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/extra_suffix.fail.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/extra_suffix.fail.sh
index 7f422b6b2..efdd460cc 100644
--- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/extra_suffix.fail.sh
+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/extra_suffix.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_ubuntu
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu
 # packages = aide
 
 declare -a bins
diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/not_config.fail.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/not_config.fail.sh
index d76b93657..35c7a2400 100644
--- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/not_config.fail.sh
+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/not_config.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_ubuntu
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu
 # packages = aide
 
 aide --init
diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_checking_systemd_timer/tests/aide_timer_weekly.pass.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_checking_systemd_timer/tests/aide_timer_weekly.pass.sh
index c0d829568..f31f1584d 100644
--- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_checking_systemd_timer/tests/aide_timer_weekly.pass.sh
+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_checking_systemd_timer/tests/aide_timer_weekly.pass.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro
 #!/bin/bash
 # packages = aide
 
diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/bash/shared.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/bash/shared.sh
index dfa5c1b6c..60ac94141 100644
--- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/bash/shared.sh
+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
 
 {{{ bash_package_install("aide") }}}
 
diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_scan_notification/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_scan_notification/rule.yml
index 457b1c08a..c31223f2d 100644
--- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_scan_notification/rule.yml
+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_scan_notification/rule.yml
@@ -47,7 +47,7 @@ references:
     srg: SRG-OS-000363-GPOS-00150,SRG-OS-000446-GPOS-00200,SRG-OS-000447-GPOS-00201
     stigid@ol7: OL07-00-020040
     stigid@ol8: OL08-00-010360
-    stigid@rhel8: RHEL-08-010360
+    stigid@almalinux8: RHEL-08-010360
     stigid@sle12: SLES-12-010510
     stigid@sle15: SLES-15-010570
 
diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_use_fips_hashes/bash/shared.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_use_fips_hashes/bash/shared.sh
index 34a114520..b22a658da 100644
--- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_use_fips_hashes/bash/shared.sh
+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_use_fips_hashes/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_ol
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol
 
 {{{ bash_package_install("aide") }}}
 
diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_use_fips_hashes/tests/correct_value.pass.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_use_fips_hashes/tests/correct_value.pass.sh
index 62dd8a51e..1d3451837 100644
--- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_use_fips_hashes/tests/correct_value.pass.sh
+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_use_fips_hashes/tests/correct_value.pass.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = aide
-# platform = Red Hat Enterprise Linux 8,Red Hat Virtualization 4,multi_platform_ol
+# platform = Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Virtualization 4,multi_platform_ol
 
 
 cat >/etc/aide.conf </etc/aide.conf </etc/aide.conf </etc/aide.conf </etc/aide.conf </etc/aide.conf <> /etc/sudoers
diff --git a/linux_os/guide/system/software/sudo/sudo_add_umask/tests/0027_var_multiple_values.pass.sh b/linux_os/guide/system/software/sudo/sudo_add_umask/tests/0027_var_multiple_values.pass.sh
index 39ec72b52..a2849d3b4 100644
--- a/linux_os/guide/system/software/sudo/sudo_add_umask/tests/0027_var_multiple_values.pass.sh
+++ b/linux_os/guide/system/software/sudo/sudo_add_umask/tests/0027_var_multiple_values.pass.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
 # variables = var_sudo_umask=0027
 
 echo "Defaults use_pty,umask=0027,noexec" >> /etc/sudoers
diff --git a/linux_os/guide/system/software/sudo/sudo_dedicated_group/tests/root_default.fail.sh b/linux_os/guide/system/software/sudo/sudo_dedicated_group/tests/root_default.fail.sh
index 0e5aed5d0..c75edccd5 100644
--- a/linux_os/guide/system/software/sudo/sudo_dedicated_group/tests/root_default.fail.sh
+++ b/linux_os/guide/system/software/sudo/sudo_dedicated_group/tests/root_default.fail.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
 # remediation = none
 
 # Make sure sudo is owned by root group
diff --git a/linux_os/guide/system/software/sudo/sudo_remove_no_authenticate/rule.yml b/linux_os/guide/system/software/sudo/sudo_remove_no_authenticate/rule.yml
index c72f29c20..0a8a82e1a 100644
--- a/linux_os/guide/system/software/sudo/sudo_remove_no_authenticate/rule.yml
+++ b/linux_os/guide/system/software/sudo/sudo_remove_no_authenticate/rule.yml
@@ -38,7 +38,7 @@ references:
     srg: SRG-OS-000373-GPOS-00156,SRG-OS-000373-GPOS-00157,SRG-OS-000373-GPOS-00158
     stigid@ol7: OL07-00-010350
     stigid@ol8: OL08-00-010381
-    stigid@rhel8: RHEL-08-010381
+    stigid@almalinux8: RHEL-08-010381
     stigid@sle12: SLES-12-010110
     stigid@sle15: SLES-15-010450
 
diff --git a/linux_os/guide/system/software/sudo/sudo_remove_nopasswd/rule.yml b/linux_os/guide/system/software/sudo/sudo_remove_nopasswd/rule.yml
index 1a68d6454..8d702f3b7 100644
--- a/linux_os/guide/system/software/sudo/sudo_remove_nopasswd/rule.yml
+++ b/linux_os/guide/system/software/sudo/sudo_remove_nopasswd/rule.yml
@@ -38,7 +38,7 @@ references:
     srg: SRG-OS-000373-GPOS-00156,SRG-OS-000373-GPOS-00157,SRG-OS-000373-GPOS-00158
     stigid@ol7: OL07-00-010340
     stigid@ol8: OL08-00-010380
-    stigid@rhel8: RHEL-08-010380
+    stigid@almalinux8: RHEL-08-010380
     stigid@sle12: SLES-12-010110
     stigid@sle15: SLES-15-010450
 
diff --git a/linux_os/guide/system/software/sudo/sudo_require_reauthentication/rule.yml b/linux_os/guide/system/software/sudo/sudo_require_reauthentication/rule.yml
index 04d3ad280..38dd80953 100644
--- a/linux_os/guide/system/software/sudo/sudo_require_reauthentication/rule.yml
+++ b/linux_os/guide/system/software/sudo/sudo_require_reauthentication/rule.yml
@@ -37,7 +37,7 @@ references:
     srg: SRG-OS-000373-GPOS-00156,SRG-OS-000373-GPOS-00157,SRG-OS-000373-GPOS-00158
     stigid@ol7: OL07-00-010343
     stigid@ol8: OL08-00-010384
-    stigid@rhel8: RHEL-08-010384
+    stigid@almalinux8: RHEL-08-010384
     stigid@sle12: SLES-12-010113
     stigid@sle15: SLES-15-020102
 
diff --git a/linux_os/guide/system/software/sudo/sudo_restrict_privilege_elevation_to_authorized/rule.yml b/linux_os/guide/system/software/sudo/sudo_restrict_privilege_elevation_to_authorized/rule.yml
index 6dc971d80..ea823aeed 100644
--- a/linux_os/guide/system/software/sudo/sudo_restrict_privilege_elevation_to_authorized/rule.yml
+++ b/linux_os/guide/system/software/sudo/sudo_restrict_privilege_elevation_to_authorized/rule.yml
@@ -32,7 +32,7 @@ references:
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol7: OL07-00-010341
     stigid@ol8: OL08-00-010382
-    stigid@rhel8: RHEL-08-010382
+    stigid@almalinux8: RHEL-08-010382
     stigid@sle12: SLES-12-010111
     stigid@sle15: SLES-15-020101
 
diff --git a/linux_os/guide/system/software/sudo/sudoers_default_includedir/rule.yml b/linux_os/guide/system/software/sudo/sudoers_default_includedir/rule.yml
index 00f7c6b01..3fcee6354 100644
--- a/linux_os/guide/system/software/sudo/sudoers_default_includedir/rule.yml
+++ b/linux_os/guide/system/software/sudo/sudoers_default_includedir/rule.yml
@@ -34,7 +34,7 @@ references:
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol7: OL07-00-010339
     stigid@ol8: OL08-00-010379
-    stigid@rhel8: RHEL-08-010379
+    stigid@almalinux8: RHEL-08-010379
     stigid@sle12: SLES-12-010109
     stigid@sle15: SLES-15-020099
 
diff --git a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/rule.yml b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/rule.yml
index 4500f23e9..7174bbdd3 100644
--- a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/rule.yml
+++ b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/rule.yml
@@ -37,7 +37,7 @@ references:
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol7: OL07-00-010342
     stigid@ol8: OL08-00-010383
-    stigid@rhel8: RHEL-08-010383
+    stigid@almalinux8: RHEL-08-010383
     stigid@sle12: SLES-12-010112
     stigid@sle15: SLES-15-020103
 
diff --git a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_d_duplicate.pass.sh b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_d_duplicate.pass.sh
index 4cf3ce661..296d0b930 100644
--- a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_d_duplicate.pass.sh
+++ b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_d_duplicate.pass.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,SUSE Linux Enterprise 15,multi_platform_slmicro
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,SUSE Linux Enterprise 15,multi_platform_slmicro
 # packages = sudo
 
 echo 'Defaults !targetpw' >> /etc/sudoers
diff --git a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd.fail.sh b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd.fail.sh
index ee448e531..13b381ede 100644
--- a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd.fail.sh
+++ b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd.fail.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,SUSE Linux Enterprise 15,multi_platform_slmicro
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,SUSE Linux Enterprise 15,multi_platform_slmicro
 # packages = sudo
 
 touch /etc/sudoers.d/empty
diff --git a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd.pass.sh b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd.pass.sh
index ef3750b2f..ccef4017d 100644
--- a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd.pass.sh
+++ b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd.pass.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,SUSE Linux Enterprise 15,multi_platform_slmicro
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,SUSE Linux Enterprise 15,multi_platform_slmicro
 # packages = sudo
 
 echo 'Defaults !targetpw' >> /etc/sudoers
diff --git a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_conflicting_values.fail.sh b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_conflicting_values.fail.sh
index ebbcef34d..0e3a3d43a 100644
--- a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_conflicting_values.fail.sh
+++ b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_conflicting_values.fail.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,SUSE Linux Enterprise 15,multi_platform_slmicro
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,SUSE Linux Enterprise 15,multi_platform_slmicro
 # packages = sudo
 
 echo 'Defaults !targetpw' >> /etc/sudoers
diff --git a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_duplicates.fail.sh b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_duplicates.fail.sh
index 3794bb647..e8d9bbaa6 100644
--- a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_duplicates.fail.sh
+++ b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_duplicates.fail.sh
@@ -1,4 +1,4 @@
-# platform = SUSE Linux Enterprise 15,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_slmicro
+# platform = SUSE Linux Enterprise 15,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_slmicro
 # packages = sudo
 
 echo 'Defaults !targetpw' >> /etc/sudoers
diff --git a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_duplicates.pass.sh b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_duplicates.pass.sh
index 81b218e1a..b8114e674 100644
--- a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_duplicates.pass.sh
+++ b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_duplicates.pass.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,SUSE Linux Enterprise 15,multi_platform_slmicro
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,SUSE Linux Enterprise 15,multi_platform_slmicro
 # packages = sudo
 
 echo 'Defaults !targetpw' >> /etc/sudoers
diff --git a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_multiple_files.pass.sh b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_multiple_files.pass.sh
index 60354bba5..aebe5505f 100644
--- a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_multiple_files.pass.sh
+++ b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_multiple_files.pass.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,SUSE Linux Enterprise 15,multi_platform_slmicro
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,SUSE Linux Enterprise 15,multi_platform_slmicro
 # packages = sudo
 
 echo 'Defaults !targetpw' >> /etc/sudoers
diff --git a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_rootpw.fail.sh b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_rootpw.fail.sh
index c8e38ccd0..7955c2d54 100644
--- a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_rootpw.fail.sh
+++ b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_rootpw.fail.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,SUSE Linux Enterprise 15,multi_platform_slmicro
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,SUSE Linux Enterprise 15,multi_platform_slmicro
 # packages = sudo
 
 touch /etc/sudoers.d/empty
diff --git a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_runaspw.fail.sh b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_runaspw.fail.sh
index 4454ed38e..97a9346e2 100644
--- a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_runaspw.fail.sh
+++ b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_runaspw.fail.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,SUSE Linux Enterprise 15,multi_platform_slmicro
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,SUSE Linux Enterprise 15,multi_platform_slmicro
 # packages = sudo
 
 touch /etc/sudoers.d/empty
diff --git a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_targetpw.fail.sh b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_targetpw.fail.sh
index 1de6b3bbb..06eadc9e9 100644
--- a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_targetpw.fail.sh
+++ b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_targetpw.fail.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,SUSE Linux Enterprise 15,multi_platform_slmicro
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,SUSE Linux Enterprise 15,multi_platform_slmicro
 # packages = sudo
 
 touch /etc/sudoers.d/empty
diff --git a/linux_os/guide/system/software/system-tools/package_abrt-addon-ccpp_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_abrt-addon-ccpp_removed/rule.yml
index 0c9ac75e3..d54c3bf0c 100644
--- a/linux_os/guide/system/software/system-tools/package_abrt-addon-ccpp_removed/rule.yml
+++ b/linux_os/guide/system/software/system-tools/package_abrt-addon-ccpp_removed/rule.yml
@@ -19,7 +19,7 @@ identifiers:
 references:
     disa: CCI-000381
     srg: SRG-OS-000095-GPOS-00049
-    stigid@rhel8: RHEL-08-040001
+    stigid@almalinux8: RHEL-08-040001
 
 {{{ complete_ocil_entry_package(package="abrt-addon-ccpp") }}}
 
diff --git a/linux_os/guide/system/software/system-tools/package_abrt-addon-kerneloops_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_abrt-addon-kerneloops_removed/rule.yml
index 2dc267c10..201fae6fc 100644
--- a/linux_os/guide/system/software/system-tools/package_abrt-addon-kerneloops_removed/rule.yml
+++ b/linux_os/guide/system/software/system-tools/package_abrt-addon-kerneloops_removed/rule.yml
@@ -19,7 +19,7 @@ identifiers:
 references:
     disa: CCI-000381
     srg: SRG-OS-000095-GPOS-00049
-    stigid@rhel8: RHEL-08-040001
+    stigid@almalinux8: RHEL-08-040001
 
 {{{ complete_ocil_entry_package(package="abrt-addon-kerneloops") }}}
 
diff --git a/linux_os/guide/system/software/system-tools/package_abrt-addon-python_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_abrt-addon-python_removed/rule.yml
index d801538ef..67e739ddc 100644
--- a/linux_os/guide/system/software/system-tools/package_abrt-addon-python_removed/rule.yml
+++ b/linux_os/guide/system/software/system-tools/package_abrt-addon-python_removed/rule.yml
@@ -15,7 +15,7 @@ severity: low
 references:
     disa: CCI-000381
     srg: SRG-OS-000095-GPOS-00049
-    stigid@rhel8: RHEL-08-040001
+    stigid@almalinux8: RHEL-08-040001
 
 {{{ complete_ocil_entry_package(package="abrt-addon-python") }}}
 
diff --git a/linux_os/guide/system/software/system-tools/package_abrt-cli_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_abrt-cli_removed/rule.yml
index ba990a148..0be012ec8 100644
--- a/linux_os/guide/system/software/system-tools/package_abrt-cli_removed/rule.yml
+++ b/linux_os/guide/system/software/system-tools/package_abrt-cli_removed/rule.yml
@@ -19,7 +19,7 @@ identifiers:
 references:
     disa: CCI-000381
     srg: SRG-OS-000095-GPOS-00049
-    stigid@rhel8: RHEL-08-040001
+    stigid@almalinux8: RHEL-08-040001
 
 {{{ complete_ocil_entry_package(package="abrt-cli") }}}
 
diff --git a/linux_os/guide/system/software/system-tools/package_abrt-plugin-sosreport_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_abrt-plugin-sosreport_removed/rule.yml
index 67e715345..e3e9ad0a5 100644
--- a/linux_os/guide/system/software/system-tools/package_abrt-plugin-sosreport_removed/rule.yml
+++ b/linux_os/guide/system/software/system-tools/package_abrt-plugin-sosreport_removed/rule.yml
@@ -18,7 +18,7 @@ identifiers:
 references:
     disa: CCI-000381
     srg: SRG-OS-000095-GPOS-00049
-    stigid@rhel8: RHEL-08-040001
+    stigid@almalinux8: RHEL-08-040001
 
 {{{ complete_ocil_entry_package(package="abrt-plugin-sosreport") }}}
 
diff --git a/linux_os/guide/system/software/system-tools/package_gssproxy_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_gssproxy_removed/rule.yml
index a9d20dd50..0b58fe214 100644
--- a/linux_os/guide/system/software/system-tools/package_gssproxy_removed/rule.yml
+++ b/linux_os/guide/system/software/system-tools/package_gssproxy_removed/rule.yml
@@ -22,7 +22,7 @@ references:
     disa: CCI-000366,CCI-000381
     srg: SRG-OS-000095-GPOS-00049,SRG-OS-000480-GPOS-00227
     stigid@ol8: OL08-00-040370
-    stigid@rhel8: RHEL-08-040370
+    stigid@almalinux8: RHEL-08-040370
 
 {{{ complete_ocil_entry_package(package="gssproxy") }}}
 
diff --git a/linux_os/guide/system/software/system-tools/package_iprutils_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_iprutils_removed/rule.yml
index 152061a7d..91eb3575f 100644
--- a/linux_os/guide/system/software/system-tools/package_iprutils_removed/rule.yml
+++ b/linux_os/guide/system/software/system-tools/package_iprutils_removed/rule.yml
@@ -21,7 +21,7 @@ references:
     disa: CCI-000366,CCI-000381
     srg: SRG-OS-000095-GPOS-00049,SRG-OS-000480-GPOS-00227
     stigid@ol8: OL08-00-040380
-    stigid@rhel8: RHEL-08-040380
+    stigid@almalinux8: RHEL-08-040380
 
 {{{ complete_ocil_entry_package(package="iprutils") }}}
 
diff --git a/linux_os/guide/system/software/system-tools/package_krb5-workstation_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_krb5-workstation_removed/rule.yml
index 41d6e72da..7714313fe 100644
--- a/linux_os/guide/system/software/system-tools/package_krb5-workstation_removed/rule.yml
+++ b/linux_os/guide/system/software/system-tools/package_krb5-workstation_removed/rule.yml
@@ -22,7 +22,7 @@ references:
     disa: CCI-000803
     srg: SRG-OS-000095-GPOS-00049,SRG-OS-000120-GPOS-00061
     stigid@ol8: OL08-00-010162
-    stigid@rhel8: RHEL-08-010162
+    stigid@almalinux8: RHEL-08-010162
 
 platforms:
 {{%- if "rhel" in product %}}
diff --git a/linux_os/guide/system/software/system-tools/package_libreport-plugin-logger_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_libreport-plugin-logger_removed/rule.yml
index 810e4f9c6..0ce578488 100644
--- a/linux_os/guide/system/software/system-tools/package_libreport-plugin-logger_removed/rule.yml
+++ b/linux_os/guide/system/software/system-tools/package_libreport-plugin-logger_removed/rule.yml
@@ -23,7 +23,7 @@ references:
     disa: CCI-000381
     srg: SRG-OS-000095-GPOS-00049
     stigid@ol8: OL08-00-040001
-    stigid@rhel8: RHEL-08-040001
+    stigid@almalinux8: RHEL-08-040001
 
 {{{ complete_ocil_entry_package(package="libreport-plugin-logger") }}}
 
diff --git a/linux_os/guide/system/software/system-tools/package_libreport-plugin-rhtsupport_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_libreport-plugin-rhtsupport_removed/rule.yml
index 55e11e45e..d940adb5e 100644
--- a/linux_os/guide/system/software/system-tools/package_libreport-plugin-rhtsupport_removed/rule.yml
+++ b/linux_os/guide/system/software/system-tools/package_libreport-plugin-rhtsupport_removed/rule.yml
@@ -18,7 +18,7 @@ identifiers:
 references:
     disa: CCI-000381
     srg: SRG-OS-000095-GPOS-00049
-    stigid@rhel8: RHEL-08-040001
+    stigid@almalinux8: RHEL-08-040001
 
 {{{ complete_ocil_entry_package(package="libreport-plugin-rhtsupport") }}}
 
diff --git a/linux_os/guide/system/software/system-tools/package_python3-abrt-addon_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_python3-abrt-addon_removed/rule.yml
index 5a020f452..a3769b969 100644
--- a/linux_os/guide/system/software/system-tools/package_python3-abrt-addon_removed/rule.yml
+++ b/linux_os/guide/system/software/system-tools/package_python3-abrt-addon_removed/rule.yml
@@ -18,7 +18,7 @@ identifiers:
 references:
     disa: CCI-000381
     srg: SRG-OS-000095-GPOS-00049
-    stigid@rhel8: RHEL-08-040001
+    stigid@almalinux8: RHEL-08-040001
 
 {{{ complete_ocil_entry_package(package="python3-abrt-addon") }}}
 
diff --git a/linux_os/guide/system/software/system-tools/package_rng-tools_installed/rule.yml b/linux_os/guide/system/software/system-tools/package_rng-tools_installed/rule.yml
index 400e92922..b3eb3baa9 100644
--- a/linux_os/guide/system/software/system-tools/package_rng-tools_installed/rule.yml
+++ b/linux_os/guide/system/software/system-tools/package_rng-tools_installed/rule.yml
@@ -21,7 +21,7 @@ references:
     disa: CCI-000366
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol8: OL08-00-010472
-    stigid@rhel8: RHEL-08-010472
+    stigid@almalinux8: RHEL-08-010472
 
 ocil_clause: 'the package is not installed'
 
diff --git a/linux_os/guide/system/software/system-tools/package_tuned_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_tuned_removed/rule.yml
index 0e6096fd0..155f7e727 100644
--- a/linux_os/guide/system/software/system-tools/package_tuned_removed/rule.yml
+++ b/linux_os/guide/system/software/system-tools/package_tuned_removed/rule.yml
@@ -23,7 +23,7 @@ references:
     disa: CCI-000366,CCI-000381
     srg: SRG-OS-000095-GPOS-00049,SRG-OS-000480-GPOS-00227
     stigid@ol8: OL08-00-040390
-    stigid@rhel8: RHEL-08-040390
+    stigid@almalinux8: RHEL-08-040390
 
 {{{ complete_ocil_entry_package(package="tuned") }}}
 
diff --git a/linux_os/guide/system/software/updating/clean_components_post_updating/ansible/shared.yml b/linux_os/guide/system/software/updating/clean_components_post_updating/ansible/shared.yml
index e25b2e615..5ef42594e 100644
--- a/linux_os/guide/system/software/updating/clean_components_post_updating/ansible/shared.yml
+++ b/linux_os/guide/system/software/updating/clean_components_post_updating/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro
 # reboot = false
 # strategy = restrict
 # complexity = low
diff --git a/linux_os/guide/system/software/updating/clean_components_post_updating/bash/shared.sh b/linux_os/guide/system/software/updating/clean_components_post_updating/bash/shared.sh
index 742c2e452..c7fdd0009 100644
--- a/linux_os/guide/system/software/updating/clean_components_post_updating/bash/shared.sh
+++ b/linux_os/guide/system/software/updating/clean_components_post_updating/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro
 
 {{% if 'sle' in product or 'slmicro' in product %}}
 {{{ bash_replace_or_append('/etc/zypp/zypp.conf', '^solver.upgradeRemoveDroppedPackages', 'true', '%s=%s') }}}
diff --git a/linux_os/guide/system/software/updating/clean_components_post_updating/rule.yml b/linux_os/guide/system/software/updating/clean_components_post_updating/rule.yml
index e247a6762..f0838be22 100644
--- a/linux_os/guide/system/software/updating/clean_components_post_updating/rule.yml
+++ b/linux_os/guide/system/software/updating/clean_components_post_updating/rule.yml
@@ -46,7 +46,7 @@ references:
     srg: SRG-OS-000437-GPOS-00194
     stigid@ol7: OL07-00-020200
     stigid@ol8: OL08-00-010440
-    stigid@rhel8: RHEL-08-010440
+    stigid@almalinux8: RHEL-08-010440
     stigid@sle12: SLES-12-010570
     stigid@sle15: SLES-15-010560
     stigid@ubuntu2004: UBTU-20-010449
diff --git a/linux_os/guide/system/software/updating/clean_components_post_updating/tests/yum_commented.fail.sh b/linux_os/guide/system/software/updating/clean_components_post_updating/tests/yum_commented.fail.sh
index 4cba82b3c..1d8495018 100644
--- a/linux_os/guide/system/software/updating/clean_components_post_updating/tests/yum_commented.fail.sh
+++ b/linux_os/guide/system/software/updating/clean_components_post_updating/tests/yum_commented.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
 
 file={{{ pkg_manager_config_file }}}
 
diff --git a/linux_os/guide/system/software/updating/clean_components_post_updating/tests/yum_correct.pass.sh b/linux_os/guide/system/software/updating/clean_components_post_updating/tests/yum_correct.pass.sh
index 3b3bd71f7..d54501d5c 100644
--- a/linux_os/guide/system/software/updating/clean_components_post_updating/tests/yum_correct.pass.sh
+++ b/linux_os/guide/system/software/updating/clean_components_post_updating/tests/yum_correct.pass.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
 
 file={{{ pkg_manager_config_file }}}
 
diff --git a/linux_os/guide/system/software/updating/clean_components_post_updating/tests/yum_wrong_value.fail.sh b/linux_os/guide/system/software/updating/clean_components_post_updating/tests/yum_wrong_value.fail.sh
index 8f2e4fac8..20d00061a 100644
--- a/linux_os/guide/system/software/updating/clean_components_post_updating/tests/yum_wrong_value.fail.sh
+++ b/linux_os/guide/system/software/updating/clean_components_post_updating/tests/yum_wrong_value.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
 
 file={{{ pkg_manager_config_file }}}
 
diff --git a/linux_os/guide/system/software/updating/dnf-automatic_apply_updates/ansible/shared.yml b/linux_os/guide/system/software/updating/dnf-automatic_apply_updates/ansible/shared.yml
index d74db7b2b..b44ee67b3 100644
--- a/linux_os/guide/system/software/updating/dnf-automatic_apply_updates/ansible/shared.yml
+++ b/linux_os/guide/system/software/updating/dnf-automatic_apply_updates/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_sle,Oracle Linux 8
+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,Oracle Linux 8
 # reboot = false
 # strategy = unknown
 # complexity = low
diff --git a/linux_os/guide/system/software/updating/dnf-automatic_security_updates_only/ansible/shared.yml b/linux_os/guide/system/software/updating/dnf-automatic_security_updates_only/ansible/shared.yml
index ba0c54f3f..1890b7708 100644
--- a/linux_os/guide/system/software/updating/dnf-automatic_security_updates_only/ansible/shared.yml
+++ b/linux_os/guide/system/software/updating/dnf-automatic_security_updates_only/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_sle,Oracle Linux 8
+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,Oracle Linux 8
 # reboot = false
 # strategy = unknown
 # complexity = low
diff --git a/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/ansible/shared.yml b/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/ansible/shared.yml
index add0cd7dd..6a28ad95b 100644
--- a/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/ansible/shared.yml
+++ b/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/ansible/shared.yml
@@ -4,7 +4,7 @@
 # complexity = medium
 # disruption = medium
 - name: "Read permission of GPG key directory"
-  ansible.builtin.stat:
+  stat:
     path: /etc/pki/rpm-gpg/
   register: gpg_key_directory_permission
   check_mode: no
@@ -13,26 +13,27 @@
 
 - name: Read signatures in GPG key
   # According to /usr/share/doc/gnupg2/DETAILS fingerprints are in "fpr" record in field 10
-  ansible.builtin.command: gpg --show-keys --with-fingerprint --with-colons "/etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux-9"
+  command: gpg --show-keys --with-fingerprint --with-colons "/etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux"
   changed_when: False
   register: gpg_fingerprints
   check_mode: no
 
 - name: Set Fact - Installed GPG Fingerprints
-  ansible.builtin.set_fact:
+  set_fact:
     gpg_installed_fingerprints: "{{ gpg_fingerprints.stdout | regex_findall('^pub.*\n(?:^fpr[:]*)([0-9A-Fa-f]*)', '\\1') | list }}"
 
 - name: Set Fact - Valid fingerprints
-  ansible.builtin.set_fact:
+  set_fact:
     gpg_valid_fingerprints:
     - "{{{ release_key_fingerprint }}}"
+    - "{{{ auxiliary_key_fingerprint }}}"
 
 - name: Import AlmaLinux GPG key
-  ansible.builtin.rpm_key:
+  rpm_key:
     state: present
-    key: /etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux-9
+    key: /etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux
   when:
    - gpg_key_directory_permission.stat.mode <= '0755'
    - (gpg_installed_fingerprints | difference(gpg_valid_fingerprints)) | length == 0
    - gpg_installed_fingerprints | length > 0
-   - ansible_distribution == "AlmaLinux" and ansible_distribution_version == "9"
+   - ansible_distribution == "AlmaLinux" and ansible_distribution_version == "8"
diff --git a/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/bash/shared.sh b/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/bash/shared.sh
index f78a6fb82..23a034be4 100644
--- a/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/bash/shared.sh
+++ b/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/bash/shared.sh
@@ -1,8 +1,10 @@
 # platform = multi_platform_almalinux
+# The two fingerprints below are retrieved from https://almalinux.org/security/
 readonly ALMALINUX_RELEASE_FINGERPRINT="{{{ release_key_fingerprint }}}"
+readonly ALMALINUX_AUXILIARY_FINGERPRINT="{{{ auxiliary_key_fingerprint }}}"
 
 # Location of the key we would like to import (once it's integrity verified)
-readonly ALMALINUX_RELEASE_KEY="/etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux-9"
+readonly ALMALINUX_RELEASE_KEY="/etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux"
 
 RPM_GPG_DIR_PERMS=$(stat -c %a "$(dirname "$ALMALINUX_RELEASE_KEY")")
 
@@ -16,7 +18,7 @@ then
   # No CRC error, safe to proceed
   if [ "${GPG_RESULT}" -eq "0" ]
   then
-    echo "${GPG_OUT[*]}" | grep -vE "${ALMALINUX_RELEASE_FINGERPRINT}" || {
+    echo "${GPG_OUT[*]}" | grep -vE "${ALMALINUX_RELEASE_FINGERPRINT}|${ALMALINUX_AUXILIARY_FINGERPRINT}" || {
       # If $ALMALINUX_RELEASE_KEY file doesn't contain any keys with unknown fingerprint, import it
       rpm --import "${ALMALINUX_RELEASE_KEY}"
     }
diff --git a/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/oval/shared.xml b/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/oval/shared.xml
index 74481fb18..7c991eeaa 100644
--- a/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/oval/shared.xml
+++ b/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/oval/shared.xml
@@ -2,7 +2,7 @@
 {{# If pkg_version isn't defined, then the rule should be NOTCHECKED, because we don't have data needed for the check #}}
 
   
-    {{{ oval_metadata("The AlmaLinux release packages are required to be installed.") }}}
+    {{{ oval_metadata("The AlmaLinux release and auxiliary key packages are required to be installed.") }}}
     
       
         
@@ -10,6 +10,10 @@
         
         
+        
+          
+        
       
     
   
@@ -33,5 +37,18 @@
     {{{ pkg_version }}}
   
 
+  
+  
+    
+    
+  
+
+  
+    {{{ aux_pkg_release }}}
+    {{{ aux_pkg_version }}}
+  
+
 
 {{% endif %}}
diff --git a/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/rule.yml b/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/rule.yml
index e1c9c1653..6ba48feb4 100644
--- a/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/rule.yml
+++ b/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/rule.yml
@@ -5,10 +5,22 @@ title: 'Ensure AlmaLinux GPG Key Installed'
 
 description: |-
     To ensure the system can cryptographically verify base software packages
-    come from AlmaLinux (and to connect to the AlmaLinux repositories to 
-    receive them), the AlmaLinux GPG key must be properly installed. To install 
-    the AlmaLinux GPG key, run:
-    
$ sudo rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux-9

+    come from AlmaLinux (and to connect to the AlmaLinux repos to receive them),
+    the AlmaLinux GPG key must properly be installed. To install the AlmaLinux GPG
+    key, run:
+    
$ sudo rpm --import https://repo.almalinux.org/almalinux/RPM-GPG-KEY-AlmaLinux

+
+    If the system is not connected to the Internet, then
+    install the AlmaLinux GPG key from trusted media such as the AlmaLinux
+    installation CD-ROM or DVD. Assuming the disc is mounted in
+    /media/cdrom, use the following command as the root user to import
+    it into the keyring:
+    
$ sudo rpm --import /media/cdrom/RPM-GPG-KEY-AlmaLinux

+
+    Alternatively, the key may be pre-loaded during the AlmaLinux installation. In
+    such cases, the key can be installed by running the following command:
+    
sudo rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux

+
 
 rationale: |-
     Changes to software components can have significant effects on the overall
@@ -24,7 +36,7 @@ references:
     cjis: 5.10.4.1
     cobit5: APO01.06,BAI03.05,BAI06.01,BAI10.01,BAI10.02,BAI10.03,BAI10.05,DSS06.02
     cui: 3.4.8
-    disa: CCI-001749
+    disa: CCI-003992
     hipaa: 164.308(a)(1)(ii)(D),164.312(b),164.312(c)(1),164.312(c)(2),164.312(e)(2)(i)
     isa-62443-2009: 4.3.4.3.2,4.3.4.3.3,4.3.4.4.4
     isa-62443-2013: 'SR 3.1,SR 3.3,SR 3.4,SR 3.8,SR 7.6'
@@ -42,8 +54,8 @@ ocil: |-
     To ensure that the GPG key is installed, run:
     
$ rpm -q --queryformat "%{SUMMARY}\n" gpg-pubkey

     The command should return the string below:
-    
AlmaLinux OS 9 <packager@almalinux.org> public key

+    
gpg(AlmaLinux OS 8 <packager@almalinux.org>

 
 fixtext: |-
     Install {{{ full_name }}} GPG key. Run the following command:
-    $ sudo rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux-9
+    $ sudo rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux
diff --git a/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/tests/key_installed.pass.sh b/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/tests/key_installed.pass.sh
index 87b82cb01..01721fcba 100644
--- a/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/tests/key_installed.pass.sh
+++ b/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/tests/key_installed.pass.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
 #
-# platform = AlmaLinux OS 9
+# platform = AlmaLinux OS 8
 
-rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux-9
+rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux
diff --git a/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/bash/shared.sh b/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/bash/shared.sh
index 4366d9faa..4a3043290 100644
--- a/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/bash/shared.sh
+++ b/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/bash/shared.sh
@@ -1,3 +1,3 @@
-# platform = multi_platform_rhel,multi_platform_ol,multi_platform_fedora,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_fedora,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro
 
 {{{ bash_replace_or_append( pkg_manager_config_file , '^gpgcheck', '1') }}}
diff --git a/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/rule.yml b/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/rule.yml
index 284bfe13d..a72a4b206 100644
--- a/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/rule.yml
+++ b/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/rule.yml
@@ -57,7 +57,7 @@ references:
     srg: SRG-OS-000366-GPOS-00153
     stigid@ol7: OL07-00-020050
     stigid@ol8: OL08-00-010370
-    stigid@rhel8: RHEL-08-010370
+    stigid@almalinux8: RHEL-08-010370
     stigid@sle12: SLES-12-010550
     stigid@sle15: SLES-15-010430
 
diff --git a/linux_os/guide/system/software/updating/ensure_gpgcheck_local_packages/rule.yml b/linux_os/guide/system/software/updating/ensure_gpgcheck_local_packages/rule.yml
index 0d38f08a0..3c48a4f53 100644
--- a/linux_os/guide/system/software/updating/ensure_gpgcheck_local_packages/rule.yml
+++ b/linux_os/guide/system/software/updating/ensure_gpgcheck_local_packages/rule.yml
@@ -40,7 +40,7 @@ references:
     srg: SRG-OS-000366-GPOS-00153
     stigid@ol7: OL07-00-020060
     stigid@ol8: OL08-00-010371
-    stigid@rhel8: RHEL-08-010371
+    stigid@almalinux8: RHEL-08-010371
 
 ocil_clause: 'there is no process to validate certificates for local packages that is approved by the organization'
 
diff --git a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/ansible/shared.yml b/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/ansible/shared.yml
index 9fbd9fff2..71782514c 100644
--- a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/ansible/shared.yml
+++ b/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro
 # reboot = false
 # strategy = enable
 # complexity = low
diff --git a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/bash/shared.sh b/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/bash/shared.sh
index fb6361d3c..e27d8c9d5 100644
--- a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/bash/shared.sh
+++ b/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro
 {{% if product in ["sle12", "sle15", "slmicro5"] %}}
 sed -i 's/gpgcheck\s*=.*/gpgcheck=1/g' /etc/zypp/repos.d/*
 {{% else %}}
diff --git a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/rule.yml b/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/rule.yml
index aaba098c7..5e3b5a605 100644
--- a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/rule.yml
+++ b/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/rule.yml
@@ -50,7 +50,7 @@ references:
     pcidss: Req-6.2
     srg: SRG-OS-000366-GPOS-00153
     stigid@ol8: OL08-00-010370
-    stigid@rhel8: RHEL-08-010370
+    stigid@almalinux8: RHEL-08-010370
 
 ocil_clause: 'GPG checking is disabled'
 
diff --git a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/tests/gpgcheck_disabled.fail.sh b/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/tests/gpgcheck_disabled.fail.sh
index 90ee6e0e0..4e2095f9c 100644
--- a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/tests/gpgcheck_disabled.fail.sh
+++ b/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/tests/gpgcheck_disabled.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro
 
 {{%- if product in ["sle12", "sle15", "slmicro5"] %}}
   sed -i 's/gpgcheck\s*=.*/gpgcheck=0/g' /etc/zypp/repos.d/*
diff --git a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/tests/gpgcheck_enabled.pass.sh b/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/tests/gpgcheck_enabled.pass.sh
index e6dfa5ba5..f90e114cd 100644
--- a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/tests/gpgcheck_enabled.pass.sh
+++ b/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/tests/gpgcheck_enabled.pass.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro
 
 {{%- if product in ["sle12", "sle15", "slmicro5"] %}}
   sed -i 's/gpgcheck\s*=.*/gpgcheck=1/g' /etc/zypp/repos.d/*
diff --git a/linux_os/guide/system/software/updating/ensure_redhat_gpgkey_installed/rule.yml b/linux_os/guide/system/software/updating/ensure_redhat_gpgkey_installed/rule.yml
index 86d0cb5d3..9cb7152f3 100644
--- a/linux_os/guide/system/software/updating/ensure_redhat_gpgkey_installed/rule.yml
+++ b/linux_os/guide/system/software/updating/ensure_redhat_gpgkey_installed/rule.yml
@@ -53,7 +53,7 @@ references:
     ospp: FPT_TUD_EXT.1,FPT_TUD_EXT.2
     pcidss: Req-6.2
     srg: SRG-OS-000366-GPOS-00153
-    stigid@rhel8: RHEL-08-010019
+    stigid@almalinux8: RHEL-08-010019
 
 ocil_clause: 'the Red Hat GPG Key is not installed'
 
diff --git a/linux_os/guide/system/software/updating/security_patches_up_to_date/rule.yml b/linux_os/guide/system/software/updating/security_patches_up_to_date/rule.yml
index e77380808..ecda8e8c8 100644
--- a/linux_os/guide/system/software/updating/security_patches_up_to_date/rule.yml
+++ b/linux_os/guide/system/software/updating/security_patches_up_to_date/rule.yml
@@ -16,6 +16,11 @@ description: |-
     
$ sudo yum update

     If the system is not configured to use one of these sources, updates (in the form of RPM packages)
     can be manually downloaded from the ULN and installed using rpm.
+{{% elif product in ["almalinux8"] %}}
+    Run the following command to install updates:
+    
$ sudo yum update

+    If the system is not configured to use repos, updates (in the form of RPM packages)
+    can be manually downloaded from the repos and installed using rpm.
 {{% elif product in ["sle12", "sle15", "slmicro5"] %}}
     If the system is configured for online updates, invoking the following command will list available
     security updates:
@@ -60,7 +65,7 @@ references:
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol7: OL07-00-020260
     stigid@ol8: OL08-00-010010
-    stigid@rhel8: RHEL-08-010010
+    stigid@almalinux8: RHEL-08-010010
     stigid@sle12: SLES-12-010010
     stigid@sle15: SLES-15-010010
 
diff --git a/product_properties/10-grub.yml b/product_properties/10-grub.yml
index 436c6b492..3d4927544 100644
--- a/product_properties/10-grub.yml
+++ b/product_properties/10-grub.yml
@@ -6,7 +6,7 @@ default:
 
 overrides:
 {{% if "rhel-like" in families and major_version_ordinal <= 8 %}}
-  grub2_uefi_boot_path: "/boot/efi/EFI/redhat"
+  grub2_uefi_boot_path: "/boot/efi/EFI/almalinux"
 {{% endif %}}
 {{% if "suse" in families %}}
   grub_helper_executable: "grub2-mkconfig"
diff --git a/products/almalinux8/CMakeLists.txt b/products/almalinux8/CMakeLists.txt
new file mode 100644
index 000000000..511fdc1c4
--- /dev/null
+++ b/products/almalinux8/CMakeLists.txt
@@ -0,0 +1,33 @@
+# Sometimes our users will try to do: "cd almalinux8; cmake ." That needs to error in a nice way.
+if("${CMAKE_SOURCE_DIR}" STREQUAL "${CMAKE_CURRENT_SOURCE_DIR}")
+    message(FATAL_ERROR "cmake has to be used on the root CMakeLists.txt, see the Building ComplianceAsCode section in the Developer Guide!")
+endif()
+
+set(PRODUCT "almalinux8")
+
+ssg_build_product(${PRODUCT})
+
+ssg_build_html_ref_tables("${PRODUCT}" "table-${PRODUCT}-{ref_id}refs" "anssi;cis;cui;nist;pcidss")
+
+ssg_build_html_profile_table("table-${PRODUCT}-nistrefs-ospp" "${PRODUCT}" "ospp" "nist")
+ssg_build_html_profile_table("table-${PRODUCT}-nistrefs-standard" "${PRODUCT}" "standard" "nist")
+ssg_build_html_profile_table("table-${PRODUCT}-nistrefs-stig" "${PRODUCT}" "stig" "nist")
+
+ssg_build_html_profile_table("table-${PRODUCT}-anssirefs-bp28_minimal" "${PRODUCT}" "anssi_bp28_minimal" "anssi")
+ssg_build_html_profile_table("table-${PRODUCT}-anssirefs-bp28_enhanced" "${PRODUCT}" "anssi_bp28_enhanced" "anssi")
+ssg_build_html_profile_table("table-${PRODUCT}-anssirefs-bp28_intermediary" "${PRODUCT}" "anssi_bp28_intermediary" "anssi")
+ssg_build_html_profile_table("table-${PRODUCT}-anssirefs-bp28_high" "${PRODUCT}" "anssi_bp28_high" "anssi")
+
+ssg_build_html_cce_table(${PRODUCT})
+
+ssg_build_html_srgmap_tables(${PRODUCT})
+
+ssg_build_html_stig_tables(${PRODUCT})
+ssg_build_html_stig_tables_per_profile(${PRODUCT} "stig")
+ssg_build_html_stig_tables_per_profile(${PRODUCT} "stig_gui")
+
+#ssg_build_html_stig_tables(${PRODUCT} "ospp")
+
+if(SSG_CENTOS_DERIVATIVES_ENABLED)
+    ssg_build_derivative_product(${PRODUCT} "centos" "centos8")
+endif()
diff --git a/products/almalinux8/kickstart/ssg-almalinux8-anssi_bp28_enhanced-ks.cfg b/products/almalinux8/kickstart/ssg-almalinux8-anssi_bp28_enhanced-ks.cfg
new file mode 100644
index 000000000..f5ccde9b6
--- /dev/null
+++ b/products/almalinux8/kickstart/ssg-almalinux8-anssi_bp28_enhanced-ks.cfg
@@ -0,0 +1,144 @@
+# SCAP Security Guide ANSSI BP-028 (enhanced) profile kickstart for AlmaLinux OS 8
+# Version: 0.0.1
+# Date: 2021-01-28
+#
+# Based on:
+# https://pykickstart.readthedocs.io/en/latest/
+# http://usgcb.nist.gov/usgcb/content/configuration/workstation-ks.cfg
+# For more information see the following documentation:
+# https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/security_hardening/scanning-the-system-for-configuration-compliance-and-vulnerabilities_security-hardening#deploying-baseline-compliant-rhel-systems-using-kickstart_deploying-systems-that-are-compliant-with-a-security-profile-immediately-after-an-installation
+
+# Specify installation method to use for installation
+# To use a different one comment out the 'url' one below, update
+# the selected choice with proper options & un-comment it
+#
+# Install from an installation tree on a remote server via FTP or HTTP:
+# --url		the URL to install from
+#
+# Example:
+#
+# url --url=http://192.168.122.1/image
+#
+# Modify concrete URL in the above example appropriately to reflect the actual
+# environment machine is to be installed in
+#
+# Other possible / supported installation methods:
+# * install from the first CD-ROM/DVD drive on the system:
+#
+# cdrom
+#
+# * install from a directory of ISO images on a local drive:
+#
+# harddrive --partition=hdb2 --dir=/tmp/install-tree
+#
+# * install from provided NFS server:
+#
+# nfs --server= --dir= [--opts=]
+#
+# Set language to use during installation and the default language to use on the installed system (required)
+lang en_US.UTF-8
+
+# Set system keyboard type / layout (required)
+keyboard --vckeymap us
+
+# Configure network information for target system and activate network devices in the installer environment (optional)
+# --onboot	enable device at a boot time
+# --device	device to be activated and / or configured with the network command
+# --bootproto	method to obtain networking configuration for device (default dhcp)
+# --noipv6	disable IPv6 on this device
+network --onboot yes --bootproto dhcp --noipv6
+
+# Set the system's root password (required)
+# Plaintext password is: server
+# Refer to e.g.
+#   https://pykickstart.readthedocs.io/en/latest/commands.html#rootpw
+# to see how to create encrypted password form for different plaintext password
+rootpw --iscrypted $6$0WWGZ1e6icT$1KiHZK.Nzp3HQerfiy8Ic3pOeCWeIzA.zkQ7mkvYT3bNC5UeGK2ceE5b6TkSg4D/kiSudkT04QlSKknsrNE220
+
+# The selected profile will restrict root login
+# Add a user that can login and escalate privileges
+# Plaintext password is: admin123
+user --name=admin --groups=wheel --password=$6$Ga6ZnIlytrWpuCzO$q0LqT1USHpahzUafQM9jyHCY9BiE5/ahXLNWUMiVQnFGblu0WWGZ1e6icTaCGO4GNgZNtspp1Let/qpM7FMVB0 --iscrypted
+
+# Configure firewall settings for the system (optional)
+# --enabled	reject incoming connections that are not in response to outbound requests
+# --ssh		allow sshd service through the firewall
+firewall --enabled --ssh
+
+# Set the system time zone (required)
+timezone --utc America/New_York
+
+# Specify how the bootloader should be installed (required)
+# Plaintext password is: password
+# Refer to e.g.
+#   grub2-mkpasswd-pbkdf2
+# to see how to create encrypted password form for different plaintext password
+bootloader --append="audit=1 audit_backlog_limit=8192" --password=grub.pbkdf2.sha512.10000.45912D32B964BA58B91EAF9847F3CCE6F4C962638922543AFFAEE4D29951757F4336C181E6FC9030E07B7D9874DAD696A1B18978D995B1D7F27AF9C38159FDF3.99F65F3896012A0A3D571A99D6E6C695F3C51BE5343A01C1B6907E1C3E1373CB7F250C2BC66C44BB876961E9071F40205006A05189E51C2C14770C70C723F3FD --iscrypted
+
+# Initialize (format) all disks (optional)
+zerombr
+
+# The following partition layout scheme assumes disk of size 20GB or larger
+# Modify size of partitions appropriately to reflect actual machine's hardware
+# 
+# Remove Linux partitions from the system prior to creating new ones (optional)
+# --linux	erase all Linux partitions
+# --initlabel	initialize the disk label to the default based on the underlying architecture
+clearpart --linux --initlabel
+
+# Create primary system partitions (required for installs)
+part /boot --fstype=xfs --size=512 --fsoptions="nodev,nosuid,noexec"
+part pv.01 --grow --size=1
+
+# Create a Logical Volume Management (LVM) group (optional)
+volgroup VolGroup pv.01
+
+# Create particular logical volumes (optional)
+logvol / --fstype=xfs --name=root --vgname=VolGroup --size=3192 --grow
+# Ensure /usr Located On Separate Partition
+logvol /usr --fstype=xfs --name=usr --vgname=VolGroup --size=6536 --fsoptions="nodev"
+# Ensure /opt Located On Separate Partition
+logvol /opt --fstype=xfs --name=opt --vgname=VolGroup --size=512 --fsoptions="nodev,nosuid"
+# Ensure /srv Located On Separate Partition
+logvol /srv --fstype=xfs --name=srv --vgname=VolGroup --size=512 --fsoptions="nodev,nosuid"
+# Ensure /home Located On Separate Partition
+logvol /home --fstype=xfs --name=home --vgname=VolGroup --size=512 --fsoptions="nodev"
+# Ensure /tmp Located On Separate Partition
+logvol /tmp --fstype=xfs --name=tmp --vgname=VolGroup --size=1024 --fsoptions="nodev,nosuid,noexec"
+# Ensure /var/tmp Located On Separate Partition
+logvol /var/tmp --fstype=xfs --name=vartmp --vgname=VolGroup --size=1024 --fsoptions="nodev,nosuid,noexec"
+# Ensure /var Located On Separate Partition
+logvol /var --fstype=xfs --name=var --vgname=VolGroup --size=3072 --fsoptions="nodev"
+# Ensure /var/log Located On Separate Partition
+logvol /var/log --fstype=xfs --name=varlog --vgname=VolGroup --size=1024 --fsoptions="nodev,nosuid,noexec"
+# Ensure /var/log/audit Located On Separate Partition
+logvol /var/log/audit --fstype=xfs --name=varlogaudit --vgname=VolGroup --size=512 --fsoptions="nodev,nosuid,noexec"
+logvol swap --name=swap --vgname=VolGroup --size=2016
+
+# The OpenSCAP installer add-on is used to apply SCAP (Security Content Automation Protocol)
+# content - security policies - on the installed system.This add-on has been enabled by default
+# since Red Hat Enterprise Linux 7.2. When enabled, the packages necessary to provide this 
+# functionality will automatically be installed. However, by default, no policies are enforced,
+# meaning that no checks are performed during or after installation unless specifically configured.
+#  
+#  Important
+#   Applying a security policy is not necessary on all systems. This screen should only be used
+#   when a specific policy is mandated by your organization rules or government regulations.
+#   Unlike most other commands, this add-on does not accept regular options, but uses key-value
+#   pairs in the body of the %addon definition instead. These pairs are whitespace-agnostic.
+#   Values can be optionally enclosed in single quotes (') or double quotes (").
+#   
+# For more details and configuration options see
+# https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/performing_an_advanced_rhel_8_installation/kickstart-commands-and-options-reference_installing-rhel-as-an-experienced-user#addon-org_fedora_oscap_kickstart-commands-for-addons-supplied-with-the-rhel-installation-program
+%addon org_fedora_oscap
+	content-type = scap-security-guide
+	profile = xccdf_org.ssgproject.content_profile_anssi_bp28_enhanced
+%end
+
+# Packages selection (%packages section is required)
+%packages
+%end
+
+# Reboot after the installation is complete (optional)
+# --eject	attempt to eject CD or DVD media before rebooting
+reboot --eject
diff --git a/products/almalinux8/kickstart/ssg-almalinux8-anssi_bp28_high-ks.cfg b/products/almalinux8/kickstart/ssg-almalinux8-anssi_bp28_high-ks.cfg
new file mode 100644
index 000000000..84196a4b0
--- /dev/null
+++ b/products/almalinux8/kickstart/ssg-almalinux8-anssi_bp28_high-ks.cfg
@@ -0,0 +1,149 @@
+# SCAP Security Guide ANSSI BP-028 (high) profile kickstart for AlmaLinux OS 8
+# Version: 0.0.1
+# Date: 2020-12-10
+#
+# Based on:
+# https://pykickstart.readthedocs.io/en/latest/
+# http://usgcb.nist.gov/usgcb/content/configuration/workstation-ks.cfg
+# For more information see the following documentation:
+# https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/security_hardening/scanning-the-system-for-configuration-compliance-and-vulnerabilities_security-hardening#deploying-baseline-compliant-rhel-systems-using-kickstart_deploying-systems-that-are-compliant-with-a-security-profile-immediately-after-an-installation
+
+# Specify installation method to use for installation
+# To use a different one comment out the 'url' one below, update
+# the selected choice with proper options & un-comment it
+#
+# Install from an installation tree on a remote server via FTP or HTTP:
+# --url		the URL to install from
+#
+# Example:
+#
+# url --url=http://192.168.122.1/image
+#
+# Modify concrete URL in the above example appropriately to reflect the actual
+# environment machine is to be installed in
+#
+# Other possible / supported installation methods:
+# * install from the first CD-ROM/DVD drive on the system:
+#
+# cdrom
+#
+# * install from a directory of ISO images on a local drive:
+#
+# harddrive --partition=hdb2 --dir=/tmp/install-tree
+#
+# * install from provided NFS server:
+#
+# nfs --server= --dir= [--opts=]
+#
+# Set language to use during installation and the default language to use on the installed system (required)
+lang en_US.UTF-8
+
+# Set system keyboard type / layout (required)
+keyboard --vckeymap us
+
+# Configure network information for target system and activate network devices in the installer environment (optional)
+# --onboot	enable device at a boot time
+# --device	device to be activated and / or configured with the network command
+# --bootproto	method to obtain networking configuration for device (default dhcp)
+# --noipv6	disable IPv6 on this device
+network --onboot yes --bootproto dhcp --noipv6
+
+# Set the system's root password (required)
+# Plaintext password is: server
+# Refer to e.g.
+#   https://pykickstart.readthedocs.io/en/latest/commands.html#rootpw
+# to see how to create encrypted password form for different plaintext password
+rootpw --iscrypted $6$0WWGZ1e6icT$1KiHZK.Nzp3HQerfiy8Ic3pOeCWeIzA.zkQ7mkvYT3bNC5UeGK2ceE5b6TkSg4D/kiSudkT04QlSKknsrNE220
+
+# The selected profile will restrict root login
+# Add a user that can login and escalate privileges
+# Plaintext password is: admin123
+user --name=admin --groups=wheel --password=$6$Ga6ZnIlytrWpuCzO$q0LqT1USHpahzUafQM9jyHCY9BiE5/ahXLNWUMiVQnFGblu0WWGZ1e6icTaCGO4GNgZNtspp1Let/qpM7FMVB0 --iscrypted
+
+# Configure firewall settings for the system (optional)
+# --enabled	reject incoming connections that are not in response to outbound requests
+# --ssh		allow sshd service through the firewall
+firewall --enabled --ssh
+
+# State of SELinux on the installed system (optional)
+# Defaults to enforcing
+selinux --enforcing
+
+# Set the system time zone (required)
+timezone --utc America/New_York
+
+# Specify how the bootloader should be installed (required)
+# Plaintext password is: password
+# Refer to e.g.
+#   grub2-mkpasswd-pbkdf2
+# to see how to create encrypted password form for different plaintext password
+bootloader --append="audit=1 audit_backlog_limit=8192" --password=grub.pbkdf2.sha512.10000.45912D32B964BA58B91EAF9847F3CCE6F4C962638922543AFFAEE4D29951757F4336C181E6FC9030E07B7D9874DAD696A1B18978D995B1D7F27AF9C38159FDF3.99F65F3896012A0A3D571A99D6E6C695F3C51BE5343A01C1B6907E1C3E1373CB7F250C2BC66C44BB876961E9071F40205006A05189E51C2C14770C70C723F3FD --iscrypted
+
+# Initialize (format) all disks (optional)
+zerombr
+
+# The following partition layout scheme assumes disk of size 20GB or larger
+# Modify size of partitions appropriately to reflect actual machine's hardware
+# 
+# Remove Linux partitions from the system prior to creating new ones (optional)
+# --linux	erase all Linux partitions
+# --initlabel	initialize the disk label to the default based on the underlying architecture
+clearpart --linux --initlabel
+
+# Create primary system partitions (required for installs)
+part /boot --fstype=xfs --size=512 --fsoptions="nodev,nosuid,noexec"
+part pv.01 --grow --size=1
+
+# Create a Logical Volume Management (LVM) group (optional)
+volgroup VolGroup pv.01
+
+# Create particular logical volumes (optional)
+logvol / --fstype=xfs --name=root --vgname=VolGroup --size=3192 --grow
+# Ensure /usr Located On Separate Partition
+logvol /usr --fstype=xfs --name=usr --vgname=VolGroup --size=6536 --fsoptions="nodev"
+# Ensure /opt Located On Separate Partition
+logvol /opt --fstype=xfs --name=opt --vgname=VolGroup --size=512 --fsoptions="nodev,nosuid"
+# Ensure /srv Located On Separate Partition
+logvol /srv --fstype=xfs --name=srv --vgname=VolGroup --size=512 --fsoptions="nodev,nosuid"
+# Ensure /home Located On Separate Partition
+logvol /home --fstype=xfs --name=home --vgname=VolGroup --size=512 --fsoptions="nodev"
+# Ensure /tmp Located On Separate Partition
+logvol /tmp --fstype=xfs --name=tmp --vgname=VolGroup --size=1024 --fsoptions="nodev,nosuid,noexec"
+# Ensure /var/tmp Located On Separate Partition
+logvol /var/tmp --fstype=xfs --name=vartmp --vgname=VolGroup --size=1024 --fsoptions="nodev,nosuid,noexec"
+# Ensure /var Located On Separate Partition
+logvol /var --fstype=xfs --name=var --vgname=VolGroup --size=3072 --fsoptions="nodev"
+# Ensure /var/log Located On Separate Partition
+logvol /var/log --fstype=xfs --name=varlog --vgname=VolGroup --size=1024 --fsoptions="nodev,nosuid,noexec"
+# Ensure /var/log/audit Located On Separate Partition
+logvol /var/log/audit --fstype=xfs --name=varlogaudit --vgname=VolGroup --size=512 --fsoptions="nodev,nosuid,noexec"
+logvol swap --name=swap --vgname=VolGroup --size=2016
+
+
+# The OpenSCAP installer add-on is used to apply SCAP (Security Content Automation Protocol)
+# content - security policies - on the installed system.This add-on has been enabled by default
+# since Red Hat Enterprise Linux 7.2. When enabled, the packages necessary to provide this 
+# functionality will automatically be installed. However, by default, no policies are enforced,
+# meaning that no checks are performed during or after installation unless specifically configured.
+#  
+#  Important
+#   Applying a security policy is not necessary on all systems. This screen should only be used
+#   when a specific policy is mandated by your organization rules or government regulations.
+#   Unlike most other commands, this add-on does not accept regular options, but uses key-value
+#   pairs in the body of the %addon definition instead. These pairs are whitespace-agnostic.
+#   Values can be optionally enclosed in single quotes (') or double quotes (").
+#   
+# For more details and configuration options see
+# https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/performing_an_advanced_rhel_8_installation/kickstart-commands-and-options-reference_installing-rhel-as-an-experienced-user#addon-org_fedora_oscap_kickstart-commands-for-addons-supplied-with-the-rhel-installation-program
+%addon org_fedora_oscap
+	content-type = scap-security-guide
+	profile = xccdf_org.ssgproject.content_profile_anssi_bp28_high
+%end
+
+# Packages selection (%packages section is required)
+%packages
+%end
+
+# Reboot after the installation is complete (optional)
+# --eject	attempt to eject CD or DVD media before rebooting
+reboot --eject
diff --git a/products/almalinux8/kickstart/ssg-almalinux8-anssi_bp28_intermediary-ks.cfg b/products/almalinux8/kickstart/ssg-almalinux8-anssi_bp28_intermediary-ks.cfg
new file mode 100644
index 000000000..b15404ecc
--- /dev/null
+++ b/products/almalinux8/kickstart/ssg-almalinux8-anssi_bp28_intermediary-ks.cfg
@@ -0,0 +1,145 @@
+# SCAP Security Guide ANSSI BP-028 (intermediary) profile kickstart for AlmaLinux OS 8
+# Version: 0.0.1
+# Date: 2021-01-28
+#
+# Based on:
+# https://pykickstart.readthedocs.io/en/latest/
+# http://usgcb.nist.gov/usgcb/content/configuration/workstation-ks.cfg
+# For more information see the following documentation:
+# https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/security_hardening/scanning-the-system-for-configuration-compliance-and-vulnerabilities_security-hardening#deploying-baseline-compliant-rhel-systems-using-kickstart_deploying-systems-that-are-compliant-with-a-security-profile-immediately-after-an-installation
+
+
+# Specify installation method to use for installation
+# To use a different one comment out the 'url' one below, update
+# the selected choice with proper options & un-comment it
+#
+# Install from an installation tree on a remote server via FTP or HTTP:
+# --url		the URL to install from
+#
+# Example:
+#
+# url --url=http://192.168.122.1/image
+#
+# Modify concrete URL in the above example appropriately to reflect the actual
+# environment machine is to be installed in
+#
+# Other possible / supported installation methods:
+# * install from the first CD-ROM/DVD drive on the system:
+#
+# cdrom
+#
+# * install from a directory of ISO images on a local drive:
+#
+# harddrive --partition=hdb2 --dir=/tmp/install-tree
+#
+# * install from provided NFS server:
+#
+# nfs --server= --dir= [--opts=]
+#
+# Set language to use during installation and the default language to use on the installed system (required)
+lang en_US.UTF-8
+
+# Set system keyboard type / layout (required)
+keyboard --vckeymap us
+
+# Configure network information for target system and activate network devices in the installer environment (optional)
+# --onboot	enable device at a boot time
+# --device	device to be activated and / or configured with the network command
+# --bootproto	method to obtain networking configuration for device (default dhcp)
+# --noipv6	disable IPv6 on this device
+network --onboot yes --bootproto dhcp --noipv6
+
+# Set the system's root password (required)
+# Plaintext password is: server
+# Refer to e.g.
+#   https://pykickstart.readthedocs.io/en/latest/commands.html#rootpw
+# to see how to create encrypted password form for different plaintext password
+rootpw --iscrypted $6$0WWGZ1e6icT$1KiHZK.Nzp3HQerfiy8Ic3pOeCWeIzA.zkQ7mkvYT3bNC5UeGK2ceE5b6TkSg4D/kiSudkT04QlSKknsrNE220
+
+# The selected profile will restrict root login
+# Add a user that can login and escalate privileges
+# Plaintext password is: admin123
+user --name=admin --groups=wheel --password=$6$Ga6ZnIlytrWpuCzO$q0LqT1USHpahzUafQM9jyHCY9BiE5/ahXLNWUMiVQnFGblu0WWGZ1e6icTaCGO4GNgZNtspp1Let/qpM7FMVB0 --iscrypted
+
+# Configure firewall settings for the system (optional)
+# --enabled	reject incoming connections that are not in response to outbound requests
+# --ssh		allow sshd service through the firewall
+firewall --enabled --ssh
+
+# Set the system time zone (required)
+timezone --utc America/New_York
+
+# Specify how the bootloader should be installed (required)
+# Plaintext password is: password
+# Refer to e.g.
+#   grub2-mkpasswd-pbkdf2
+# to see how to create encrypted password form for different plaintext password
+bootloader
+
+# Initialize (format) all disks (optional)
+zerombr
+
+# The following partition layout scheme assumes disk of size 20GB or larger
+# Modify size of partitions appropriately to reflect actual machine's hardware
+# 
+# Remove Linux partitions from the system prior to creating new ones (optional)
+# --linux	erase all Linux partitions
+# --initlabel	initialize the disk label to the default based on the underlying architecture
+clearpart --linux --initlabel
+
+# Create primary system partitions (required for installs)
+part /boot --fstype=xfs --size=512 --fsoptions="nodev,nosuid,noexec"
+part pv.01 --grow --size=1
+
+# Create a Logical Volume Management (LVM) group (optional)
+volgroup VolGroup pv.01
+
+# Create particular logical volumes (optional)
+logvol / --fstype=xfs --name=root --vgname=VolGroup --size=3192 --grow
+# Ensure /usr Located On Separate Partition
+logvol /usr --fstype=xfs --name=usr --vgname=VolGroup --size=6536 --fsoptions="nodev"
+# Ensure /opt Located On Separate Partition
+logvol /opt --fstype=xfs --name=opt --vgname=VolGroup --size=512 --fsoptions="nodev,nosuid"
+# Ensure /srv Located On Separate Partition
+logvol /srv --fstype=xfs --name=srv --vgname=VolGroup --size=512 --fsoptions="nodev,nosuid"
+# Ensure /home Located On Separate Partition
+logvol /home --fstype=xfs --name=home --vgname=VolGroup --size=512 --fsoptions="nodev"
+# Ensure /tmp Located On Separate Partition
+logvol /tmp --fstype=xfs --name=tmp --vgname=VolGroup --size=1024 --fsoptions="nodev,nosuid,noexec"
+# Ensure /var/tmp Located On Separate Partition
+logvol /var/tmp --fstype=xfs --name=vartmp --vgname=VolGroup --size=1024 --fsoptions="nodev,nosuid,noexec"
+# Ensure /var Located On Separate Partition
+logvol /var --fstype=xfs --name=var --vgname=VolGroup --size=3072 --fsoptions="nodev"
+# Ensure /var/log Located On Separate Partition
+logvol /var/log --fstype=xfs --name=varlog --vgname=VolGroup --size=1024 --fsoptions="nodev,nosuid,noexec"
+# Ensure /var/log/audit Located On Separate Partition
+logvol /var/log/audit --fstype=xfs --name=varlogaudit --vgname=VolGroup --size=512 --fsoptions="nodev,nosuid,noexec"
+logvol swap --name=swap --vgname=VolGroup --size=2016
+
+# The OpenSCAP installer add-on is used to apply SCAP (Security Content Automation Protocol)
+# content - security policies - on the installed system.This add-on has been enabled by default
+# since Red Hat Enterprise Linux 7.2. When enabled, the packages necessary to provide this 
+# functionality will automatically be installed. However, by default, no policies are enforced,
+# meaning that no checks are performed during or after installation unless specifically configured.
+#  
+#  Important
+#   Applying a security policy is not necessary on all systems. This screen should only be used
+#   when a specific policy is mandated by your organization rules or government regulations.
+#   Unlike most other commands, this add-on does not accept regular options, but uses key-value
+#   pairs in the body of the %addon definition instead. These pairs are whitespace-agnostic.
+#   Values can be optionally enclosed in single quotes (') or double quotes (").
+#   
+# For more details and configuration options see
+# https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/performing_an_advanced_rhel_8_installation/kickstart-commands-and-options-reference_installing-rhel-as-an-experienced-user#addon-org_fedora_oscap_kickstart-commands-for-addons-supplied-with-the-rhel-installation-program
+%addon org_fedora_oscap
+	content-type = scap-security-guide
+	profile = xccdf_org.ssgproject.content_profile_anssi_bp28_intermediary
+%end
+
+# Packages selection (%packages section is required)
+%packages
+%end
+
+# Reboot after the installation is complete (optional)
+# --eject	attempt to eject CD or DVD media before rebooting
+reboot --eject
diff --git a/products/almalinux8/kickstart/ssg-almalinux8-anssi_bp28_minimal-ks.cfg b/products/almalinux8/kickstart/ssg-almalinux8-anssi_bp28_minimal-ks.cfg
new file mode 100644
index 000000000..0fca2df36
--- /dev/null
+++ b/products/almalinux8/kickstart/ssg-almalinux8-anssi_bp28_minimal-ks.cfg
@@ -0,0 +1,108 @@
+# SCAP Security Guide ANSSI BP-028 (minimal) profile kickstart for AlmaLinux OS 8
+# Version: 0.0.1
+# Date: 2021-01-28
+#
+# Based on:
+# https://pykickstart.readthedocs.io/en/latest/
+# http://usgcb.nist.gov/usgcb/content/configuration/workstation-ks.cfg
+# For more information see the following documentation:
+# https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/security_hardening/scanning-the-system-for-configuration-compliance-and-vulnerabilities_security-hardening#deploying-baseline-compliant-rhel-systems-using-kickstart_deploying-systems-that-are-compliant-with-a-security-profile-immediately-after-an-installation
+
+# Specify installation method to use for installation
+# To use a different one comment out the 'url' one below, update
+# the selected choice with proper options & un-comment it
+#
+# Install from an installation tree on a remote server via FTP or HTTP:
+# --url		the URL to install from
+#
+# Example:
+#
+# url --url=http://192.168.122.1/image
+#
+# Modify concrete URL in the above example appropriately to reflect the actual
+# environment machine is to be installed in
+#
+# Other possible / supported installation methods:
+# * install from the first CD-ROM/DVD drive on the system:
+#
+# cdrom
+#
+# * install from a directory of ISO images on a local drive:
+#
+# harddrive --partition=hdb2 --dir=/tmp/install-tree
+#
+# * install from provided NFS server:
+#
+# nfs --server= --dir= [--opts=]
+#
+# Set language to use during installation and the default language to use on the installed system (required)
+lang en_US.UTF-8
+
+# Set system keyboard type / layout (required)
+keyboard --vckeymap us
+
+# Configure network information for target system and activate network devices in the installer environment (optional)
+# --onboot	enable device at a boot time
+# --device	device to be activated and / or configured with the network command
+# --bootproto	method to obtain networking configuration for device (default dhcp)
+# --noipv6	disable IPv6 on this device
+network --onboot yes --bootproto dhcp
+
+# Set the system's root password (required)
+# Plaintext password is: server
+# Refer to e.g.
+#   https://pykickstart.readthedocs.io/en/latest/commands.html#rootpw
+# to see how to create encrypted password form for different plaintext password
+rootpw --iscrypted $6$0WWGZ1e6icT$1KiHZK.Nzp3HQerfiy8Ic3pOeCWeIzA.zkQ7mkvYT3bNC5UeGK2ceE5b6TkSg4D/kiSudkT04QlSKknsrNE220
+
+# Set the system time zone (required)
+timezone --utc America/New_York
+
+# Specify how the bootloader should be installed (required)
+# Plaintext password is: password
+# Refer to e.g.
+#   grub2-mkpasswd-pbkdf2
+# to see how to create encrypted password form for different plaintext password
+bootloader
+
+# Initialize (format) all disks (optional)
+zerombr
+
+# The following partition layout scheme assumes disk of size 20GB or larger
+# Modify size of partitions appropriately to reflect actual machine's hardware
+# 
+# Remove Linux partitions from the system prior to creating new ones (optional)
+# --linux	erase all Linux partitions
+# --initlabel	initialize the disk label to the default based on the underlying architecture
+clearpart --linux --initlabel
+
+# Create primary system partitions (required for installs)
+autopart
+
+# The OpenSCAP installer add-on is used to apply SCAP (Security Content Automation Protocol)
+# content - security policies - on the installed system.This add-on has been enabled by default
+# since Red Hat Enterprise Linux 7.2. When enabled, the packages necessary to provide this 
+# functionality will automatically be installed. However, by default, no policies are enforced,
+# meaning that no checks are performed during or after installation unless specifically configured.
+#  
+#  Important
+#   Applying a security policy is not necessary on all systems. This screen should only be used
+#   when a specific policy is mandated by your organization rules or government regulations.
+#   Unlike most other commands, this add-on does not accept regular options, but uses key-value
+#   pairs in the body of the %addon definition instead. These pairs are whitespace-agnostic.
+#   Values can be optionally enclosed in single quotes (') or double quotes (").
+#   
+# For more details and configuration options see
+# https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/performing_an_advanced_rhel_8_installation/kickstart-commands-and-options-reference_installing-rhel-as-an-experienced-user#addon-org_fedora_oscap_kickstart-commands-for-addons-supplied-with-the-rhel-installation-program
+%addon org_fedora_oscap
+	content-type = scap-security-guide
+	profile = xccdf_org.ssgproject.content_profile_anssi_bp28_minimal
+%end
+
+# Packages selection (%packages section is required)
+%packages
+%end
+
+# Reboot after the installation is complete (optional)
+# --eject	attempt to eject CD or DVD media before rebooting
+reboot --eject
diff --git a/products/almalinux8/kickstart/ssg-almalinux8-cis-ks.cfg b/products/almalinux8/kickstart/ssg-almalinux8-cis-ks.cfg
new file mode 100644
index 000000000..70e4ac24c
--- /dev/null
+++ b/products/almalinux8/kickstart/ssg-almalinux8-cis-ks.cfg
@@ -0,0 +1,141 @@
+# SCAP Security Guide CIS profile (Level 2 - Server) kickstart for AlmaLinux OS 8
+# Version: 0.0.1
+# Date: 2021-08-12
+#
+# Based on:
+# https://pykickstart.readthedocs.io/en/latest/
+# For more information see the following documentation:
+# https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/security_hardening/scanning-the-system-for-configuration-compliance-and-vulnerabilities_security-hardening#deploying-baseline-compliant-rhel-systems-using-kickstart_deploying-systems-that-are-compliant-with-a-security-profile-immediately-after-an-installation
+
+# Specify installation method to use for installation
+# To use a different one comment out the 'url' one below, update
+# the selected choice with proper options & un-comment it
+#
+# Install from an installation tree on a remote server via FTP or HTTP:
+# --url		the URL to install from
+#
+# Example:
+#
+# url --url=http://192.168.122.1/image
+#
+# Modify concrete URL in the above example appropriately to reflect the actual
+# environment machine is to be installed in
+#
+# Other possible / supported installation methods:
+# * install from the first CD-ROM/DVD drive on the system:
+#
+# cdrom
+#
+# * install from a directory of ISO images on a local drive:
+#
+# harddrive --partition=hdb2 --dir=/tmp/install-tree
+#
+# * install from provided NFS server:
+#
+# nfs --server= --dir= [--opts=]
+#
+
+# Set language to use during installation and the default language to use on the installed system (required)
+lang en_US.UTF-8
+
+# Set system keyboard type / layout (required)
+keyboard --vckeymap us
+
+# Configure network information for target system and activate network devices in the installer environment (optional)
+# --onboot	enable device at a boot time
+# --device	device to be activated and / or configured with the network command
+# --bootproto	method to obtain networking configuration for device (default dhcp)
+# --noipv6	disable IPv6 on this device
+network --onboot yes --device eth0 --bootproto dhcp --noipv6
+
+# Set the system's root password (required)
+# Plaintext password is: server
+# Refer to e.g. https://pykickstart.readthedocs.io/en/latest/commands.html#rootpw to see how to create
+# encrypted password form for different plaintext password
+rootpw --iscrypted $6$/0RYeeRdK70ynvYz$jH2ZN/80HM6DjndHMxfUF9KIibwipitvizzXDH1zW.fTjyD3RD3tkNdNUaND18B/XqfAUW3vy1uebkBybCuIm0
+
+# The selected profile will restrict root login
+# Add a user that can login and escalate privileges
+# Plaintext password is: admin123
+user --name=admin --groups=wheel --password=$6$Ga6ZnIlytrWpuCzO$q0LqT1USHpahzUafQM9jyHCY9BiE5/ahXLNWUMiVQnFGblu0WWGZ1e6icTaCGO4GNgZNtspp1Let/qpM7FMVB0 --iscrypted
+
+# Configure firewall settings for the system (optional)
+# --enabled	reject incoming connections that are not in response to outbound requests
+# --ssh		allow sshd service through the firewall
+firewall --enabled --ssh
+
+# State of SELinux on the installed system (optional)
+# Defaults to enforcing
+selinux --enforcing
+
+# Set the system time zone (required)
+timezone --utc America/New_York
+
+# Specify how the bootloader should be installed (required)
+# Plaintext password is: password
+# Refer to e.g. grub2-mkpasswd-pbkdf2 to see how to create
+# encrypted password form for different plaintext password
+bootloader --password=grub.pbkdf2.sha512.10000.45912D32B964BA58B91EAF9847F3CCE6F4C962638922543AFFAEE4D29951757F4336C181E6FC9030E07B7D9874DAD696A1B18978D995B1D7F27AF9C38159FDF3.99F65F3896012A0A3D571A99D6E6C695F3C51BE5343A01C1B6907E1C3E1373CB7F250C2BC66C44BB876961E9071F40205006A05189E51C2C14770C70C723F3FD --iscrypted
+
+# Initialize (format) all disks (optional)
+zerombr
+
+# The following partition layout scheme assumes disk of size 20GB or larger
+# Modify size of partitions appropriately to reflect actual machine's hardware
+#
+# Remove Linux partitions from the system prior to creating new ones (optional)
+# --linux	erase all Linux partitions
+# --initlabel	initialize the disk label to the default based on the underlying architecture
+clearpart --linux --initlabel
+
+# Create primary system partitions (required for installs)
+part /boot --fstype=xfs --size=512
+part pv.01 --grow --size=1
+
+# Create a Logical Volume Management (LVM) group (optional)
+volgroup VolGroup pv.01
+
+# Create particular logical volumes (optional)
+logvol / --fstype=xfs --name=root --vgname=VolGroup --size=10240 --grow
+# Ensure /home Located On Separate Partition
+logvol /home --fstype=xfs --name=home --vgname=VolGroup --size=1024 --fsoptions="nodev"
+# Ensure /tmp Located On Separate Partition
+logvol /tmp --fstype=xfs --name=tmp --vgname=VolGroup --size=1024 --fsoptions="nodev,noexec,nosuid"
+# Ensure /var/tmp Located On Separate Partition
+logvol /var/tmp --fstype=xfs --name=vartmp --vgname=VolGroup --size=1024 --fsoptions="nodev,nosuid,noexec"
+# Ensure /var Located On Separate Partition
+logvol /var --fstype=xfs --name=var --vgname=VolGroup --size=3072
+# Ensure /var/log Located On Separate Partition
+logvol /var/log --fstype=xfs --name=varlog --vgname=VolGroup --size=1024
+# Ensure /var/log/audit Located On Separate Partition
+logvol /var/log/audit --fstype=xfs --name=varlogaudit --vgname=VolGroup --size=512
+logvol swap --name=swap --vgname=VolGroup --size=2016
+
+
+# The OpenSCAP installer add-on is used to apply SCAP (Security Content Automation Protocol)
+# content - security policies - on the installed system.This add-on has been enabled by default
+# since Red Hat Enterprise Linux 7.2. When enabled, the packages necessary to provide this 
+# functionality will automatically be installed. However, by default, no policies are enforced,
+# meaning that no checks are performed during or after installation unless specifically configured.
+#  
+#  Important
+#   Applying a security policy is not necessary on all systems. This screen should only be used
+#   when a specific policy is mandated by your organization rules or government regulations.
+#   Unlike most other commands, this add-on does not accept regular options, but uses key-value
+#   pairs in the body of the %addon definition instead. These pairs are whitespace-agnostic.
+#   Values can be optionally enclosed in single quotes (') or double quotes (").
+#   
+# For more details and configuration options see
+# https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/performing_an_advanced_rhel_8_installation/kickstart-commands-and-options-reference_installing-rhel-as-an-experienced-user#addon-org_fedora_oscap_kickstart-commands-for-addons-supplied-with-the-rhel-installation-program
+%addon org_fedora_oscap
+        content-type = scap-security-guide
+        profile = xccdf_org.ssgproject.content_profile_cis
+%end
+
+# Packages selection (%packages section is required)
+%packages
+%end
+
+# Reboot after the installation is complete (optional)
+# --eject	attempt to eject CD or DVD media before rebooting
+reboot --eject
diff --git a/products/almalinux8/kickstart/ssg-almalinux8-cis_server_l1-ks.cfg b/products/almalinux8/kickstart/ssg-almalinux8-cis_server_l1-ks.cfg
new file mode 100644
index 000000000..2836008e8
--- /dev/null
+++ b/products/almalinux8/kickstart/ssg-almalinux8-cis_server_l1-ks.cfg
@@ -0,0 +1,141 @@
+# SCAP Security Guide CIS profile (Level 1 - Server) kickstart for AlmaLinux OS 8
+# Version: 0.0.1
+# Date: 2021-08-12
+#
+# Based on:
+# https://pykickstart.readthedocs.io/en/latest/
+# For more information see the following documentation:
+# https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/security_hardening/scanning-the-system-for-configuration-compliance-and-vulnerabilities_security-hardening#deploying-baseline-compliant-rhel-systems-using-kickstart_deploying-systems-that-are-compliant-with-a-security-profile-immediately-after-an-installation
+
+# Specify installation method to use for installation
+# To use a different one comment out the 'url' one below, update
+# the selected choice with proper options & un-comment it
+#
+# Install from an installation tree on a remote server via FTP or HTTP:
+# --url		the URL to install from
+#
+# Example:
+#
+# url --url=http://192.168.122.1/image
+#
+# Modify concrete URL in the above example appropriately to reflect the actual
+# environment machine is to be installed in
+#
+# Other possible / supported installation methods:
+# * install from the first CD-ROM/DVD drive on the system:
+#
+# cdrom
+#
+# * install from a directory of ISO images on a local drive:
+#
+# harddrive --partition=hdb2 --dir=/tmp/install-tree
+#
+# * install from provided NFS server:
+#
+# nfs --server= --dir= [--opts=]
+#
+
+# Set language to use during installation and the default language to use on the installed system (required)
+lang en_US.UTF-8
+
+# Set system keyboard type / layout (required)
+keyboard --vckeymap us
+
+# Configure network information for target system and activate network devices in the installer environment (optional)
+# --onboot	enable device at a boot time
+# --device	device to be activated and / or configured with the network command
+# --bootproto	method to obtain networking configuration for device (default dhcp)
+# --noipv6	disable IPv6 on this device
+network --onboot yes --device eth0 --bootproto dhcp --noipv6
+
+# Set the system's root password (required)
+# Plaintext password is: server
+# Refer to e.g. https://pykickstart.readthedocs.io/en/latest/commands.html#rootpw to see how to create
+# encrypted password form for different plaintext password
+rootpw --iscrypted $6$/0RYeeRdK70ynvYz$jH2ZN/80HM6DjndHMxfUF9KIibwipitvizzXDH1zW.fTjyD3RD3tkNdNUaND18B/XqfAUW3vy1uebkBybCuIm0
+
+# The selected profile will restrict root login
+# Add a user that can login and escalate privileges
+# Plaintext password is: admin123
+user --name=admin --groups=wheel --password=$6$Ga6ZnIlytrWpuCzO$q0LqT1USHpahzUafQM9jyHCY9BiE5/ahXLNWUMiVQnFGblu0WWGZ1e6icTaCGO4GNgZNtspp1Let/qpM7FMVB0 --iscrypted
+
+# Configure firewall settings for the system (optional)
+# --enabled	reject incoming connections that are not in response to outbound requests
+# --ssh		allow sshd service through the firewall
+firewall --enabled --ssh
+
+# State of SELinux on the installed system (optional)
+# Defaults to enforcing
+selinux --enforcing
+
+# Set the system time zone (required)
+timezone --utc America/New_York
+
+# Specify how the bootloader should be installed (required)
+# Plaintext password is: password
+# Refer to e.g. grub2-mkpasswd-pbkdf2 to see how to create
+# encrypted password form for different plaintext password
+bootloader --password=grub.pbkdf2.sha512.10000.45912D32B964BA58B91EAF9847F3CCE6F4C962638922543AFFAEE4D29951757F4336C181E6FC9030E07B7D9874DAD696A1B18978D995B1D7F27AF9C38159FDF3.99F65F3896012A0A3D571A99D6E6C695F3C51BE5343A01C1B6907E1C3E1373CB7F250C2BC66C44BB876961E9071F40205006A05189E51C2C14770C70C723F3FD --iscrypted
+
+# Initialize (format) all disks (optional)
+zerombr
+
+# The following partition layout scheme assumes disk of size 20GB or larger
+# Modify size of partitions appropriately to reflect actual machine's hardware
+#
+# Remove Linux partitions from the system prior to creating new ones (optional)
+# --linux	erase all Linux partitions
+# --initlabel	initialize the disk label to the default based on the underlying architecture
+clearpart --linux --initlabel
+
+# Create primary system partitions (required for installs)
+part /boot --fstype=xfs --size=512
+part pv.01 --grow --size=1
+
+# Create a Logical Volume Management (LVM) group (optional)
+volgroup VolGroup pv.01
+
+# Create particular logical volumes (optional)
+logvol / --fstype=xfs --name=root --vgname=VolGroup --size=10240 --grow
+# Ensure /home Located On Separate Partition
+logvol /home --fstype=xfs --name=home --vgname=VolGroup --size=1024 --fsoptions="nodev"
+# Ensure /tmp Located On Separate Partition
+logvol /tmp --fstype=xfs --name=tmp --vgname=VolGroup --size=1024 --fsoptions="nodev,noexec,nosuid"
+# Ensure /var/tmp Located On Separate Partition
+logvol /var/tmp --fstype=xfs --name=vartmp --vgname=VolGroup --size=1024 --fsoptions="nodev,nosuid,noexec"
+# Ensure /var Located On Separate Partition
+logvol /var --fstype=xfs --name=var --vgname=VolGroup --size=3072
+# Ensure /var/log Located On Separate Partition
+logvol /var/log --fstype=xfs --name=varlog --vgname=VolGroup --size=1024
+# Ensure /var/log/audit Located On Separate Partition
+logvol /var/log/audit --fstype=xfs --name=varlogaudit --vgname=VolGroup --size=512
+logvol swap --name=swap --vgname=VolGroup --size=2016
+
+
+# The OpenSCAP installer add-on is used to apply SCAP (Security Content Automation Protocol)
+# content - security policies - on the installed system.This add-on has been enabled by default
+# since Red Hat Enterprise Linux 7.2. When enabled, the packages necessary to provide this 
+# functionality will automatically be installed. However, by default, no policies are enforced,
+# meaning that no checks are performed during or after installation unless specifically configured.
+#  
+#  Important
+#   Applying a security policy is not necessary on all systems. This screen should only be used
+#   when a specific policy is mandated by your organization rules or government regulations.
+#   Unlike most other commands, this add-on does not accept regular options, but uses key-value
+#   pairs in the body of the %addon definition instead. These pairs are whitespace-agnostic.
+#   Values can be optionally enclosed in single quotes (') or double quotes (").
+#   
+# For more details and configuration options see
+# https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/performing_an_advanced_rhel_8_installation/kickstart-commands-and-options-reference_installing-rhel-as-an-experienced-user#addon-org_fedora_oscap_kickstart-commands-for-addons-supplied-with-the-rhel-installation-program
+%addon org_fedora_oscap
+        content-type = scap-security-guide
+        profile = xccdf_org.ssgproject.content_profile_cis_server_l1
+%end
+
+# Packages selection (%packages section is required)
+%packages
+%end
+
+# Reboot after the installation is complete (optional)
+# --eject	attempt to eject CD or DVD media before rebooting
+reboot --eject
diff --git a/products/almalinux8/kickstart/ssg-almalinux8-cis_workstation_l1-ks.cfg b/products/almalinux8/kickstart/ssg-almalinux8-cis_workstation_l1-ks.cfg
new file mode 100644
index 000000000..c6d5f9f2c
--- /dev/null
+++ b/products/almalinux8/kickstart/ssg-almalinux8-cis_workstation_l1-ks.cfg
@@ -0,0 +1,141 @@
+# SCAP Security Guide CIS profile (Level 1 - Workstation) kickstart for AlmaLinux OS 8
+# Version: 0.0.1
+# Date: 2021-08-12
+#
+# Based on:
+# https://pykickstart.readthedocs.io/en/latest/
+# For more information see the following documentation:
+# https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/security_hardening/scanning-the-system-for-configuration-compliance-and-vulnerabilities_security-hardening#deploying-baseline-compliant-rhel-systems-using-kickstart_deploying-systems-that-are-compliant-with-a-security-profile-immediately-after-an-installation
+
+# Specify installation method to use for installation
+# To use a different one comment out the 'url' one below, update
+# the selected choice with proper options & un-comment it
+#
+# Install from an installation tree on a remote server via FTP or HTTP:
+# --url		the URL to install from
+#
+# Example:
+#
+# url --url=http://192.168.122.1/image
+#
+# Modify concrete URL in the above example appropriately to reflect the actual
+# environment machine is to be installed in
+#
+# Other possible / supported installation methods:
+# * install from the first CD-ROM/DVD drive on the system:
+#
+# cdrom
+#
+# * install from a directory of ISO images on a local drive:
+#
+# harddrive --partition=hdb2 --dir=/tmp/install-tree
+#
+# * install from provided NFS server:
+#
+# nfs --server= --dir= [--opts=]
+#
+
+# Set language to use during installation and the default language to use on the installed system (required)
+lang en_US.UTF-8
+
+# Set system keyboard type / layout (required)
+keyboard --vckeymap us
+
+# Configure network information for target system and activate network devices in the installer environment (optional)
+# --onboot	enable device at a boot time
+# --device	device to be activated and / or configured with the network command
+# --bootproto	method to obtain networking configuration for device (default dhcp)
+# --noipv6	disable IPv6 on this device
+network --onboot yes --device eth0 --bootproto dhcp --noipv6
+
+# Set the system's root password (required)
+# Plaintext password is: server
+# Refer to e.g. https://pykickstart.readthedocs.io/en/latest/commands.html#rootpw to see how to create
+# encrypted password form for different plaintext password
+rootpw --iscrypted $6$/0RYeeRdK70ynvYz$jH2ZN/80HM6DjndHMxfUF9KIibwipitvizzXDH1zW.fTjyD3RD3tkNdNUaND18B/XqfAUW3vy1uebkBybCuIm0
+
+# The selected profile will restrict root login
+# Add a user that can login and escalate privileges
+# Plaintext password is: admin123
+user --name=admin --groups=wheel --password=$6$Ga6ZnIlytrWpuCzO$q0LqT1USHpahzUafQM9jyHCY9BiE5/ahXLNWUMiVQnFGblu0WWGZ1e6icTaCGO4GNgZNtspp1Let/qpM7FMVB0 --iscrypted
+
+# Configure firewall settings for the system (optional)
+# --enabled	reject incoming connections that are not in response to outbound requests
+# --ssh		allow sshd service through the firewall
+firewall --enabled --ssh
+
+# State of SELinux on the installed system (optional)
+# Defaults to enforcing
+selinux --enforcing
+
+# Set the system time zone (required)
+timezone --utc America/New_York
+
+# Specify how the bootloader should be installed (required)
+# Plaintext password is: password
+# Refer to e.g. grub2-mkpasswd-pbkdf2 to see how to create
+# encrypted password form for different plaintext password
+bootloader --password=grub.pbkdf2.sha512.10000.45912D32B964BA58B91EAF9847F3CCE6F4C962638922543AFFAEE4D29951757F4336C181E6FC9030E07B7D9874DAD696A1B18978D995B1D7F27AF9C38159FDF3.99F65F3896012A0A3D571A99D6E6C695F3C51BE5343A01C1B6907E1C3E1373CB7F250C2BC66C44BB876961E9071F40205006A05189E51C2C14770C70C723F3FD --iscrypted
+
+# Initialize (format) all disks (optional)
+zerombr
+
+# The following partition layout scheme assumes disk of size 20GB or larger
+# Modify size of partitions appropriately to reflect actual machine's hardware
+#
+# Remove Linux partitions from the system prior to creating new ones (optional)
+# --linux	erase all Linux partitions
+# --initlabel	initialize the disk label to the default based on the underlying architecture
+clearpart --linux --initlabel
+
+# Create primary system partitions (required for installs)
+part /boot --fstype=xfs --size=512
+part pv.01 --grow --size=1
+
+# Create a Logical Volume Management (LVM) group (optional)
+volgroup VolGroup pv.01
+
+# Create particular logical volumes (optional)
+logvol / --fstype=xfs --name=root --vgname=VolGroup --size=10240 --grow
+# Ensure /home Located On Separate Partition
+logvol /home --fstype=xfs --name=home --vgname=VolGroup --size=1024 --fsoptions="nodev"
+# Ensure /tmp Located On Separate Partition
+logvol /tmp --fstype=xfs --name=tmp --vgname=VolGroup --size=1024 --fsoptions="nodev,noexec,nosuid"
+# Ensure /var/tmp Located On Separate Partition
+logvol /var/tmp --fstype=xfs --name=vartmp --vgname=VolGroup --size=1024 --fsoptions="nodev,nosuid,noexec"
+# Ensure /var Located On Separate Partition
+logvol /var --fstype=xfs --name=var --vgname=VolGroup --size=3072
+# Ensure /var/log Located On Separate Partition
+logvol /var/log --fstype=xfs --name=varlog --vgname=VolGroup --size=1024
+# Ensure /var/log/audit Located On Separate Partition
+logvol /var/log/audit --fstype=xfs --name=varlogaudit --vgname=VolGroup --size=512
+logvol swap --name=swap --vgname=VolGroup --size=2016
+
+
+# The OpenSCAP installer add-on is used to apply SCAP (Security Content Automation Protocol)
+# content - security policies - on the installed system.This add-on has been enabled by default
+# since Red Hat Enterprise Linux 7.2. When enabled, the packages necessary to provide this 
+# functionality will automatically be installed. However, by default, no policies are enforced,
+# meaning that no checks are performed during or after installation unless specifically configured.
+#  
+#  Important
+#   Applying a security policy is not necessary on all systems. This screen should only be used
+#   when a specific policy is mandated by your organization rules or government regulations.
+#   Unlike most other commands, this add-on does not accept regular options, but uses key-value
+#   pairs in the body of the %addon definition instead. These pairs are whitespace-agnostic.
+#   Values can be optionally enclosed in single quotes (') or double quotes (").
+#   
+# For more details and configuration options see
+# https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/performing_an_advanced_rhel_8_installation/kickstart-commands-and-options-reference_installing-rhel-as-an-experienced-user#addon-org_fedora_oscap_kickstart-commands-for-addons-supplied-with-the-rhel-installation-program
+%addon org_fedora_oscap
+        content-type = scap-security-guide
+        profile = xccdf_org.ssgproject.content_profile_cis_workstation_l1
+%end
+
+# Packages selection (%packages section is required)
+%packages
+%end
+
+# Reboot after the installation is complete (optional)
+# --eject	attempt to eject CD or DVD media before rebooting
+reboot --eject
diff --git a/products/almalinux8/kickstart/ssg-almalinux8-cis_workstation_l2-ks.cfg b/products/almalinux8/kickstart/ssg-almalinux8-cis_workstation_l2-ks.cfg
new file mode 100644
index 000000000..523b424a2
--- /dev/null
+++ b/products/almalinux8/kickstart/ssg-almalinux8-cis_workstation_l2-ks.cfg
@@ -0,0 +1,141 @@
+# SCAP Security Guide CIS profile (Level 2 - Workstation) kickstart for AlmaLinux OS 8
+# Version: 0.0.1
+# Date: 2021-08-12
+#
+# Based on:
+# https://pykickstart.readthedocs.io/en/latest/
+# For more information see the following documentation:
+# https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/security_hardening/scanning-the-system-for-configuration-compliance-and-vulnerabilities_security-hardening#deploying-baseline-compliant-rhel-systems-using-kickstart_deploying-systems-that-are-compliant-with-a-security-profile-immediately-after-an-installation
+
+# Specify installation method to use for installation
+# To use a different one comment out the 'url' one below, update
+# the selected choice with proper options & un-comment it
+#
+# Install from an installation tree on a remote server via FTP or HTTP:
+# --url		the URL to install from
+#
+# Example:
+#
+# url --url=http://192.168.122.1/image
+#
+# Modify concrete URL in the above example appropriately to reflect the actual
+# environment machine is to be installed in
+#
+# Other possible / supported installation methods:
+# * install from the first CD-ROM/DVD drive on the system:
+#
+# cdrom
+#
+# * install from a directory of ISO images on a local drive:
+#
+# harddrive --partition=hdb2 --dir=/tmp/install-tree
+#
+# * install from provided NFS server:
+#
+# nfs --server= --dir= [--opts=]
+#
+
+# Set language to use during installation and the default language to use on the installed system (required)
+lang en_US.UTF-8
+
+# Set system keyboard type / layout (required)
+keyboard --vckeymap us
+
+# Configure network information for target system and activate network devices in the installer environment (optional)
+# --onboot	enable device at a boot time
+# --device	device to be activated and / or configured with the network command
+# --bootproto	method to obtain networking configuration for device (default dhcp)
+# --noipv6	disable IPv6 on this device
+network --onboot yes --device eth0 --bootproto dhcp --noipv6
+
+# Set the system's root password (required)
+# Plaintext password is: server
+# Refer to e.g. https://pykickstart.readthedocs.io/en/latest/commands.html#rootpw to see how to create
+# encrypted password form for different plaintext password
+rootpw --iscrypted $6$/0RYeeRdK70ynvYz$jH2ZN/80HM6DjndHMxfUF9KIibwipitvizzXDH1zW.fTjyD3RD3tkNdNUaND18B/XqfAUW3vy1uebkBybCuIm0
+
+# The selected profile will restrict root login
+# Add a user that can login and escalate privileges
+# Plaintext password is: admin123
+user --name=admin --groups=wheel --password=$6$Ga6ZnIlytrWpuCzO$q0LqT1USHpahzUafQM9jyHCY9BiE5/ahXLNWUMiVQnFGblu0WWGZ1e6icTaCGO4GNgZNtspp1Let/qpM7FMVB0 --iscrypted
+
+# Configure firewall settings for the system (optional)
+# --enabled	reject incoming connections that are not in response to outbound requests
+# --ssh		allow sshd service through the firewall
+firewall --enabled --ssh
+
+# State of SELinux on the installed system (optional)
+# Defaults to enforcing
+selinux --enforcing
+
+# Set the system time zone (required)
+timezone --utc America/New_York
+
+# Specify how the bootloader should be installed (required)
+# Plaintext password is: password
+# Refer to e.g. grub2-mkpasswd-pbkdf2 to see how to create
+# encrypted password form for different plaintext password
+bootloader --password=grub.pbkdf2.sha512.10000.45912D32B964BA58B91EAF9847F3CCE6F4C962638922543AFFAEE4D29951757F4336C181E6FC9030E07B7D9874DAD696A1B18978D995B1D7F27AF9C38159FDF3.99F65F3896012A0A3D571A99D6E6C695F3C51BE5343A01C1B6907E1C3E1373CB7F250C2BC66C44BB876961E9071F40205006A05189E51C2C14770C70C723F3FD --iscrypted
+
+# Initialize (format) all disks (optional)
+zerombr
+
+# The following partition layout scheme assumes disk of size 20GB or larger
+# Modify size of partitions appropriately to reflect actual machine's hardware
+#
+# Remove Linux partitions from the system prior to creating new ones (optional)
+# --linux	erase all Linux partitions
+# --initlabel	initialize the disk label to the default based on the underlying architecture
+clearpart --linux --initlabel
+
+# Create primary system partitions (required for installs)
+part /boot --fstype=xfs --size=512
+part pv.01 --grow --size=1
+
+# Create a Logical Volume Management (LVM) group (optional)
+volgroup VolGroup pv.01
+
+# Create particular logical volumes (optional)
+logvol / --fstype=xfs --name=root --vgname=VolGroup --size=10240 --grow
+# Ensure /home Located On Separate Partition
+logvol /home --fstype=xfs --name=home --vgname=VolGroup --size=1024 --fsoptions="nodev"
+# Ensure /tmp Located On Separate Partition
+logvol /tmp --fstype=xfs --name=tmp --vgname=VolGroup --size=1024 --fsoptions="nodev,noexec,nosuid"
+# Ensure /var/tmp Located On Separate Partition
+logvol /var/tmp --fstype=xfs --name=vartmp --vgname=VolGroup --size=1024 --fsoptions="nodev,nosuid,noexec"
+# Ensure /var Located On Separate Partition
+logvol /var --fstype=xfs --name=var --vgname=VolGroup --size=3072
+# Ensure /var/log Located On Separate Partition
+logvol /var/log --fstype=xfs --name=varlog --vgname=VolGroup --size=1024
+# Ensure /var/log/audit Located On Separate Partition
+logvol /var/log/audit --fstype=xfs --name=varlogaudit --vgname=VolGroup --size=512
+logvol swap --name=swap --vgname=VolGroup --size=2016
+
+
+# The OpenSCAP installer add-on is used to apply SCAP (Security Content Automation Protocol)
+# content - security policies - on the installed system.This add-on has been enabled by default
+# since Red Hat Enterprise Linux 7.2. When enabled, the packages necessary to provide this 
+# functionality will automatically be installed. However, by default, no policies are enforced,
+# meaning that no checks are performed during or after installation unless specifically configured.
+#  
+#  Important
+#   Applying a security policy is not necessary on all systems. This screen should only be used
+#   when a specific policy is mandated by your organization rules or government regulations.
+#   Unlike most other commands, this add-on does not accept regular options, but uses key-value
+#   pairs in the body of the %addon definition instead. These pairs are whitespace-agnostic.
+#   Values can be optionally enclosed in single quotes (') or double quotes (").
+#   
+# For more details and configuration options see
+# https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/performing_an_advanced_rhel_8_installation/kickstart-commands-and-options-reference_installing-rhel-as-an-experienced-user#addon-org_fedora_oscap_kickstart-commands-for-addons-supplied-with-the-rhel-installation-program
+%addon org_fedora_oscap
+        content-type = scap-security-guide
+        profile = xccdf_org.ssgproject.content_profile_cis_workstation_l2
+%end
+
+# Packages selection (%packages section is required)
+%packages
+%end
+
+# Reboot after the installation is complete (optional)
+# --eject	attempt to eject CD or DVD media before rebooting
+reboot --eject
diff --git a/products/almalinux8/kickstart/ssg-almalinux8-cui-ks.cfg b/products/almalinux8/kickstart/ssg-almalinux8-cui-ks.cfg
new file mode 100644
index 000000000..dc63ba2ed
--- /dev/null
+++ b/products/almalinux8/kickstart/ssg-almalinux8-cui-ks.cfg
@@ -0,0 +1,139 @@
+# SCAP Security Guide CUI profile kickstart for AlmaLinux OS 8
+#
+# Based on:
+# https://pykickstart.readthedocs.io/en/latest/
+# http://usgcb.nist.gov/usgcb/content/configuration/workstation-ks.cfg
+# For more information see the following documentation:
+# https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/security_hardening/scanning-the-system-for-configuration-compliance-and-vulnerabilities_security-hardening#deploying-baseline-compliant-rhel-systems-using-kickstart_deploying-systems-that-are-compliant-with-a-security-profile-immediately-after-an-installation
+
+# Specify installation method to use for installation
+# To use a different one comment out the 'url' one below, update
+# the selected choice with proper options & un-comment it
+#
+# Install from an installation tree on a remote server via FTP or HTTP:
+# --url		the URL to install from
+#
+# Example:
+#
+# url --url=http://192.168.122.1/image
+#
+# Modify concrete URL in the above example appropriately to reflect the actual
+# environment machine is to be installed in
+#
+# Other possible / supported installation methods:
+# * install from the first CD-ROM/DVD drive on the system:
+#
+# cdrom
+#
+# * install from a directory of ISO images on a local drive:
+#
+# harddrive --partition=hdb2 --dir=/tmp/install-tree
+#
+# * install from provided NFS server:
+#
+# nfs --server= --dir= [--opts=]
+#
+# Set language to use during installation and the default language to use on the installed system (required)
+lang en_US.UTF-8
+
+# Set system keyboard type / layout (required)
+keyboard --vckeymap us
+
+# Configure network information for target system and activate network devices in the installer environment (optional)
+# --onboot	enable device at a boot time
+# --device	device to be activated and / or configured with the network command
+# --bootproto	method to obtain networking configuration for device (default dhcp)
+# --noipv6	disable IPv6 on this device
+network --onboot yes --bootproto dhcp
+
+# Set the system's root password (required)
+# Plaintext password is: server
+# Refer to e.g.
+#   https://pykickstart.readthedocs.io/en/latest/commands.html#rootpw
+# to see how to create encrypted password form for different plaintext password
+rootpw --iscrypted $6$0WWGZ1e6icT$1KiHZK.Nzp3HQerfiy8Ic3pOeCWeIzA.zkQ7mkvYT3bNC5UeGK2ceE5b6TkSg4D/kiSudkT04QlSKknsrNE220
+
+# The selected profile will restrict root login
+# Add a user that can login and escalate privileges
+# Plaintext password is: admin123
+user --name=admin --groups=wheel --password=$6$Ga6ZnIlytrWpuCzO$q0LqT1USHpahzUafQM9jyHCY9BiE5/ahXLNWUMiVQnFGblu0WWGZ1e6icTaCGO4GNgZNtspp1Let/qpM7FMVB0 --iscrypted
+
+# Configure firewall settings for the system (optional)
+# --enabled	reject incoming connections that are not in response to outbound requests
+# --ssh		allow sshd service through the firewall
+firewall --enabled --ssh
+
+# State of SELinux on the installed system (optional)
+# Defaults to enforcing
+selinux --enforcing
+
+# Set the system time zone (required)
+timezone --utc America/New_York
+
+# Specify how the bootloader should be installed (required)
+# Refer to e.g.
+#   grub2-mkpasswd-pbkdf2
+# to see how to create encrypted password form for different plaintext password
+bootloader --append="audit=1 audit_backlog_limit=8192 slub_debug=P page_poison=1 vsyscall=none"
+
+# Initialize (format) all disks (optional)
+zerombr
+
+# The following partition layout scheme assumes disk of size 20GB or larger
+# Modify size of partitions appropriately to reflect actual machine's hardware
+# 
+# Remove Linux partitions from the system prior to creating new ones (optional)
+# --linux	erase all Linux partitions
+# --initlabel	initialize the disk label to the default based on the underlying architecture
+clearpart --linux --initlabel
+
+# Create primary system partitions (required for installs)
+part /boot --fstype=xfs --size=512
+part pv.01 --grow --size=1
+
+# Create a Logical Volume Management (LVM) group (optional)
+volgroup VolGroup pv.01
+
+# Create particular logical volumes (optional)
+logvol / --fstype=xfs --name=root --vgname=VolGroup --size=10240 --grow
+# Ensure /home Located On Separate Partition
+logvol /home --fstype=xfs --name=home --vgname=VolGroup --size=1024 --fsoptions="nodev"
+# Ensure /tmp Located On Separate Partition
+logvol /tmp --fstype=xfs --name=tmp --vgname=VolGroup --size=1024 --fsoptions="nodev,nosuid,noexec"
+# Ensure /var/tmp Located On Separate Partition
+logvol /var/tmp --fstype=xfs --name=vartmp --vgname=VolGroup --size=1024 --fsoptions="nodev,nosuid,noexec"
+# Ensure /var Located On Separate Partition
+logvol /var --fstype=xfs --name=var --vgname=VolGroup --size=3072 --fsoptions="nodev"
+# Ensure /var/log Located On Separate Partition
+logvol /var/log --fstype=xfs --name=varlog --vgname=VolGroup --size=1024 --fsoptions="nodev,nosuid,noexec"
+# Ensure /var/log/audit Located On Separate Partition
+logvol /var/log/audit --fstype=xfs --name=varlogaudit --vgname=VolGroup --size=512 --fsoptions="nodev,nosuid,noexec"
+logvol swap --name=swap --vgname=VolGroup --size=2016
+
+# The OpenSCAP installer add-on is used to apply SCAP (Security Content Automation Protocol)
+# content - security policies - on the installed system.This add-on has been enabled by default
+# since Red Hat Enterprise Linux 7.2. When enabled, the packages necessary to provide this 
+# functionality will automatically be installed. However, by default, no policies are enforced,
+# meaning that no checks are performed during or after installation unless specifically configured.
+#  
+#  Important
+#   Applying a security policy is not necessary on all systems. This screen should only be used
+#   when a specific policy is mandated by your organization rules or government regulations.
+#   Unlike most other commands, this add-on does not accept regular options, but uses key-value
+#   pairs in the body of the %addon definition instead. These pairs are whitespace-agnostic.
+#   Values can be optionally enclosed in single quotes (') or double quotes (").
+#   
+# For more details and configuration options see
+# https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/performing_an_advanced_rhel_8_installation/kickstart-commands-and-options-reference_installing-rhel-as-an-experienced-user#addon-org_fedora_oscap_kickstart-commands-for-addons-supplied-with-the-rhel-installation-program
+%addon org_fedora_oscap
+	content-type = scap-security-guide
+	profile = xccdf_org.ssgproject.content_profile_cui
+%end
+
+# Packages selection (%packages section is required)
+%packages
+%end
+
+# Reboot after the installation is complete (optional)
+# --eject	attempt to eject CD or DVD media before rebooting
+reboot --eject
diff --git a/products/almalinux8/kickstart/ssg-almalinux8-e8-ks.cfg b/products/almalinux8/kickstart/ssg-almalinux8-e8-ks.cfg
new file mode 100644
index 000000000..2b41b5717
--- /dev/null
+++ b/products/almalinux8/kickstart/ssg-almalinux8-e8-ks.cfg
@@ -0,0 +1,120 @@
+# SCAP Security Guide Essential Eight profile kickstart for AlmaLinux OS 8
+# Version: 0.0.1
+# Date: 2019-11-13
+#
+# Based on:
+# https://pykickstart.readthedocs.io/en/latest/
+# For more information see the following documentation:
+# https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/security_hardening/scanning-the-system-for-configuration-compliance-and-vulnerabilities_security-hardening#deploying-baseline-compliant-rhel-systems-using-kickstart_deploying-systems-that-are-compliant-with-a-security-profile-immediately-after-an-installation
+
+# Specify installation method to use for installation
+# To use a different one comment out the 'url' one below, update
+# the selected choice with proper options & un-comment it
+#
+# Install from an installation tree on a remote server via FTP or HTTP:
+# --url		the URL to install from
+#
+# Example:
+#
+# url --url=http://192.168.122.1/image
+#
+# Modify concrete URL in the above example appropriately to reflect the actual
+# environment machine is to be installed in
+#
+# Other possible / supported installation methods:
+# * install from the first CD-ROM/DVD drive on the system:
+#
+# cdrom
+#
+# * install from a directory of ISO images on a local drive:
+#
+# harddrive --partition=hdb2 --dir=/tmp/install-tree
+#
+# * install from provided NFS server:
+#
+# nfs --server= --dir= [--opts=]
+#
+
+# Set language to use during installation and the default language to use on the installed system (required)
+lang en_US.UTF-8
+
+# Set system keyboard type / layout (required)
+keyboard --vckeymap us
+
+# Configure network information for target system and activate network devices in the installer environment (optional)
+# --onboot	enable device at a boot time
+# --device	device to be activated and / or configured with the network command
+# --bootproto	method to obtain networking configuration for device (default dhcp)
+# --noipv6	disable IPv6 on this device
+network --onboot yes --device eth0 --bootproto dhcp --noipv6
+
+# Set the system's root password (required)
+# Plaintext password is: server
+# Refer to e.g. https://pykickstart.readthedocs.io/en/latest/commands.html#rootpw to see how to create
+# encrypted password form for different plaintext password
+rootpw --iscrypted $6$/0RYeeRdK70ynvYz$jH2ZN/80HM6DjndHMxfUF9KIibwipitvizzXDH1zW.fTjyD3RD3tkNdNUaND18B/XqfAUW3vy1uebkBybCuIm0
+
+# The selected profile will restrict root login
+# Add a user that can login and escalate privileges
+# Plaintext password is: admin123
+user --name=admin --groups=wheel --password=$6$Ga6ZnIlytrWpuCzO$q0LqT1USHpahzUafQM9jyHCY9BiE5/ahXLNWUMiVQnFGblu0WWGZ1e6icTaCGO4GNgZNtspp1Let/qpM7FMVB0 --iscrypted
+
+# Configure firewall settings for the system (optional)
+# --enabled	reject incoming connections that are not in response to outbound requests
+# --ssh		allow sshd service through the firewall
+firewall --enabled --ssh
+
+# State of SELinux on the installed system (optional)
+# Defaults to enforcing
+selinux --enforcing
+
+# Set the system time zone (required)
+timezone --utc America/New_York
+
+# Specify how the bootloader should be installed (required)
+# Plaintext password is: password
+# Refer to e.g. grub2-mkpasswd-pbkdf2 to see how to create
+# encrypted password form for different plaintext password
+bootloader --password=grub.pbkdf2.sha512.10000.45912D32B964BA58B91EAF9847F3CCE6F4C962638922543AFFAEE4D29951757F4336C181E6FC9030E07B7D9874DAD696A1B18978D995B1D7F27AF9C38159FDF3.99F65F3896012A0A3D571A99D6E6C695F3C51BE5343A01C1B6907E1C3E1373CB7F250C2BC66C44BB876961E9071F40205006A05189E51C2C14770C70C723F3FD --iscrypted
+
+# Initialize (format) all disks (optional)
+zerombr
+
+# The following partition layout scheme assumes disk of size 20GB or larger
+# Modify size of partitions appropriately to reflect actual machine's hardware
+# 
+# Remove Linux partitions from the system prior to creating new ones (optional)
+# --linux	erase all Linux partitions
+# --initlabel	initialize the disk label to the default based on the underlying architecture
+clearpart --linux --initlabel
+
+# Create primary system partitions (required for installs)
+autopart
+
+# The OpenSCAP installer add-on is used to apply SCAP (Security Content Automation Protocol)
+# content - security policies - on the installed system.This add-on has been enabled by default
+# since Red Hat Enterprise Linux 7.2. When enabled, the packages necessary to provide this 
+# functionality will automatically be installed. However, by default, no policies are enforced,
+# meaning that no checks are performed during or after installation unless specifically configured.
+#  
+#  Important
+#   Applying a security policy is not necessary on all systems. This screen should only be used
+#   when a specific policy is mandated by your organization rules or government regulations.
+#   Unlike most other commands, this add-on does not accept regular options, but uses key-value
+#   pairs in the body of the %addon definition instead. These pairs are whitespace-agnostic.
+#   Values can be optionally enclosed in single quotes (') or double quotes (").
+#   
+# For more details and configuration options see
+# https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/performing_an_advanced_rhel_8_installation/kickstart-commands-and-options-reference_installing-rhel-as-an-experienced-user#addon-org_fedora_oscap_kickstart-commands-for-addons-supplied-with-the-rhel-installation-program
+%addon org_fedora_oscap
+        content-type = scap-security-guide
+        profile = xccdf_org.ssgproject.content_profile_e8
+%end
+
+# Packages selection (%packages section is required)
+%packages
+%end
+
+# Reboot after the installation is complete (optional)
+# --eject	attempt to eject CD or DVD media before rebooting
+reboot --eject
diff --git a/products/almalinux8/kickstart/ssg-almalinux8-hipaa-ks.cfg b/products/almalinux8/kickstart/ssg-almalinux8-hipaa-ks.cfg
new file mode 100644
index 000000000..07f7bd67d
--- /dev/null
+++ b/products/almalinux8/kickstart/ssg-almalinux8-hipaa-ks.cfg
@@ -0,0 +1,120 @@
+# SCAP Security Guide HIPAA profile kickstart for AlmaLinux OS 8
+# Version: 0.0.1
+# Date: 2020-05-25
+#
+# Based on:
+# https://pykickstart.readthedocs.io/en/latest/
+# For more information see the following documentation:
+# https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/security_hardening/scanning-the-system-for-configuration-compliance-and-vulnerabilities_security-hardening#deploying-baseline-compliant-rhel-systems-using-kickstart_deploying-systems-that-are-compliant-with-a-security-profile-immediately-after-an-installation
+
+# Specify installation method to use for installation
+# To use a different one comment out the 'url' one below, update
+# the selected choice with proper options & un-comment it
+#
+# Install from an installation tree on a remote server via FTP or HTTP:
+# --url		the URL to install from
+#
+# Example:
+#
+# url --url=http://192.168.122.1/image
+#
+# Modify concrete URL in the above example appropriately to reflect the actual
+# environment machine is to be installed in
+#
+# Other possible / supported installation methods:
+# * install from the first CD-ROM/DVD drive on the system:
+#
+# cdrom
+#
+# * install from a directory of ISO images on a local drive:
+#
+# harddrive --partition=hdb2 --dir=/tmp/install-tree
+#
+# * install from provided NFS server:
+#
+# nfs --server= --dir= [--opts=]
+#
+
+# Set language to use during installation and the default language to use on the installed system (required)
+lang en_US.UTF-8
+
+# Set system keyboard type / layout (required)
+keyboard --vckeymap us
+
+# Configure network information for target system and activate network devices in the installer environment (optional)
+# --onboot	enable device at a boot time
+# --device	device to be activated and / or configured with the network command
+# --bootproto	method to obtain networking configuration for device (default dhcp)
+# --noipv6	disable IPv6 on this device
+network --onboot yes --device eth0 --bootproto dhcp --noipv6
+
+# Set the system's root password (required)
+# Plaintext password is: server
+# Refer to e.g. https://pykickstart.readthedocs.io/en/latest/commands.html#rootpw to see how to create
+# encrypted password form for different plaintext password
+rootpw --iscrypted $6$/0RYeeRdK70ynvYz$jH2ZN/80HM6DjndHMxfUF9KIibwipitvizzXDH1zW.fTjyD3RD3tkNdNUaND18B/XqfAUW3vy1uebkBybCuIm0
+
+# The selected profile will restrict root login
+# Add a user that can login and escalate privileges
+# Plaintext password is: admin123
+user --name=admin --groups=wheel --password=$6$Ga6ZnIlytrWpuCzO$q0LqT1USHpahzUafQM9jyHCY9BiE5/ahXLNWUMiVQnFGblu0WWGZ1e6icTaCGO4GNgZNtspp1Let/qpM7FMVB0 --iscrypted
+
+# Configure firewall settings for the system (optional)
+# --enabled	reject incoming connections that are not in response to outbound requests
+# --ssh		allow sshd service through the firewall
+firewall --enabled --ssh
+
+# State of SELinux on the installed system (optional)
+# Defaults to enforcing
+selinux --enforcing
+
+# Set the system time zone (required)
+timezone --utc America/New_York
+
+# Specify how the bootloader should be installed (required)
+# Plaintext password is: password
+# Refer to e.g. grub2-mkpasswd-pbkdf2 to see how to create
+# encrypted password form for different plaintext password
+bootloader --password=grub.pbkdf2.sha512.10000.45912D32B964BA58B91EAF9847F3CCE6F4C962638922543AFFAEE4D29951757F4336C181E6FC9030E07B7D9874DAD696A1B18978D995B1D7F27AF9C38159FDF3.99F65F3896012A0A3D571A99D6E6C695F3C51BE5343A01C1B6907E1C3E1373CB7F250C2BC66C44BB876961E9071F40205006A05189E51C2C14770C70C723F3FD --iscrypted
+
+# Initialize (format) all disks (optional)
+zerombr
+
+# The following partition layout scheme assumes disk of size 20GB or larger
+# Modify size of partitions appropriately to reflect actual machine's hardware
+# 
+# Remove Linux partitions from the system prior to creating new ones (optional)
+# --linux	erase all Linux partitions
+# --initlabel	initialize the disk label to the default based on the underlying architecture
+clearpart --linux --initlabel
+
+# Create primary system partitions (required for installs)
+autopart
+
+# The OpenSCAP installer add-on is used to apply SCAP (Security Content Automation Protocol)
+# content - security policies - on the installed system.This add-on has been enabled by default
+# since Red Hat Enterprise Linux 7.2. When enabled, the packages necessary to provide this 
+# functionality will automatically be installed. However, by default, no policies are enforced,
+# meaning that no checks are performed during or after installation unless specifically configured.
+#  
+#  Important
+#   Applying a security policy is not necessary on all systems. This screen should only be used
+#   when a specific policy is mandated by your organization rules or government regulations.
+#   Unlike most other commands, this add-on does not accept regular options, but uses key-value
+#   pairs in the body of the %addon definition instead. These pairs are whitespace-agnostic.
+#   Values can be optionally enclosed in single quotes (') or double quotes (").
+#   
+# For more details and configuration options see
+# https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/performing_an_advanced_rhel_8_installation/kickstart-commands-and-options-reference_installing-rhel-as-an-experienced-user#addon-org_fedora_oscap_kickstart-commands-for-addons-supplied-with-the-rhel-installation-program
+%addon org_fedora_oscap
+        content-type = scap-security-guide
+        profile = xccdf_org.ssgproject.content_profile_hipaa
+%end
+
+# Packages selection (%packages section is required)
+%packages
+%end
+
+# Reboot after the installation is complete (optional)
+# --eject	attempt to eject CD or DVD media before rebooting
+reboot --eject
diff --git a/products/almalinux8/kickstart/ssg-almalinux8-ism_o-ks.cfg b/products/almalinux8/kickstart/ssg-almalinux8-ism_o-ks.cfg
new file mode 100644
index 000000000..f6e47e7d8
--- /dev/null
+++ b/products/almalinux8/kickstart/ssg-almalinux8-ism_o-ks.cfg
@@ -0,0 +1,119 @@
+# SCAP Security Guide ISM Official profile kickstart for AlmaLinux OS 8
+# Version: 0.0.1
+# Date: 2021-08-16
+#
+# Based on:
+# https://pykickstart.readthedocs.io/en/latest/
+# For more information see the following documentation:
+# https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/security_hardening/scanning-the-system-for-configuration-compliance-and-vulnerabilities_security-hardening#deploying-baseline-compliant-rhel-systems-using-kickstart_deploying-systems-that-are-compliant-with-a-security-profile-immediately-after-an-installation
+
+# Specify installation method to use for installation
+# To use a different one comment out the 'url' one below, update
+# the selected choice with proper options & un-comment it
+#
+# Install from an installation tree on a remote server via FTP or HTTP:
+# --url		the URL to install from
+#
+# Example:
+#
+# url --url=http://192.168.122.1/image
+#
+# Modify concrete URL in the above example appropriately to reflect the actual
+# environment machine is to be installed in
+#
+# Other possible / supported installation methods:
+# * install from the first CD-ROM/DVD drive on the system:
+#
+# cdrom
+#
+# * install from a directory of ISO images on a local drive:
+#
+# harddrive --partition=hdb2 --dir=/tmp/install-tree
+#
+# * install from provided NFS server:
+#
+# nfs --server= --dir= [--opts=]
+#
+
+# Set language to use during installation and the default language to use on the installed system (required)
+lang en_US.UTF-8
+
+# Set system keyboard type / layout (required)
+keyboard --vckeymap us
+
+# Configure network information for target system and activate network devices in the installer environment (optional)
+# --onboot	enable device at a boot time
+# --device	device to be activated and / or configured with the network command
+# --bootproto	method to obtain networking configuration for device (default dhcp)
+# --noipv6	disable IPv6 on this device
+#
+#
+network --onboot yes --device eth0 --bootproto dhcp --noipv6
+
+# Set the system's root password (required)
+# Plaintext password is: server
+# Refer to e.g. https://pykickstart.readthedocs.io/en/latest/commands.html#rootpw to see how to create
+# encrypted password form for different plaintext password
+rootpw --iscrypted $6$/0RYeeRdK70ynvYz$jH2ZN/80HM6DjndHMxfUF9KIibwipitvizzXDH1zW.fTjyD3RD3tkNdNUaND18B/XqfAUW3vy1uebkBybCuIm0
+
+# The selected profile will restrict root login
+# Add a user that can login and escalate privileges
+# Plaintext password is: admin123
+user --name=admin --groups=wheel --password=$6$Ga6ZnIlytrWpuCzO$q0LqT1USHpahzUafQM9jyHCY9BiE5/ahXLNWUMiVQnFGblu0WWGZ1e6icTaCGO4GNgZNtspp1Let/qpM7FMVB0 --iscrypted
+
+# Configure firewall settings for the system (optional)
+# --enabled	reject incoming connections that are not in response to outbound requests
+# --ssh		allow sshd service through the firewall
+firewall --enabled --ssh
+
+# State of SELinux on the installed system (optional)
+# Defaults to enforcing
+selinux --enforcing
+
+# Set the system time zone (required)
+timezone --utc America/New_York
+
+# Specify how the bootloader should be installed (required)
+bootloader
+
+# Initialize (format) all disks (optional)
+zerombr
+
+# The following partition layout scheme assumes disk of size 20GB or larger
+# Modify size of partitions appropriately to reflect actual machine's hardware
+# 
+# Remove Linux partitions from the system prior to creating new ones (optional)
+# --linux	erase all Linux partitions
+# --initlabel	initialize the disk label to the default based on the underlying architecture
+clearpart --linux --initlabel
+
+# Create primary system partitions (required for installs)
+autopart
+
+# The OpenSCAP installer add-on is used to apply SCAP (Security Content Automation Protocol)
+# content - security policies - on the installed system.This add-on has been enabled by default
+# since Red Hat Enterprise Linux 7.2. When enabled, the packages necessary to provide this 
+# functionality will automatically be installed. However, by default, no policies are enforced,
+# meaning that no checks are performed during or after installation unless specifically configured.
+#  
+#  Important
+#   Applying a security policy is not necessary on all systems. This screen should only be used
+#   when a specific policy is mandated by your organization rules or government regulations.
+#   Unlike most other commands, this add-on does not accept regular options, but uses key-value
+#   pairs in the body of the %addon definition instead. These pairs are whitespace-agnostic.
+#   Values can be optionally enclosed in single quotes (') or double quotes (").
+#   
+# For more details and configuration options see
+# https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/performing_an_advanced_rhel_8_installation/kickstart-commands-and-options-reference_installing-rhel-as-an-experienced-user#addon-org_fedora_oscap_kickstart-commands-for-addons-supplied-with-the-rhel-installation-program
+%addon org_fedora_oscap
+        content-type = scap-security-guide
+        profile = xccdf_org.ssgproject.content_profile_ism_o
+%end
+
+# Packages selection (%packages section is required)
+%packages
+%end
+
+# Reboot after the installation is complete (optional)
+# --eject	attempt to eject CD or DVD media before rebooting
+reboot --eject
diff --git a/products/almalinux8/kickstart/ssg-almalinux8-ospp-ks.cfg b/products/almalinux8/kickstart/ssg-almalinux8-ospp-ks.cfg
new file mode 100644
index 000000000..b4dda7310
--- /dev/null
+++ b/products/almalinux8/kickstart/ssg-almalinux8-ospp-ks.cfg
@@ -0,0 +1,139 @@
+# SCAP Security Guide OSPP profile kickstart for AlmaLinux OS 8
+#
+# Based on:
+# https://pykickstart.readthedocs.io/en/latest/
+# http://usgcb.nist.gov/usgcb/content/configuration/workstation-ks.cfg
+# For more information see the following documentation:
+# https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/security_hardening/scanning-the-system-for-configuration-compliance-and-vulnerabilities_security-hardening#deploying-baseline-compliant-rhel-systems-using-kickstart_deploying-systems-that-are-compliant-with-a-security-profile-immediately-after-an-installation
+
+# Specify installation method to use for installation
+# To use a different one comment out the 'url' one below, update
+# the selected choice with proper options & un-comment it
+#
+# Install from an installation tree on a remote server via FTP or HTTP:
+# --url		the URL to install from
+#
+# Example:
+#
+# url --url=http://192.168.122.1/image
+#
+# Modify concrete URL in the above example appropriately to reflect the actual
+# environment machine is to be installed in
+#
+# Other possible / supported installation methods:
+# * install from the first CD-ROM/DVD drive on the system:
+#
+# cdrom
+#
+# * install from a directory of ISO images on a local drive:
+#
+# harddrive --partition=hdb2 --dir=/tmp/install-tree
+#
+# * install from provided NFS server:
+#
+# nfs --server= --dir= [--opts=]
+#
+# Set language to use during installation and the default language to use on the installed system (required)
+lang en_US.UTF-8
+
+# Set system keyboard type / layout (required)
+keyboard --vckeymap us
+
+# Configure network information for target system and activate network devices in the installer environment (optional)
+# --onboot	enable device at a boot time
+# --device	device to be activated and / or configured with the network command
+# --bootproto	method to obtain networking configuration for device (default dhcp)
+# --noipv6	disable IPv6 on this device
+network --onboot yes --bootproto dhcp
+
+# Set the system's root password (required)
+# Plaintext password is: server
+# Refer to e.g.
+#   https://pykickstart.readthedocs.io/en/latest/commands.html#rootpw
+# to see how to create encrypted password form for different plaintext password
+rootpw --iscrypted $6$0WWGZ1e6icT$1KiHZK.Nzp3HQerfiy8Ic3pOeCWeIzA.zkQ7mkvYT3bNC5UeGK2ceE5b6TkSg4D/kiSudkT04QlSKknsrNE220
+
+# The selected profile will restrict root login
+# Add a user that can login and escalate privileges
+# Plaintext password is: admin123
+user --name=admin --groups=wheel --password=$6$Ga6ZnIlytrWpuCzO$q0LqT1USHpahzUafQM9jyHCY9BiE5/ahXLNWUMiVQnFGblu0WWGZ1e6icTaCGO4GNgZNtspp1Let/qpM7FMVB0 --iscrypted
+
+# Configure firewall settings for the system (optional)
+# --enabled	reject incoming connections that are not in response to outbound requests
+# --ssh		allow sshd service through the firewall
+firewall --enabled --ssh
+
+# State of SELinux on the installed system (optional)
+# Defaults to enforcing
+selinux --enforcing
+
+# Set the system time zone (required)
+timezone --utc America/New_York
+
+# Specify how the bootloader should be installed (required)
+# Refer to e.g.
+#   grub2-mkpasswd-pbkdf2
+# to see how to create encrypted password form for different plaintext password
+bootloader --append="audit=1 audit_backlog_limit=8192 slub_debug=P page_poison=1 vsyscall=none"
+
+# Initialize (format) all disks (optional)
+zerombr
+
+# The following partition layout scheme assumes disk of size 20GB or larger
+# Modify size of partitions appropriately to reflect actual machine's hardware
+# 
+# Remove Linux partitions from the system prior to creating new ones (optional)
+# --linux	erase all Linux partitions
+# --initlabel	initialize the disk label to the default based on the underlying architecture
+clearpart --linux --initlabel
+
+# Create primary system partitions (required for installs)
+part /boot --fstype=xfs --size=512
+part pv.01 --grow --size=1
+
+# Create a Logical Volume Management (LVM) group (optional)
+volgroup VolGroup pv.01
+
+# Create particular logical volumes (optional)
+logvol / --fstype=xfs --name=root --vgname=VolGroup --size=10240 --grow
+# Ensure /home Located On Separate Partition
+logvol /home --fstype=xfs --name=home --vgname=VolGroup --size=1024 --fsoptions="nodev"
+# Ensure /tmp Located On Separate Partition
+logvol /tmp --fstype=xfs --name=tmp --vgname=VolGroup --size=1024 --fsoptions="nodev,nosuid,noexec"
+# Ensure /var/tmp Located On Separate Partition
+logvol /var/tmp --fstype=xfs --name=vartmp --vgname=VolGroup --size=1024 --fsoptions="nodev,nosuid,noexec"
+# Ensure /var Located On Separate Partition
+logvol /var --fstype=xfs --name=var --vgname=VolGroup --size=3072 --fsoptions="nodev"
+# Ensure /var/log Located On Separate Partition
+logvol /var/log --fstype=xfs --name=varlog --vgname=VolGroup --size=1024 --fsoptions="nodev,nosuid,noexec"
+# Ensure /var/log/audit Located On Separate Partition
+logvol /var/log/audit --fstype=xfs --name=varlogaudit --vgname=VolGroup --size=512 --fsoptions="nodev,nosuid,noexec"
+logvol swap --name=swap --vgname=VolGroup --size=2016
+
+# The OpenSCAP installer add-on is used to apply SCAP (Security Content Automation Protocol)
+# content - security policies - on the installed system.This add-on has been enabled by default
+# since Red Hat Enterprise Linux 7.2. When enabled, the packages necessary to provide this 
+# functionality will automatically be installed. However, by default, no policies are enforced,
+# meaning that no checks are performed during or after installation unless specifically configured.
+#  
+#  Important
+#   Applying a security policy is not necessary on all systems. This screen should only be used
+#   when a specific policy is mandated by your organization rules or government regulations.
+#   Unlike most other commands, this add-on does not accept regular options, but uses key-value
+#   pairs in the body of the %addon definition instead. These pairs are whitespace-agnostic.
+#   Values can be optionally enclosed in single quotes (') or double quotes (").
+#   
+# For more details and configuration options see
+# https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/performing_an_advanced_rhel_8_installation/kickstart-commands-and-options-reference_installing-rhel-as-an-experienced-user#addon-org_fedora_oscap_kickstart-commands-for-addons-supplied-with-the-rhel-installation-program
+%addon org_fedora_oscap
+	content-type = scap-security-guide
+	profile = xccdf_org.ssgproject.content_profile_ospp
+%end
+
+# Packages selection (%packages section is required)
+%packages
+%end
+
+# Reboot after the installation is complete (optional)
+# --eject	attempt to eject CD or DVD media before rebooting
+reboot --eject
diff --git a/products/almalinux8/kickstart/ssg-almalinux8-pci-dss-ks.cfg b/products/almalinux8/kickstart/ssg-almalinux8-pci-dss-ks.cfg
new file mode 100644
index 000000000..246bf7a6e
--- /dev/null
+++ b/products/almalinux8/kickstart/ssg-almalinux8-pci-dss-ks.cfg
@@ -0,0 +1,134 @@
+# SCAP Security Guide PCI-DSS profile kickstart for AlmaLinux OS 8
+#
+# Based on:
+# https://pykickstart.readthedocs.io/en/latest/
+# http://usgcb.nist.gov/usgcb/content/configuration/workstation-ks.cfg
+# For more information see the following documentation:
+# https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/security_hardening/scanning-the-system-for-configuration-compliance-and-vulnerabilities_security-hardening#deploying-baseline-compliant-rhel-systems-using-kickstart_deploying-systems-that-are-compliant-with-a-security-profile-immediately-after-an-installation
+
+# Specify installation method to use for installation
+# To use a different one comment out the 'url' one below, update
+# the selected choice with proper options & un-comment it
+#
+# Install from an installation tree on a remote server via FTP or HTTP:
+# --url	        the URL to install from
+#
+# Example:
+#
+# url --url=http://192.168.122.1/image
+#
+# Modify concrete URL in the above example appropriately to reflect the actual
+# environment machine is to be installed in
+#
+# Other possible / supported installation methods:
+# * install from the first CD-ROM/DVD drive on the system:
+#
+# cdrom
+#
+# * install from a directory of ISO images on a local drive:
+#
+# harddrive --partition=hdb2 --dir=/tmp/install-tree
+#
+# * install from provided NFS server:
+#
+# nfs --server= --dir= [--opts=]
+#
+
+# Set language to use during installation and the default language to use on the installed system (required)
+lang en_US.UTF-8
+
+# Set system keyboard type / layout (required)
+keyboard --vckeymap us
+
+# Configure network information for target system and activate network devices in the installer environment (optional)
+# --onboot	enable device at a boot time
+# --device	device to be activated and / or configured with the network command
+# --bootproto	method to obtain networking configuration for device (default dhcp)
+# --noipv6	disable IPv6 on this device
+network --onboot yes --bootproto dhcp --noipv6
+
+# Set the system's root password (required)
+# Plaintext password is: server
+# Refer to e.g.
+#   https://pykickstart.readthedocs.io/en/latest/commands.html#rootpw
+# to see how to create encrypted password form for different plaintext password
+rootpw --iscrypted $6$0WWGZ1e6icT$1KiHZK.Nzp3HQerfiy8Ic3pOeCWeIzA.zkQ7mkvYT3bNC5UeGK2ceE5b6TkSg4D/kiSudkT04QlSKknsrNE220
+
+# Configure firewall settings for the system (optional)
+# --enabled	reject incoming connections that are not in response to outbound requests
+# --ssh		allow sshd service through the firewall
+firewall --enabled --ssh
+
+# State of SELinux on the installed system (optional)
+# Defaults to enforcing
+selinux --enforcing
+
+# Set the system time zone (required)
+timezone --utc America/New_York
+
+# Specify how the bootloader should be installed (required)
+# Plaintext password is: password
+# Refer to e.g.
+#   grub2-mkpasswd-pbkdf2
+# to see how to create encrypted password form for different plaintext password
+bootloader --append="audit=1 audit_backlog_limit=8192 slub_debug=P page_poison=1 vsyscall=none" --password=grub.pbkdf2.sha512.10000.45912D32B964BA58B91EAF9847F3CCE6F4C962638922543AFFAEE4D29951757F4336C181E6FC9030E07B7D9874DAD696A1B18978D995B1D7F27AF9C38159FDF3.99F65F3896012A0A3D571A99D6E6C695F3C51BE5343A01C1B6907E1C3E1373CB7F250C2BC66C44BB876961E9071F40205006A05189E51C2C14770C70C723F3FD --iscrypted
+
+# Initialize (format) all disks (optional)
+zerombr
+
+# The following partition layout scheme assumes disk of size 20GB or larger
+# Modify size of partitions appropriately to reflect actual machine's hardware
+# 
+# Remove Linux partitions from the system prior to creating new ones (optional)
+# --linux	erase all Linux partitions
+# --initlabel	initialize the disk label to the default based on the underlying architecture
+clearpart --linux --initlabel
+
+# Create primary system partitions (required for installs)
+part /boot --fstype=xfs --size=512
+part pv.01 --grow --size=1
+
+# Create a Logical Volume Management (LVM) group (optional)
+volgroup VolGroup pv.01
+
+# Create particular logical volumes (optional)
+logvol / --fstype=xfs --name=root --vgname=VolGroup --size=11264 --grow
+# CCE-26557-9: Ensure /home Located On Separate Partition
+logvol /home --fstype=xfs --name=home --vgname=VolGroup --size=1024 --fsoptions="nodev"
+# CCE-26435-8: Ensure /tmp Located On Separate Partition
+logvol /tmp --fstype=xfs --name=tmp --vgname=VolGroup --size=1024 --fsoptions="nodev,noexec,nosuid"
+# CCE-26639-5: Ensure /var Located On Separate Partition
+logvol /var --fstype=xfs --name=var --vgname=VolGroup --size=3072 --fsoptions="nodev"
+# CCE-26215-4: Ensure /var/log Located On Separate Partition
+logvol /var/log --fstype=xfs --name=varlog --vgname=VolGroup --size=1024 --fsoptions="nodev"
+# CCE-26436-6: Ensure /var/log/audit Located On Separate Partition
+logvol /var/log/audit --fstype=xfs --name=varlogaudit --vgname=VolGroup --size=512 --fsoptions="nodev"
+logvol swap --name=swap --vgname=VolGroup --size=2016
+
+# The OpenSCAP installer add-on is used to apply SCAP (Security Content Automation Protocol)
+# content - security policies - on the installed system.This add-on has been enabled by default
+# since Red Hat Enterprise Linux 7.2. When enabled, the packages necessary to provide this 
+# functionality will automatically be installed. However, by default, no policies are enforced,
+# meaning that no checks are performed during or after installation unless specifically configured.
+#  
+#  Important
+#   Applying a security policy is not necessary on all systems. This screen should only be used
+#   when a specific policy is mandated by your organization rules or government regulations.
+#   Unlike most other commands, this add-on does not accept regular options, but uses key-value
+#   pairs in the body of the %addon definition instead. These pairs are whitespace-agnostic.
+#   Values can be optionally enclosed in single quotes (') or double quotes (").
+#   
+# For more details and configuration options see
+# https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/performing_an_advanced_rhel_8_installation/kickstart-commands-and-options-reference_installing-rhel-as-an-experienced-user#addon-org_fedora_oscap_kickstart-commands-for-addons-supplied-with-the-rhel-installation-program
+%addon org_fedora_oscap
+        content-type = scap-security-guide
+        profile = xccdf_org.ssgproject.content_profile_pci-dss
+%end
+
+# Packages selection (%packages section is required)
+%packages
+%end
+
+# Reboot after the installation is complete (optional)
+# --eject	attempt to eject CD or DVD media before rebooting
+reboot --eject
diff --git a/products/almalinux8/kickstart/ssg-almalinux8-stig-ks.cfg b/products/almalinux8/kickstart/ssg-almalinux8-stig-ks.cfg
new file mode 100644
index 000000000..be9935bc5
--- /dev/null
+++ b/products/almalinux8/kickstart/ssg-almalinux8-stig-ks.cfg
@@ -0,0 +1,141 @@
+# SCAP Security Guide STIG profile kickstart for AlmaLinux OS 8
+#
+# Based on:
+# https://pykickstart.readthedocs.io/en/latest/
+# http://usgcb.nist.gov/usgcb/content/configuration/workstation-ks.cfg
+# For more information see the following documentation:
+# https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/security_hardening/scanning-the-system-for-configuration-compliance-and-vulnerabilities_security-hardening#deploying-baseline-compliant-rhel-systems-using-kickstart_deploying-systems-that-are-compliant-with-a-security-profile-immediately-after-an-installation
+
+# Specify installation method to use for installation
+# To use a different one comment out the 'url' one below, update
+# the selected choice with proper options & un-comment it
+#
+# Install from an installation tree on a remote server via FTP or HTTP:
+# --url		the URL to install from
+#
+# Example:
+#
+# url --url=http://192.168.122.1/image
+#
+# Modify concrete URL in the above example appropriately to reflect the actual
+# environment machine is to be installed in
+#
+# Other possible / supported installation methods:
+# * install from the first CD-ROM/DVD drive on the system:
+#
+# cdrom
+#
+# * install from a directory of ISO images on a local drive:
+#
+# harddrive --partition=hdb2 --dir=/tmp/install-tree
+#
+# * install from provided NFS server:
+#
+# nfs --server= --dir= [--opts=]
+#
+# Set language to use during installation and the default language to use on the installed system (required)
+lang en_US.UTF-8
+
+# Set system keyboard type / layout (required)
+keyboard --vckeymap us
+
+# Configure network information for target system and activate network devices in the installer environment (optional)
+# --onboot	enable device at a boot time
+# --device	device to be activated and / or configured with the network command
+# --bootproto	method to obtain networking configuration for device (default dhcp)
+# --noipv6	disable IPv6 on this device
+network --onboot yes --bootproto dhcp
+
+# Set the system's root password (required)
+# Plaintext password is: server
+# Refer to e.g.
+#   https://pykickstart.readthedocs.io/en/latest/commands.html#rootpw
+# to see how to create encrypted password form for different plaintext password
+rootpw --iscrypted $6$0WWGZ1e6icT$1KiHZK.Nzp3HQerfiy8Ic3pOeCWeIzA.zkQ7mkvYT3bNC5UeGK2ceE5b6TkSg4D/kiSudkT04QlSKknsrNE220
+
+# The selected profile will restrict root login
+# Add a user that can login and escalate privileges
+# Plaintext password is: admin123
+user --name=admin --groups=wheel --password=$6$Ga6ZnIlytrWpuCzO$q0LqT1USHpahzUafQM9jyHCY9BiE5/ahXLNWUMiVQnFGblu0WWGZ1e6icTaCGO4GNgZNtspp1Let/qpM7FMVB0 --iscrypted
+
+# Configure firewall settings for the system (optional)
+# --enabled	reject incoming connections that are not in response to outbound requests
+# --ssh		allow sshd service through the firewall
+firewall --enabled --ssh
+
+
+# State of SELinux on the installed system (optional)
+# Defaults to enforcing
+selinux --enforcing
+
+# Set the system time zone (required)
+timezone --utc America/New_York
+
+# Specify how the bootloader should be installed (required)
+# Plaintext password is: password
+# Refer to e.g.
+#   grub2-mkpasswd-pbkdf2
+# to see how to create encrypted password form for different plaintext password
+bootloader --append="audit=1 audit_backlog_limit=8192 slub_debug=P page_poison=1 vsyscall=none" --password=grub.pbkdf2.sha512.10000.45912D32B964BA58B91EAF9847F3CCE6F4C962638922543AFFAEE4D29951757F4336C181E6FC9030E07B7D9874DAD696A1B18978D995B1D7F27AF9C38159FDF3.99F65F3896012A0A3D571A99D6E6C695F3C51BE5343A01C1B6907E1C3E1373CB7F250C2BC66C44BB876961E9071F40205006A05189E51C2C14770C70C723F3FD --iscrypted
+
+# Initialize (format) all disks (optional)
+zerombr
+
+# The following partition layout scheme assumes disk of size 20GB or larger
+# Modify size of partitions appropriately to reflect actual machine's hardware
+# 
+# Remove Linux partitions from the system prior to creating new ones (optional)
+# --linux	erase all Linux partitions
+# --initlabel	initialize the disk label to the default based on the underlying architecture
+clearpart --linux --initlabel
+
+# Create primary system partitions (required for installs)
+part /boot --fstype=xfs --size=512 --fsoptions="nodev,nosuid,noexec"
+part pv.01 --grow --size=1
+
+# Create a Logical Volume Management (LVM) group (optional)
+volgroup VolGroup pv.01
+
+# Create particular logical volumes (optional)
+logvol / --fstype=xfs --name=root --vgname=VolGroup --size=10240 --grow
+# Ensure /home Located On Separate Partition
+logvol /home --fstype=xfs --name=home --vgname=VolGroup --size=1024 --fsoptions="nodev"
+# Ensure /tmp Located On Separate Partition
+logvol /tmp --fstype=xfs --name=tmp --vgname=VolGroup --size=1024 --fsoptions="nodev,nosuid,noexec"
+# Ensure /var/tmp Located On Separate Partition
+logvol /var/tmp --fstype=xfs --name=vartmp --vgname=VolGroup --size=1024 --fsoptions="nodev,nosuid,noexec"
+# Ensure /var Located On Separate Partition
+logvol /var --fstype=xfs --name=var --vgname=VolGroup --size=3072 --fsoptions="nodev"
+# Ensure /var/log Located On Separate Partition
+logvol /var/log --fstype=xfs --name=varlog --vgname=VolGroup --size=1024 --fsoptions="nodev,nosuid,noexec"
+# Ensure /var/log/audit Located On Separate Partition
+logvol /var/log/audit --fstype=xfs --name=varlogaudit --vgname=VolGroup --size=10240 --fsoptions="nodev,nosuid,noexec"
+logvol swap --name=swap --vgname=VolGroup --size=2016
+
+# The OpenSCAP installer add-on is used to apply SCAP (Security Content Automation Protocol)
+# content - security policies - on the installed system.This add-on has been enabled by default
+# since Red Hat Enterprise Linux 7.2. When enabled, the packages necessary to provide this 
+# functionality will automatically be installed. However, by default, no policies are enforced,
+# meaning that no checks are performed during or after installation unless specifically configured.
+#  
+#  Important
+#   Applying a security policy is not necessary on all systems. This screen should only be used
+#   when a specific policy is mandated by your organization rules or government regulations.
+#   Unlike most other commands, this add-on does not accept regular options, but uses key-value
+#   pairs in the body of the %addon definition instead. These pairs are whitespace-agnostic.
+#   Values can be optionally enclosed in single quotes (') or double quotes (").
+#   
+# For more details and configuration options see
+# https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/performing_an_advanced_rhel_8_installation/kickstart-commands-and-options-reference_installing-rhel-as-an-experienced-user#addon-org_fedora_oscap_kickstart-commands-for-addons-supplied-with-the-rhel-installation-program
+%addon org_fedora_oscap
+	content-type = scap-security-guide
+	profile = xccdf_org.ssgproject.content_profile_stig
+%end
+
+# Packages selection (%packages section is required)
+%packages
+%end
+
+# Reboot after the installation is complete (optional)
+# --eject	attempt to eject CD or DVD media before rebooting
+reboot --eject
diff --git a/products/almalinux8/kickstart/ssg-almalinux8-stig_gui-ks.cfg b/products/almalinux8/kickstart/ssg-almalinux8-stig_gui-ks.cfg
new file mode 100644
index 000000000..124a0bf6b
--- /dev/null
+++ b/products/almalinux8/kickstart/ssg-almalinux8-stig_gui-ks.cfg
@@ -0,0 +1,143 @@
+# SCAP Security Guide STIG with GUI profile kickstart for AlmaLinux OS 8
+#
+# Based on:
+# https://pykickstart.readthedocs.io/en/latest/
+# http://usgcb.nist.gov/usgcb/content/configuration/workstation-ks.cfg
+# For more information see the following documentation:
+# https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/security_hardening/scanning-the-system-for-configuration-compliance-and-vulnerabilities_security-hardening#deploying-baseline-compliant-rhel-systems-using-kickstart_deploying-systems-that-are-compliant-with-a-security-profile-immediately-after-an-installation
+
+# Specify installation method to use for installation
+# To use a different one comment out the 'url' one below, update
+# the selected choice with proper options & un-comment it
+#
+# Install from an installation tree on a remote server via FTP or HTTP:
+# --url		the URL to install from
+#
+# Example:
+#
+# url --url=http://192.168.122.1/image
+#
+# Modify concrete URL in the above example appropriately to reflect the actual
+# environment machine is to be installed in
+#
+# Other possible / supported installation methods:
+# * install from the first CD-ROM/DVD drive on the system:
+#
+# cdrom
+#
+# * install from a directory of ISO images on a local drive:
+#
+# harddrive --partition=hdb2 --dir=/tmp/install-tree
+#
+# * install from provided NFS server:
+#
+# nfs --server= --dir= [--opts=]
+#
+# Set language to use during installation and the default language to use on the installed system (required)
+lang en_US.UTF-8
+
+# Set system keyboard type / layout (required)
+keyboard --vckeymap us
+
+# Configure network information for target system and activate network devices in the installer environment (optional)
+# --onboot	enable device at a boot time
+# --device	device to be activated and / or configured with the network command
+# --bootproto	method to obtain networking configuration for device (default dhcp)
+# --noipv6	disable IPv6 on this device
+network --onboot yes --bootproto dhcp
+
+# Set the system's root password (required)
+# Plaintext password is: server
+# Refer to e.g.
+#   https://pykickstart.readthedocs.io/en/latest/commands.html#rootpw
+# to see how to create encrypted password form for different plaintext password
+rootpw --iscrypted $6$0WWGZ1e6icT$1KiHZK.Nzp3HQerfiy8Ic3pOeCWeIzA.zkQ7mkvYT3bNC5UeGK2ceE5b6TkSg4D/kiSudkT04QlSKknsrNE220
+
+# The selected profile will restrict root login
+# Add a user that can login and escalate privileges
+# Plaintext password is: admin123
+user --name=admin --groups=wheel --password=$6$Ga6ZnIlytrWpuCzO$q0LqT1USHpahzUafQM9jyHCY9BiE5/ahXLNWUMiVQnFGblu0WWGZ1e6icTaCGO4GNgZNtspp1Let/qpM7FMVB0 --iscrypted
+
+# Configure firewall settings for the system (optional)
+# --enabled	reject incoming connections that are not in response to outbound requests
+# --ssh		allow sshd service through the firewall
+firewall --enabled --ssh
+
+# State of SELinux on the installed system (optional)
+# Defaults to enforcing
+selinux --enforcing
+
+# Set the system time zone (required)
+timezone --utc America/New_York
+
+# Specify how the bootloader should be installed (required)
+# Plaintext password is: password
+# Refer to e.g.
+#   grub2-mkpasswd-pbkdf2
+# to see how to create encrypted password form for different plaintext password
+bootloader --append="audit=1 audit_backlog_limit=8192 slub_debug=P page_poison=1 vsyscall=none" --password=grub.pbkdf2.sha512.10000.45912D32B964BA58B91EAF9847F3CCE6F4C962638922543AFFAEE4D29951757F4336C181E6FC9030E07B7D9874DAD696A1B18978D995B1D7F27AF9C38159FDF3.99F65F3896012A0A3D571A99D6E6C695F3C51BE5343A01C1B6907E1C3E1373CB7F250C2BC66C44BB876961E9071F40205006A05189E51C2C14770C70C723F3FD --iscrypted
+
+# Initialize (format) all disks (optional)
+zerombr
+
+# The following partition layout scheme assumes disk of size 20GB or larger
+# Modify size of partitions appropriately to reflect actual machine's hardware
+# 
+# Remove Linux partitions from the system prior to creating new ones (optional)
+# --linux	erase all Linux partitions
+# --initlabel	initialize the disk label to the default based on the underlying architecture
+clearpart --linux --initlabel
+
+# Create primary system partitions (required for installs)
+part /boot --fstype=xfs --size=512 --fsoptions="nodev,nosuid,noexec"
+part pv.01 --grow --size=1
+
+# Create a Logical Volume Management (LVM) group (optional)
+volgroup VolGroup pv.01
+
+# Create particular logical volumes (optional)
+logvol / --fstype=xfs --name=root --vgname=VolGroup --size=10240 --grow
+# Ensure /home Located On Separate Partition
+logvol /home --fstype=xfs --name=home --vgname=VolGroup --size=1024 --fsoptions="nodev"
+# Ensure /tmp Located On Separate Partition
+logvol /tmp --fstype=xfs --name=tmp --vgname=VolGroup --size=1024 --fsoptions="nodev,nosuid,noexec"
+# Ensure /var/tmp Located On Separate Partition
+logvol /var/tmp --fstype=xfs --name=vartmp --vgname=VolGroup --size=1024 --fsoptions="nodev,nosuid,noexec"
+# Ensure /var Located On Separate Partition
+logvol /var --fstype=xfs --name=var --vgname=VolGroup --size=3072 --fsoptions="nodev"
+# Ensure /var/log Located On Separate Partition
+logvol /var/log --fstype=xfs --name=varlog --vgname=VolGroup --size=1024 --fsoptions="nodev,nosuid,noexec"
+# Ensure /var/log/audit Located On Separate Partition
+logvol /var/log/audit --fstype=xfs --name=varlogaudit --vgname=VolGroup --size=10240 --fsoptions="nodev,nosuid,noexec"
+logvol swap --name=swap --vgname=VolGroup --size=2016
+
+# The OpenSCAP installer add-on is used to apply SCAP (Security Content Automation Protocol)
+# content - security policies - on the installed system.This add-on has been enabled by default
+# since Red Hat Enterprise Linux 7.2. When enabled, the packages necessary to provide this 
+# functionality will automatically be installed. However, by default, no policies are enforced,
+# meaning that no checks are performed during or after installation unless specifically configured.
+#  
+#  Important
+#   Applying a security policy is not necessary on all systems. This screen should only be used
+#   when a specific policy is mandated by your organization rules or government regulations.
+#   Unlike most other commands, this add-on does not accept regular options, but uses key-value
+#   pairs in the body of the %addon definition instead. These pairs are whitespace-agnostic.
+#   Values can be optionally enclosed in single quotes (') or double quotes (").
+#   
+# For more details and configuration options see
+# https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/performing_an_advanced_rhel_8_installation/kickstart-commands-and-options-reference_installing-rhel-as-an-experienced-user#addon-org_fedora_oscap_kickstart-commands-for-addons-supplied-with-the-rhel-installation-program
+%addon org_fedora_oscap
+	content-type = scap-security-guide
+	profile = xccdf_org.ssgproject.content_profile_stig_gui
+%end
+
+# Packages selection (%packages section is required)
+%packages
+
+@Server with GUI
+
+%end
+
+# Reboot after the installation is complete (optional)
+# --eject	attempt to eject CD or DVD media before rebooting
+reboot --eject
diff --git a/products/almalinux8/overlays/srg_support.xml b/products/almalinux8/overlays/srg_support.xml
new file mode 100644
index 000000000..e4580fdf8
--- /dev/null
+++ b/products/almalinux8/overlays/srg_support.xml
@@ -0,0 +1,173 @@
+
diff --git a/products/almalinux8/product.yml b/products/almalinux8/product.yml
new file mode 100644
index 000000000..56dee61a9
--- /dev/null
+++ b/products/almalinux8/product.yml
@@ -0,0 +1,52 @@
+product: almalinux8
+full_name: AlmaLinux OS 8
+type: platform
+
+families:
+  - rhel
+  - rhel-like
+
+major_version_ordinal: 8
+
+benchmark_id: ALMALINUX-8
+benchmark_root: "../../linux_os/guide"
+components_root: "../../components"
+
+profiles_root: "./profiles"
+
+pkg_manager: "yum"
+
+init_system: "systemd"
+
+# The fingerprints below are retrieved from https://almalinux.org/security/
+pkg_release: "5ffd890e"
+pkg_version: "3abb34f8"
+aux_pkg_release: "6525146f"
+aux_pkg_version: "ced7258b"
+
+release_key_fingerprint: "5E9B8F5617B5066CE92057C3488FCF7C3ABB34F8"
+auxiliary_key_fingerprint: "BC5EDDCADF502C077F1582882AE81E8ACED7258B"
+oval_feed_url: "https://security.almalinux.org/oval/org.almalinux.alsa-8.xml.bz2"
+
+groups:
+  dedicated_ssh_keyowner:
+    name: ssh_keys
+
+faillock_path: "/var/log/faillock"
+
+cpes_root: "../../shared/applicability"
+cpes:
+  - almalinux8:
+      name: "cpe:/o:almalinux:almalinux:8"
+      title: "AlmaLinux OS 8"
+      check_id: installed_OS_is_almalinux8
+
+# Mapping of CPE platform to package
+platform_package_overrides:
+  login_defs: "shadow-utils"
+
+
+reference_uris:
+  cis: 'https://www.cisecurity.org/benchmark/almalinuxos_linux/'
+
+journald_conf_dir_path: /etc/systemd/journald.conf.d
diff --git a/products/almalinux8/profiles/anssi_bp28_enhanced.profile b/products/almalinux8/profiles/anssi_bp28_enhanced.profile
new file mode 100644
index 000000000..798a9bd81
--- /dev/null
+++ b/products/almalinux8/profiles/anssi_bp28_enhanced.profile
@@ -0,0 +1,53 @@
+documentation_complete: true
+
+metadata:
+    SMEs:
+        - marcusburghardt
+        - yuumasato
+
+title: 'ANSSI-BP-028 (enhanced)'
+
+description: |-
+    This profile contains configurations that align to ANSSI-BP-028 v2.0 at the enhanced hardening level.
+
+    ANSSI is the French National Information Security Agency, and stands for Agence nationale de la sécurité des systèmes d'information.
+    ANSSI-BP-028 is a configuration recommendation for GNU/Linux systems.
+
+    A copy of the ANSSI-BP-028 can be found at the ANSSI website:
+    https://www.ssi.gouv.fr/administration/guide/recommandations-de-securite-relatives-a-un-systeme-gnulinux/
+
+    An English version of the ANSSI-BP-028 can also be found at the ANSSI website:
+    https://cyber.gouv.fr/publications/configuration-recommendations-gnulinux-system
+
+selections:
+    - anssi:all:enhanced
+    - var_password_hashing_algorithm=SHA512
+    - var_password_pam_unix_rounds=65536
+    - '!timer_logrotate_enabled'
+    # disable R45: Enable AppArmor security profiles
+    - '!apparmor_configured'
+    - '!all_apparmor_profiles_enforced'
+    - '!grub2_enable_apparmor'
+    - '!package_apparmor_installed'
+    - '!package_pam_apparmor_installed'
+    # Following rules once had a prodtype incompatible with the rhel8 product
+    - '!cracklib_accounts_password_pam_minlen'
+    - '!sysctl_fs_protected_fifos'
+    - '!accounts_passwords_pam_tally2_deny_root'
+    - '!audit_rules_privileged_commands_rmmod'
+    - '!package_dracut-fips-aesni_installed'
+    - '!audit_rules_privileged_commands_modprobe'
+    - '!chronyd_configure_pool_and_server'
+    - '!accounts_passwords_pam_tally2'
+    - '!cracklib_accounts_password_pam_ucredit'
+    - '!cracklib_accounts_password_pam_dcredit'
+    - '!cracklib_accounts_password_pam_lcredit'
+    - '!sysctl_fs_protected_regular'
+    - '!grub2_mds_argument'
+    - '!cracklib_accounts_password_pam_ocredit'
+    - '!grub2_page_alloc_shuffle_argument'
+    - '!accounts_passwords_pam_tally2_unlock_time'
+    - '!audit_rules_privileged_commands_insmod'
+    - '!ensure_oracle_gpgkey_installed'
+    - ensure_almalinux_gpgkey_installed
+    - '!package_kea_removed'
diff --git a/products/almalinux8/profiles/anssi_bp28_high.profile b/products/almalinux8/profiles/anssi_bp28_high.profile
new file mode 100644
index 000000000..1255baf6d
--- /dev/null
+++ b/products/almalinux8/profiles/anssi_bp28_high.profile
@@ -0,0 +1,60 @@
+documentation_complete: true
+
+metadata:
+    SMEs:
+        - marcusburghardt
+        - yuumasato
+
+title: 'ANSSI-BP-028 (high)'
+
+description: |-
+    This profile contains configurations that align to ANSSI-BP-028 v2.0 at the high hardening level.
+
+    ANSSI is the French National Information Security Agency, and stands for Agence nationale de la sécurité des systèmes d'information.
+    ANSSI-BP-028 is a configuration recommendation for GNU/Linux systems.
+
+    A copy of the ANSSI-BP-028 can be found at the ANSSI website:
+    https://www.ssi.gouv.fr/administration/guide/recommandations-de-securite-relatives-a-un-systeme-gnulinux/
+
+    An English version of the ANSSI-BP-028 can also be found at the ANSSI website:
+    https://cyber.gouv.fr/publications/configuration-recommendations-gnulinux-system
+
+selections:
+    - anssi:all:high
+    - var_password_hashing_algorithm=SHA512
+    - var_password_pam_unix_rounds=65536
+    # the following rule renders UEFI systems unbootable
+    - '!sebool_secure_mode_insmod'
+    - '!timer_logrotate_enabled'
+    # disable R45: Enable AppArmor security profiles
+    - '!apparmor_configured'
+    - '!all_apparmor_profiles_enforced'
+    - '!grub2_enable_apparmor'
+    - '!package_apparmor_installed'
+    - '!package_pam_apparmor_installed'
+    # Following rules once had a prodtype incompatible with the rhel8 product
+    - '!kernel_config_gcc_plugin_structleak_byref_all'
+    - '!accounts_passwords_pam_tally2_deny_root'
+    - '!aide_periodic_checking_systemd_timer'
+    - '!audit_rules_privileged_commands_rmmod'
+    - '!grub2_mds_argument'
+    - '!audit_rules_privileged_commands_modprobe'
+    - '!package_dracut-fips-aesni_installed'
+    - '!cracklib_accounts_password_pam_lcredit'
+    - '!sysctl_fs_protected_regular'
+    - '!cracklib_accounts_password_pam_ocredit'
+    - '!kernel_config_gcc_plugin_stackleak'
+    - '!audit_rules_privileged_commands_insmod'
+    - '!chronyd_configure_pool_and_server'
+    - '!accounts_passwords_pam_tally2'
+    - '!cracklib_accounts_password_pam_ucredit'
+    - '!kernel_config_legacy_vsyscall_xonly'
+    - '!kernel_config_gcc_plugin_randstruct'
+    - '!accounts_passwords_pam_tally2_unlock_time'
+    - '!cracklib_accounts_password_pam_minlen'
+    - '!sysctl_fs_protected_fifos'
+    - '!cracklib_accounts_password_pam_dcredit'
+    - '!grub2_page_alloc_shuffle_argument'
+    - '!ensure_oracle_gpgkey_installed'
+    - ensure_almalinux_gpgkey_installed
+    - '!package_kea_removed'
diff --git a/products/almalinux8/profiles/anssi_bp28_intermediary.profile b/products/almalinux8/profiles/anssi_bp28_intermediary.profile
new file mode 100644
index 000000000..c999bfe36
--- /dev/null
+++ b/products/almalinux8/profiles/anssi_bp28_intermediary.profile
@@ -0,0 +1,41 @@
+documentation_complete: true
+
+metadata:
+    SMEs:
+        - marcusburghardt
+        - yuumasato
+
+title: 'ANSSI-BP-028 (intermediary)'
+
+description: |-
+    This profile contains configurations that align to ANSSI-BP-028 v2.0 at the intermediary hardening level.
+
+    ANSSI is the French National Information Security Agency, and stands for Agence nationale de la sécurité des systèmes d'information.
+    ANSSI-BP-028 is a configuration recommendation for GNU/Linux systems.
+
+    A copy of the ANSSI-BP-028 can be found at the ANSSI website:
+    https://www.ssi.gouv.fr/administration/guide/recommandations-de-securite-relatives-a-un-systeme-gnulinux/
+
+    An English version of the ANSSI-BP-028 can also be found at the ANSSI website:
+    https://cyber.gouv.fr/publications/configuration-recommendations-gnulinux-system
+
+selections:
+  - anssi:all:intermediary
+  - var_password_hashing_algorithm=SHA512
+  - var_password_pam_unix_rounds=65536
+  # Following rules once had a prodtype incompatible with the rhel8 product
+  - '!cracklib_accounts_password_pam_minlen'
+  - '!accounts_passwords_pam_tally2_deny_root'
+  - '!grub2_mds_argument'
+  - '!sysctl_fs_protected_fifos'
+  - '!accounts_passwords_pam_tally2'
+  - '!cracklib_accounts_password_pam_ucredit'
+  - '!cracklib_accounts_password_pam_dcredit'
+  - '!cracklib_accounts_password_pam_lcredit'
+  - '!sysctl_fs_protected_regular'
+  - '!cracklib_accounts_password_pam_ocredit'
+  - '!grub2_page_alloc_shuffle_argument'
+  - '!accounts_passwords_pam_tally2_unlock_time'
+  - '!ensure_oracle_gpgkey_installed'
+  - ensure_almalinux_gpgkey_installed
+  - '!package_kea_removed'
diff --git a/products/almalinux8/profiles/anssi_bp28_minimal.profile b/products/almalinux8/profiles/anssi_bp28_minimal.profile
new file mode 100644
index 000000000..e7ce60abb
--- /dev/null
+++ b/products/almalinux8/profiles/anssi_bp28_minimal.profile
@@ -0,0 +1,37 @@
+documentation_complete: true
+
+metadata:
+    SMEs:
+        - marcusburghardt
+        - yuumasato
+
+title: 'ANSSI-BP-028 (minimal)'
+
+description: |-
+    This profile contains configurations that align to ANSSI-BP-028 v2.0 at the minimal hardening level.
+
+    ANSSI is the French National Information Security Agency, and stands for Agence nationale de la sécurité des systèmes d'information.
+    ANSSI-BP-028 is a configuration recommendation for GNU/Linux systems.
+
+    A copy of the ANSSI-BP-028 can be found at the ANSSI website:
+    https://www.ssi.gouv.fr/administration/guide/recommandations-de-securite-relatives-a-un-systeme-gnulinux/
+
+    An English version of the ANSSI-BP-028 can also be found at the ANSSI website:
+    https://cyber.gouv.fr/publications/configuration-recommendations-gnulinux-system
+
+selections:
+  - anssi:all:minimal
+  - var_password_hashing_algorithm=SHA512
+  - var_password_pam_unix_rounds=65536
+  # Following rules once had a prodtype incompatible with the rhel8 product
+  - '!cracklib_accounts_password_pam_minlen'
+  - '!accounts_passwords_pam_tally2_deny_root'
+  - '!accounts_passwords_pam_tally2'
+  - '!cracklib_accounts_password_pam_ucredit'
+  - '!cracklib_accounts_password_pam_dcredit'
+  - '!cracklib_accounts_password_pam_lcredit'
+  - '!cracklib_accounts_password_pam_ocredit'
+  - '!accounts_passwords_pam_tally2_unlock_time'
+  - '!ensure_oracle_gpgkey_installed'
+  - ensure_almalinux_gpgkey_installed
+  - '!package_kea_removed'
diff --git a/products/almalinux8/profiles/cis.profile b/products/almalinux8/profiles/cis.profile
new file mode 100644
index 000000000..40d3e5ceb
--- /dev/null
+++ b/products/almalinux8/profiles/cis.profile
@@ -0,0 +1,26 @@
+documentation_complete: true
+
+metadata:
+    version: 3.0.0
+    SMEs:
+        - marcusburghardt
+        - vojtapolasek
+        - yuumasato
+
+reference: https://www.cisecurity.org/benchmark/almalinuxos_linux/
+
+title: 'CIS AlmaLinux OS 8 Benchmark for Level 2 - Server'
+
+description: |-
+    This profile defines a baseline that aligns to the "Level 2 - Server"
+    configuration from the Center for Internet Security® 
+    AlmaLinux OS 8 Benchmarkâ„¢, v3.0.0, released 2023-10-30.
+
+    This profile includes Center for Internet Security®
+    AlmaLinux OS 8 CIS Benchmarksâ„¢ content.
+
+selections:
+    - cis_rhel8:all:l2_server
+    # Following rules once had a prodtype incompatible with the rhel8 product
+    - '!file_owner_at_allow'
+    - '!package_dnsmasq_removed'
diff --git a/products/almalinux8/profiles/cis_server_l1.profile b/products/almalinux8/profiles/cis_server_l1.profile
new file mode 100644
index 000000000..a8bc574f1
--- /dev/null
+++ b/products/almalinux8/profiles/cis_server_l1.profile
@@ -0,0 +1,26 @@
+documentation_complete: true
+
+metadata:
+    version: 3.0.0
+    SMEs:
+        - marcusburghardt
+        - vojtapolasek
+        - yuumasato
+
+reference: https://www.cisecurity.org/benchmark/almalinuxos_linux/
+
+title: 'CIS AlmaLinux OS 8 Benchmark for Level 1 - Server'
+
+description: |-
+    This profile defines a baseline that aligns to the "Level 1 - Server"
+    configuration from the Center for Internet Security® 
+    AlmaLinux OS 8 Benchmarkâ„¢, v3.0.0, released 2023-10-30.
+
+    This profile includes Center for Internet Security®
+    AlmaLinux OS 8 CIS Benchmarksâ„¢ content.
+
+selections:
+    - cis_rhel8:all:l1_server
+    # Following rules once had a prodtype incompatible with the rhel8 product
+    - '!file_owner_at_allow'
+    - '!package_dnsmasq_removed'
diff --git a/products/almalinux8/profiles/cis_workstation_l1.profile b/products/almalinux8/profiles/cis_workstation_l1.profile
new file mode 100644
index 000000000..a670f00be
--- /dev/null
+++ b/products/almalinux8/profiles/cis_workstation_l1.profile
@@ -0,0 +1,26 @@
+documentation_complete: true
+
+metadata:
+    version: 3.0.0
+    SMEs:
+        - marcusburghardt
+        - vojtapolasek
+        - yuumasato
+
+reference: https://www.cisecurity.org/benchmark/almalinuxos_linux/
+
+title: 'CIS AlmaLinux OS 8 Benchmark for Level 1 - Workstation'
+
+description: |-
+    This profile defines a baseline that aligns to the "Level 1 - Workstation"
+    configuration from the Center for Internet Security® 
+    AlmaLinux OS 8 Benchmarkâ„¢, v3.0.0, released 2023-10-30.
+
+    This profile includes Center for Internet Security®
+    AlmaLinux OS 8 CIS Benchmarksâ„¢ content.
+
+selections:
+    - cis_rhel8:all:l1_workstation
+    # Following rules once had a prodtype incompatible with the rhel8 product
+    - '!file_owner_at_allow'
+    - '!package_dnsmasq_removed'
diff --git a/products/almalinux8/profiles/cis_workstation_l2.profile b/products/almalinux8/profiles/cis_workstation_l2.profile
new file mode 100644
index 000000000..d6e882959
--- /dev/null
+++ b/products/almalinux8/profiles/cis_workstation_l2.profile
@@ -0,0 +1,26 @@
+documentation_complete: true
+
+metadata:
+    version: 3.0.0
+    SMEs:
+        - marcusburghardt
+        - vojtapolasek
+        - yuumasato
+
+reference: https://www.cisecurity.org/benchmark/almalinuxos_linux/
+
+title: 'CIS AlmaLinux OS 8 Benchmark for Level 2 - Workstation'
+
+description: |-
+    This profile defines a baseline that aligns to the "Level 2 - Workstation"
+    configuration from the Center for Internet Security® 
+    AlmaLinux OS 8 Benchmarkâ„¢, v3.0.0, released 2023-10-30.
+
+    This profile includes Center for Internet Security®
+    AlmaLinux OS 8 CIS Benchmarksâ„¢ content.
+
+selections:
+    - cis_rhel8:all:l2_workstation
+    # Following rules once had a prodtype incompatible with the rhel8 product
+    - '!file_owner_at_allow'
+    - '!package_dnsmasq_removed'
diff --git a/products/almalinux8/profiles/cjis.profile b/products/almalinux8/profiles/cjis.profile
new file mode 100644
index 000000000..21af964ea
--- /dev/null
+++ b/products/almalinux8/profiles/cjis.profile
@@ -0,0 +1,146 @@
+documentation_complete: true
+
+hidden: true
+
+metadata:
+    version: 5.4
+    SMEs:
+        - ggbecker
+
+reference: https://www.fbi.gov/services/cjis/cjis-security-policy-resource-center
+
+title: 'Criminal Justice Information Services (CJIS) Security Policy'
+
+description: |-
+    This profile is derived from FBI's CJIS v5.4
+    Security Policy. A copy of this policy can be found at the CJIS Security
+    Policy Resource Center:
+
+    https://www.fbi.gov/services/cjis/cjis-security-policy-resource-center
+
+selections:
+    - service_auditd_enabled
+    - grub2_audit_argument
+    - auditd_data_retention_num_logs
+    - auditd_data_retention_max_log_file
+    - auditd_data_retention_max_log_file_action
+    - auditd_data_retention_space_left_action
+    - auditd_data_retention_admin_space_left_action
+    - auditd_data_retention_action_mail_acct
+    - auditd_audispd_syslog_plugin_activated
+    - audit_rules_time_adjtimex
+    - audit_rules_time_settimeofday
+    - audit_rules_time_stime
+    - audit_rules_time_clock_settime
+    - audit_rules_time_watch_localtime
+    - audit_rules_usergroup_modification
+    - audit_rules_networkconfig_modification
+    - file_permissions_var_log_audit
+    - file_ownership_var_log_audit
+    - audit_rules_mac_modification
+    - audit_rules_dac_modification_chmod
+    - audit_rules_dac_modification_chown
+    - audit_rules_dac_modification_fchmod
+    - audit_rules_dac_modification_fchmodat
+    - audit_rules_dac_modification_fchown
+    - audit_rules_dac_modification_fchownat
+    - audit_rules_dac_modification_fremovexattr
+    - audit_rules_dac_modification_fsetxattr
+    - audit_rules_dac_modification_lchown
+    - audit_rules_dac_modification_lremovexattr
+    - audit_rules_dac_modification_lsetxattr
+    - audit_rules_dac_modification_removexattr
+    - audit_rules_dac_modification_setxattr
+    - audit_rules_login_events
+    - audit_rules_session_events
+    - audit_rules_unsuccessful_file_modification
+    - audit_rules_privileged_commands
+    - audit_rules_media_export
+    - audit_rules_file_deletion_events
+    - audit_rules_sysadmin_actions
+    - audit_rules_kernel_module_loading
+    - audit_rules_immutable
+    - account_unique_name
+    - gid_passwd_group_same
+    - accounts_password_all_shadowed
+    - no_empty_passwords
+    - display_login_attempts
+    - var_accounts_maximum_age_login_defs=90
+    - var_password_pam_unix_remember=10
+    - var_account_disable_post_pw_expiration=0
+    - var_password_pam_minlen=12
+    - var_accounts_minimum_age_login_defs=1
+    - var_password_pam_difok=6
+    - var_accounts_max_concurrent_login_sessions=3
+    - account_disable_post_pw_expiration
+    - accounts_password_pam_minlen
+    - accounts_minimum_age_login_defs
+    - accounts_password_pam_difok
+    - var_authselect_profile=sssd
+    - enable_authselect
+    - accounts_max_concurrent_login_sessions
+    - var_password_hashing_algorithm_pam=sha512
+    - set_password_hashing_algorithm_systemauth
+    - set_password_hashing_algorithm_passwordauth
+    - set_password_hashing_algorithm_logindefs
+    - set_password_hashing_algorithm_libuserconf
+    - file_owner_etc_shadow
+    - file_groupowner_etc_shadow
+    - file_permissions_etc_shadow
+    - file_owner_etc_group
+    - file_groupowner_etc_group
+    - file_permissions_etc_group
+    - file_owner_etc_passwd
+    - file_groupowner_etc_passwd
+    - file_permissions_etc_passwd
+    - file_owner_grub2_cfg
+    - file_groupowner_grub2_cfg
+    - var_password_pam_retry=5
+    - var_accounts_passwords_pam_faillock_deny=5
+    - var_accounts_passwords_pam_faillock_unlock_time=600
+    - dconf_db_up_to_date
+    - dconf_gnome_screensaver_idle_delay
+    - dconf_gnome_session_idle_user_locks
+    - dconf_gnome_screensaver_idle_activation_enabled
+    - dconf_gnome_screensaver_lock_enabled
+    - dconf_gnome_screensaver_mode_blank
+    - sshd_allow_only_protocol2
+    - sshd_set_idle_timeout
+    - var_sshd_set_keepalive=1
+    - sshd_set_keepalive_0
+    - disable_host_auth
+    - sshd_disable_root_login
+    - sshd_disable_empty_passwords
+    - sshd_enable_warning_banner
+    - sshd_do_not_permit_user_env
+    - var_system_crypto_policy=fips
+    - configure_crypto_policy
+    - configure_ssh_crypto_policy
+    - kernel_module_dccp_disabled
+    - kernel_module_sctp_disabled
+    - service_firewalld_enabled
+    - set_firewalld_default_zone
+    - firewalld_sshd_port_enabled
+    - sshd_idle_timeout_value=30_minutes
+    - inactivity_timeout_value=30_minutes
+    - sysctl_net_ipv4_conf_default_accept_source_route
+    - sysctl_net_ipv4_tcp_syncookies
+    - sysctl_net_ipv4_conf_all_send_redirects
+    - sysctl_net_ipv4_conf_default_send_redirects
+    - sysctl_net_ipv4_conf_all_accept_redirects
+    - sysctl_net_ipv4_conf_default_accept_redirects
+    - sysctl_net_ipv4_icmp_echo_ignore_broadcasts
+    - var_password_pam_ocredit=1
+    - var_password_pam_dcredit=1
+    - var_password_pam_ucredit=1
+    - var_password_pam_lcredit=1
+    - package_aide_installed
+    - aide_build_database
+    - aide_periodic_cron_checking
+    - rpm_verify_permissions
+    - rpm_verify_hashes
+    - ensure_almalinux_gpgkey_installed
+    - ensure_gpgcheck_globally_activated
+    - ensure_gpgcheck_never_disabled
+    - security_patches_up_to_date
+    - kernel_module_bluetooth_disabled
diff --git a/products/almalinux8/profiles/cui.profile b/products/almalinux8/profiles/cui.profile
new file mode 100644
index 000000000..54629c569
--- /dev/null
+++ b/products/almalinux8/profiles/cui.profile
@@ -0,0 +1,33 @@
+documentation_complete: true
+
+metadata:
+    version: TBD
+    SMEs:
+        - ggbecker
+
+title: 'Unclassified Information in Non-federal Information Systems and Organizations (NIST 800-171)'
+
+description: |-
+    From NIST 800-171, Section 2.2:
+    Security requirements for protecting the confidentiality of CUI in nonfederal
+    information systems and organizations have a well-defined structure that
+    consists of:
+
+    (i) a basic security requirements section;
+    (ii) a derived security requirements section.
+
+    The basic security requirements are obtained from FIPS Publication 200, which
+    provides the high-level and fundamental security requirements for federal
+    information and information systems. The derived security requirements, which
+    supplement the basic security requirements, are taken from the security controls
+    in NIST Special Publication 800-53.
+
+    This profile configures AlmaLinux OS 8 to the NIST Special
+    Publication 800-53 controls identified for securing Controlled Unclassified
+    Information (CUI)."
+
+extends: ospp
+
+selections:
+    - inactivity_timeout_value=10_minutes
+    - var_system_crypto_policy=fips
diff --git a/products/almalinux8/profiles/default.profile b/products/almalinux8/profiles/default.profile
new file mode 100644
index 000000000..9b5d9aa5e
--- /dev/null
+++ b/products/almalinux8/profiles/default.profile
@@ -0,0 +1,720 @@
+documentation_complete: true
+
+hidden: true
+
+title: Default Profile for AlmaLinux OS 8
+
+description: |-
+    This profile contains all the rules that once belonged to the
+    rhel8 product via 'prodtype'. This profile won't
+    be rendered into an XCCDF Profile entity, nor it will select any
+    of these rules by default. The only purpose of this profile
+    is to keep a rule in the product's XCCDF Benchmark.
+
+selections:
+    - sebool_nfsd_anon_write
+    - sebool_squid_connect_any
+    - sebool_polipo_connect_all_unreserved
+    - audit_rules_successful_file_modification_open_by_handle_at_o_trunc_write
+    - mount_option_var_tmp_bind
+    - sebool_selinuxuser_use_ssh_chroot
+    - sebool_condor_tcp_network_connect
+    - aide_use_fips_hashes
+    - sebool_xserver_object_manager
+    - mount_option_home_grpquota
+    - sebool_mpd_enable_homedirs
+    - auditd_data_retention_max_log_file_action_stig
+    - sebool_logadm_exec_content
+    - install_mcafee_antivirus
+    - httpd_configure_documentroot
+    - auditd_audispd_encrypt_sent_records
+    - audit_rules_unsuccessful_file_modification_openat_rule_order
+    - sebool_logwatch_can_network_connect_mail
+    - sebool_mpd_use_nfs
+    - sebool_virt_use_sanlock
+    - disable_anacron
+    - kernel_module_vfat_disabled
+    - sebool_xguest_use_bluetooth
+    - sebool_puppetagent_manage_all_files
+    - sebool_staff_use_svirt
+    - audit_rules_successful_file_modification_lsetxattr
+    - sebool_daemons_enable_cluster_mode
+    - package_samba-common_installed
+    - sebool_httpd_enable_cgi
+    - harden_openssl_crypto_policy
+    - dir_perms_world_writable_system_owned
+    - xwindows_remove_packages
+    - package_avahi_removed
+    - package_cups_removed
+    - package_iptables-services_removed
+    - sebool_httpd_can_network_memcache
+    - sebool_git_system_use_nfs
+    - sudoers_no_root_target
+    - enable_ldap_client
+    - sebool_httpd_can_connect_zabbix
+    - sebool_samba_portmapper
+    - audit_rules_etc_shadow_open
+    - sebool_httpd_graceful_shutdown
+    - httpd_limit_java_files
+    - sebool_ftpd_use_fusefs
+    - service_cups_disabled
+    - sebool_selinuxuser_ping
+    - package_pigz_removed
+    - sebool_unconfined_chrome_sandbox_transition
+    - avahi_prevent_port_sharing
+    - package_ntpdate_removed
+    - sebool_gitosis_can_sendmail
+    - set_loopback_traffic
+    - ntpd_specify_multiple_servers
+    - firewalld_sshd_disabled
+    - audit_rules_unsuccessful_file_modification_renameat
+    - sebool_pcp_read_generic_logs
+    - package_abrt-plugin-rhtsupport_removed
+    - sebool_httpd_run_ipa
+    - sebool_selinuxuser_share_music
+    - file_groupowner_var_log_syslog
+    - httpd_configure_perl_taint
+    - service_netfs_disabled
+    - sebool_dbadm_manage_user_files
+    - sebool_smbd_anon_write
+    - auditd_audispd_configure_remote_server
+    - service_ypserv_disabled
+    - sebool_nagios_run_sudo
+    - sebool_dbadm_exec_content
+    - package_ntp_installed
+    - package_cron_installed
+    - sebool_abrt_anon_write
+    - dconf_gnome_screensaver_idle_activation_locked
+    - audit_rules_successful_file_modification_unlinkat
+    - httpd_entrust_passwords
+    - httpd_proxy_support
+    - package_audit-audispd-plugins_installed
+    - sebool_xserver_clients_write_xshm
+    - service_rpcidmapd_disabled
+    - sebool_xdm_exec_bootloader
+    - sebool_httpd_serve_cobbler_files
+    - httpd_configure_log_format
+    - sebool_use_ecryptfs_home_dirs
+    - sebool_container_connect_any
+    - sebool_sge_domain_can_network_connect
+    - sebool_staff_exec_content
+    - file_permissions_home_dirs
+    - audit_rules_privileged_commands_newgidmap
+    - sebool_ssh_chroot_rw_homedirs
+    - sebool_virt_use_xserver
+    - no_netrc_files
+    - sebool_mozilla_plugin_use_spice
+    - package_libcap-ng-utils_installed
+    - sebool_abrt_handle_event
+    - sebool_tmpreaper_use_nfs
+    - sebool_httpd_can_connect_ldap
+    - ftp_restrict_to_anon
+    - sebool_mmap_low_allowed
+    - sebool_glance_use_fusefs
+    - sebool_httpd_dontaudit_search_dirs
+    - sebool_named_tcp_bind_http_port
+    - auditd_audispd_network_failure_action
+    - sebool_wine_mmap_zero_ignore
+    - sebool_cluster_use_execmem
+    - audit_rules_privileged_commands_usernetctl
+    - dconf_gnome_disable_user_admin
+    - sebool_ftpd_use_nfs
+    - sebool_httpd_use_fusefs
+    - service_iptables_enabled
+    - sebool_tor_bind_all_unreserved_ports
+    - httpd_configure_banner_page
+    - httpd_install_mod_ssl
+    - sebool_httpd_use_openstack
+    - sebool_icecast_use_any_tcp_ports
+    - sebool_virt_sandbox_use_all_caps
+    - audit_rules_unsuccessful_file_modification_rename
+    - package_binutils_installed
+    - sebool_openshift_use_nfs
+    - sebool_mailman_use_fusefs
+    - sebool_nfs_export_all_rw
+    - service_sysstat_disabled
+    - sebool_httpd_dbus_avahi
+    - dir_perms_etc_httpd_conf
+    - logwatch_configured_splithosts
+    - mount_option_smb_client_signing
+    - grub2_no_removeable_media
+    - audit_rules_successful_file_modification_open_o_trunc_write
+    - httpd_no_compilers_in_prod
+    - sebool_mplayer_execstack
+    - sebool_virt_sandbox_use_mknod
+    - audit_rules_unsuccessful_file_modification_open_by_handle_at_rule_order
+    - sebool_fcron_crond
+    - sebool_httpd_read_user_content
+    - sebool_samba_domain_controller
+    - service_sshd_disabled
+    - sebool_cobbler_anon_write
+    - audit_rules_successful_file_modification_openat_o_trunc_write
+    - audit_rules_successful_file_modification_removexattr
+    - sebool_xdm_write_home
+    - sebool_httpd_mod_auth_pam
+    - audit_rules_successful_file_modification_fchownat
+    - service_httpd_disabled
+    - sebool_pppd_for_user
+    - sebool_rsync_export_all_ro
+    - audit_rules_successful_file_modification_open_o_creat
+    - install_hids
+    - sebool_authlogin_radius
+    - httpd_configure_remote_session_encryption
+    - sebool_swift_can_network
+    - dhcp_server_disable_ddns
+    - sudo_restrict_others_executable_permission
+    - sshd_disable_pubkey_auth
+    - sebool_tor_can_network_relay
+    - postfix_server_banner
+    - sebool_virt_use_samba
+    - nfs_fixed_statd_port
+    - audit_privileged_commands_reboot
+    - sysctl_kernel_core_uses_pid
+    - install_mcafee_hbss_pa
+    - sebool_spamassassin_can_network
+    - package_syslogng_installed
+    - sebool_selinuxuser_postgresql_connect_enabled
+    - sebool_virt_sandbox_use_sys_admin
+    - httpd_ldap_support
+    - network_disable_zeroconf
+    - sebool_irssi_use_full_network
+    - sebool_sysadm_exec_content
+    - sebool_polipo_use_cifs
+    - sebool_samba_load_libgfapi
+    - package_rpcbind_removed
+    - sebool_samba_run_unconfined
+    - sebool_webadm_manage_user_files
+    - cups_disable_browsing
+    - service_certmonger_disabled
+    - sebool_zoneminder_run_sudo
+    - sebool_ftpd_anon_write
+    - sebool_rsync_anon_write
+    - install_mcafee_hbss_accm
+    - mount_option_proc_hidepid
+    - sebool_nfs_export_all_ro
+    - audit_rules_unsuccessful_file_modification_chown
+    - sebool_selinuxuser_udp_server
+    - sebool_cups_execmem
+    - httpd_enable_loglevel
+    - network_ipv6_disable_rpc
+    - sebool_httpd_execmem
+    - sebool_httpd_sys_script_anon_write
+    - audit_rules_unsuccessful_file_modification_open_by_handle_at_o_trunc_write
+    - sebool_ftpd_use_cifs
+    - audit_rules_etc_shadow_open_by_handle_at
+    - sebool_mysql_connect_any
+    - audit_rules_privileged_commands_pt_chown
+    - sebool_httpd_can_sendmail
+    - sebool_prosody_bind_http_port
+    - sebool_httpd_use_sasl
+    - sssd_memcache_timeout
+    - configure_opensc_card_drivers
+    - sebool_tftp_home_dir
+    - sebool_gssd_read_tmp
+    - sebool_squid_use_tproxy
+    - sebool_httpd_ssi_exec
+    - sebool_use_lpd_server
+    - httpd_restrict_root_directory
+    - audit_rules_successful_file_modification_open_by_handle_at_o_creat
+    - grub2_nousb_argument
+    - sebool_unconfined_login
+    - account_use_centralized_automated_auth
+    - httpd_configure_valid_server_cert
+    - sebool_xdm_bind_vnc_tcp_port
+    - sebool_deny_ptrace
+    - sebool_postgresql_selinux_transmit_client_label
+    - sysctl_net_ipv6_conf_all_disable_ipv6
+    - sebool_smartmon_3ware
+    - dconf_gnome_login_retries
+    - dhcp_server_configure_logging
+    - audit_rules_unsuccessful_file_modification_setxattr
+    - sudo_vdsm_nopasswd
+    - sebool_global_ssp
+    - package_iptables-services_installed
+    - service_smb_disabled
+    - sebool_virt_rw_qemu_ga_data
+    - sebool_selinuxuser_tcp_server
+    - package_inetutils-telnetd_removed
+    - audit_rules_successful_file_modification_openat
+    - audit_rules_unsuccessful_file_modification_fchmod
+    - service_ntpd_enabled
+    - file_permissions_httpd_server_conf_files
+    - sebool_httpd_use_gpg
+    - sysconfig_networking_bootproto_ifcfg
+    - sebool_spamd_enable_home_dirs
+    - package_openldap-servers_removed
+    - avahi_disable_publishing
+    - audit_rules_successful_file_modification_fchmod
+    - dns_server_disable_dynamic_updates
+    - sebool_fenced_can_network_connect
+    - sebool_virt_use_nfs
+    - sebool_lsmd_plugin_connect_any
+    - account_passwords_pam_faillock_dir
+    - package_iptables_installed
+    - httpd_configure_script_permissions
+    - sebool_authlogin_yubikey
+    - sebool_authlogin_nsswitch_use_ldap
+    - dconf_gnome_disable_geolocation
+    - sebool_httpd_run_preupgrade
+    - sebool_httpd_use_cifs
+    - sebool_telepathy_tcp_connect_generic_network_ports
+    - httpd_cache_support
+    - dir_perms_var_log_httpd
+    - nfs_fixed_lockd_udp_port
+    - sebool_entropyd_use_audio
+    - accounts_users_home_files_ownership
+    - sebool_httpd_enable_ftp_server
+    - sebool_postgresql_selinux_users_ddl
+    - http_configure_log_file_ownership
+    - xwindows_runlevel_target
+    - package_talk-server_removed
+    - kernel_module_ipv6_option_disabled
+    - sebool_cobbler_use_nfs
+    - sebool_mozilla_plugin_can_network_connect
+    - httpd_restrict_web_directory
+    - sebool_ftpd_full_access
+    - sebool_mcelog_foreground
+    - sebool_xguest_exec_content
+    - sebool_daemons_dump_core
+    - audit_rules_successful_file_modification_renameat
+    - uefi_no_removeable_media
+    - kernel_module_cfg80211_disabled
+    - sebool_git_cgi_use_cifs
+    - sebool_virt_sandbox_use_netlink
+    - enable_dconf_user_profile
+    - service_dhcpd_disabled
+    - smb_server_disable_root
+    - service_nfslock_disabled
+    - auditd_data_retention_admin_space_left_percentage
+    - sebool_openvpn_run_unconfined
+    - package_sssd_installed
+    - sebool_gluster_anon_write
+    - audit_rules_successful_file_modification_open
+    - sebool_secure_mode_insmod
+    - sebool_nscd_use_shm
+    - sebool_ksmtuned_use_cifs
+    - sebool_nagios_run_pnp4nagios
+    - sebool_selinuxuser_direct_dri_enabled
+    - sebool_haproxy_connect_any
+    - audit_rules_etc_shadow_openat
+    - dns_server_authenticate_zone_transfers
+    - sebool_pppd_can_insmod
+    - sebool_glance_api_can_network
+    - httpd_serversignature_off
+    - accounts_passwords_pam_faillock_enforce_local
+    - sebool_mozilla_plugin_use_bluejeans
+    - sebool_mozilla_read_content
+    - restrict_nfs_clients_to_privileged_ports
+    - sebool_virt_use_usb
+    - sebool_virt_use_execmem
+    - install_antivirus
+    - sebool_virt_read_qemu_ga_data
+    - service_vsftpd_disabled
+    - sebool_user_exec_content
+    - sebool_gluster_export_all_ro
+    - sebool_mcelog_server
+    - package_nss-tools_installed
+    - sebool_mount_anyfile
+    - sebool_sge_use_nfs
+    - service_saslauthd_disabled
+    - sebool_daemons_use_tty
+    - sebool_mcelog_client
+    - sebool_rsync_client
+    - sebool_privoxy_connect_any
+    - postfix_client_configure_relayhost
+    - audit_privileged_commands_init
+    - sebool_httpd_builtin_scripting
+    - iptables_sshd_disabled
+    - grub2_ipv6_disable_argument
+    - etc_system_fips_exists
+    - dconf_gnome_disable_thumbnailers
+    - sebool_varnishd_connect_any
+    - ensure_gpgcheck_repo_metadata
+    - audit_rules_for_ospp
+    - package_rsh_removed
+    - network_ipv6_privacy_extensions
+    - dconf_gnome_enable_smartcard_auth
+    - httpd_servertokens_prod
+    - service_postfix_enabled
+    - package_openssh-server_removed
+    - timer_logrotate_enabled
+    - httpd_limit_available_methods
+    - sebool_httpd_can_connect_mythtv
+    - audit_rules_successful_file_modification_lchown
+    - sebool_tftp_anon_write
+    - dhcp_server_deny_decline
+    - sebool_cobbler_can_network_connect
+    - sebool_samba_export_all_ro
+    - service_cron_enabled
+    - httpd_webdav
+    - service_rhnsd_disabled
+    - httpd_configure_max_keepalive_requests
+    - audit_rules_successful_file_modification_unlink
+    - wireless_disable_in_bios
+    - no_all_squash_exports
+    - sebool_use_samba_home_dirs
+    - audit_rules_etc_gshadow_openat
+    - service_ufw_enabled
+    - package_psacct_installed
+    - network_disable_ddns_interfaces
+    - nfs_no_anonymous
+    - dir_permissions_binary_dirs
+    - sebool_xend_run_blktap
+    - dconf_gnome_disable_wifi_notification
+    - package_nis_removed
+    - httpd_server_side_includes
+    - audit_rules_etc_passwd_open
+    - dhcp_client_restrict_options
+    - sebool_openvpn_can_network_connect
+    - httpd_server_configuration_display
+    - account_emergency_expire_date
+    - sebool_unconfined_mozilla_plugin_transition
+    - audit_rules_unsuccessful_file_modification_lremovexattr
+    - file_permissions_var_log_syslog
+    - sebool_git_cgi_enable_homedirs
+    - dovecot_configure_ssl_cert
+    - audit_rules_etc_passwd_open_by_handle_at
+    - audit_rules_privileged_commands_at
+    - sebool_virt_use_fusefs
+    - avahi_ip_only
+    - kernel_module_iwlmvm_disabled
+    - service_ntp_enabled
+    - file_owner_var_log_syslog
+    - service_ip6tables_enabled
+    - sebool_logging_syslogd_run_nagios_plugins
+    - sebool_mozilla_plugin_use_gps
+    - service_slapd_disabled
+    - partition_for_web_content
+    - audit_rules_unsuccessful_file_modification_open_o_trunc_write
+    - package_tar_installed
+    - httpd_private_server_on_separate_subnet
+    - use_root_squashing_all_exports
+    - sebool_ftpd_connect_all_unreserved
+    - configure_user_data_backups
+    - dir_ownership_binary_dirs
+    - nfs_fixed_lockd_tcp_port
+    - sebool_mcelog_exec_scripts
+    - httpd_configure_tls
+    - sysctl_net_ipv4_tcp_invalid_ratelimit
+    - sebool_xserver_execmem
+    - snmpd_not_default_password
+    - service_nftables_enabled
+    - sysctl_net_ipv6_conf_default_disable_ipv6
+    - sebool_cron_userdomain_transition
+    - sebool_collectd_tcp_network_connect
+    - sebool_httpd_enable_homedirs
+    - sebool_httpd_unified
+    - service_ypbind_disabled
+    - selinux_all_devicefiles_labeled
+    - audit_rules_privileged_commands_newuidmap
+    - ldap_client_tls_cacertpath
+    - sebool_zabbix_can_network
+    - audit_rules_unsuccessful_file_modification_chmod
+    - sebool_gpg_web_anon_write
+    - fapolicyd_prevent_home_folder_access
+    - no_legacy_plus_entries_etc_passwd
+    - sebool_sanlock_use_nfs
+    - httpd_restrict_critical_directories
+    - ldap_client_start_tls
+    - sebool_racoon_read_shadow
+    - audit_rules_successful_file_modification_fsetxattr
+    - sssd_enable_pam_services
+    - service_sssd_enabled
+    - service_psacct_enabled
+    - audit_rules_successful_file_modification_fremovexattr
+    - httpd_remove_backups
+    - service_netconsole_disabled
+    - file_permissions_httpd_server_conf_d_files
+    - audit_rules_successful_file_modification_rename
+    - sebool_guest_exec_content
+    - sebool_selinuxuser_mysql_connect_enabled
+    - sebool_antivirus_use_jit
+    - sebool_ksmtuned_use_nfs
+    - audit_rules_successful_file_modification_setxattr
+    - sssd_ldap_configure_tls_ca
+    - grub2_systemd_debug-shell_argument_absent
+    - sebool_polipo_session_bind_all_unreserved_ports
+    - sebool_secure_mode_policyload
+    - sebool_webadm_read_user_files
+    - auditd_data_disk_full_action_stig
+    - audit_rules_unsuccessful_file_modification_open_by_handle_at_o_creat
+    - audit_rules_unsuccessful_file_modification_fsetxattr
+    - avahi_restrict_published_information
+    - sebool_git_session_users
+    - sebool_exim_manage_user_files
+    - sshd_enable_gssapi_auth
+    - httpd_digest_authentication
+    - sebool_minidlna_read_generic_user_content
+    - audit_rules_etc_group_openat
+    - umask_for_daemons
+    - sebool_httpd_can_network_connect_cobbler
+    - service_mdmonitor_disabled
+    - audit_rules_unsuccessful_file_modification_fchownat
+    - sebool_openvpn_enable_homedirs
+    - zipl_enable_selinux
+    - bios_disable_usb_boot
+    - audit_rules_unsuccessful_file_modification_open_o_creat
+    - kernel_config_ipv6
+    - service_rpcgssd_disabled
+    - audit_rules_successful_file_modification_chown
+    - audit_rules_successful_file_modification_fchmodat
+    - sebool_dhcpc_exec_iptables
+    - httpd_public_resources_not_shared
+    - audit_rules_unsuccessful_file_modification_removexattr
+    - sebool_telepathy_connect_all_ports
+    - httpd_enable_error_logging
+    - httpd_disable_mime_types
+    - sebool_postgresql_can_rsync
+    - audit_rules_unsuccessful_file_modification_openat_o_trunc_write
+    - httpd_install_mod_security
+    - package_telnetd_removed
+    - sebool_httpd_setrlimit
+    - service_dovecot_disabled
+    - service_cockpit_disabled
+    - no_legacy_plus_entries_etc_group
+    - mount_option_boot_noauto
+    - nfs_fixed_mountd_port
+    - sebool_git_cgi_use_nfs
+    - httpd_remove_robots_file
+    - sebool_git_system_use_cifs
+    - sebool_httpd_use_nfs
+    - sshd_enable_pubkey_auth
+    - audit_rules_unsuccessful_file_modification_lchown
+    - dconf_gnome_disable_wifi_create
+    - audit_rules_successful_file_modification_fchown
+    - sssd_ldap_configure_tls_ca_dir
+    - sebool_git_system_enable_homedirs
+    - sebool_httpd_can_check_spam
+    - package_pcsc-lite_installed
+    - sebool_mpd_use_cifs
+    - sebool_xen_use_nfs
+    - zipl_systemd_debug-shell_argument_absent
+    - sebool_samba_enable_home_dirs
+    - service_named_disabled
+    - service_syslogng_enabled
+    - sebool_sanlock_use_fusefs
+    - account_passwords_pam_faillock_audit
+    - sebool_ssh_keysign
+    - httpd_require_client_certs
+    - sebool_zebra_write_config
+    - sebool_kerberos_enabled
+    - httpd_disable_content_symlinks
+    - package_sssd-ipa_installed
+    - sebool_irc_use_any_tcp_ports
+    - audit_rules_etc_gshadow_open_by_handle_at
+    - sebool_samba_export_all_rw
+    - httpd_anonymous_content_sharing
+    - audit_rules_successful_file_modification_truncate
+    - dhcp_server_minimize_served_info
+    - file_permissions_httpd_server_modules_files
+    - httpd_mime_magic
+    - audit_rules_successful_file_modification_open_by_handle_at
+    - sebool_tmpreaper_use_samba
+    - sebool_xdm_sysadm_login
+    - sebool_samba_create_home_dirs
+    - sebool_login_console_enabled
+    - sebool_secadm_exec_content
+    - httpd_configure_firewall
+    - sssd_ldap_configure_tls_reqcert
+    - audit_rules_successful_file_modification_chmod
+    - sebool_nis_enabled
+    - ftp_log_transactions
+    - sebool_cvs_read_shadow
+    - audit_rules_unsuccessful_file_modification_lsetxattr
+    - sebool_xend_run_qemu
+    - auditd_data_disk_error_action_stig
+    - sebool_virt_use_comm
+    - installed_OS_is_FIPS_certified
+    - mcafee_antivirus_definitions_updated
+    - network_ipv6_default_gateway
+    - sebool_httpd_can_network_connect
+    - sebool_virt_sandbox_use_audit
+    - sshd_disable_root_password_login
+    - set_firewalld_appropriate_zone
+    - harden_sshd_crypto_policy
+    - package_telnetd-ssl_removed
+    - network_ipv6_disable_interfaces
+    - package_vsftpd_installed
+    - sebool_puppetmaster_use_db
+    - audit_rules_successful_file_modification_ftruncate
+    - logwatch_configured_hostlimit
+    - dns_server_disable_zone_transfers
+    - no_insecure_locks_exports
+    - dconf_gnome_disable_power_settings
+    - package_abrt-plugin-logger_removed
+    - sebool_mozilla_plugin_bind_unreserved_ports
+    - package_MFEhiplsm_installed
+    - sebool_fenced_can_ssh
+    - sebool_glance_use_execmem
+    - audit_rules_etc_passwd_openat
+    - sebool_rsync_full_access
+    - httpd_server_activity_status
+    - snmpd_no_rwusers
+    - httpd_ignore_htaccess_files
+    - service_pcscd_enabled
+    - mount_option_home_usrquota
+    - sebool_logging_syslogd_can_sendmail
+    - service_quota_nld_disabled
+    - sebool_ftpd_use_passive_mode
+    - sebool_cluster_can_network_connect
+    - sebool_cdrecord_read_content
+    - sebool_antivirus_can_scan_system
+    - rsyslog_logging_configured
+    - sebool_httpd_manage_ipa
+    - audit_rules_dac_modification_umount
+    - sebool_samba_share_nfs
+    - sebool_domain_kernel_load_modules
+    - package_389-ds-base_removed
+    - mount_option_krb_sec_remote_filesystems
+    - sebool_logging_syslogd_use_tty
+    - audit_rules_etc_group_open
+    - ftp_disable_uploads
+    - sebool_secure_mode
+    - set_iptables_default_rule_forward
+    - httpd_enable_log_config
+    - service_rsh_disabled
+    - zipl_vsyscall_argument
+    - audit_rules_unsuccessful_file_modification_openat_o_creat
+    - dovecot_enable_ssl
+    - sebool_awstats_purge_apache_log_files
+    - ftp_home_partition
+    - httpd_url_correction
+    - sebool_httpd_tmp_exec
+    - sebool_sanlock_use_samba
+    - audit_privileged_commands_poweroff
+    - force_opensc_card_drivers
+    - audit_rules_successful_file_modification_creat
+    - sebool_domain_fd_use
+    - package_avahi-autoipd_removed
+    - sebool_httpd_can_connect_ftp
+    - sebool_httpd_anon_write
+    - root_path_default
+    - sebool_dhcpd_use_ldap
+    - httpd_antivirus_scan_uploads
+    - coreos_enable_selinux_kernel_argument
+    - sebool_postgresql_selinux_unconfined_dbadm
+    - kernel_disable_entropy_contribution_for_solid_state_drives
+    - sebool_use_fusefs_home_dirs
+    - sebool_abrt_upload_watch_anon_write
+    - dconf_gnome_disable_restart_shutdown
+    - audit_rules_successful_file_modification_lremovexattr
+    - sebool_virt_transition_userdomain
+    - sshd_use_priv_separation
+    - sudo_add_passwd_timeout
+    - package_freeradius_removed
+    - avahi_check_ttl
+    - audit_privileged_commands_shutdown
+    - service_tftp_disabled
+    - sebool_httpd_tty_comm
+    - sebool_dbadm_read_user_files
+    - service_rpcsvcgssd_disabled
+    - audit_rules_unsuccessful_file_modification_unlink
+    - auditd_audispd_disk_full_action
+    - httpd_enable_system_logging
+    - httpd_encrypt_file_uploads
+    - sssd_ssh_known_hosts_timeout
+    - sebool_exim_read_user_files
+    - ftp_limit_users
+    - sebool_zarafa_setrlimit
+    - kernel_module_mac80211_disabled
+    - sebool_kdumpgui_run_bootloader
+    - service_portreserve_disabled
+    - chronyd_or_ntpd_specify_remote_server
+    - rsyslog_accept_remote_messages_tcp
+    - sebool_httpd_verify_dns
+    - ip6tables_rules_for_open_ports
+    - set_nftables_table
+    - accounts_password_pam_enforce_local
+    - usbguard_allow_hub
+    - sebool_polipo_use_nfs
+    - sebool_exim_can_connect_db
+    - package_libreport-plugin-rhtsupport_removed
+    - sebool_unprivuser_use_svirt
+    - sssd_run_as_sssd_user
+    - sebool_httpd_run_stickshift
+    - httpd_nipr_accredited_dmz
+    - set_ipv6_loopback_traffic
+    - package_systemd-journal-remote_installed
+    - ftp_configure_firewall
+    - sssd_ldap_start_tls
+    - sebool_cron_can_relabel
+    - httpd_mod_rewrite
+    - network_ipv6_static_address
+    - package_libreswan_installed
+    - audit_rules_unsuccessful_file_modification_fremovexattr
+    - sebool_httpd_dbus_sssd
+    - sebool_xguest_connect_network
+    - package_geolite2-country_removed
+    - audit_rules_etc_group_open_by_handle_at
+    - sebool_daemons_use_tcp_wrapper
+    - httpd_disable_anonymous_ftp_access
+    - sebool_use_nfs_home_dirs
+    - dhcp_server_deny_bootp
+    - sebool_conman_can_network
+    - sebool_logrotate_use_nfs
+    - audit_rules_unsuccessful_file_modification_fchown
+    - sebool_httpd_can_network_connect_db
+    - sebool_gluster_export_all_rw
+    - package_vim_installed
+    - sebool_named_write_master_zones
+    - sebool_postfix_local_write_mail_spool
+    - httpd_cgi_support
+    - sebool_xguest_mount_media
+    - bios_assign_password
+    - service_cpupower_disabled
+    - sebool_selinuxuser_rw_noexattrfile
+    - sebool_cron_system_cronjob_use_shares
+    - sebool_virt_use_rawip
+    - sebool_pcp_bind_all_unreserved_ports
+    - install_mcafee_cma_rt
+    - no_root_webbrowsing
+    - audit_rules_etc_gshadow_open
+    - sebool_saslauthd_read_shadow
+    - service_rhsmcertd_disabled
+    - sebool_mock_enable_homedirs
+    - ntpd_specify_remote_server
+    - audit_rules_successful_file_modification_openat_o_creat
+    - kernel_module_iwlwifi_disabled
+    - sebool_zoneminder_anon_write
+    - sshd_enable_x11_forwarding
+    - dconf_gnome_screensaver_user_info
+    - require_smb_client_signing
+    - sshd_disable_rhosts_rsa
+    - sebool_neutron_can_network
+    - dovecot_disable_plaintext_auth
+    - sebool_ftpd_connect_db
+    - sebool_httpd_mod_auth_ntlm_winbind
+    - sebool_samba_share_fusefs
+    - harden_ssh_client_crypto_policy
+    - sebool_cobbler_use_cifs
+    - sebool_httpd_can_network_relay
+    - package_geolite2-city_removed
+    - set_iptables_default_rule
+    - sebool_piranha_lvs_can_network_connect
+    - cups_disable_printserver
+    - usbguard_allow_hid
+    - package_talk_removed
+    - no_legacy_plus_entries_etc_shadow
+    - sebool_git_session_bind_all_unreserved_ports
+    - service_acpid_disabled
+    - rsyslog_accept_remote_messages_udp
+    - sebool_boinc_execmem
+    - service_nails_enabled
+    - audit_rules_unsuccessful_file_modification_unlinkat
+    - disable_logwatch_for_logserver
+    - sebool_fips_mode
+    - audit_rules_unsuccessful_file_modification_open_rule_order
+    - ftp_present_banner
+    - audit_rules_unsuccessful_file_modification_fchmodat
+    - sebool_polipo_session_users
+    - sebool_cluster_manage_all_files
+    - iptables_rules_for_open_ports
+    - dovecot_configure_ssl_key
+    - banner_etc_motd
+    - banner_etc_issue_net
+    - agent_mfetpd_running
+    - configure_bashrc_tmux
+    - configure_tmux_lock_keybinding
+    - package_mcafeetp_installed
+    - harden_sshd_ciphers_openssh_conf_crypto_policy
+    - harden_sshd_macs_openssh_conf_crypto_policy
diff --git a/products/almalinux8/profiles/e8.profile b/products/almalinux8/profiles/e8.profile
new file mode 100644
index 000000000..85bf92a59
--- /dev/null
+++ b/products/almalinux8/profiles/e8.profile
@@ -0,0 +1,152 @@
+documentation_complete: true
+
+metadata:
+    SMEs:
+        - shaneboulden
+        - tjbutt58
+
+reference: https://www.cyber.gov.au/acsc/view-all-content/publications/hardening-linux-workstations-and-servers 
+
+title: 'Australian Cyber Security Centre (ACSC) Essential Eight'
+
+description: |-
+  This profile contains configuration checks for AlmaLinux OS 8
+  that align to the Australian Cyber Security Centre (ACSC) Essential Eight.
+
+  A copy of the Essential Eight in Linux Environments guide can be found at the
+  ACSC website:
+
+  https://www.cyber.gov.au/acsc/view-all-content/publications/hardening-linux-workstations-and-servers
+
+selections:
+
+  ### Remove obsolete packages
+  - package_talk_removed
+  - package_talk-server_removed
+  - package_xinetd_removed
+  - service_xinetd_disabled
+  - package_ypbind_removed
+  - package_telnet_removed
+  - service_telnet_disabled
+  - package_telnet-server_removed
+  - package_rsh_removed
+  - package_rsh-server_removed
+  - service_zebra_disabled
+  - package_quagga_removed
+  - service_avahi-daemon_disabled
+  - package_squid_removed
+  - service_squid_disabled
+
+  ### Software update
+  - ensure_almalinux_gpgkey_installed
+  - ensure_gpgcheck_never_disabled
+  - ensure_gpgcheck_local_packages
+  - ensure_gpgcheck_globally_activated
+  - security_patches_up_to_date
+  - dnf-automatic_security_updates_only
+
+  ### System security settings
+  - sysctl_kernel_randomize_va_space
+  - sysctl_kernel_exec_shield
+  - sysctl_kernel_kptr_restrict
+  - sysctl_kernel_dmesg_restrict
+  - sysctl_kernel_kexec_load_disabled
+  - sysctl_kernel_yama_ptrace_scope
+  - sysctl_kernel_unprivileged_bpf_disabled
+  - sysctl_net_core_bpf_jit_harden
+
+  ### SELinux
+  - var_selinux_state=enforcing
+  - selinux_state
+  - var_selinux_policy_name=targeted
+  - selinux_policytype
+
+  ### Filesystem integrity
+  - rpm_verify_hashes
+  - rpm_verify_permissions
+  - rpm_verify_ownership
+  - file_permissions_unauthorized_sgid
+  - file_permissions_unauthorized_suid
+  - file_permissions_unauthorized_world_writable
+  - dir_perms_world_writable_sticky_bits
+  - file_permissions_library_dirs
+  - file_ownership_binary_dirs
+  - file_permissions_binary_dirs
+  - file_ownership_library_dirs
+
+  ### Passwords
+  - var_authselect_profile=sssd
+  - enable_authselect
+  - no_empty_passwords
+
+  ### Partitioning
+  - mount_option_dev_shm_nodev
+  - mount_option_dev_shm_nosuid
+  - mount_option_dev_shm_noexec
+
+  ### Network
+  - package_firewalld_installed
+  - service_firewalld_enabled
+  - network_sniffer_disabled
+
+  ### Admin privileges
+  - accounts_no_uid_except_zero
+  - sudo_remove_nopasswd
+  - sudo_remove_no_authenticate
+  - sudo_require_authentication
+
+  ### Audit
+  - package_rsyslog_installed
+  - service_rsyslog_enabled
+  - service_auditd_enabled
+  - var_auditd_flush=incremental_async
+  - auditd_data_retention_flush
+  - auditd_local_events
+  - auditd_write_logs
+  - auditd_log_format
+  - auditd_freq
+  - auditd_name_format
+  - audit_rules_login_events_tallylog
+  - audit_rules_login_events_faillock
+  - audit_rules_login_events_lastlog
+  - audit_rules_login_events
+  - audit_rules_time_adjtimex
+  - audit_rules_time_clock_settime
+  - audit_rules_time_watch_localtime
+  - audit_rules_time_settimeofday
+  - audit_rules_time_stime
+  - audit_rules_execution_restorecon
+  - audit_rules_execution_chcon
+  - audit_rules_execution_semanage
+  - audit_rules_execution_setsebool
+  - audit_rules_execution_setfiles
+  - audit_rules_execution_seunshare
+  - audit_rules_sysadmin_actions
+  - audit_rules_networkconfig_modification
+  - audit_rules_usergroup_modification
+  - audit_rules_dac_modification_chmod
+  - audit_rules_dac_modification_chown
+  - audit_rules_kernel_module_loading
+
+  ### Secure access
+  - sshd_disable_root_login
+  - sshd_disable_gssapi_auth
+  - sshd_print_last_log
+  - sshd_do_not_permit_user_env
+  - sshd_disable_rhosts
+  - sshd_set_loglevel_info
+  - sshd_disable_empty_passwords
+  - sshd_disable_user_known_hosts
+  - sshd_enable_strictmodes
+
+  # See also: https://www.cyber.gov.au/acsc/view-all-content/guidance/asd-approved-cryptographic-algorithms
+  - var_system_crypto_policy=default_nosha1
+  - configure_crypto_policy
+  - configure_ssh_crypto_policy
+
+  ### Application whitelisting
+  - package_fapolicyd_installed
+  - service_fapolicyd_enabled
+
+  ### Backup
+  - package_rear_installed
diff --git a/products/almalinux8/profiles/hipaa.profile b/products/almalinux8/profiles/hipaa.profile
new file mode 100644
index 000000000..17a5de48d
--- /dev/null
+++ b/products/almalinux8/profiles/hipaa.profile
@@ -0,0 +1,166 @@
+documentation_complete: True
+
+metadata:
+    SMEs:
+        - jjaswanson4
+
+reference: https://www.hhs.gov/hipaa/for-professionals/index.html
+
+title: 'Health Insurance Portability and Accountability Act (HIPAA)'
+
+description: |-
+    The HIPAA Security Rule establishes U.S. national standards to protect individuals’
+    electronic personal health information that is created, received, used, or
+    maintained by a covered entity. The Security Rule requires appropriate
+    administrative, physical and technical safeguards to ensure the
+    confidentiality, integrity, and security of electronic protected health
+    information.
+
+    This profile configures AlmaLinux OS 8 to the HIPAA Security
+    Rule identified for securing of electronic protected health information.
+    Use of this profile in no way guarantees or makes claims against legal compliance against the HIPAA Security Rule(s).   
+
+selections:
+    - grub2_password
+    - grub2_uefi_password
+    - file_groupowner_grub2_cfg
+    - file_owner_grub2_cfg
+    - grub2_disable_interactive_boot
+    - no_direct_root_logins
+    - no_empty_passwords
+    - require_singleuser_auth
+    - restrict_serial_port_logins
+    - securetty_root_login_console_only
+    - service_debug-shell_disabled
+    - disable_ctrlaltdel_reboot
+    - disable_ctrlaltdel_burstaction
+    - dconf_db_up_to_date
+    - dconf_gnome_remote_access_credential_prompt
+    - dconf_gnome_remote_access_encryption
+    - sshd_disable_empty_passwords
+    - sshd_disable_root_login
+    - libreswan_approved_tunnels
+    - no_rsh_trust_files
+    - package_rsh-server_removed
+    - package_talk_removed
+    - package_talk-server_removed
+    - package_telnet_removed
+    - package_telnet-server_removed
+    - package_xinetd_removed
+    - service_crond_enabled
+    - service_rexec_disabled
+    - service_rlogin_disabled
+    - service_telnet_disabled
+    - service_xinetd_disabled
+    - service_zebra_disabled
+    - use_kerberos_security_all_exports
+    - var_authselect_profile=sssd
+    - enable_authselect
+    - disable_host_auth
+    - sshd_allow_only_protocol2
+    - sshd_disable_compression
+    - sshd_disable_gssapi_auth
+    - sshd_disable_kerb_auth
+    - sshd_do_not_permit_user_env
+    - sshd_enable_strictmodes
+    - sshd_enable_warning_banner
+    - var_sshd_set_keepalive=1
+    - sshd_set_keepalive_0
+    - encrypt_partitions
+    - var_system_crypto_policy=fips
+    - configure_crypto_policy
+    - configure_ssh_crypto_policy
+    - var_selinux_policy_name=targeted
+    - var_selinux_state=enforcing
+    - grub2_enable_selinux
+    - sebool_selinuxuser_execheap
+    - sebool_selinuxuser_execmod
+    - sebool_selinuxuser_execstack
+    - selinux_confinement_of_daemons
+    - selinux_policytype
+    - selinux_state
+    - service_kdump_disabled
+    - sysctl_fs_suid_dumpable
+    - sysctl_kernel_dmesg_restrict
+    - sysctl_kernel_exec_shield
+    - sysctl_kernel_randomize_va_space
+    - rpm_verify_hashes
+    - rpm_verify_permissions
+    - ensure_almalinux_gpgkey_installed
+    - ensure_gpgcheck_globally_activated
+    - ensure_gpgcheck_never_disabled
+    - ensure_gpgcheck_local_packages
+    - grub2_audit_argument
+    - service_auditd_enabled
+    - audit_rules_privileged_commands_sudo
+    - audit_rules_privileged_commands_su
+    - audit_rules_immutable
+    - kernel_module_usb-storage_disabled
+    - service_autofs_disabled
+    - auditd_audispd_syslog_plugin_activated
+    - rsyslog_remote_loghost
+    - auditd_data_retention_flush
+    - audit_rules_dac_modification_chmod
+    - audit_rules_dac_modification_chown
+    - audit_rules_dac_modification_fchmodat
+    - audit_rules_dac_modification_fchmod
+    - audit_rules_dac_modification_fchownat
+    - audit_rules_dac_modification_fchown
+    - audit_rules_dac_modification_fremovexattr
+    - audit_rules_dac_modification_fsetxattr
+    - audit_rules_dac_modification_lchown
+    - audit_rules_dac_modification_lremovexattr
+    - audit_rules_dac_modification_lsetxattr
+    - audit_rules_dac_modification_removexattr
+    - audit_rules_dac_modification_setxattr
+    - audit_rules_execution_chcon
+    - audit_rules_execution_restorecon
+    - audit_rules_execution_semanage
+    - audit_rules_execution_setsebool
+    - audit_rules_file_deletion_events_renameat
+    - audit_rules_file_deletion_events_rename
+    - audit_rules_file_deletion_events_rmdir
+    - audit_rules_file_deletion_events_unlinkat
+    - audit_rules_file_deletion_events_unlink
+    - audit_rules_kernel_module_loading_delete
+    - audit_rules_kernel_module_loading_init
+    - audit_rules_login_events_faillock
+    - audit_rules_login_events_lastlog
+    - audit_rules_login_events_tallylog
+    - audit_rules_mac_modification
+    - audit_rules_media_export
+    - audit_rules_networkconfig_modification
+    - audit_rules_privileged_commands_chage
+    - audit_rules_privileged_commands_chsh
+    - audit_rules_privileged_commands_crontab
+    - audit_rules_privileged_commands_gpasswd
+    - audit_rules_privileged_commands_newgrp
+    - audit_rules_privileged_commands_pam_timestamp_check
+    - audit_rules_privileged_commands_passwd
+    - audit_rules_privileged_commands_postdrop
+    - audit_rules_privileged_commands_postqueue
+    - audit_rules_privileged_commands_ssh_keysign
+    - audit_rules_privileged_commands_sudoedit
+    - audit_rules_privileged_commands_umount
+    - audit_rules_privileged_commands_unix_chkpwd
+    - audit_rules_privileged_commands_userhelper
+    - audit_rules_session_events
+    - audit_rules_sysadmin_actions
+    - audit_rules_system_shutdown
+    - var_audit_failure_mode=panic
+    - audit_rules_time_adjtimex
+    - audit_rules_time_clock_settime
+    - audit_rules_time_settimeofday
+    - audit_rules_time_stime
+    - audit_rules_time_watch_localtime
+    - audit_rules_unsuccessful_file_modification_creat
+    - audit_rules_unsuccessful_file_modification_ftruncate
+    - audit_rules_unsuccessful_file_modification_openat
+    - audit_rules_unsuccessful_file_modification_open_by_handle_at
+    - audit_rules_unsuccessful_file_modification_open
+    - audit_rules_unsuccessful_file_modification_truncate
+    - audit_rules_usergroup_modification_group
+    - audit_rules_usergroup_modification_gshadow
+    - audit_rules_usergroup_modification_opasswd
+    - audit_rules_usergroup_modification_passwd
+    - audit_rules_usergroup_modification_shadow
diff --git a/products/almalinux8/profiles/ism_o.profile b/products/almalinux8/profiles/ism_o.profile
new file mode 100644
index 000000000..8c9b11860
--- /dev/null
+++ b/products/almalinux8/profiles/ism_o.profile
@@ -0,0 +1,139 @@
+documentation_complete: true
+
+metadata:
+    SMEs:
+        - shaneboulden
+        - wcushen
+        - eliseelk
+        - sashperso
+        - anjuskantha
+
+reference: https://www.cyber.gov.au/ism
+
+title: 'Australian Cyber Security Centre (ACSC) ISM Official'
+
+description: |-
+  This profile contains configuration checks for AlmaLinux OS 8
+  that align to the Australian Cyber Security Centre (ACSC) Information Security Manual (ISM)
+  with the applicability marking of OFFICIAL.
+
+  The ISM uses a risk-based approach to cyber security. This profile provides a guide to aligning 
+  AlmaLinux OS security controls with the ISM, which can be used to select controls 
+  specific to an organisation's security posture and risk profile.
+
+  A copy of the ISM can be found at the ACSC website:
+
+  https://www.cyber.gov.au/ism
+
+extends: e8
+
+selections:
+
+  ## Operating system configuration
+  ## Identifiers 1491
+  - no_shelllogin_for_systemaccounts
+
+  ## Local administrator accounts
+  ## Identifiers 1382 / 1410
+  - accounts_password_all_shadowed
+  - package_sudo_installed
+
+  ## Content filtering & Anti virus
+  ## Identifiers  0576 / 1341 / 1034 / 1417 / 1288
+  - package_aide_installed
+
+  ## Software firewall
+  ## Identifiers 1416
+  - configure_firewalld_ports
+  ## Removing due to build error
+  ## - configure_firewalld_rate_limiting
+  - firewalld_sshd_port_enabled
+  - set_firewalld_default_zone
+
+  ## Endpoint device control software
+  ## Identifiers 1418
+  - package_usbguard_installed
+  - service_usbguard_enabled
+  - usbguard_allow_hid_and_hub
+
+  ## Authentication hardening
+  ## Identifiers 1546 / 0974 / 1173 / 1504 / 1505 / 1401 / 1559 / 1560
+  ## 1561 / 1546 / 0421 / 1557 / 0422 / 1558 / 1403 / 0431
+  - sshd_max_auth_tries_value=5
+  - disable_host_auth
+  - require_emergency_target_auth
+  - require_singleuser_auth
+  - sshd_disable_kerb_auth
+  - sshd_set_max_auth_tries
+
+  ## Password authentication & Protecting credentials
+  ## Identifiers 0421 / 0431 / 0418 / 1402
+  - var_password_pam_minlen=14
+  - var_accounts_password_warn_age_login_defs=7
+  - var_accounts_minimum_age_login_defs=1
+  - var_accounts_maximum_age_login_defs=60
+  - var_authselect_profile=sssd
+  - enable_authselect
+  - accounts_password_warn_age_login_defs
+  - accounts_maximum_age_login_defs
+  - accounts_minimum_age_login_defs
+  - accounts_passwords_pam_faillock_interval
+  - accounts_passwords_pam_faillock_unlock_time
+  - accounts_passwords_pam_faillock_deny
+  - accounts_passwords_pam_faillock_deny_root
+  - accounts_password_pam_minlen
+
+  ## Centralised logging facility
+  ## Identifiers 1405 / 0988 
+  - rsyslog_cron_logging
+  - rsyslog_files_groupownership
+  - rsyslog_files_ownership
+  - rsyslog_files_permissions
+  - rsyslog_nolisten
+  - rsyslog_remote_loghost
+  - rsyslog_remote_tls
+  - rsyslog_remote_tls_cacert
+  - package_chrony_installed
+  - service_chronyd_enabled
+  - chronyd_or_ntpd_specify_multiple_servers
+  - chronyd_specify_remote_server
+  - service_chronyd_or_ntpd_enabled
+
+  ## Events to be logged
+  ## Identifiers 0580 / 0584 / 0582 / 0585 / 0586 / 0846 / 0957
+  - sshd_print_last_log
+  - sebool_auditadm_exec_content
+  - audit_rules_privileged_commands
+  - audit_rules_session_events
+  - audit_rules_unsuccessful_file_modification
+  - audit_access_failed
+  - audit_access_success
+
+  ## Web application & Database servers
+  ## Identifiers 1552 / 1277
+  - openssl_use_strong_entropy
+
+  ## Network design and configuration
+  ## Identifiers 1055 / 1311 
+  - network_nmcli_permissions
+  - service_snmpd_disabled
+  - snmpd_use_newer_protocol
+
+  ## Wireless networks
+  ## Identifiers 1315
+  - wireless_disable_interfaces
+
+  ## ASD Approved Cryptographic Algorithms
+  ## Identifiers 0471 / 0472 / 0473 / 0474 / 0475 / 0476 / 0477 / 
+  ## 0479 / 0480 / 0481 / 0489 / 0497 / 0994 / 0998 / 1001 /  1139 / 
+  ## 1372 / 1373 / 1374 / 1375
+  - enable_fips_mode
+  - var_system_crypto_policy=fips
+  - configure_crypto_policy
+
+  ## Secure Shell access
+  ## Identifiers 0484 / 1506 / 1449 / 0487
+  - sshd_allow_only_protocol2
+  - sshd_enable_warning_banner
+  - sshd_disable_x11_forwarding
+  - file_permissions_sshd_private_key
diff --git a/products/almalinux8/profiles/ospp.profile b/products/almalinux8/profiles/ospp.profile
new file mode 100644
index 000000000..094c14a62
--- /dev/null
+++ b/products/almalinux8/profiles/ospp.profile
@@ -0,0 +1,437 @@
+documentation_complete: true
+
+metadata:
+    version: 4.2.1
+    SMEs:
+        - ggbecker
+        - matusmarhefka
+
+reference: https://www.niap-ccevs.org/Profile/Info.cfm?PPID=442&id=442
+
+title: 'Protection Profile for General Purpose Operating Systems'
+
+description: |-
+    This profile reflects mandatory configuration controls identified in the
+    NIAP Configuration Annex to the Protection Profile for General Purpose
+    Operating Systems (Protection Profile Version 4.2.1).
+
+    This configuration profile is consistent with CNSSI-1253, which requires
+    U.S. National Security Systems to adhere to certain configuration
+    parameters. Accordingly, this configuration profile is suitable for
+    use in U.S. National Security Systems.
+
+selections:
+
+    #######################################################
+    ### GENERAL REQUIREMENTS
+    ### Things needed to meet OSPP functional requirements.
+    #######################################################
+
+    ### Partitioning
+    - mount_option_home_nodev
+    - mount_option_home_nosuid
+    - mount_option_tmp_nodev
+    - mount_option_tmp_noexec
+    - mount_option_tmp_nosuid
+    - partition_for_var_tmp
+    - mount_option_var_tmp_nodev
+    - mount_option_var_tmp_noexec
+    - mount_option_var_tmp_nosuid
+    - mount_option_dev_shm_nodev
+    - mount_option_dev_shm_noexec
+    - mount_option_dev_shm_nosuid
+    - mount_option_nodev_nonroot_local_partitions
+    - mount_option_boot_nodev
+    - mount_option_boot_nosuid
+    - partition_for_home
+    - partition_for_var
+    - mount_option_var_nodev
+    - partition_for_var_log
+    - mount_option_var_log_nodev
+    - mount_option_var_log_nosuid
+    - mount_option_var_log_noexec
+    - partition_for_var_log_audit
+    - mount_option_var_log_audit_nodev
+    - mount_option_var_log_audit_nosuid
+    - mount_option_var_log_audit_noexec
+
+    ### Services
+    # sshd
+    - sshd_disable_root_login
+    - sshd_enable_strictmodes
+    - disable_host_auth
+    - sshd_disable_empty_passwords
+    - sshd_disable_kerb_auth
+    - sshd_disable_gssapi_auth
+    - var_sshd_set_keepalive=1
+    - sshd_set_keepalive_0
+    - sshd_enable_warning_banner
+    - sshd_rekey_limit
+    - var_rekey_limit_size=1G
+    - var_rekey_limit_time=1hour
+    - sshd_use_strong_rng
+    - openssl_use_strong_entropy
+
+    # Time Server
+    - chronyd_client_only
+    - chronyd_no_chronyc_network
+
+    ### Network Settings
+    - sysctl_net_ipv6_conf_all_accept_ra
+    - sysctl_net_ipv6_conf_default_accept_ra
+    - sysctl_net_ipv4_conf_all_accept_redirects
+    - sysctl_net_ipv4_conf_default_accept_redirects
+    - sysctl_net_ipv6_conf_all_accept_redirects
+    - sysctl_net_ipv6_conf_default_accept_redirects
+    - sysctl_net_ipv4_conf_all_accept_source_route
+    - sysctl_net_ipv4_conf_default_accept_source_route
+    - sysctl_net_ipv6_conf_all_accept_source_route
+    - sysctl_net_ipv6_conf_default_accept_source_route
+    - sysctl_net_ipv4_conf_all_secure_redirects
+    - sysctl_net_ipv4_conf_default_secure_redirects
+    - sysctl_net_ipv4_conf_all_send_redirects
+    - sysctl_net_ipv4_conf_default_send_redirects
+    - sysctl_net_ipv4_conf_all_log_martians
+    - sysctl_net_ipv4_conf_default_log_martians
+    - sysctl_net_ipv4_conf_all_rp_filter
+    - sysctl_net_ipv4_conf_default_rp_filter
+    - sysctl_net_ipv4_icmp_ignore_bogus_error_responses
+    - sysctl_net_ipv4_icmp_echo_ignore_broadcasts
+    - sysctl_net_ipv4_ip_forward
+    - sysctl_net_ipv4_tcp_syncookies
+
+    ### systemd
+    - disable_ctrlaltdel_reboot
+    - disable_ctrlaltdel_burstaction
+    - service_debug-shell_disabled
+
+    ### umask
+    - var_accounts_user_umask=027
+    - accounts_umask_etc_profile
+    - accounts_umask_etc_bashrc
+    - accounts_umask_etc_csh_cshrc
+
+    ### Software update
+    - ensure_almalinux_gpgkey_installed
+    - ensure_gpgcheck_globally_activated
+    - ensure_gpgcheck_local_packages
+    - ensure_gpgcheck_never_disabled
+
+    ### Passwords
+    - var_password_pam_difok=4
+    - accounts_password_pam_difok
+    - var_password_pam_maxrepeat=3
+    - accounts_password_pam_maxrepeat
+    - var_password_pam_maxclassrepeat=4
+    - accounts_password_pam_maxclassrepeat
+
+    ### Kernel Config
+    ## Boot prompt
+    - grub2_audit_argument
+    - grub2_audit_backlog_limit_argument
+    - grub2_slub_debug_argument
+    - var_slub_debug_options=P
+    - grub2_page_poison_argument
+    - grub2_vsyscall_argument
+    - grub2_vsyscall_argument.role=unscored
+    - grub2_vsyscall_argument.severity=info
+    - grub2_pti_argument
+    - grub2_kernel_trust_cpu_rng
+
+    ## Security Settings
+    - sysctl_kernel_kptr_restrict
+    - sysctl_kernel_dmesg_restrict
+    - sysctl_kernel_kexec_load_disabled
+    - sysctl_kernel_yama_ptrace_scope
+    - sysctl_kernel_perf_event_paranoid
+    - sysctl_user_max_user_namespaces
+    - sysctl_user_max_user_namespaces.role=unscored
+    - sysctl_user_max_user_namespaces.severity=info
+    - sysctl_kernel_unprivileged_bpf_disabled
+    - sysctl_net_core_bpf_jit_harden
+    - service_kdump_disabled
+
+    ## File System Settings
+    - sysctl_fs_protected_hardlinks
+    - sysctl_fs_protected_symlinks
+
+    ### Audit
+    - service_auditd_enabled
+    - var_auditd_flush=incremental_async
+    - auditd_data_retention_flush
+    - auditd_local_events
+    - auditd_write_logs
+    - auditd_log_format
+    - auditd_freq
+    - auditd_name_format
+
+    ### Module Disabled
+    - kernel_module_cramfs_disabled
+    - kernel_module_bluetooth_disabled
+    - kernel_module_sctp_disabled
+    - kernel_module_firewire-core_disabled
+    - kernel_module_atm_disabled
+    - kernel_module_can_disabled
+    - kernel_module_tipc_disabled
+
+    ### rpcbind
+
+    ### Install Required Packages
+    - package_aide_installed
+    - package_dnf-automatic_installed
+    - package_subscription-manager_installed
+    - package_dnf-plugin-subscription-manager_installed
+    - package_firewalld_installed
+    - package_openscap-scanner_installed
+    - package_policycoreutils_installed
+    - package_sudo_installed
+    - package_usbguard_installed
+    - package_scap-security-guide_installed
+    - package_audit_installed
+    - package_crypto-policies_installed
+    - package_openssh-server_installed
+    - package_openssh-clients_installed
+    - package_policycoreutils-python-utils_installed
+    - package_rsyslog_installed
+    - package_chrony_installed
+    - package_gnutls-utils_installed
+
+    ### Remove Prohibited Packages
+    - package_sendmail_removed
+    - package_iprutils_removed
+    - package_gssproxy_removed
+    - package_nfs-utils_removed
+    - package_krb5-workstation_removed
+    - package_abrt-addon-kerneloops_removed
+    - package_python3-abrt-addon_removed
+    - package_abrt-addon-ccpp_removed
+    - package_abrt-plugin-sosreport_removed
+    - package_abrt-cli_removed
+    - package_libreport-plugin-rhtsupport_removed
+    - package_libreport-plugin-logger_removed
+    - package_abrt_removed
+
+    ### Login
+    - disable_users_coredumps
+    - sysctl_kernel_core_pattern
+    - coredump_disable_storage
+    - coredump_disable_backtraces
+    - service_systemd-coredump_disabled
+    - var_accounts_max_concurrent_login_sessions=10
+    - accounts_max_concurrent_login_sessions
+    - securetty_root_login_console_only
+    - var_authselect_profile=minimal
+    - enable_authselect
+    - var_password_pam_unix_remember=5
+    - accounts_password_pam_unix_remember
+    - use_pam_wheel_for_su
+
+    ### SELinux Configuration
+    - var_selinux_state=enforcing
+    - selinux_state
+    - var_selinux_policy_name=targeted
+    - selinux_policytype
+
+    ### Application Whitelisting (RHEL 8)
+    - package_fapolicyd_installed
+    - service_fapolicyd_enabled
+
+    ### Configure USBGuard
+    - service_usbguard_enabled
+    - configure_usbguard_auditbackend
+    - usbguard_allow_hid_and_hub
+
+
+    ### Enable / Configure FIPS
+    - enable_fips_mode
+    - var_system_crypto_policy=fips_ospp
+    - configure_crypto_policy
+    - configure_ssh_crypto_policy
+    - configure_bind_crypto_policy
+    - configure_openssl_crypto_policy
+    - configure_libreswan_crypto_policy
+    - configure_kerberos_crypto_policy
+    - enable_dracut_fips_module
+
+    #######################################################
+    ### CONFIGURATION ANNEX TO THE PROTECTION PROFILE
+    ### FOR GENERAL PURPOSE OPERATING SYSTEMS
+    ### ANNEX RELEASE 1
+    ### FOR PROTECTION PROFILE VERSIONS 4.2
+    ###
+    ### https://www.niap-ccevs.org/MMO/PP/-442ConfigAnnex-/
+    #######################################################
+
+    ## Configure Minimum Password Length to 12 Characters
+    ## IA-5 (1)(a) / FMT_MOF_EXT.1
+    - var_password_pam_minlen=12
+    - accounts_password_pam_minlen
+
+    ## Require at Least 1 Special Character in Password
+    ## IA-5(1)(a) / FMT_MOF_EXT.1
+    - var_password_pam_ocredit=1
+    - accounts_password_pam_ocredit
+
+    ## Require at Least 1 Numeric Character in Password
+    ## IA-5(1)(a) / FMT_MOF_EXT.1
+    - var_password_pam_dcredit=1
+    - accounts_password_pam_dcredit
+
+    ## Require at Least 1 Uppercase Character in Password
+    ## IA-5(1)(a) / FMT_MOF_EXT.1
+    - var_password_pam_ucredit=1
+    - accounts_password_pam_ucredit
+
+    ## Require at Least 1 Lowercase Character in Password
+    ## IA-5(1)(a) / FMT_MOF_EXT.1
+    - var_password_pam_lcredit=1
+    - accounts_password_pam_lcredit
+
+    ## Enable Screen Lock
+    ## FMT_MOF_EXT.1
+    - package_tmux_installed
+    - configure_bashrc_exec_tmux
+    - no_tmux_in_shells
+    - configure_tmux_lock_command
+    - configure_tmux_lock_after_time
+
+    ## Set Screen Lock Timeout Period to 30 Minutes or Less
+    ## AC-11(a) / FMT_MOF_EXT.1
+    ## We deliberately set sshd timeout to 1 minute before tmux lock timeout
+    - sshd_idle_timeout_value=14_minutes
+    - sshd_set_idle_timeout
+
+    ## Disable Unauthenticated Login (such as Guest Accounts)
+    ## FIA_UAU.1
+    - require_singleuser_auth
+    - grub2_disable_recovery
+    - grub2_uefi_password
+    - no_empty_passwords
+
+    ## Set Maximum Number of Authentication Failures to 3 Within 15 Minutes
+    ## AC-7 / FIA_AFL.1
+    - var_accounts_passwords_pam_faillock_deny=3
+    - accounts_passwords_pam_faillock_deny
+    - var_accounts_passwords_pam_faillock_fail_interval=900
+    - accounts_passwords_pam_faillock_interval
+    - var_accounts_passwords_pam_faillock_unlock_time=never
+    - accounts_passwords_pam_faillock_unlock_time
+
+    ## Enable Host-Based Firewall
+    ## SC-7(12) / FMT_MOF_EXT.1
+    - service_firewalld_enabled
+
+    ## Configure Name/Addres of Remote Management Server
+    ##  From Which to Receive Config Settings
+    ## CM-3(3) / FMT_MOF_EXT.1
+
+    ## Configure the System to Offload Audit Records to a Log
+    ##  Server
+    ## AU-4(1) / FAU_GEN.1.1.c
+    # temporarily dropped
+
+    ## Set Logon Warning Banner
+    ## AC-8(a) / FMT_MOF_EXT.1
+
+    ## Audit All Logons (Success/Failure) and Logoffs (Success)
+    ##  CNSSI 1253 Value or DoD-Specific Values:
+    ##      (1) Logons (Success/Failure)
+    ##      (2) Logoffs (Success)
+    ## AU-2(a) / FAU_GEN.1.1.c
+
+    ## Audit File and Object Events (Unsuccessful)
+    ##  CNSSI 1253 Value or DoD-specific Values:
+    ##      (1) Create (Success/Failure)
+    ##      (2) Access (Success/Failure)
+    ##      (3) Delete (Sucess/Failure)
+    ##      (4) Modify (Success/Failure)
+    ##      (5) Permission Modification (Sucess/Failure)
+    ##      (6) Ownership Modification (Success/Failure)
+    ## AU-2(a) / FAU_GEN.1.1.c
+    ##
+    ##
+    ## (1) Create (Success/Failure)
+    ##      (open with O_CREAT)
+    ## (2) Access (Success/Failure)
+    ## (3) Delete (Success/Failure)
+    ## (4) Modify (Success/Failure)
+    ## (5) Permission Modification (Success/Failure)
+    ## (6) Ownership Modification (Success/Failure)
+
+    ## Audit User and Group Management Events (Success/Failure)
+    ##  CNSSI 1253 Value or DoD-specific Values:
+    ##      (1) User add, delete, modify, disable, enable (Success/Failure)
+    ##      (2) Group/Role add, delete, modify (Success/Failure)
+    ## AU-2(a) / FAU_GEN.1.1.c
+    ##
+    ## Generic User and Group Management Events (Success/Failure)
+    ## Selection of setuid programs that relate to
+    ## user accounts.
+    ##
+    ## CNSSI 1253: (1) User add, delete, modify, disable, enable (Success/Failure)
+    ##
+    ## CNSSI 1252: (2) Group/Role add, delete, modify (Success/Failure)
+    ##
+    ## Audit Privilege or Role Escalation Events (Success/Failure)
+    ##  CNSSI 1253 Value or DoD-specific Values:
+    ##      - Privilege/Role escalation (Success/Failure)
+    ## AU-2(a) / FAU_GEN.1.1.c
+    ## Audit All Audit and Log Data Accesses (Success/Failure)
+    ##  CNSSI 1253 Value or DoD-specific Values:
+    ##      - Audit and log data access (Success/Failure)
+    ## AU-2(a) / FAU_GEN.1.1.c
+    ## Audit Cryptographic Verification of Software (Success/Failure)
+    ##  CNSSI 1253 Value or DoD-specific Values:
+    ##      - Applications (e.g. Firefox, Internet Explorer, MS Office Suite,
+    ##        etc) initialization (Success/Failure)
+    ## AU-2(a) / FAU_GEN.1.1.c
+    ## Audit Kernel Module Loading and Unloading Events (Success/Failure)
+    ## AU-2(a) / FAU_GEN.1.1.c
+    - audit_basic_configuration
+    - audit_immutable_login_uids
+    - audit_create_failed
+    - audit_create_success
+    - audit_modify_failed
+    - audit_modify_success
+    - audit_access_failed
+    - audit_access_success
+    - audit_delete_failed
+    - audit_delete_success
+    - audit_perm_change_failed
+    - audit_perm_change_success
+    - audit_owner_change_failed
+    - audit_owner_change_success
+    - audit_ospp_general
+    - audit_module_load
+
+    ## Enable Automatic Software Updates
+    ## SI-2 / FMT_MOF_EXT.1
+    # Configure dnf-automatic to Install Only Security Updates
+    - dnf-automatic_security_updates_only
+
+    # Configure dnf-automatic to Install Available Updates Automatically
+    - dnf-automatic_apply_updates
+
+    # Enable dnf-automatic Timer
+    - timer_dnf-automatic_enabled
+
+
+    # Prevent Kerberos use by system daemons
+    - kerberos_disable_no_keytab
+
+    # set ssh client rekey limit
+    - ssh_client_rekey_limit
+    - var_ssh_client_rekey_limit_size=1G
+    - var_ssh_client_rekey_limit_time=1hour
+
+# configure ssh client to use strong entropy
+    - ssh_client_use_strong_rng_sh
+    - ssh_client_use_strong_rng_csh
+
+    # zIPl specific rules
+    - zipl_bls_entries_only
+    - zipl_bootmap_is_up_to_date
+    - zipl_audit_argument
+    - zipl_audit_backlog_limit_argument
+    - zipl_slub_debug_argument
+    - zipl_page_poison_argument
diff --git a/products/almalinux8/profiles/pci-dss.profile b/products/almalinux8/profiles/pci-dss.profile
new file mode 100644
index 000000000..7f8014f2b
--- /dev/null
+++ b/products/almalinux8/profiles/pci-dss.profile
@@ -0,0 +1,60 @@
+documentation_complete: true
+
+metadata:
+    version: '4.0.1'
+    SMEs:
+        - marcusburghardt
+        - mab879
+        - vojtapolasek
+
+reference: https://docs-prv.pcisecuritystandards.org/PCI%20DSS/Standard/PCI-DSS-v4_0_1.pdf
+
+title: 'PCI-DSS v4.0.1 Control Baseline for Red Hat Enterprise Linux 8'
+
+description: |-
+    Payment Card Industry - Data Security Standard (PCI-DSS) is a set of
+    security standards designed to ensure the secure handling of payment card
+    data, with the goal of preventing data breaches and protecting sensitive
+    financial information.
+
+    This profile ensures Red Hat Enterprise Linux 8 is configured in alignment
+    with PCI-DSS v4.0.1 requirements.
+
+selections:
+    - pcidss_4:all
+    # More tests are needed to identify which rule is conflicting with rpm_verify_permissions.
+    # https://github.com/ComplianceAsCode/content/issues/11285
+    - '!rpm_verify_permissions'
+    # these rules do not apply to RHEL but they have to keep the prodtype for historical reasons
+    - '!package_audit-audispd-plugins_installed'
+    - '!service_ntp_enabled'
+    - '!ntpd_specify_remote_server'
+    - '!ntpd_specify_multiple_servers'
+    - '!set_ipv6_loopback_traffic'
+    - '!set_loopback_traffic'
+    - '!service_ntpd_enabled'
+    - '!timer_logrotate_enabled'
+    - '!package_talk_removed'
+    - '!package_talk-server_removed'
+    - '!package_rsh_removed'
+    - '!package_rsh-server_removed'
+    # Following rules once had a prodtype incompatible with the rhel8 product
+    - '!cracklib_accounts_password_pam_minlen'
+    - '!nftables_ensure_default_deny_policy'
+    - '!permissions_local_var_log'
+    - '!set_password_hashing_algorithm_commonauth'
+    - '!accounts_passwords_pam_tally2'
+    - '!cracklib_accounts_password_pam_dcredit'
+    - '!cracklib_accounts_password_pam_lcredit'
+    - '!service_timesyncd_enabled'
+    - '!ensure_suse_gpgkey_installed'
+    - ensure_almalinux_gpgkey_installed
+    - '!ensure_shadow_group_empty'
+    - '!mask_nonessential_services'
+    - '!gnome_gdm_disable_unattended_automatic_login'
+    - '!file_owner_at_allow'
+    - '!accounts_passwords_pam_tally2_unlock_time'
+    - '!ensure_firewall_rules_for_open_ports'
+    - '!cracklib_accounts_password_pam_retry'
+    - '!aide_periodic_checking_systemd_timer'
+    - '!package_cryptsetup-luks_installed'
diff --git a/products/almalinux8/profiles/rht-ccp.profile b/products/almalinux8/profiles/rht-ccp.profile
new file mode 100644
index 000000000..79d0208f5
--- /dev/null
+++ b/products/almalinux8/profiles/rht-ccp.profile
@@ -0,0 +1,103 @@
+documentation_complete: true
+
+hidden: true
+
+title: 'Red Hat Corporate Profile for Certified Cloud Providers (RH CCP)'
+
+description: |-
+    This profile contains the minimum security relevant
+    configuration settings recommended by Red Hat, Inc for
+    Red Hat Enterprise Linux 8 instances deployed by Red Hat Certified
+    Cloud Providers.
+
+selections:
+    - var_selinux_state=enforcing
+    - var_selinux_policy_name=targeted
+    - sshd_idle_timeout_value=5_minutes
+    - var_accounts_minimum_age_login_defs=7
+    - var_accounts_passwords_pam_faillock_deny=5
+    - var_accounts_password_warn_age_login_defs=7
+    - var_password_hashing_algorithm_pam=sha512
+    - var_password_pam_retry=3
+    - var_password_pam_dcredit=1
+    - var_password_pam_ucredit=2
+    - var_password_pam_ocredit=2
+    - var_password_pam_lcredit=2
+    - var_password_pam_difok=3
+    - var_password_pam_unix_remember=5
+    - var_accounts_user_umask=077
+    - login_banner_text=usgcb_default
+    - partition_for_tmp
+    - partition_for_var
+    - partition_for_var_log
+    - partition_for_var_log_audit
+    - selinux_state
+    - selinux_policytype
+    - ensure_almalinux_gpgkey_installed
+    - security_patches_up_to_date
+    - ensure_gpgcheck_globally_activated
+    - ensure_gpgcheck_never_disabled
+    - package_aide_installed
+    - accounts_password_pam_unix_remember
+    - no_shelllogin_for_systemaccounts
+    - no_empty_passwords
+    - accounts_password_all_shadowed
+    - accounts_no_uid_except_zero
+    - accounts_minimum_age_login_defs
+    - accounts_password_warn_age_login_defs
+    - var_authselect_profile=sssd
+    - enable_authselect
+    - accounts_password_pam_retry
+    - accounts_password_pam_dcredit
+    - accounts_password_pam_ucredit
+    - accounts_password_pam_ocredit
+    - accounts_password_pam_lcredit
+    - accounts_password_pam_difok
+    - accounts_passwords_pam_faillock_deny
+    - set_password_hashing_algorithm_systemauth
+    - set_password_hashing_algorithm_passwordauth
+    - set_password_hashing_algorithm_logindefs
+    - set_password_hashing_algorithm_libuserconf
+    - require_singleuser_auth
+    - file_owner_etc_shadow
+    - file_groupowner_etc_shadow
+    - file_permissions_etc_shadow
+    - file_owner_etc_gshadow
+    - file_groupowner_etc_gshadow
+    - file_permissions_etc_gshadow
+    - file_owner_etc_passwd
+    - file_groupowner_etc_passwd
+    - file_permissions_etc_passwd
+    - file_owner_etc_group
+    - file_groupowner_etc_group
+    - file_permissions_etc_group
+    - file_permissions_library_dirs
+    - file_ownership_library_dirs
+    - file_permissions_binary_dirs
+    - file_ownership_binary_dirs
+    - file_permissions_var_log_audit
+    - file_owner_grub2_cfg
+    - file_groupowner_grub2_cfg
+    - file_permissions_grub2_cfg
+    - grub2_password
+    - kernel_module_dccp_disabled
+    - kernel_module_sctp_disabled
+    - service_firewalld_enabled
+    - set_firewalld_default_zone
+    - firewalld_sshd_port_enabled
+    - service_abrtd_disabled
+    - service_telnet_disabled
+    - package_telnet-server_removed
+    - package_telnet_removed
+    - sshd_allow_only_protocol2
+    - sshd_set_idle_timeout
+    - var_sshd_set_keepalive=1
+    - sshd_set_keepalive_0
+    - disable_host_auth
+    - sshd_disable_root_login
+    - sshd_disable_empty_passwords
+    - sshd_enable_warning_banner
+    - sshd_do_not_permit_user_env
+    - var_system_crypto_policy=fips
+    - configure_crypto_policy
+    - configure_ssh_crypto_policy
diff --git a/products/almalinux8/profiles/standard.profile b/products/almalinux8/profiles/standard.profile
new file mode 100644
index 000000000..58025b460
--- /dev/null
+++ b/products/almalinux8/profiles/standard.profile
@@ -0,0 +1,91 @@
+documentation_complete: true
+
+hidden: true
+
+title: 'Standard System Security Profile for AlmaLinux OS 8'
+
+description: |-
+    This profile contains rules to ensure standard security baseline
+    of a AlmaLinux OS 8 system. Regardless of your system's workload
+    all of these checks should pass.
+
+selections:
+    - ensure_almalinux_gpgkey_installed
+    - ensure_gpgcheck_globally_activated
+    - rpm_verify_permissions
+    - rpm_verify_hashes
+    - security_patches_up_to_date
+    - no_empty_passwords
+    - file_groupowner_etc_group
+    - file_owner_etc_group
+    - file_permissions_etc_group
+    - file_groupowner_etc_passwd
+    - file_owner_etc_passwd
+    - file_permissions_etc_passwd
+    - file_groupowner_etc_shadow
+    - file_owner_etc_shadow
+    - file_permissions_unauthorized_sgid
+    - file_permissions_unauthorized_suid
+    - file_permissions_unauthorized_world_writable
+    - accounts_root_path_dirs_no_write
+    - dir_perms_world_writable_sticky_bits
+    - mount_option_dev_shm_nodev
+    - mount_option_dev_shm_nosuid
+    - partition_for_var_log
+    - partition_for_var_log_audit
+    - package_rsyslog_installed
+    - service_rsyslog_enabled
+    - audit_rules_time_adjtimex
+    - audit_rules_time_settimeofday
+    - audit_rules_time_stime
+    - audit_rules_time_clock_settime
+    - audit_rules_time_watch_localtime
+    - audit_rules_usergroup_modification
+    - audit_rules_networkconfig_modification
+    - audit_rules_mac_modification
+    - audit_rules_dac_modification_chmod
+    - audit_rules_dac_modification_chown
+    - audit_rules_dac_modification_fchmod
+    - audit_rules_dac_modification_fchmodat
+    - audit_rules_dac_modification_fchown
+    - audit_rules_dac_modification_fchownat
+    - audit_rules_dac_modification_fremovexattr
+    - audit_rules_dac_modification_fsetxattr
+    - audit_rules_dac_modification_lchown
+    - audit_rules_dac_modification_lremovexattr
+    - audit_rules_dac_modification_lsetxattr
+    - audit_rules_dac_modification_removexattr
+    - audit_rules_dac_modification_setxattr
+    - audit_rules_unsuccessful_file_modification
+    - audit_rules_privileged_commands
+    - audit_rules_media_export
+    - audit_rules_file_deletion_events
+    - audit_rules_sysadmin_actions
+    - audit_rules_kernel_module_loading
+    - service_abrtd_disabled
+    - service_atd_disabled
+    - service_autofs_disabled
+    - service_ntpdate_disabled
+    - service_oddjobd_disabled
+    - service_qpidd_disabled
+    - service_rdisc_disabled
+    - configure_crypto_policy
+    - configure_bind_crypto_policy
+    - configure_openssl_crypto_policy
+    - configure_libreswan_crypto_policy
+    - configure_ssh_crypto_policy
+    - configure_kerberos_crypto_policy
+    - service_auditd_enabled
+    - gid_passwd_group_same
+    - file_groupowner_efi_grub2_cfg
+    - file_groupowner_grub2_cfg
+    - file_owner_efi_grub2_cfg
+    - file_owner_grub2_cfg
+    - file_permissions_efi_grub2_cfg
+    - file_permissions_grub2_cfg
+    - file_groupowner_efi_user_cfg
+    - file_groupowner_user_cfg
+    - file_owner_efi_user_cfg
+    - file_owner_user_cfg
+    - file_permissions_efi_user_cfg
+    - file_permissions_user_cfg
diff --git a/products/almalinux8/profiles/stig.profile b/products/almalinux8/profiles/stig.profile
new file mode 100644
index 000000000..996691bff
--- /dev/null
+++ b/products/almalinux8/profiles/stig.profile
@@ -0,0 +1,1228 @@
+documentation_complete: true
+
+metadata:
+    version: V2R2
+    SMEs:
+        - mab879
+        - ggbecker
+
+reference: https://public.cyber.mil/stigs/downloads/?_dl_facet_stigs=operating-systems%2Cunix-linux
+
+title: 'DISA STIG for Red Hat Enterprise Linux 8'
+
+description: |-
+    This profile contains configuration checks that align to the
+    DISA STIG for Red Hat Enterprise Linux 8 V2R2.
+
+    In addition to being applicable to Red Hat Enterprise Linux 8, this
+    configuration baseline is applicable to the operating system tier of
+    Red Hat technologies that are based on Red Hat Enterprise Linux 8, such as:
+
+    - Red Hat Enterprise Linux Server
+    - Red Hat Enterprise Linux Workstation and Desktop
+    - Red Hat Enterprise Linux for HPC
+    - Red Hat Storage
+    - Red Hat Containers with a Red Hat Enterprise Linux 8 image
+
+selections:
+    ### Variables
+    - var_rekey_limit_size=1G
+    - var_rekey_limit_time=1hour
+    - var_accounts_user_umask=077
+    - var_password_pam_difok=8
+    - var_password_pam_maxrepeat=3
+    - var_password_hashing_algorithm=SHA512
+    - var_password_hashing_algorithm_pam=sha512
+    - var_password_pam_maxclassrepeat=4
+    - var_password_pam_minclass=4
+    - var_accounts_minimum_age_login_defs=1
+    - var_accounts_max_concurrent_login_sessions=10
+    - var_password_pam_remember=5
+    - var_password_pam_remember_control_flag=requisite_or_required
+    - var_selinux_state=enforcing
+    - var_selinux_policy_name=targeted
+    - var_password_hashing_min_rounds_login_defs=100000
+    - var_password_pam_minlen=15
+    - var_password_pam_ocredit=1
+    - var_password_pam_dcredit=1
+    - var_password_pam_dictcheck=1
+    - var_password_pam_ucredit=1
+    - var_password_pam_lcredit=1
+    - var_password_pam_retry=3
+    - var_password_pam_minlen=15
+    - var_sshd_set_keepalive=1
+    - sshd_approved_macs=stig_extended
+    - sshd_approved_ciphers=stig_extended
+    - sshd_idle_timeout_value=10_minutes
+    - var_accounts_authorized_local_users_regex=rhel8
+    - var_accounts_passwords_pam_faillock_deny=3
+    - var_accounts_passwords_pam_faillock_fail_interval=900
+    - var_accounts_passwords_pam_faillock_unlock_time=never
+    - var_ssh_client_rekey_limit_size=1G
+    - var_ssh_client_rekey_limit_time=1hour
+    - var_accounts_fail_delay=4
+    - var_account_disable_post_pw_expiration=35
+    - var_auditd_action_mail_acct=root
+    - var_time_service_set_maxpoll=18_hours
+    - var_accounts_maximum_age_login_defs=60
+    - var_auditd_space_left_percentage=25pc
+    - var_auditd_space_left_action=email
+    - var_auditd_disk_error_action=rhel8
+    - var_auditd_max_log_file_action=syslog
+    - var_auditd_disk_full_action=rhel8
+    - var_sssd_certificate_verification_digest_function=sha1
+    - login_banner_text=dod_banners
+    - var_authselect_profile=sssd
+    - var_multiple_time_servers=stig
+    - var_time_service_set_maxpoll=18_hours
+
+    ### Enable / Configure FIPS
+    - enable_fips_mode
+    - var_system_crypto_policy=fips
+    - configure_crypto_policy
+    - configure_bind_crypto_policy
+    - configure_libreswan_crypto_policy
+    - configure_kerberos_crypto_policy
+    - enable_dracut_fips_module
+
+    # Other needed rules
+    - enable_authselect
+
+    ### Rules:
+    # RHEL-08-010000
+    - installed_OS_is_vendor_supported
+
+    # RHEL-08-010010
+    - security_patches_up_to_date
+
+    # RHEL-08-010019
+    - ensure_almalinux_gpgkey_installed
+
+    # RHEL-08-010020
+    - sysctl_crypto_fips_enabled
+
+    # RHEL-08-010030
+    - encrypt_partitions
+
+    # RHEL-08-010040
+    - sshd_enable_warning_banner
+
+    # RHEL-08-010049
+    - dconf_gnome_banner_enabled
+
+    # RHEL-08-010050
+    - dconf_gnome_login_banner_text
+
+    # RHEL-08-010060
+    - banner_etc_issue
+
+    # RHEL-08-010070
+    - rsyslog_remote_access_monitoring
+
+    # RHEL-08-010090
+    - sssd_has_trust_anchor
+
+    # RHEL-08-010100
+    - ssh_keys_passphrase_protected
+
+    # RHEL-08-010110
+    - set_password_hashing_algorithm_logindefs
+
+    # RHEL-08-010120
+    - accounts_password_all_shadowed_sha512
+
+    # RHEL-08-010121
+    - no_empty_passwords_etc_shadow
+
+    # RHEL-08-010130
+    - set_password_hashing_min_rounds_logindefs
+
+    # RHEL-08-010140
+    - grub2_uefi_password
+
+    # RHEL-08-010141
+    - grub2_uefi_admin_username
+
+    # RHEL-08-010149
+    - grub2_admin_username
+
+    # RHEL-08-010150
+    - grub2_password
+
+    # RHEL-08-010151
+    - require_singleuser_auth
+
+    # RHEL-08-010152
+    - require_emergency_target_auth
+
+    # RHEL-08-010159
+    - set_password_hashing_algorithm_passwordauth
+
+    # RHEL-08-010160
+    - set_password_hashing_algorithm_systemauth
+
+    # RHEL-08-010161
+    - kerberos_disable_no_keytab
+
+    # RHEL-08-010162
+    - package_krb5-workstation_removed
+
+    # RHEL-08-010170
+    - selinux_state
+
+    # RHEL-08-010171
+    - package_policycoreutils_installed
+
+    # RHEL-08-010190
+    - dir_perms_world_writable_sticky_bits
+
+    # RHEL-08-010200
+    - sshd_set_keepalive
+    # RHEL-08-010201
+    - sshd_set_idle_timeout
+
+    # RHEL-08-010210
+    - file_permissions_var_log_messages
+
+    # RHEL-08-010220
+    - file_owner_var_log_messages
+
+    # RHEL-08-010230
+    - file_groupowner_var_log_messages
+
+    # RHEL-08-010240
+    - file_permissions_var_log
+
+    # RHEL-08-010250
+    - file_owner_var_log
+
+    # RHEL-08-010260
+    - file_groupowner_var_log
+
+    # RHEL-08-010287
+    - configure_ssh_crypto_policy
+
+    # RHEL-08-010290
+    - harden_sshd_macs_opensshserver_conf_crypto_policy
+
+    # RHEL-08-010291
+    - harden_sshd_ciphers_opensshserver_conf_crypto_policy
+
+    # RHEL-08-010292
+    - sshd_use_strong_rng
+
+    # RHEL-08-010293
+    - configure_openssl_crypto_policy
+
+    # RHEL-08-010294
+    - configure_openssl_tls_crypto_policy
+
+    # RHEL-08-010295
+    - configure_gnutls_tls_crypto_policy
+
+    # RHEL-08-010300
+    - file_permissions_binary_dirs
+
+    # RHEL-08-010310
+    - file_ownership_binary_dirs
+
+    # RHEL-08-010320
+    - file_groupownership_system_commands_dirs
+
+    # RHEL-08-010330
+    - file_permissions_library_dirs
+
+    # RHEL-08-010331
+    - dir_permissions_library_dirs
+
+    # RHEL-08-010340
+    - file_ownership_library_dirs
+
+    # RHEL-08-010341
+    - dir_ownership_library_dirs
+
+    # RHEL-08-010350
+    - root_permissions_syslibrary_files
+
+    # RHEL-08-010351
+    - dir_group_ownership_library_dirs
+
+    # RHEL-08-010358
+    - package_mailx_installed
+
+    # RHEL-08-010359
+    - package_aide_installed
+    - aide_build_database
+
+    # RHEL-08-010360
+    - aide_scan_notification
+
+    # RHEL-08-010370
+    - ensure_gpgcheck_globally_activated
+    - ensure_gpgcheck_never_disabled
+
+    # Necessary for package installs after gpgcheck is enabled
+    - ensure_almalinux_gpgkey_installed
+
+    # RHEL-08-010371
+    - ensure_gpgcheck_local_packages
+
+    # RHEL-08-010372
+    - sysctl_kernel_kexec_load_disabled
+
+    # RHEL-08-010373
+    - sysctl_fs_protected_symlinks
+
+    # RHEL-08-010374
+    - sysctl_fs_protected_hardlinks
+
+    # RHEL-08-010375
+    - sysctl_kernel_dmesg_restrict
+
+    # RHEL-08-010376
+    - sysctl_kernel_perf_event_paranoid
+
+    # RHEL-08-010379
+    - sudoers_default_includedir
+
+    # RHEL-08-010380
+    - sudo_remove_nopasswd
+
+    # RHEL-08-010381
+    - sudo_remove_no_authenticate
+
+    # RHEL-08-010382
+    - sudo_restrict_privilege_elevation_to_authorized
+
+    # RHEL-08-010383
+    - sudoers_validate_passwd
+
+    # RHEL-08-010384
+    - sudo_require_reauthentication
+    - var_sudo_timestamp_timeout=always_prompt
+
+    # RHEL-08-010385
+    - disallow_bypass_password_sudo
+
+    # RHEL-08-010390
+    - install_smartcard_packages
+
+    # RHEL-08-010400
+    - sssd_certificate_verification
+
+    # RHEL-08-010410
+    - package_opensc_installed
+
+    # RHEL-08-010420
+    - bios_enable_execution_restrictions
+
+    # RHEL-08-010421
+    - grub2_page_poison_argument
+
+    # RHEL-08-010422
+    - grub2_vsyscall_argument
+
+    # RHEL-08-010423
+    - grub2_slub_debug_argument
+    - var_slub_debug_options=P
+
+    # RHEL-08-010430
+    - sysctl_kernel_randomize_va_space
+
+    # RHEL-08-010440
+    - clean_components_post_updating
+
+    # RHEL-08-010450
+    - selinux_policytype
+
+    # RHEL-08-010460
+    - no_host_based_files
+
+    # RHEL-08-010470
+    - no_user_host_based_files
+
+    # RHEL-08-010471
+    # Not applicable for RHEL 8.4+
+    - service_rngd_enabled
+
+    # RHEL-08-010472
+    - package_rng-tools_installed
+
+    # RHEL-08-010480
+    - file_permissions_sshd_pub_key
+
+    # RHEL-08-010490
+    - file_permissions_sshd_private_key
+
+    # RHEL-08-010500
+    - sshd_enable_strictmodes
+
+    # RHEL-08-010520
+    - sshd_disable_user_known_hosts
+
+    # RHEL-08-010521
+    - sshd_disable_kerb_auth
+
+    # RHEL-08-010522
+    - sshd_disable_gssapi_auth
+
+    # RHEL-08-010540
+    - partition_for_var
+
+    # RHEL-08-010541
+    - partition_for_var_log
+
+    # RHEL-08-010542
+    - partition_for_var_log_audit
+
+    # RHEL-08-010543
+    - partition_for_tmp
+
+    # RHEL-08-010544
+    - partition_for_var_tmp
+
+    # RHEL-08-010550
+    - sshd_disable_root_login
+
+    # RHEL-08-010561
+    - service_rsyslog_enabled
+
+    # RHEL-08-010570
+    - mount_option_home_nosuid
+
+    # RHEL-08-010571
+    - mount_option_boot_nosuid
+
+    # RHEL-08-010572
+    - mount_option_boot_efi_nosuid
+
+    # RHEL-08-010580
+    - mount_option_nodev_nonroot_local_partitions
+
+    # RHEL-08-010590
+    - mount_option_home_noexec
+
+    # RHEL-08-010600
+    - mount_option_nodev_removable_partitions
+
+    # RHEL-08-010610
+    - mount_option_noexec_removable_partitions
+
+    # RHEL-08-010620
+    - mount_option_nosuid_removable_partitions
+
+    # RHEL-08-010630
+    - mount_option_noexec_remote_filesystems
+
+    # RHEL-08-010640
+    - mount_option_nodev_remote_filesystems
+
+    # RHEL-08-010650
+    - mount_option_nosuid_remote_filesystems
+
+    # RHEL-08-010660
+    - accounts_user_dot_no_world_writable_programs
+
+    # RHEL-08-010670
+    - service_kdump_disabled
+
+    # RHEL-08-010671
+    - sysctl_kernel_core_pattern
+
+    # RHEL-08-010672
+    - service_systemd-coredump_disabled
+
+    # RHEL-08-010673
+    - disable_users_coredumps
+
+    # RHEL-08-010674
+    - coredump_disable_storage
+
+    # RHEL-08-010675
+    - coredump_disable_backtraces
+
+    # RHEL-08-010680
+    - network_configure_name_resolution
+
+    # RHEL-08-010690
+    - accounts_user_home_paths_only
+
+    # RHEL-08-010700
+    - dir_perms_world_writable_root_owned
+
+    # RHEL-08-010710
+    - dir_perms_world_writable_system_owned_group
+
+    # RHEL-08-010720
+    - accounts_user_interactive_home_directory_defined
+
+    # RHEL-08-010730
+    - file_permissions_home_directories
+
+    # RHEL-08-010731
+    - accounts_users_home_files_permissions
+
+    # RHEL-08-010740
+    - file_groupownership_home_directories
+
+    # RHEL-08-010741
+    - accounts_users_home_files_groupownership
+
+    # RHEL-08-010750
+    - accounts_user_interactive_home_directory_exists
+
+    # RHEL-08-010760
+    - accounts_have_homedir_login_defs
+
+    # RHEL-08-010770
+    - file_permission_user_init_files_root
+    - var_user_initialization_files_regex=all_dotfiles
+
+    # RHEL-08-010780
+    - no_files_unowned_by_user
+
+    # RHEL-08-010790
+    - file_permissions_ungroupowned
+
+    # RHEL-08-010800
+    - partition_for_home
+
+    # RHEL-08-010820
+    - gnome_gdm_disable_automatic_login
+
+    # RHEL-08-010830
+    - sshd_do_not_permit_user_env
+
+    # RHEL-08-020000
+    - account_temp_expire_date
+
+    # RHEL-08-020010, RHEL-08-020011
+    - accounts_passwords_pam_faillock_deny
+
+    # RHEL-08-020012, RHEL-08-020013
+    - accounts_passwords_pam_faillock_interval
+
+    # RHEL-08-020014, RHEL-08-020015
+    - accounts_passwords_pam_faillock_unlock_time
+
+    # RHEL-08-020016, RHEL-08-020017
+    - accounts_passwords_pam_faillock_dir
+
+    # # RHEL-08-020018, RHEL-08-020019
+    - accounts_passwords_pam_faillock_silent
+
+    # RHEL-08-020020, RHEL-08-020021
+    - accounts_passwords_pam_faillock_audit
+
+    # RHEL-08-020022, RHEL-08-020023
+    - accounts_passwords_pam_faillock_deny_root
+
+    # RHEL-08-020024
+    - accounts_max_concurrent_login_sessions
+
+    # RHEL-08-020025
+    - account_password_pam_faillock_system_auth
+
+    # RHEL-08-020026
+    - account_password_pam_faillock_password_auth
+
+    # RHEL-08-020027, RHEL-08-020028
+    - account_password_selinux_faillock_dir
+
+    # RHEL-08-020030
+    - dconf_gnome_screensaver_lock_enabled
+
+    # RHEL-08-020031, RHEL-08-020080
+    - dconf_gnome_screensaver_lock_delay
+    - var_screensaver_lock_delay=5_seconds
+
+    # RHEL-08-020032
+    - dconf_gnome_disable_user_list
+
+    # RHEL-08-020035
+    - logind_session_timeout
+    - var_logind_session_timeout=10_minutes
+
+    # RHEL-08-020050
+    - dconf_gnome_lock_screen_on_smartcard_removal
+
+    # RHEL-08-020060
+    - dconf_gnome_screensaver_idle_delay
+
+    # RHEL-08-020080
+    - dconf_gnome_screensaver_user_locks
+
+    # RHEL-08-020081
+    - dconf_gnome_session_idle_user_locks
+
+    # RHEL-08-020082
+    - dconf_gnome_screensaver_lock_locked
+
+    # RHEL-08-020090
+    - sssd_enable_certmap
+
+    # RHEL-08-020100
+    - accounts_password_pam_pwquality_password_auth
+
+    # RHEL-08-020101
+    - accounts_password_pam_pwquality_system_auth
+
+    # RHEL-08-020102
+    # This is only required for RHEL8 systems below version 8.4 where the
+    # retry parameter was not yet available on /etc/security/pwquality.conf.
+
+    # RHEL-08-020103
+    # This is only required for RHEL8 systems below version 8.4 where the
+    # retry parameter was not yet available on /etc/security/pwquality.conf.
+
+    # RHEL-08-020104
+    - accounts_password_pam_retry
+
+    # RHEL-08-020110
+    - accounts_password_pam_ucredit
+
+    # RHEL-08-020120
+    - accounts_password_pam_lcredit
+
+    # RHEL-08-020130
+    - accounts_password_pam_dcredit
+
+    # RHEL-08-020140
+    - accounts_password_pam_maxclassrepeat
+
+    # RHEL-08-020150
+    - accounts_password_pam_maxrepeat
+
+    # RHEL-08-020160
+    - accounts_password_pam_minclass
+
+    # RHEL-08-020170
+    - accounts_password_pam_difok
+
+    # RHEL-08-020180
+    - accounts_password_set_min_life_existing
+
+    # RHEL-08-020190
+    - accounts_minimum_age_login_defs
+
+    # RHEL-08-020200
+    - accounts_maximum_age_login_defs
+
+    # RHEL-08-020210
+    - accounts_password_set_max_life_existing
+
+    # RHEL-08-020230
+    - accounts_password_pam_minlen
+
+    # RHEL-08-020231
+    - accounts_password_minlen_login_defs
+
+    # RHEL-08-020240
+    - account_unique_id
+
+    # RHEL-08-020250
+    - sssd_enable_smartcards
+
+    # RHEL-08-020260
+    - account_disable_post_pw_expiration
+
+    # RHEL-08-020270
+    - account_temp_expire_date
+
+    # RHEL-08-020280
+    - accounts_password_pam_ocredit
+
+    # RHEL-08-020290
+    - sssd_offline_cred_expiration
+
+    # RHEL-08-020300
+    - accounts_password_pam_dictcheck
+
+    # RHEL-08-020310
+    - accounts_logon_fail_delay
+
+    # RHEL-08-020320
+    - accounts_authorized_local_users
+
+    # RHEL-08-020330
+    - sshd_disable_empty_passwords
+
+    # RHEL-08-020331
+    - no_empty_passwords
+
+    # RHEL-08-020332
+
+    # RHEL-08-020340
+    - display_login_attempts
+
+    # RHEL-08-020350
+    - sshd_print_last_log
+
+    # RHEL-08-020351
+    - accounts_umask_etc_login_defs
+
+    # RHEL-08-020352
+    - accounts_umask_interactive_users
+
+    # RHEL-08-020353
+    - accounts_umask_etc_bashrc
+    - accounts_umask_etc_csh_cshrc
+    - accounts_umask_etc_profile
+
+    # RHEL-08-030000
+    - audit_rules_suid_privilege_function
+
+    # RHEL-08-030010
+    - rsyslog_cron_logging
+
+    # RHEL-08-030020
+    - auditd_data_retention_action_mail_acct
+
+    # RHEL-08-030030
+    - postfix_client_configure_mail_alias_postmaster
+    - package_postfix_installed
+
+    # RHEL-08-030040
+    - auditd_data_disk_error_action
+
+    # RHEL-08-030060
+    - auditd_data_disk_full_action
+
+    # RHEL-08-030061
+    - auditd_local_events
+
+    # RHEL-08-030062
+    - auditd_name_format
+    - var_auditd_name_format=stig
+
+    # RHEL-08-030063
+    - auditd_log_format
+
+    # RHEL-08-030070
+    - file_permissions_var_log_audit
+
+    # RHEL-08-030080
+    - file_ownership_var_log_audit_stig
+
+    # RHEL-08-030090
+    - file_group_ownership_var_log_audit
+
+    # RHEL-08-030100
+    - directory_ownership_var_log_audit
+
+    # RHEL-08-030110
+    - directory_group_ownership_var_log_audit
+
+    # RHEL-08-030120
+    - directory_permissions_var_log_audit
+
+    # *** NOTE *** #
+    # Audit rules are currently under review as to how best to approach
+    # them. We are working with DISA and our internal audit experts to
+    # provide a final solution soon.
+    # ************ #
+
+    # RHEL-08-030121
+    - audit_rules_immutable
+
+    # RHEL-08-030122
+    - audit_rules_immutable_login_uids
+
+    # RHEL-08-030130
+    - audit_rules_usergroup_modification_shadow
+
+    # RHEL-08-030140
+    - audit_rules_usergroup_modification_opasswd
+
+    # RHEL-08-030150
+    - audit_rules_usergroup_modification_passwd
+
+    # RHEL-08-030160
+    - audit_rules_usergroup_modification_gshadow
+
+    # RHEL-08-030170
+    - audit_rules_usergroup_modification_group
+
+    # RHEL-08-030171
+    - audit_rules_sudoers
+
+    # RHEL-08-030172
+    - audit_rules_sudoers_d
+
+    # RHEL-08-030180
+    - package_audit_installed
+
+    # RHEL-08-030181
+    - service_auditd_enabled
+
+    # RHEL-08-030190
+    - audit_rules_privileged_commands_su
+
+    # RHEL-08-030200
+    - audit_rules_dac_modification_lremovexattr
+    - audit_rules_dac_modification_removexattr
+    - audit_rules_dac_modification_lsetxattr
+    - audit_rules_dac_modification_fsetxattr
+    - audit_rules_dac_modification_fremovexattr
+    - audit_rules_dac_modification_setxattr
+
+    # RHEL-08-030250
+    - audit_rules_privileged_commands_chage
+
+    # RHEL-08-030260
+    - audit_rules_execution_chcon
+
+
+    # RHEL-08-030280
+    - audit_rules_privileged_commands_ssh_agent
+
+    # RHEL-08-030290
+    - audit_rules_privileged_commands_passwd
+
+    # RHEL-08-030300
+    - audit_rules_privileged_commands_mount
+
+    # RHEL-08-030301
+    - audit_rules_privileged_commands_umount
+
+    # RHEL-08-030302
+    - audit_rules_media_export
+
+    # RHEL-08-030310
+    - audit_rules_privileged_commands_unix_update
+
+    # RHEL-08-030311
+    - audit_rules_privileged_commands_postdrop
+
+    # RHEL-08-030312
+    - audit_rules_privileged_commands_postqueue
+
+    # RHEL-08-030313
+    - audit_rules_execution_semanage
+
+    # RHEL-08-030314
+    - audit_rules_execution_setfiles
+
+    # RHEL-08-030315
+    - audit_rules_privileged_commands_userhelper
+
+    # RHEL-08-030316
+    - audit_rules_execution_setsebool
+
+    # RHEL-08-030317
+    - audit_rules_privileged_commands_unix_chkpwd
+
+    # RHEL-08-030320
+    - audit_rules_privileged_commands_ssh_keysign
+
+    # RHEL-08-030330
+    - audit_rules_execution_setfacl
+
+    # RHEL-08-030340
+    - audit_rules_privileged_commands_pam_timestamp_check
+
+    # RHEL-08-030350
+    - audit_rules_privileged_commands_newgrp
+
+    # RHEL-08-030360
+    - audit_rules_kernel_module_loading_init
+    - audit_rules_kernel_module_loading_finit
+
+    # RHEL-08-030361
+    - audit_rules_file_deletion_events_rename
+    - audit_rules_file_deletion_events_renameat
+    - audit_rules_file_deletion_events_rmdir
+    - audit_rules_file_deletion_events_unlink
+    - audit_rules_file_deletion_events_unlinkat
+
+    # RHEL-08-030370
+    - audit_rules_privileged_commands_gpasswd
+
+    # RHEL-08-030390
+    - audit_rules_kernel_module_loading_delete
+
+    # RHEL-08-030400
+    - audit_rules_privileged_commands_crontab
+
+    # RHEL-08-030410
+    - audit_rules_privileged_commands_chsh
+
+    # RHEL-08-030420
+    - audit_rules_unsuccessful_file_modification_truncate
+    - audit_rules_unsuccessful_file_modification_openat
+    - audit_rules_unsuccessful_file_modification_open
+    - audit_rules_unsuccessful_file_modification_open_by_handle_at
+    - audit_rules_unsuccessful_file_modification_ftruncate
+    - audit_rules_unsuccessful_file_modification_creat
+
+    # RHEL-08-030480
+    - audit_rules_dac_modification_chown
+    - audit_rules_dac_modification_lchown
+    - audit_rules_dac_modification_fchownat
+    - audit_rules_dac_modification_fchown
+
+    # RHEL-08-030490
+    - audit_rules_dac_modification_chmod
+    - audit_rules_dac_modification_fchmodat
+    - audit_rules_dac_modification_fchmod
+
+    # RHEL-08-030550
+    - audit_rules_privileged_commands_sudo
+
+    # RHEL-08-030560
+    - audit_rules_privileged_commands_usermod
+
+    # RHEL-08-030570
+    - audit_rules_execution_chacl
+
+    # RHEL-08-030580
+    - audit_rules_privileged_commands_kmod
+
+    # RHEL-08-030590
+    - audit_rules_login_events_faillock
+
+    # RHEL-08-030600
+    - audit_rules_login_events_lastlog
+
+    # RHEL-08-030601
+    - grub2_audit_argument
+
+    # RHEL-08-030602
+    - grub2_audit_backlog_limit_argument
+
+    # RHEL-08-030603
+    - configure_usbguard_auditbackend
+
+    # RHEL-08-030610
+    - file_permissions_etc_audit_auditd
+    - file_permissions_etc_audit_rulesd
+
+    # RHEL-08-030620
+    - file_audit_tools_permissions
+
+    # RHEL-08-030630
+    - file_audit_tools_ownership
+
+    # RHEL-08-030640
+    - file_audit_tools_group_ownership
+
+    # RHEL-08-030650
+    - aide_check_audit_tools
+
+    # RHEL-08-030660
+    - auditd_audispd_configure_sufficiently_large_partition
+
+    # RHEL-08-030670
+    - package_rsyslog_installed
+
+    # RHEL-08-030680
+    - package_rsyslog-gnutls_installed
+
+    # RHEL-08-030690
+    - rsyslog_remote_loghost
+
+    # RHEL-08-030700
+    - auditd_overflow_action
+
+    # RHEL-08-030710
+    - rsyslog_encrypt_offload_defaultnetstreamdriver
+    - rsyslog_encrypt_offload_actionsendstreamdrivermode
+
+    # RHEL-08-030720
+    - rsyslog_encrypt_offload_actionsendstreamdriverauthmode
+
+    # RHEL-08-030730
+    - auditd_data_retention_space_left_percentage
+
+    # RHEL-08-030731
+    - auditd_data_retention_space_left_action
+
+    # RHEL-08-030740
+    # remediation fails because default configuration file contains pool instead of server keyword
+    - chronyd_or_ntpd_set_maxpoll
+    - chronyd_server_directive
+    - chronyd_specify_remote_server
+
+    # RHEL-08-030741
+    - chronyd_client_only
+
+    # RHEL-08-030742
+    - chronyd_no_chronyc_network
+
+    # RHEL-08-040000
+    - package_telnet-server_removed
+
+    # RHEL-08-040001
+    - package_abrt_removed
+    - package_abrt-addon-ccpp_removed
+    - package_abrt-addon-kerneloops_removed
+    - package_python3-abrt-addon_removed
+    - package_abrt-cli_removed
+    - package_abrt-plugin-sosreport_removed
+    - package_libreport-plugin-rhtsupport_removed
+    - package_libreport-plugin-logger_removed
+
+    # RHEL-08-040002
+    - package_sendmail_removed
+
+    # RHEL-08-040003
+    ### NOTE: Will be removed in V1R2, merged into RHEL-08-040370
+
+    # RHEL-08-040004
+    - grub2_pti_argument
+
+    # RHEL-08-040010
+    - package_rsh-server_removed
+
+    # RHEL-08-040020
+    - kernel_module_uvcvideo_disabled
+
+    # RHEL-08-040021
+    - kernel_module_atm_disabled
+
+    # RHEL-08-040022
+    - kernel_module_can_disabled
+
+    # RHEL-08-040023
+    - kernel_module_sctp_disabled
+
+    # RHEL-08-040024
+    - kernel_module_tipc_disabled
+
+    # RHEL-08-040025
+    - kernel_module_cramfs_disabled
+
+    # RHEL-08-040026
+    - kernel_module_firewire-core_disabled
+
+    # RHEL-08-040030
+    - configure_firewalld_ports
+
+    # RHEL-08-040060
+    ### NOTE: Removed in V1R2
+
+    # RHEL-08-040070
+    - service_autofs_disabled
+
+    # RHEL-08-040080
+    - kernel_module_usb-storage_disabled
+
+    # RHEL-08-040090
+    - configured_firewalld_default_deny
+    - set_firewalld_default_zone
+
+    # RHEL-08-040100
+    - package_firewalld_installed
+
+    # RHEL-08-040101
+    - service_firewalld_enabled
+
+    # RHEL-08-040110
+    - wireless_disable_interfaces
+
+    # RHEL-08-040111
+    - kernel_module_bluetooth_disabled
+
+    # RHEL-08-040120
+    - mount_option_dev_shm_nodev
+
+    # RHEL-08-040121
+    - mount_option_dev_shm_nosuid
+
+    # RHEL-08-040122
+    - mount_option_dev_shm_noexec
+
+    # RHEL-08-040123
+    - mount_option_tmp_nodev
+
+    # RHEL-08-040124
+    - mount_option_tmp_nosuid
+
+    # RHEL-08-040125
+    - mount_option_tmp_noexec
+
+    # RHEL-08-040126
+    - mount_option_var_log_nodev
+
+    # RHEL-08-040127
+    - mount_option_var_log_nosuid
+
+    # RHEL-08-040128
+    - mount_option_var_log_noexec
+
+    # RHEL-08-040129
+    - mount_option_var_log_audit_nodev
+
+    # RHEL-08-040130
+    - mount_option_var_log_audit_nosuid
+
+    # RHEL-08-040131
+    - mount_option_var_log_audit_noexec
+
+    # RHEL-08-040132
+    - mount_option_var_tmp_nodev
+
+    # RHEL-08-040133
+    - mount_option_var_tmp_nosuid
+
+    # RHEL-08-040134
+    - mount_option_var_tmp_noexec
+
+    # RHEL-08-040135
+    - package_fapolicyd_installed
+
+    # RHEL-08-040136
+    - service_fapolicyd_enabled
+
+    # RHEL-08-040137
+    - fapolicy_default_deny
+
+    # RHEL-08-040139
+    - package_usbguard_installed
+
+    # RHEL-08-040140
+    - usbguard_generate_policy
+
+    # RHEL-08-040141
+    - service_usbguard_enabled
+
+    # RHEL-08-040150
+    - firewalld-backend
+
+    # RHEL-08-040159
+    - package_openssh-server_installed
+
+    # RHEL-08-040160
+    - service_sshd_enabled
+
+    # RHEL-08-040161
+    - sshd_rekey_limit
+
+    # RHEL-08-040170
+    - disable_ctrlaltdel_reboot
+
+    # RHEL-08-040171
+    - dconf_gnome_disable_ctrlaltdel_reboot
+
+    # RHEL-08-040172
+    - disable_ctrlaltdel_burstaction
+
+    # RHEL-08-040180
+    - service_debug-shell_disabled
+
+    # RHEL-08-040190
+    - package_tftp-server_removed
+
+    # RHEL-08-040200
+    - accounts_no_uid_except_zero
+
+    # RHEL-08-040209
+    - sysctl_net_ipv4_conf_default_accept_redirects
+
+    # RHEL-08-040210
+    - sysctl_net_ipv6_conf_default_accept_redirects
+
+    # RHEL-08-040220
+    - sysctl_net_ipv4_conf_all_send_redirects
+
+    # RHEL-08-040230
+    - sysctl_net_ipv4_icmp_echo_ignore_broadcasts
+
+    # RHEL-08-040239
+    - sysctl_net_ipv4_conf_all_accept_source_route
+
+    # RHEL-08-040240
+    - sysctl_net_ipv6_conf_all_accept_source_route
+
+    # RHEL-08-040249
+    - sysctl_net_ipv4_conf_default_accept_source_route
+
+    # RHEL-08-040250
+    - sysctl_net_ipv6_conf_default_accept_source_route
+
+    # RHEL-08-040259
+    - sysctl_net_ipv4_conf_all_forwarding
+
+    # RHEL-08-040260
+    - sysctl_net_ipv6_conf_all_forwarding
+
+    # RHEL-08-040261
+    - sysctl_net_ipv6_conf_all_accept_ra
+
+    # RHEL-08-040262
+    - sysctl_net_ipv6_conf_default_accept_ra
+
+    # RHEL-08-040270
+    - sysctl_net_ipv4_conf_default_send_redirects
+
+    # RHEL-08-040279
+    - sysctl_net_ipv4_conf_all_accept_redirects
+
+    # RHEL-08-040280
+    - sysctl_net_ipv6_conf_all_accept_redirects
+
+    # RHEL-08-040281
+    - sysctl_kernel_unprivileged_bpf_disabled
+
+    # RHEL-08-040282
+    - sysctl_kernel_yama_ptrace_scope
+
+    # RHEL-08-040283
+    - sysctl_kernel_kptr_restrict
+
+    # RHEL-08-040284
+    - sysctl_user_max_user_namespaces
+
+    # RHEL-08-040285
+    - sysctl_net_ipv4_conf_all_rp_filter
+
+    # RHEL-08-040286
+    - sysctl_net_core_bpf_jit_harden
+
+    # RHEL-08-040290
+    - postfix_prevent_unrestricted_relay
+
+    # RHEL-08-040300
+    - aide_verify_ext_attributes
+
+    # RHEL-08-040310
+    - aide_verify_acls
+
+    # RHEL-08-040320
+    - xwindows_remove_packages
+
+    # RHEL-08-040321
+    - xwindows_runlevel_target
+
+    # RHEL-08-040330
+    - network_sniffer_disabled
+
+    # RHEL-08-040340
+    - sshd_disable_x11_forwarding
+
+    # RHEL-08-040341
+    - sshd_x11_use_localhost
+
+    # RHEL-08-040342
+    - sshd_use_approved_kex_ordered_stig
+
+    # RHEL-08-040350
+    - tftpd_uses_secure_mode
+
+    # RHEL-08-040360
+    - package_vsftpd_removed
+
+    # RHEL-08-040370
+    - package_gssproxy_removed
+
+    # RHEL-08-040380
+    - package_iprutils_removed
+
+    # RHEL-08-040390
+    - package_tuned_removed
+
+    # RHEL-08-040400
+    - selinux_user_login_roles
+
+    # RHEL-08-010163
+    - package_krb5-server_removed
diff --git a/products/almalinux8/profiles/stig_gui.profile b/products/almalinux8/profiles/stig_gui.profile
new file mode 100644
index 000000000..0f9a28183
--- /dev/null
+++ b/products/almalinux8/profiles/stig_gui.profile
@@ -0,0 +1,51 @@
+documentation_complete: true
+
+metadata:
+    version: V2R2
+    SMEs:
+        - mab879
+        - ggbecker
+
+reference: https://public.cyber.mil/stigs/downloads/?_dl_facet_stigs=operating-systems%2Cunix-linux
+
+title: 'DISA STIG with GUI for Red Hat Enterprise Linux 8'
+
+description: |-
+    This profile contains configuration checks that align to the
+    DISA STIG with GUI for Red Hat Enterprise Linux 8 V2R2.
+
+    In addition to being applicable to Red Hat Enterprise Linux 8, this
+    configuration baseline is applicable to the operating system tier of
+    Red Hat technologies that are based on Red Hat Enterprise Linux 8, such as:
+
+    - Red Hat Enterprise Linux Server
+    - Red Hat Enterprise Linux Workstation and Desktop
+    - Red Hat Enterprise Linux for HPC
+    - Red Hat Storage
+    - Red Hat Containers with a Red Hat Enterprise Linux 8 image
+
+    Warning: The installation and use of a Graphical User Interface (GUI)
+    increases your attack vector and decreases your overall security posture. If
+    your Information Systems Security Officer (ISSO) lacks a documented operational
+    requirement for a graphical user interface, please consider using the
+    standard DISA STIG for Red Hat Enterprise Linux 8 profile.
+
+extends: stig
+
+selections:
+    # RHEL-08-040320
+    - '!xwindows_remove_packages'
+
+    # RHEL-08-040321
+    - '!xwindows_runlevel_target'
+
+    # RHEL-08-040001
+    - '!package_libreport-plugin-rhtsupport_removed'
+
+    # RHEL-08-040284
+    # Limiting user namespaces cause issues with user apps, such as Firefox and Cheese
+    # https://issues.redhat.com/browse/RHEL-10416
+    - '!sysctl_user_max_user_namespaces'
+
+    # locking of idle sessions is handled by screensaver when GUI is present, the following rule is therefore redundant
+    - '!logind_session_timeout'
diff --git a/products/almalinux8/transforms/constants.xslt b/products/almalinux8/transforms/constants.xslt
new file mode 100644
index 000000000..37cf40509
--- /dev/null
+++ b/products/almalinux8/transforms/constants.xslt
@@ -0,0 +1,13 @@
+
+
+
+
+AlmaLinux OS 8
+AL8
+AL_8_STIG
+almalinux8
+
+https://www.cisecurity.org/benchmark/almalinuxos_linux/
+
+
+
diff --git a/products/almalinux8/transforms/table-style.xslt b/products/almalinux8/transforms/table-style.xslt
new file mode 100644
index 000000000..8b6caeab8
--- /dev/null
+++ b/products/almalinux8/transforms/table-style.xslt
@@ -0,0 +1,5 @@
+
+
+
+
+
diff --git a/products/almalinux8/transforms/xccdf-apply-overlay-stig.xslt b/products/almalinux8/transforms/xccdf-apply-overlay-stig.xslt
new file mode 100644
index 000000000..4789419b8
--- /dev/null
+++ b/products/almalinux8/transforms/xccdf-apply-overlay-stig.xslt
@@ -0,0 +1,8 @@
+
+
+
+
+
+
+
+
diff --git a/products/almalinux8/transforms/xccdf2table-cce.xslt b/products/almalinux8/transforms/xccdf2table-cce.xslt
new file mode 100644
index 000000000..f156a6695
--- /dev/null
+++ b/products/almalinux8/transforms/xccdf2table-cce.xslt
@@ -0,0 +1,9 @@
+
+
+
+
+
+
+
+
+
diff --git a/products/almalinux8/transforms/xccdf2table-profileccirefs.xslt b/products/almalinux8/transforms/xccdf2table-profileccirefs.xslt
new file mode 100644
index 000000000..30419e92b
--- /dev/null
+++ b/products/almalinux8/transforms/xccdf2table-profileccirefs.xslt
@@ -0,0 +1,9 @@
+
+
+
+
+
+
+
+
+
diff --git a/shared/checks/oval/installed_OS_is_almalinux8.xml b/shared/checks/oval/installed_OS_is_almalinux8.xml
new file mode 100644
index 000000000..1d94fd870
--- /dev/null
+++ b/shared/checks/oval/installed_OS_is_almalinux8.xml
@@ -0,0 +1,34 @@
+
+  
+    
+      AlmaLinux OS 8
+      
+        multi_platform_all
+      
+      
+      The operating system installed on the system is AlmaLinux OS 8
+    
+    
+      
+      
+      
+    
+  
+
+  
+    
+  
+  
+    /etc/almalinux-release
+  
+
+  
+    
+  
+  
+    /etc/almalinux-release
+    ^AlmaLinux release 8.[0-9]+ .*$
+    1
+  
+
+
diff --git a/shared/checks/oval/sysctl_kernel_ipv6_disable.xml b/shared/checks/oval/sysctl_kernel_ipv6_disable.xml
index f803e8ff0..0d908f044 100644
--- a/shared/checks/oval/sysctl_kernel_ipv6_disable.xml
+++ b/shared/checks/oval/sysctl_kernel_ipv6_disable.xml
@@ -16,6 +16,7 @@
 	multi_platform_ol
 	multi_platform_rhcos
 	multi_platform_rhel
+multi_platform_almalinux
 	multi_platform_rhv
 	multi_platform_sle
     multi_platform_slmicro5
diff --git a/shared/references/disa-stig-almalinux8-v2r2-xccdf-manual.xml b/shared/references/disa-stig-almalinux8-v2r2-xccdf-manual.xml
new file mode 120000
index 000000000..faa263aeb
--- /dev/null
+++ b/shared/references/disa-stig-almalinux8-v2r2-xccdf-manual.xml
@@ -0,0 +1 @@
+disa-stig-rhel8-v2r2-xccdf-manual.xml
\ No newline at end of file
diff --git a/shared/references/disa-stig-almalinux8-v2r2-xccdf-scap.xml b/shared/references/disa-stig-almalinux8-v2r2-xccdf-scap.xml
new file mode 120000
index 000000000..b35d1960b
--- /dev/null
+++ b/shared/references/disa-stig-almalinux8-v2r2-xccdf-scap.xml
@@ -0,0 +1 @@
+disa-stig-rhel8-v2r2-xccdf-scap.xml
\ No newline at end of file
diff --git a/shared/references/disa-stig-ol7-v3r1-xccdf-manual.xml b/shared/references/disa-stig-ol7-v3r1-xccdf-manual.xml
index e83699662..1efabcf62 100644
--- a/shared/references/disa-stig-ol7-v3r1-xccdf-manual.xml
+++ b/shared/references/disa-stig-ol7-v3r1-xccdf-manual.xml
@@ -917,7 +917,7 @@ Check to see if an encrypted grub superusers password is set. On systems that us
 $ sudo grep -iw grub2_password /boot/grub2/user.cfg
 GRUB2_PASSWORD=grub.pbkdf2.sha512.[password_hash]
 
-If the grub superusers password does not begin with "grub.pbkdf2.sha512", this is a finding.SRG-OS-000080-GPOS-00048<GroupDescription></GroupDescription>OL07-00-010491Oracle Linux operating systems version 7.2 or newer using Unified Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user and maintenance modes.<VulnDiscussion>If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for Oracle Linux 7 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>DPMS Target Oracle Linux 7DISADPMS TargetOracle Linux 74089V-99143SV-108247CCI-000213Configure the system to encrypt the boot password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the /boot/efi/EFI/redhat/user.cfg file.
+If the grub superusers password does not begin with "grub.pbkdf2.sha512", this is a finding.SRG-OS-000080-GPOS-00048<GroupDescription></GroupDescription>OL07-00-010491Oracle Linux operating systems version 7.2 or newer using Unified Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user and maintenance modes.<VulnDiscussion>If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for Oracle Linux 7 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>DPMS Target Oracle Linux 7DISADPMS TargetOracle Linux 74089V-99143SV-108247CCI-000213Configure the system to encrypt the boot password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the /boot/efi/EFI/almalinux/user.cfg file.
 
 Generate an encrypted grub2 password for the grub superusers account with the following command:
 
@@ -929,7 +929,7 @@ For systems that are running a version of Oracle Linux prior to 7.2, this is Not
 
 Check to see if an encrypted grub superusers password is set. On systems that use UEFI, use the following command:
 
-$ sudo grep -iw grub2_password /boot/efi/EFI/redhat/user.cfg
+$ sudo grep -iw grub2_password /boot/efi/EFI/almalinux/user.cfg
 GRUB2_PASSWORD=grub.pbkdf2.sha512.[password_hash]
 
 If the grub superusers password does not begin with "grub.pbkdf2.sha512", this is a finding.SRG-OS-000104-GPOS-00051<GroupDescription></GroupDescription>OL07-00-010500The Oracle Linux operating system must uniquely identify and must authenticate organizational users (or processes acting on behalf of organizational users) using multifactor authentication.<VulnDiscussion>To ensure accountability and prevent unauthenticated access, organizational users must be identified and authenticated to prevent potential misuse and compromise of the system.
@@ -1809,7 +1809,7 @@ On BIOS-based machines, use the following command:
 
 On UEFI-based machines, use the following command:
 
-# grub2-mkconfig -o /boot/efi/EFI/redhat/grub.cfg
+# grub2-mkconfig -o /boot/efi/EFI/almalinux/grub.cfg
 
 If /boot or /boot/efi reside on separate partitions, the kernel parameter boot=<partition of /boot or /boot/efi> must be added to the kernel command line. You can identify a partition by running the df /boot or df /boot/efi command:
 
@@ -1840,7 +1840,7 @@ dracut-fips-033-360.el7_2.x86_64.rpm
 
 If a "dracut-fips" package is installed, check to see if the kernel command line is configured to use FIPS mode with the following command:
 
-Note: GRUB 2 reads its configuration from the "/boot/grub2/grub.cfg" file on traditional BIOS-based machines and from the "/boot/efi/EFI/redhat/grub.cfg" file on UEFI machines.
+Note: GRUB 2 reads its configuration from the "/boot/grub2/grub.cfg" file on traditional BIOS-based machines and from the "/boot/efi/EFI/almalinux/grub.cfg" file on UEFI machines.
 
 # grep fips /boot/grub2/grub.cfg
 /vmlinuz-3.8.0-0.40.el7.x86_64 root=/dev/mapper/rhel-root ro rd.md=0 rd.dm=0 rd.lvm.lv=rhel/swap crashkernel=auto rd.luks=0 vconsole.keymap=us rd.lvm.lv=rhel/root rhgb fips=1 quiet
@@ -1912,23 +1912,23 @@ An example rule that includes the "sha512" rule follows:
 
 If the "sha512" rule is not being used on all uncommented selection lines in the "/etc/aide.conf" file, or another file integrity tool is not using FIPS 140-2-approved cryptographic hashes for validating file contents and directories, this is a finding.SRG-OS-000364-GPOS-00151<GroupDescription></GroupDescription>OL07-00-021700The Oracle Linux operating system must not allow removable media to be used as the boot loader unless approved.<VulnDiscussion>Malicious users with removable boot media can gain access to a system configured to use removable media as the boot loader. If removable media is designed to be used as the boot loader, the requirement must be documented with the information system security officer (ISSO).</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>DPMS Target Oracle Linux 7DISADPMS TargetOracle Linux 74089SV-108367V-99263CCI-001813Remove alternate methods of booting the system from removable media or document the configuration to boot from removable media with the ISSO.Verify the system is not configured to use a boot loader on removable media.
 
-Note: GRUB 2 reads its configuration from the "/boot/grub2/grub.cfg" file on traditional BIOS-based machines and from the "/boot/efi/EFI/redhat/grub.cfg" file on UEFI machines.
+Note: GRUB 2 reads its configuration from the "/boot/grub2/grub.cfg" file on traditional BIOS-based machines and from the "/boot/efi/EFI/almalinux/grub.cfg" file on UEFI machines.
 
 Check for the existence of alternate boot loader configuration files with the following command:
 
      # find / -name grub.cfg
-     /boot/efi/EFI/redhat/grub.cfg
+     /boot/efi/EFI/almalinux/grub.cfg
 
-If a "grub.cfg" is found in any subdirectories other than "/boot/grub2/" and "/boot/efi/EFI/redhat/", ask the system administrator (SA) if there is documentation signed by the information system security officer (ISSO) to approve the use of removable media as a boot loader. 
+If a "grub.cfg" is found in any subdirectories other than "/boot/grub2/" and "/boot/efi/EFI/almalinux/", ask the system administrator (SA) if there is documentation signed by the information system security officer (ISSO) to approve the use of removable media as a boot loader. 
 
 List the number of menu entries defined in the grub configuration file with the following command (the number will vary between systems):
 
-     # grep -cw menuentry /boot/efi/EFI/redhat/grub.cfg
+     # grep -cw menuentry /boot/efi/EFI/almalinux/grub.cfg
      4
 
 Check that the grub configuration file has the "set root" command for each menu entry with the following command ("set root" defines the disk and partition or directory where the kernel and GRUB 2 modules are stored):
 
-     # grep 'set root' /boot/efi/EFI/redhat/grub.cfg
+     # grep 'set root' /boot/efi/EFI/almalinux/grub.cfg
      set root='hd0,gpt2'
      set root='hd0,gpt2'
      set root='hd0,gpt2'
@@ -4453,12 +4453,12 @@ password_pbkdf2 [someuniquestringhere] ${GRUB2_PASSWORD}
 
 Generate a new grub.cfg file with the following command:
 
-$ sudo grub2-mkconfig -o /boot/efi/EFI/redhat/grub.cfgFor systems that use BIOS, this is Not Applicable.
+$ sudo grub2-mkconfig -o /boot/efi/EFI/almalinux/grub.cfgFor systems that use BIOS, this is Not Applicable.
 
 For systems that are running a version of Oracle Linux prior to 7.2, this is Not Applicable.
 Verify that a unique name is set as the "superusers" account:
 
-$ sudo grep -iw "superusers" /boot/efi/EFI/redhat/grub.cfg
+$ sudo grep -iw "superusers" /boot/efi/EFI/almalinux/grub.cfg
 set superusers="[someuniquestringhere]"
 export superusers
 
diff --git a/shared/references/disa-stig-ol8-v2r2-xccdf-scap.xml b/shared/references/disa-stig-ol8-v2r2-xccdf-scap.xml
index 97dac8309..f188cf808 100644
--- a/shared/references/disa-stig-ol8-v2r2-xccdf-scap.xml
+++ b/shared/references/disa-stig-ol8-v2r2-xccdf-scap.xml
@@ -2850,7 +2850,7 @@ SHA_CRYPT_MIN_ROUNDS 5000
             5416
           
           CCI-000213
-          Configure the system to require an encrypted grub bootloader password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the "/boot/efi/EFI/redhat/user.cfg" file. 
+          Configure the system to require an encrypted grub bootloader password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the "/boot/efi/EFI/almalinux/user.cfg" file. 
  
 Generate an encrypted grub2 password for the grub superusers account with the following command: 
  
@@ -11097,7 +11097,7 @@ The "logind" service must be restarted for the changes to take effect. To restar
             The OL8 system boots with United Extensable Firmware Interface (UEFI)
           
           
-            
+            
           
         
         
@@ -11250,11 +11250,11 @@ Passwords need to be protected at all times, and encryption is the standard meth
             
             If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system.  GRUB 2 is the default boot loader for OL 8 and is designed to require a password to boot into single-user mode or modify the boot menu.
           
-          
-            
+          
+            
             
-              
-              
+              
+              
             
           
         
@@ -11874,7 +11874,7 @@ Configuration settings are the set of parameters that can be changed in hardware
             The "nosuid" mount option causes the system not to execute "setuid" and "setgid" files with owner privileges. This option must be used for mounting any file system not containing approved "setuid" and "setguid" files. Executing files from untrusted file systems increases the opportunity for unprivileged users to attain unauthorized administrative access.
           
           
-            
+            
             
               
               
@@ -15425,7 +15425,7 @@ By limiting the number of attempts to meet the pwquality module complexity requi
         
           
         
-        
+        
           
         
         
@@ -15479,11 +15479,11 @@ By limiting the number of attempts to meet the pwquality module complexity requi
           
           
         
-        
+        
           
           
         
-        
+        
           
           
         
@@ -17231,8 +17231,8 @@ By limiting the number of attempts to meet the pwquality module complexity requi
         
           gnome-shell
         
-        
-          /boot/efi/EFI/redhat/grub.cfg
+        
+          /boot/efi/EFI/almalinux/grub.cfg
         
         
           /boot/grub2/grub.cfg
@@ -17308,13 +17308,13 @@ By limiting the number of attempts to meet the pwquality module complexity requi
           ^\s*SHA_CRYPT_MAX_ROUNDS\s+(\d*)
           1
         
-        
-          /boot/efi/EFI/redhat/grub.cfg
+        
+          /boot/efi/EFI/almalinux/grub.cfg
           ^\s*set\s+superusers\s*=\s*"(\w+)"\s*$
           1
         
-        
-          /boot/efi/EFI/redhat/user.cfg
+        
+          /boot/efi/EFI/almalinux/user.cfg
           ^\s*GRUB2_PASSWORD=(\S+)\b
           1
         
diff --git a/shared/references/disa-stig-ol8-v2r3-xccdf-manual.xml b/shared/references/disa-stig-ol8-v2r3-xccdf-manual.xml
index 7e5d2fce0..f4fc7a4be 100644
--- a/shared/references/disa-stig-ol8-v2r3-xccdf-manual.xml
+++ b/shared/references/disa-stig-ol8-v2r3-xccdf-manual.xml
@@ -425,7 +425,7 @@ SHA_CRYPT_MIN_ROUNDS 100000SRG-OS-000080-GPOS-00048<GroupDescription></GroupDescription>OL08-00-010140OL 8 operating systems booted with United Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user mode and maintenance.<VulnDiscussion>If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for OL 8 and is designed to require a password to boot into single-user mode or modify the boot menu.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>DPMS Target Oracle Linux 8DISADPMS TargetOracle Linux 85416CCI-000213Configure the system to require an encrypted grub bootloader password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the "/boot/efi/EFI/redhat/user.cfg" file. 
+If both "SHA_CRYPT_MIN_ROUNDS" and "SHA_CRYPT_MAX_ROUNDS" are set, and the value for either is below "100000", this is a finding.SRG-OS-000080-GPOS-00048<GroupDescription></GroupDescription>OL08-00-010140OL 8 operating systems booted with United Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user mode and maintenance.<VulnDiscussion>If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for OL 8 and is designed to require a password to boot into single-user mode or modify the boot menu.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>DPMS Target Oracle Linux 8DISADPMS TargetOracle Linux 85416CCI-000213Configure the system to require an encrypted grub bootloader password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the "/boot/efi/EFI/almalinux/user.cfg" file. 
  
 Generate an encrypted grub2 password for the grub superusers account with the following command: 
  
@@ -435,7 +435,7 @@ Confirm password:For systems that use BIOS, this is Not Applicable.
+$ sudo grub2-mkconfig -o /boot/efi/EFI/almalinux/grub.cfgFor systems that use BIOS, this is Not Applicable.
 
 Verify that a unique name is set as the "superusers" account:
 
-$ sudo grep -iw "superusers" /boot/efi/EFI/redhat/grub.cfg
+$ sudo grep -iw "superusers" /boot/efi/EFI/almalinux/grub.cfg
 set superusers="[someuniqueUserNamehere]"
 export superusers
 
diff --git a/shared/references/disa-stig-rhel8-v2r2-xccdf-manual.xml b/shared/references/disa-stig-rhel8-v2r2-xccdf-manual.xml
index fea61541f..c645efb2a 100644
--- a/shared/references/disa-stig-rhel8-v2r2-xccdf-manual.xml
+++ b/shared/references/disa-stig-rhel8-v2r2-xccdf-manual.xml
@@ -374,7 +374,7 @@ SHA_CRYPT_MIN_ROUNDS 100000SRG-OS-000080-GPOS-00048<GroupDescription></GroupDescription>RHEL-08-010140RHEL 8 operating systems booted with United Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user mode and maintenance.<VulnDiscussion>If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for RHEL 8 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>DPMS Target Red Hat Enterprise Linux 8DISADPMS TargetRed Hat Enterprise Linux 82921CCI-000213Configure the system to require a grub bootloader password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the /boot/efi/EFI/redhat/user.cfg file.
+If both "SHA_CRYPT_MIN_ROUNDS" and "SHA_CRYPT_MAX_ROUNDS" are set, and the highest value for either is below "100000", this is a finding.SRG-OS-000080-GPOS-00048<GroupDescription></GroupDescription>RHEL-08-010140RHEL 8 operating systems booted with United Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user mode and maintenance.<VulnDiscussion>If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for RHEL 8 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>DPMS Target Red Hat Enterprise Linux 8DISADPMS TargetRed Hat Enterprise Linux 82921CCI-000213Configure the system to require a grub bootloader password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the /boot/efi/EFI/almalinux/user.cfg file.
 
 Generate an encrypted grub2 password for the grub superusers account with the following command:
 
@@ -384,7 +384,7 @@ Confirm password:For systems that use BIOS, this is Not Applicable.
+$ sudo grub2-mkconfig -o /boot/efi/EFI/almalinux/grub.cfgFor systems that use BIOS, this is Not Applicable.
 
 Verify that a unique name is set as the "superusers" account:
 
-$ sudo grep -iw "superusers" /boot/efi/EFI/redhat/grub.cfg
+$ sudo grep -iw "superusers" /boot/efi/EFI/almalinux/grub.cfg
 set superusers="[someuniquestringhere]"
 export superusers
 
diff --git a/shared/references/disa-stig-rhel8-v2r2-xccdf-scap.xml b/shared/references/disa-stig-rhel8-v2r2-xccdf-scap.xml
index ecdb4b277..9702848cf 100644
--- a/shared/references/disa-stig-rhel8-v2r2-xccdf-scap.xml
+++ b/shared/references/disa-stig-rhel8-v2r2-xccdf-scap.xml
@@ -3264,7 +3264,7 @@ SHA_CRYPT_MIN_ROUNDS 100000
           
           
           CCI-000213
-          Configure the system to require a grub bootloader password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the /boot/efi/EFI/redhat/user.cfg file.
+          Configure the system to require a grub bootloader password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the /boot/efi/EFI/almalinux/user.cfg file.
 
 Generate an encrypted grub2 password for the grub superusers account with the following command:
 
@@ -12501,8 +12501,8 @@ $ sudo systemctl restart systemd-logind
             
           
           
-            
-            
+            
+            
           
         
         
@@ -15447,7 +15447,8 @@ $ sudo systemctl restart systemd-logind
           
             The system is RHEL 8.1 or lower
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             
           
@@ -15459,7 +15460,8 @@ $ sudo systemctl restart systemd-logind
           
             The system is RHEL 8.2 or higher
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             
           
@@ -15508,7 +15510,8 @@ $ sudo systemctl restart systemd-logind
           
             The system is RHEL 8.3 or lower
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             
           
@@ -15520,7 +15523,8 @@ $ sudo systemctl restart systemd-logind
           
             The system is RHEL 8.4 or higher
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             
           
@@ -15572,7 +15576,8 @@ $ sudo systemctl restart systemd-logind
           
             RHEL-08-010000 - RHEL 8 must be a vendor-supported release.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             An operating system release is considered "supported" if the vendor continues to provide security patches for the product. With an unsupported release, it will not be possible to resolve security issues discovered in the system software.
 
@@ -15587,7 +15592,8 @@ Note: The life-cycle time spans and dates are subject to adjustment.
             RHEL-08-010020 - RHEL 8 must implement NIST FIPS-validated cryptography for the following: to provision digital signatures, to generate cryptographic hashes, and to protect data requiring data-at-rest protections in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Use of weak or untested encryption algorithms undermines the purposes of using encryption to protect data. The operating system must implement cryptographic modules adhering to the higher standards approved by the Federal Government since this provides assurance they have been tested and validated.
 
@@ -15605,7 +15611,8 @@ Satisfies: SRG-OS-000033-GPOS-00014, SRG-OS-000125-GPOS-00065, SRG-OS-000396-GPO
           
             RHEL-08-010070 - All RHEL 8 remote access methods must be monitored.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Remote access services, such as those providing remote access to network devices and information systems, which lack automated monitoring capabilities, increase risk and make remote user access management difficult at best.
 
@@ -15621,7 +15628,8 @@ Automated monitoring of remote access sessions allows organizations to detect cy
           
             RHEL-08-010110 - RHEL 8 must encrypt all stored passwords with a FIPS 140-2 approved cryptographic hashing algorithm.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Passwords need to be protected at all times, and encryption is the standard method for protecting passwords. If passwords are not encrypted, they can be plainly read (i.e., clear text) and easily compromised.
 
@@ -15637,7 +15645,8 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
           
             RHEL-08-010120 - RHEL 8 must employ FIPS 140-2 approved cryptographic hashing algorithms for all stored passwords.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             The system must use a strong hashing algorithm to store the password.
 
@@ -15651,7 +15660,8 @@ Passwords need to be protected at all times, and encryption is the standard meth
           
             RHEL-08-010130 - The RHEL 8 shadow password suite must be configured to use a sufficient number of hashing rounds.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             The system must use a strong hashing algorithm to store the password. The system must use a sufficient number of hashing rounds to ensure the required level of entropy.
 
@@ -15665,7 +15675,8 @@ Passwords need to be protected at all times, and encryption is the standard meth
           
             RHEL-08-010140 - RHEL 8 operating systems booted with United Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user mode and maintenance.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for RHEL 8 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.
           
@@ -15677,7 +15688,8 @@ Passwords need to be protected at all times, and encryption is the standard meth
           
             RHEL-08-010150 - RHEL 8 operating systems booted with a BIOS must require authentication upon booting into single-user and maintenance modes.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for RHEL 8 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.
           
@@ -15689,7 +15701,8 @@ Passwords need to be protected at all times, and encryption is the standard meth
           
             RHEL-08-010151 - RHEL 8 operating systems must require authentication upon booting into rescue mode.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             If the system does not require valid root authentication before it boots into emergency or rescue mode, anyone who invokes emergency or rescue mode is granted privileged access to all files on the system.
           
@@ -15701,7 +15714,8 @@ Passwords need to be protected at all times, and encryption is the standard meth
           
             RHEL-08-010160 - The RHEL 8 pam_unix.so module must be configured in the password-auth file to use a FIPS 140-2 approved cryptographic hashing algorithm for system authentication.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Unapproved mechanisms that are used for authentication to the cryptographic module are not verified and therefore cannot be relied upon to provide confidentiality or integrity, and DoD data may be compromised.
 
@@ -15717,7 +15731,8 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
           
             RHEL-08-010161 - RHEL 8 must prevent system daemons from using Kerberos for authentication.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Unapproved mechanisms that are used for authentication to the cryptographic module are not verified and therefore cannot be relied upon to provide confidentiality or integrity, and DoD data may be compromised.
 
@@ -15735,7 +15750,8 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
           
             RHEL-08-010162 - The krb5-workstation package must not be installed on RHEL 8.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Unapproved mechanisms that are used for authentication to the cryptographic module are not verified and therefore cannot be relied upon to provide confidentiality or integrity, and DoD data may be compromised.
 
@@ -15753,7 +15769,8 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
           
             RHEL-08-010170 - RHEL 8 must use a Linux Security Module configured to enforce limits on system services.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Without verification of the security functions, security functions may not operate correctly and the failure may go unnoticed. Security function is defined as the hardware, software, and/or firmware of the information system responsible for enforcing the system security policy and supporting the isolation of code and data on which the protection is based. Security functionality includes, but is not limited to, establishing system accounts, configuring access authorizations (i.e., permissions, privileges), setting events to be audited, and setting intrusion detection parameters.
 
@@ -15767,7 +15784,8 @@ This requirement applies to operating systems performing security function verif
           
             RHEL-08-010171 - RHEL 8 must have policycoreutils package installed.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Without verification of the security functions, security functions may not operate correctly and the failure may go unnoticed. Security function is defined as the hardware, software, and/or firmware of the information system responsible for enforcing the system security policy and supporting the isolation of code and data on which the protection is based. Security functionality includes, but is not limited to, establishing system accounts, configuring access authorizations (i.e., permissions, privileges), setting events to be audited, and setting intrusion detection parameters.
 
@@ -15781,7 +15799,8 @@ Policycoreutils contains the policy core utilities that are required for basic o
           
             RHEL-08-010200 - RHEL 8 must be configured so that all network connections associated with SSH traffic are terminated at the end of the session or after 10 minutes of inactivity, except to fulfill documented and validated mission requirements.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Terminating an idle SSH session within a short time period reduces the window of opportunity for unauthorized personnel to take control of a management session enabled on the console or console port that has been left unattended. In addition, quickly terminating an idle SSH session will also free up resources committed by the managed network element.
 
@@ -15799,7 +15818,8 @@ Satisfies: SRG-OS-000163-GPOS-00072, SRG-OS-000126-GPOS-00066, SRG-OS-000279-GPO
           
             RHEL-08-010210 - The RHEL 8 /var/log/messages file must have mode 0640 or less permissive.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 8 system or platform. Additionally, Personally Identifiable Information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
 
@@ -15813,7 +15833,8 @@ The structure and content of error messages must be carefully considered by the
           
             RHEL-08-010220 - The RHEL 8 /var/log/messages file must be owned by root.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 8 system or platform. Additionally, Personally Identifiable Information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
 
@@ -15827,7 +15848,8 @@ The structure and content of error messages must be carefully considered by the
           
             RHEL-08-010230 - The RHEL 8 /var/log/messages file must be group-owned by root.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 8 system or platform. Additionally, Personally Identifiable Information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
 
@@ -15841,7 +15863,8 @@ The structure and content of error messages must be carefully considered by the
           
             RHEL-08-010240 - The RHEL 8 /var/log directory must have mode 0755 or less permissive.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 8 system or platform. Additionally, Personally Identifiable Information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
 
@@ -15855,7 +15878,8 @@ The structure and content of error messages must be carefully considered by the
           
             RHEL-08-010250 - The RHEL 8 /var/log directory must be owned by root.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 8 system or platform. Additionally, Personally Identifiable Information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
 
@@ -15869,7 +15893,8 @@ The structure and content of error messages must be carefully considered by the
           
             RHEL-08-010260 - The RHEL 8 /var/log directory must be group-owned by root.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 8 system or platform. Additionally, Personally Identifiable Information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
 
@@ -15883,7 +15908,8 @@ The structure and content of error messages must be carefully considered by the
           
             RHEL-08-010292 - RHEL 8 must ensure the SSH server uses strong entropy.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             The most important characteristic of a random number generator is its randomness, namely its ability to deliver random numbers that are impossible to predict.  Entropy in computer security is associated with the unpredictability of a source of randomness.  The random source with high entropy tends to achieve a uniform distribution of random values.  Random number generators are one of the most important building blocks of cryptosystems.
 
@@ -15897,7 +15923,8 @@ The SSH implementation in RHEL8 uses the OPENSSL library, which does not use hig
           
             RHEL-08-010294 - The RHEL 8 operating system must implement DoD-approved TLS encryption in the OpenSSL package.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Without cryptographic integrity protections, information can be altered by unauthorized users without detection.
 
@@ -15917,7 +15944,8 @@ Satisfies: SRG-OS-000250-GPOS-00093, SRG-OS-000393-GPOS-00173, SRG-OS-000394-GPO
           
             RHEL-08-010300 - RHEL 8 system commands must have mode 755 or less permissive.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             If RHEL 8 were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
 
@@ -15931,7 +15959,8 @@ This requirement applies to RHEL 8 with software libraries that are accessible a
           
             RHEL-08-010310 - RHEL 8 system commands must be owned by root.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             If RHEL 8 were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
 
@@ -15945,7 +15974,8 @@ This requirement applies to RHEL 8 with software libraries that are accessible a
           
             RHEL-08-010320 - RHEL 8 system commands must be group-owned by root or a system account.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             If RHEL 8 were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
 
@@ -15959,7 +15989,8 @@ This requirement applies to RHEL 8 with software libraries that are accessible a
           
             RHEL-08-010330 - RHEL 8 library files must have mode 755 or less permissive.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             If RHEL 8 were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
 
@@ -15973,7 +16004,8 @@ This requirement applies to RHEL 8 with software libraries that are accessible a
           
             RHEL-08-010340 - RHEL 8 library files must be owned by root.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             If RHEL 8 were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
 
@@ -15987,7 +16019,8 @@ This requirement applies to RHEL 8 with software libraries that are accessible a
           
             RHEL-08-010350 - RHEL 8 library files must be group-owned by root or a system account.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             If RHEL 8 were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
 
@@ -16001,7 +16034,8 @@ This requirement applies to RHEL 8 with software libraries that are accessible a
           
             RHEL-08-010370 - RHEL 8 must prevent the installation of software, patches, service packs, device drivers, or operating system components from a repository without verification they have been digitally signed using a certificate that is issued by a Certificate Authority (CA) that is recognized and approved by the organization.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Changes to any software components can have significant effects on the overall security of the operating system. This requirement ensures the software has not been tampered with and that it has been provided by a trusted vendor.
 
@@ -16017,7 +16051,8 @@ Verifying the authenticity of the software prior to installation validates the i
           
             RHEL-08-010371 - RHEL 8 must prevent the installation of software, patches, service packs, device drivers, or operating system components of local packages without verification they have been digitally signed using a certificate that is issued by a Certificate Authority (CA) that is recognized and approved by the organization.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Changes to any software components can have significant effects on the overall security of the operating system. This requirement ensures the software has not been tampered with and that it has been provided by a trusted vendor.
 
@@ -16033,7 +16068,8 @@ Verifying the authenticity of the software prior to installation validates the i
           
             RHEL-08-010372 - RHEL 8 must prevent the loading of a new kernel for later execution.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Changes to any software components can have significant effects on the overall security of the operating system. This requirement ensures the software has not been tampered with and that it has been provided by a trusted vendor.
 
@@ -16055,7 +16091,8 @@ The sysctl --system command will load settings from all system configuration fil
           
             RHEL-08-010373 - RHEL 8 must enable kernel parameters to enforce discretionary access control on symlinks.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Discretionary Access Control (DAC) is based on the notion that individual users are "owners" of objects and therefore have discretion over who should be authorized to access the object and in which mode (e.g., read or write). Ownership is usually acquired as a consequence of creating the object or via specified ownership assignment. DAC allows the owner to determine who will have access to objects they control. An example of DAC includes user-controlled file permissions.
 
@@ -16081,7 +16118,8 @@ Satisfies: SRG-OS-000312-GPOS-00122, SRG-OS-000312-GPOS-00123, SRG-OS-000312-GPO
           
             RHEL-08-010374 - RHEL 8 must enable kernel parameters to enforce discretionary access control on hardlinks.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Discretionary Access Control (DAC) is based on the notion that individual users are "owners" of objects and therefore have discretion over who should be authorized to access the object and in which mode (e.g., read or write). Ownership is usually acquired as a consequence of creating the object or via specified ownership assignment. DAC allows the owner to determine who will have access to objects they control. An example of DAC includes user-controlled file permissions.
 
@@ -16107,7 +16145,8 @@ Satisfies: SRG-OS-000312-GPOS-00122, SRG-OS-000312-GPOS-00123, SRG-OS-000312-GPO
           
             RHEL-08-010375 - RHEL 8 must restrict access to the kernel message buffer.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Preventing unauthorized information transfers mitigates the risk of information, including encrypted representations of information, produced by the actions of prior users/roles (or the actions of processes acting on behalf of prior users/roles) from being available to any current users/roles (or current processes) that obtain access to shared system resources (e.g., registers, main memory, hard disks) after those resources have been released back to information systems. The control of information in shared resources is also commonly referred to as object reuse and residual information protection.
 
@@ -16133,7 +16172,8 @@ The sysctl --system command will load settings from all system configuration fil
           
             RHEL-08-010376 - RHEL 8 must prevent kernel profiling by unprivileged users.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Preventing unauthorized information transfers mitigates the risk of information, including encrypted representations of information, produced by the actions of prior users/roles (or the actions of processes acting on behalf of prior users/roles) from being available to any current users/roles (or current processes) that obtain access to shared system resources (e.g., registers, main memory, hard disks) after those resources have been released back to information systems. The control of information in shared resources is also commonly referred to as object reuse and residual information protection.
 
@@ -16159,7 +16199,8 @@ The sysctl --system command will load settings from all system configuration fil
           
             RHEL-08-010380 - RHEL 8 must require users to provide a password for privilege escalation.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Without reauthentication, users may access resources or perform tasks for which they do not have authorization.
 
@@ -16175,7 +16216,8 @@ Satisfies: SRG-OS-000373-GPOS-00156, SRG-OS-000373-GPOS-00157, SRG-OS-000373-GPO
           
             RHEL-08-010381 - RHEL 8 must require users to reauthenticate for privilege escalation.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Without reauthentication, users may access resources or perform tasks for which they do not have authorization.
 
@@ -16191,7 +16233,8 @@ Satisfies: SRG-OS-000373-GPOS-00156, SRG-OS-000373-GPOS-00157, SRG-OS-000373-GPO
           
             RHEL-08-010390 - RHEL 8 must have the packages required for multifactor authentication installed.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Using an authentication device, such as a DoD Common Access Card (CAC) or token that is separate from the information system, ensures that even if the information system is compromised, credentials stored on the authentication device will not be affected.
 
@@ -16211,7 +16254,8 @@ This requirement only applies to components where this is specific to the functi
           
             RHEL-08-010421 - RHEL 8 must clear the page allocator to prevent use-after-free attacks.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Some adversaries launch attacks with the intent of executing code in non-executable regions of memory or in memory locations that are prohibited. Security safeguards employed to protect memory include, for example, data execution prevention and address space layout randomization. Data execution prevention safeguards can be either hardware-enforced or software-enforced with hardware providing the greater strength of mechanism.
 
@@ -16227,7 +16271,8 @@ Satisfies: SRG-OS-000134-GPOS-00068, SRG-OS-000433-GPOS-00192
           
             RHEL-08-010422 - RHEL 8 must disable virtual syscalls.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Syscalls are special routines in the Linux kernel, which userspace applications ask to do privileged tasks.  Invoking a system call is an expensive operation because the processor must interrupt the currently executing task and switch context to kernel mode and then back to userspace after the system call completes.  Virtual Syscalls map into user space a page that contains some variables and the implementation of some system calls.  This allows the system calls to be executed in userspace to alleviate the context switching expense.
 
@@ -16243,7 +16288,8 @@ Satisfies: SRG-OS-000134-GPOS-00068, SRG-OS-000433-GPOS-00192
           
             RHEL-08-010423 - RHEL 8 must clear SLUB/SLAB objects to prevent use-after-free attacks.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Some adversaries launch attacks with the intent of executing code in non-executable regions of memory or in memory locations that are prohibited. Security safeguards employed to protect memory include, for example, data execution prevention and address space layout randomization. Data execution prevention safeguards can be either hardware-enforced or software-enforced with hardware providing the greater strength of mechanism.
 
@@ -16261,7 +16307,8 @@ Satisfies: SRG-OS-000134-GPOS-00068, SRG-OS-000433-GPOS-00192
           
             RHEL-08-010430 - RHEL 8 must implement address space layout randomization (ASLR) to protect its memory from unauthorized code execution.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Some adversaries launch attacks with the intent of executing code in non-executable regions of memory or in memory locations that are prohibited. Security safeguards employed to protect memory include, for example, data execution prevention and address space layout randomization. Data execution prevention safeguards can be either hardware-enforced or software-enforced with hardware providing the greater strength of mechanism.
 
@@ -16283,7 +16330,8 @@ The sysctl --system command will load settings from all system configuration fil
           
             RHEL-08-010440 - YUM must remove all software components after updated versions have been installed on RHEL 8.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Previous versions of software components that are not removed from the information system after updates have been installed may be exploited by adversaries. Some information technology products may remove older versions of software automatically from the information system.
           
@@ -16295,7 +16343,8 @@ The sysctl --system command will load settings from all system configuration fil
           
             RHEL-08-010450 - RHEL 8 must enable the SELinux targeted policy.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Without verification of the security functions, security functions may not operate correctly and the failure may go unnoticed. Security function is defined as the hardware, software, and/or firmware of the information system responsible for enforcing the system security policy and supporting the isolation of code and data on which the protection is based. Security functionality includes, but is not limited to, establishing system accounts, configuring access authorizations (i.e., permissions, privileges), setting events to be audited, and setting intrusion detection parameters.
 
@@ -16309,7 +16358,8 @@ This requirement applies to operating systems performing security function verif
           
             RHEL-08-010460 - There must be no shosts.equiv files on the RHEL 8 operating system.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             The "shosts.equiv" files are used to configure host-based authentication for the system via SSH. Host-based authentication is not sufficient for preventing unauthorized access to the system, as it does not require interactive identification and authentication of a connection request, or for the use of two-factor authentication.
           
@@ -16321,7 +16371,8 @@ This requirement applies to operating systems performing security function verif
           
             RHEL-08-010470 - There must be no .shosts files on the RHEL 8 operating system.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             The ".shosts" files are used to configure host-based authentication for individual users or the system via SSH. Host-based authentication is not sufficient for preventing unauthorized access to the system, as it does not require interactive identification and authentication of a connection request, or for the use of two-factor authentication.
           
@@ -16333,7 +16384,8 @@ This requirement applies to operating systems performing security function verif
           
             RHEL-08-010480 - The RHEL 8 SSH public host key files must have mode 0644 or less permissive.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             If a public host key file is modified by an unauthorized user, the SSH service may be compromised.
           
@@ -16345,7 +16397,8 @@ This requirement applies to operating systems performing security function verif
           
             RHEL-08-010490 - The RHEL 8 SSH private host key files must have mode 0640 or less permissive.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             If an unauthorized user obtains the private SSH host key file, the host could be impersonated.
           
@@ -16357,7 +16410,8 @@ This requirement applies to operating systems performing security function verif
           
             RHEL-08-010500 - The RHEL 8 SSH daemon must perform strict mode checking of home directory configuration files.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             If other users have access to modify user-specific SSH configuration files, they may be able to log on to the system as another user.
           
@@ -16369,7 +16423,8 @@ This requirement applies to operating systems performing security function verif
           
             RHEL-08-010520 - The RHEL 8 SSH daemon must not allow authentication using known host’s authentication.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Configuring this setting for the SSH daemon provides additional assurance that remote logon via SSH will require a password, even in the event of misconfiguration elsewhere.
           
@@ -16381,7 +16436,8 @@ This requirement applies to operating systems performing security function verif
           
             RHEL-08-010521 - The RHEL 8 SSH daemon must not allow Kerberos authentication, except to fulfill documented and validated mission requirements.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Configuring these settings for the SSH daemon provides additional assurance that remote logon via SSH will not use unused methods of authentication, even in the event of misconfiguration elsewhere.
           
@@ -16393,7 +16449,8 @@ This requirement applies to operating systems performing security function verif
           
             RHEL-08-010540 - RHEL 8 must use a separate file system for /var.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             The use of separate file systems for different paths can protect the system from failures resulting from a file system becoming full or failing.
           
@@ -16405,7 +16462,8 @@ This requirement applies to operating systems performing security function verif
           
             RHEL-08-010541 - RHEL 8 must use a separate file system for /var/log.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             The use of separate file systems for different paths can protect the system from failures resulting from a file system becoming full or failing.
           
@@ -16417,7 +16475,8 @@ This requirement applies to operating systems performing security function verif
           
             RHEL-08-010542 - RHEL 8 must use a separate file system for the system audit data path.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             The use of separate file systems for different paths can protect the system from failures resulting from a file system becoming full or failing.
           
@@ -16429,7 +16488,8 @@ This requirement applies to operating systems performing security function verif
           
             RHEL-08-010543 - A separate RHEL 8 filesystem must be used for the /tmp directory.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             The use of separate file systems for different paths can protect the system from failures resulting from a file system becoming full or failing.
           
@@ -16441,7 +16501,8 @@ This requirement applies to operating systems performing security function verif
           
             RHEL-08-010550 - RHEL 8 must not permit direct logons to the root account using remote access via SSH.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Even though the communications channel may be encrypted, an additional layer of security is gained by extending the policy of not logging on directly as root. In addition, logging on with a user-specific account provides individual accountability of actions performed on the system.
           
@@ -16453,7 +16514,8 @@ This requirement applies to operating systems performing security function verif
           
             RHEL-08-010561 - The rsyslog service must be running in RHEL 8.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Configuring RHEL 8 to implement organization-wide security implementation guides and security checklists ensures compliance with federal standards and establishes a common security baseline across the DoD that reflects the most restrictive security posture consistent with operational requirements.
 
@@ -16467,7 +16529,8 @@ Configuration settings are the set of parameters that can be changed in hardware
           
             RHEL-08-010570 - RHEL 8 must prevent files with the setuid and setgid bit set from being executed on file systems that contain user home directories.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             The "nosuid" mount option causes the system not to execute "setuid" and "setgid" files with owner privileges. This option must be used for mounting any file system not containing approved "setuid" and "setguid" files. Executing files from untrusted file systems increases the opportunity for unprivileged users to attain unauthorized administrative access.
           
@@ -16479,7 +16542,8 @@ Configuration settings are the set of parameters that can be changed in hardware
           
             RHEL-08-010571 - RHEL 8 must prevent files with the setuid and setgid bit set from being executed on the /boot directory.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             The "nosuid" mount option causes the system not to execute "setuid" and "setgid" files with owner privileges. This option must be used for mounting any file system not containing approved "setuid" and "setguid" files. Executing files from untrusted file systems increases the opportunity for unprivileged users to attain unauthorized administrative access.
           
@@ -16491,7 +16555,8 @@ Configuration settings are the set of parameters that can be changed in hardware
           
             RHEL-08-010580 - RHEL 8 must prevent special devices on non-root local partitions.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             The "nodev" mount option causes the system to not interpret character or block special devices. Executing character or block special devices from untrusted file systems increases the opportunity for unprivileged users to attain unauthorized administrative access.  The only legitimate location for device files is the /dev directory located on the root partition.
           
@@ -16503,7 +16568,8 @@ Configuration settings are the set of parameters that can be changed in hardware
           
             RHEL-08-010630 - RHEL 8 must prevent code from being executed on file systems that are imported via Network File System (NFS).
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             The "noexec" mount option causes the system not to execute binary files. This option must be used for mounting any file system not containing approved binary as they may be incompatible. Executing files from untrusted file systems increases the opportunity for unprivileged users to attain unauthorized administrative access.
           
@@ -16515,7 +16581,8 @@ Configuration settings are the set of parameters that can be changed in hardware
           
             RHEL-08-010640 - RHEL 8 must prevent special devices on file systems that are imported via Network File System (NFS).
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             The "nodev" mount option causes the system to not interpret character or block special devices. Executing character or block special devices from untrusted file systems increases the opportunity for unprivileged users to attain unauthorized administrative access.
           
@@ -16527,7 +16594,8 @@ Configuration settings are the set of parameters that can be changed in hardware
           
             RHEL-08-010650 - RHEL 8 must prevent files with the setuid and setgid bit set from being executed on file systems that are imported via Network File System (NFS).
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             The "nosuid" mount option causes the system not to execute "setuid" and "setgid" files with owner privileges. This option must be used for mounting any file system not containing approved "setuid" and "setguid" files. Executing files from untrusted file systems increases the opportunity for unprivileged users to attain unauthorized administrative access.
           
@@ -16539,7 +16607,8 @@ Configuration settings are the set of parameters that can be changed in hardware
           
             RHEL-08-010671 - RHEL 8 must disable the kernel.core_pattern.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
 
@@ -16559,7 +16628,8 @@ The sysctl --system command will load settings from all system configuration fil
           
             RHEL-08-010672 - RHEL 8 must disable acquiring, saving, and processing core dumps.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
 
@@ -16575,7 +16645,8 @@ When the kernel invokes systemd-coredumpt to handle a core dump, it runs in priv
           
             RHEL-08-010673 - RHEL 8 must disable core dumps for all users.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
 
@@ -16589,7 +16660,8 @@ A core dump includes a memory image taken at the time the operating system termi
           
             RHEL-08-010674 - RHEL 8 must disable storing core dumps.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
 
@@ -16603,7 +16675,8 @@ A core dump includes a memory image taken at the time the operating system termi
           
             RHEL-08-010675 - RHEL 8 must disable core dump backtraces.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
 
@@ -16617,7 +16690,8 @@ A core dump includes a memory image taken at the time the operating system termi
           
             RHEL-08-010680 - For RHEL 8 systems using Domain Name Servers (DNS) resolution, at least two name servers must be configured.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             To provide availability for name resolution services, multiple redundant name servers are mandated. A failure in name resolution could lead to the failure of security functions requiring name resolution, which may include time synchronization, centralized authentication, and remote system logging.
           
@@ -16629,7 +16703,8 @@ A core dump includes a memory image taken at the time the operating system termi
           
             RHEL-08-010720 - All RHEL 8 local interactive users must have a home directory assigned in the /etc/passwd file.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             If local interactive users are not assigned a valid home directory, there is no place for the storage and control of files they should own.
           
@@ -16641,7 +16716,8 @@ A core dump includes a memory image taken at the time the operating system termi
           
             RHEL-08-010730 - All RHEL 8 local interactive user home directories must have mode 0750 or less permissive.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Excessive permissions on local interactive user home directories may allow unauthorized access to user files by other users.
           
@@ -16653,7 +16729,8 @@ A core dump includes a memory image taken at the time the operating system termi
           
             RHEL-08-010760 - All RHEL 8 local interactive user accounts must be assigned a home directory upon creation.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             If local interactive users are not assigned a valid home directory, there is no place for the storage and control of files they should own.
           
@@ -16665,7 +16742,8 @@ A core dump includes a memory image taken at the time the operating system termi
           
             RHEL-08-010770 - All RHEL 8 local initialization files must have mode 0740 or less permissive.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Local initialization files are used to configure the user's shell environment upon logon. Malicious modification of these files could compromise accounts upon logon.
           
@@ -16677,7 +16755,8 @@ A core dump includes a memory image taken at the time the operating system termi
           
             RHEL-08-010800 - A separate RHEL 8 filesystem must be used for user home directories (such as /home or an equivalent).
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             The use of separate file systems for different paths can protect the system from failures resulting from a file system becoming full or failing.
           
@@ -16689,7 +16768,8 @@ A core dump includes a memory image taken at the time the operating system termi
           
             RHEL-08-010820 - Unattended or automatic logon via the RHEL 8 graphical user interface must not be allowed.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Failure to restrict system access to authenticated users negatively impacts operating system security.
           
@@ -16701,7 +16781,8 @@ A core dump includes a memory image taken at the time the operating system termi
           
             RHEL-08-010830 - RHEL 8 must not allow users to override SSH environment variables.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             SSH environment options potentially allow users to bypass access restriction in some configurations.
           
@@ -16713,7 +16794,8 @@ A core dump includes a memory image taken at the time the operating system termi
           
             RHEL-08-020010 - RHEL 8 must automatically lock an account when three unsuccessful logon attempts occur.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
 
@@ -16731,7 +16813,8 @@ Satisfies: SRG-OS-000021-GPOS-00005, SRG-OS-000329-GPOS-00128
           
             RHEL-08-020011 - RHEL 8 must automatically lock an account when three unsuccessful logon attempts occur.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
 
@@ -16749,7 +16832,8 @@ Satisfies: SRG-OS-000021-GPOS-00005, SRG-OS-000329-GPOS-00128
           
             RHEL-08-020012 - RHEL 8 must automatically lock an account when three unsuccessful logon attempts occur during a 15-minute time period.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
 
@@ -16767,7 +16851,8 @@ Satisfies: SRG-OS-000021-GPOS-00005, SRG-OS-000329-GPOS-00128
           
             RHEL-08-020013 - RHEL 8 must automatically lock an account when three unsuccessful logon attempts occur during a 15-minute time period.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
 
@@ -16785,7 +16870,8 @@ Satisfies: SRG-OS-000021-GPOS-00005, SRG-OS-000329-GPOS-00128
           
             RHEL-08-020014 - RHEL 8 must automatically lock an account until the locked account is released by an administrator when three unsuccessful logon attempts occur during a 15-minute time period.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
 
@@ -16803,7 +16889,8 @@ Satisfies: SRG-OS-000021-GPOS-00005, SRG-OS-000329-GPOS-00128
           
             RHEL-08-020015 - RHEL 8 must automatically lock an account until the locked account is released by an administrator when three unsuccessful logon attempts occur during a 15-minute time period.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
 
@@ -16821,7 +16908,8 @@ Satisfies: SRG-OS-000021-GPOS-00005, SRG-OS-000329-GPOS-00128
           
             RHEL-08-020018 - RHEL 8 must prevent system messages from being presented when three unsuccessful logon attempts occur.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
 
@@ -16839,7 +16927,8 @@ Satisfies: SRG-OS-000021-GPOS-00005, SRG-OS-000329-GPOS-00128
           
             RHEL-08-020019 - RHEL 8 must prevent system messages from being presented when three unsuccessful logon attempts occur.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
 
@@ -16857,7 +16946,8 @@ Satisfies: SRG-OS-000021-GPOS-00005, SRG-OS-000329-GPOS-00128
           
             RHEL-08-020020 - RHEL 8 must log user name information when unsuccessful logon attempts occur.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
 
@@ -16877,7 +16967,8 @@ Satisfies: SRG-OS-000021-GPOS-00005, SRG-OS-000329-GPOS-00128
           
             RHEL-08-020021 - RHEL 8 must log user name information when unsuccessful logon attempts occur.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
 
@@ -16895,7 +16986,8 @@ Satisfies: SRG-OS-000021-GPOS-00005, SRG-OS-000329-GPOS-00128
           
             RHEL-08-020022 - RHEL 8 must include root when automatically locking an account until the locked account is released by an administrator when three unsuccessful logon attempts occur during a 15-minute time period.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
 
@@ -16915,7 +17007,8 @@ Satisfies: SRG-OS-000021-GPOS-00005, SRG-OS-000329-GPOS-00128
           
             RHEL-08-020023 - RHEL 8 must include root when automatically locking an account until the locked account is released by an administrator when three unsuccessful logon attempts occur during a 15-minute time period.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
 
@@ -16933,7 +17026,8 @@ Satisfies: SRG-OS-000021-GPOS-00005, SRG-OS-000329-GPOS-00128
           
             RHEL-08-020024 - RHEL 8 must limit the number of concurrent sessions to ten for all accounts and/or account types.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Operating system management includes the ability to control the number of users and user sessions that utilize an operating system. Limiting the number of allowed users and sessions per user is helpful in reducing the risks related to DoS attacks.
 
@@ -16947,7 +17041,8 @@ This requirement addresses concurrent sessions for information system accounts a
           
             RHEL-08-020030 - RHEL 8 must enable a user session lock until that user re-establishes access using established identification and authentication procedures for graphical user sessions.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             A session lock is a temporary action taken when a user stops work and moves away from the immediate physical vicinity of the information system but does not want to log out because of the temporary nature of the absence.
 
@@ -16965,7 +17060,8 @@ Satisfies: SRG-OS-000028-GPOS-00009, SRG-OS-000030-GPOS-00011
           
             RHEL-08-020050 - RHEL 8 must be able to initiate directly a session lock for all connection types using smartcard when the smartcard is removed.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             A session lock is a temporary action taken when a user stops work and moves away from the immediate physical vicinity of the information system but does not want to log out because of the temporary nature of the absence.
 
@@ -16981,7 +17077,8 @@ Satisfies: SRG-OS-000028-GPOS-00009, SRG-OS-000030-GPOS-00011
           
             RHEL-08-020080 - RHEL 8 must prevent a user from overriding the session lock-delay setting for the graphical user interface.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             A session time-out lock is a temporary action taken when a user stops work and moves away from the immediate physical vicinity of the information system but does not log out because of the temporary nature of the absence. Rather than relying on the user to manually lock their operating system session prior to vacating the vicinity, operating systems need to be able to identify when a user's session has idled and take action to initiate the session lock.
 
@@ -17001,7 +17098,8 @@ Satisfies: SRG-OS-000029-GPOS-00010, SRG-OS-000031-GPOS-00012, SRG-OS-000480-GPO
           
             RHEL-08-020100 - RHEL 8 must ensure the password complexity module is enabled in the password-auth file.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. "pwquality" enforces complex password construction configuration and has the ability to limit brute-force attacks on the system.
 
@@ -17017,7 +17115,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. This
           
             RHEL-08-020110 - RHEL 8 must enforce password complexity by requiring that at least one uppercase character be used.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
 
@@ -17033,7 +17132,8 @@ RHEL 8 utilizes pwquality as a mechanism to enforce password complexity. Note th
           
             RHEL-08-020120 - RHEL 8 must enforce password complexity by requiring that at least one lower-case character be used.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
 
@@ -17049,7 +17149,8 @@ RHEL 8 utilizes pwquality as a mechanism to enforce password complexity. Note th
           
             RHEL-08-020130 - RHEL 8 must enforce password complexity by requiring that at least one numeric character be used.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
 
@@ -17065,7 +17166,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. Note
           
             RHEL-08-020140 - RHEL 8 must require the maximum number of repeating characters of the same character class be limited to four when passwords are changed.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
 
@@ -17081,7 +17183,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
           
             RHEL-08-020150 - RHEL 8 must require the maximum number of repeating characters be limited to three when passwords are changed.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
 
@@ -17097,7 +17200,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
           
             RHEL-08-020160 - RHEL 8 must require the change of at least four character classes when passwords are changed.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
 
@@ -17113,7 +17217,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
           
             RHEL-08-020170 - RHEL 8 must require the change of at least 8 characters when passwords are changed.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
 
@@ -17129,7 +17234,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
           
             RHEL-08-020180 - RHEL 8 passwords must have a 24 hours/1 day minimum password lifetime restriction in /etc/shadow.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Enforcing a minimum password lifetime helps to prevent repeated password changes to defeat the password reuse or history enforcement requirement. If users are allowed to immediately and continually change their password, the password could be repeatedly changed in a short period of time to defeat the organization's policy regarding password reuse.
           
@@ -17141,7 +17247,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
           
             RHEL-08-020190 - RHEL 8 passwords for new users or password changes must have a 24 hours/1 day minimum password lifetime restriction in /etc/login.defs.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Enforcing a minimum password lifetime helps to prevent repeated password changes to defeat the password reuse or history enforcement requirement. If users are allowed to immediately and continually change their password, the password could be repeatedly changed in a short period of time to defeat the organization's policy regarding password reuse.
           
@@ -17153,7 +17260,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
           
             RHEL-08-020200 - RHEL 8 user account passwords must have a 60-day maximum password lifetime restriction.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Any password, no matter how complex, can eventually be cracked. Therefore, passwords need to be changed periodically. If RHEL 8 does not limit the lifetime of passwords and force users to change their passwords, there is the risk that RHEL 8 passwords could be compromised.
           
@@ -17165,7 +17273,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
           
             RHEL-08-020210 - RHEL 8 user account passwords must be configured so that existing passwords are restricted to a 60-day maximum lifetime.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Any password, no matter how complex, can eventually be cracked. Therefore, passwords need to be changed periodically. If RHEL 8 does not limit the lifetime of passwords and force users to change their passwords, there is the risk that RHEL 8 passwords could be compromised.
           
@@ -17177,7 +17286,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
           
             RHEL-08-020230 - RHEL 8 passwords must have a minimum of 15 characters.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             The shorter the password, the lower the number of possible combinations that need to be tested before the password is compromised.
 
@@ -17197,7 +17307,8 @@ The DoD minimum password requirement is 15 characters.
           
             RHEL-08-020231 - RHEL 8 passwords for new users must have a minimum of 15 characters.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             The shorter the password, the lower the number of possible combinations that need to be tested before the password is compromised.
 
@@ -17213,7 +17324,8 @@ The DoD minimum password requirement is 15 characters.
           
             RHEL-08-020240 - RHEL 8 duplicate User IDs (UIDs) must not exist for interactive users.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             To ensure accountability and prevent unauthenticated access, interactive users must be identified and authenticated to prevent potential misuse and compromise of the system.
 
@@ -17233,7 +17345,8 @@ Satisfies: SRG-OS-000104-GPOS-00051, SRG-OS-000121-GPOS-00062, SRG-OS-000042-GPO
           
             RHEL-08-020260 - RHEL 8 account identifiers (individuals, groups, roles, and devices) must be disabled after 35 days of inactivity.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Inactive identifiers pose a risk to systems and applications because attackers may exploit an inactive identifier and potentially obtain undetected access to the system. Owners of inactive accounts will not notice if unauthorized access to their user account has been obtained.
 
@@ -17247,7 +17360,8 @@ RHEL 8 needs to track periods of inactivity and disable application identifiers
           
             RHEL-08-020280 - All RHEL 8 passwords must contain at least one special character.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
 
@@ -17263,7 +17377,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. Note
           
             RHEL-08-020290 - RHEL 8 must prohibit the use of cached authentications after one day.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             If cached authentication information is out-of-date, the validity of the authentication information may be questionable.
 
@@ -17277,7 +17392,8 @@ RHEL 8 includes multiple options for configuring authentication, but this requir
           
             RHEL-08-020300 - RHEL 8 must prevent the use of dictionary words for passwords.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             If RHEL 8 allows the user to select passwords based on dictionary words, this increases the chances of password compromise by increasing the opportunity for successful guesses, and brute-force attacks.
           
@@ -17289,7 +17405,8 @@ RHEL 8 includes multiple options for configuring authentication, but this requir
           
             RHEL-08-020310 - RHEL 8 must enforce a delay of at least four seconds between logon prompts following a failed logon attempt.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Configuring the operating system to implement organization-wide security implementation guides and security checklists verifies compliance with federal standards and establishes a common security baseline across the DoD that reflects the most restrictive security posture consistent with operational requirements.
 
@@ -17303,7 +17420,8 @@ Configuration settings are the set of parameters that can be changed in hardware
           
             RHEL-08-020330 - RHEL 8 must not allow accounts configured with blank or null passwords.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             If an account has an empty password, anyone could log on and run commands with the privileges of that account. Accounts with empty passwords should never be used in operational environments.
           
@@ -17315,7 +17433,8 @@ Configuration settings are the set of parameters that can be changed in hardware
           
             RHEL-08-020340 - RHEL 8 must display the date and time of the last successful account logon upon logon.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Providing users with feedback on when account accesses last occurred facilitates user recognition and reporting of unauthorized account use.
           
@@ -17327,7 +17446,8 @@ Configuration settings are the set of parameters that can be changed in hardware
           
             RHEL-08-020350 - RHEL 8 must display the date and time of the last successful account logon upon an SSH logon.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Providing users with feedback on when account accesses via SSH last occurred facilitates user recognition and reporting of unauthorized account use.
           
@@ -17339,7 +17459,8 @@ Configuration settings are the set of parameters that can be changed in hardware
           
             RHEL-08-020351 - RHEL 8 must define default permissions for all authenticated users in such a way that the user can only read and modify their own files.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Setting the most restrictive default permissions ensures that when new accounts are created, they do not have unnecessary access.
           
@@ -17351,7 +17472,8 @@ Configuration settings are the set of parameters that can be changed in hardware
           
             RHEL-08-030000 - The RHEL 8 audit system must be configured to audit the execution of privileged functions and prevent all software from executing at higher privilege levels than users executing the software.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Misuse of privileged functions, either intentionally or unintentionally by authorized users, or by unauthorized external entities that have compromised information system accounts, is a serious and ongoing concern and can have significant adverse impacts on organizations. Auditing the use of privileged functions is one way to detect such misuse and identify the risk from insider threats and the advanced persistent threat.
 
@@ -17365,7 +17487,8 @@ Satisfies: SRG-OS-000326-GPOS-00126, SRG-OS-000327-GPOS-00127
           
             RHEL-08-030020 - The RHEL 8 System Administrator (SA) and Information System Security Officer (ISSO) (at a minimum) must be alerted of an audit processing failure event.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             It is critical for the appropriate personnel to be aware if a system is at risk of failing to process audit logs as required. Without this notification, the security personnel may be unaware of an impending failure of the audit capability, and system operation may be adversely affected.
 
@@ -17381,7 +17504,8 @@ This requirement applies to each audit data storage repository (i.e., distinct i
           
             RHEL-08-030030 - The RHEL 8 Information System Security Officer (ISSO) and System Administrator (SA) (at a minimum) must have mail aliases to be notified of an audit processing failure.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             It is critical for the appropriate personnel to be aware if a system is at risk of failing to process audit logs as required. Without this notification, the security personnel may be unaware of an impending failure of the audit capability, and system operation may be adversely affected.
 
@@ -17397,7 +17521,8 @@ This requirement applies to each audit data storage repository (i.e., distinct i
           
             RHEL-08-030040 - The RHEL 8 System must take appropriate action when an audit processing failure occurs.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             It is critical for the appropriate personnel to be aware if a system is at risk of failing to process audit logs as required. Without this notification, the security personnel may be unaware of an impending failure of the audit capability, and system operation may be adversely affected.
 
@@ -17413,7 +17538,8 @@ This requirement applies to each audit data storage repository (i.e., distinct i
           
             RHEL-08-030060 - The RHEL 8 audit system must take appropriate action when the audit storage volume is full.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             It is critical that when RHEL 8 is at risk of failing to process audit logs as required, it takes action to mitigate the failure. Audit processing failures include software/hardware errors; failures in the audit capturing mechanisms; and audit storage capacity being reached or exceeded. Responses to audit failure depend upon the nature of the failure mode.
 
@@ -17431,7 +17557,8 @@ When availability is an overriding concern, other approved actions in response t
           
             RHEL-08-030061 - The RHEL 8 audit system must audit local events.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Without establishing what type of events occurred, the source of events, where events occurred, and the outcome of events, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack.
 
@@ -17445,7 +17572,8 @@ Audit record content that may be necessary to satisfy this requirement includes,
           
             RHEL-08-030062 - RHEL 8 must label all off-loaded audit logs before sending them to the central log server.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Without establishing what type of events occurred, the source of events, where events occurred, and the outcome of events, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack.
 
@@ -17463,7 +17591,8 @@ When audit logs are not labeled before they are sent to a central log server, th
           
             RHEL-08-030063 - RHEL 8 must resolve audit information before writing to disk.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Without establishing what type of events occurred, the source of events, where events occurred, and the outcome of events, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack.
 
@@ -17479,7 +17608,8 @@ Enriched logging aids in making sense of who, what, and when events occur on a s
           
             RHEL-08-030070 - RHEL 8 audit logs must have a mode of 0600 or less permissive to prevent unauthorized read access.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 8 system or platform. Additionally, Personally Identifiable Information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
 
@@ -17495,7 +17625,8 @@ Satisfies: SRG-OS-000057-GPOS-00027, SRG-OS-000058-GPOS-00028, SRG-OS-000059-GPO
           
             RHEL-08-030080 - RHEL 8 audit logs must be owned by root to prevent unauthorized read access.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 8 system or platform. Additionally, Personally Identifiable Information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
 
@@ -17511,7 +17642,8 @@ Satisfies: SRG-OS-000057-GPOS-00027, SRG-OS-000058-GPOS-00028, SRG-OS-000059-GPO
           
             RHEL-08-030090 - RHEL 8 audit logs must be group-owned by root to prevent unauthorized read access.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Unauthorized disclosure of audit records can reveal system and configuration data to attackers, thus compromising its confidentiality.
 
@@ -17527,7 +17659,8 @@ Satisfies: SRG-OS-000057-GPOS-00027, SRG-OS-000058-GPOS-00028, SRG-OS-000059-GPO
           
             RHEL-08-030100 - RHEL 8 audit log directory must be owned by root to prevent unauthorized read access.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Unauthorized disclosure of audit records can reveal system and configuration data to attackers, thus compromising its confidentiality.
 
@@ -17543,7 +17676,8 @@ Satisfies: SRG-OS-000057-GPOS-00027, SRG-OS-000058-GPOS-00028, SRG-OS-000059-GPO
           
             RHEL-08-030110 - RHEL 8 audit log directory must be group-owned by root to prevent unauthorized read access.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Unauthorized disclosure of audit records can reveal system and configuration data to attackers, thus compromising its confidentiality.
 
@@ -17559,7 +17693,8 @@ Satisfies: SRG-OS-000057-GPOS-00027, SRG-OS-000058-GPOS-00028, SRG-OS-000059-GPO
           
             RHEL-08-030120 - RHEL 8 audit log directory must have a mode of 0700 or less permissive to prevent unauthorized read access.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Unauthorized disclosure of audit records can reveal system and configuration data to attackers, thus compromising its confidentiality.
 
@@ -17575,7 +17710,8 @@ Satisfies: SRG-OS-000057-GPOS-00027, SRG-OS-000058-GPOS-00028, SRG-OS-000059-GPO
           
             RHEL-08-030121 - RHEL 8 audit system must protect auditing rules from unauthorized change.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Unauthorized disclosure of audit records can reveal system and configuration data to attackers, thus compromising its confidentiality.
 
@@ -17593,7 +17729,8 @@ Satisfies: SRG-OS-000057-GPOS-00027, SRG-OS-000058-GPOS-00028, SRG-OS-000059-GPO
           
             RHEL-08-030122 - RHEL 8 audit system must protect logon UIDs from unauthorized change.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Unauthorized disclosure of audit records can reveal system and configuration data to attackers, thus compromising its confidentiality.
 
@@ -17611,7 +17748,8 @@ Satisfies: SRG-OS-000057-GPOS-00027, SRG-OS-000058-GPOS-00028, SRG-OS-000059-GPO
           
             RHEL-08-030130 - RHEL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/shadow.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
 
@@ -17627,7 +17765,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000004-GPOS-00004, SRG-OS-000037-GPO
           
             RHEL-08-030140 - RHEL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/security/opasswd.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
 
@@ -17643,7 +17782,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000004-GPOS-00004, SRG-OS-000037-GPO
           
             RHEL-08-030150 - RHEL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/passwd.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
 
@@ -17659,7 +17799,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000004-GPOS-00004, SRG-OS-000037-GPO
           
             RHEL-08-030160 - RHEL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/gshadow.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
 
@@ -17675,7 +17816,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000004-GPOS-00004, SRG-OS-000037-GPO
           
             RHEL-08-030170 - RHEL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/group.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
 
@@ -17691,7 +17833,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000004-GPOS-00004, SRG-OS-000037-GPO
           
             RHEL-08-030171 - RHEL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/sudoers.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
 
@@ -17707,7 +17850,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000004-GPOS-00004, SRG-OS-000037-GPO
           
             RHEL-08-030172 - RHEL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/sudoers.d/.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
 
@@ -17723,7 +17867,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000004-GPOS-00004, SRG-OS-000037-GPO
           
             RHEL-08-030180 - The RHEL 8 audit package must be installed.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Without establishing what type of events occurred, the source of events, where events occurred, and the outcome of events, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack.
 
@@ -17741,7 +17886,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000038-GPO
           
             RHEL-08-030190 - Successful/unsuccessful uses of the su command in RHEL 8 must generate an audit record.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
 
@@ -17759,7 +17905,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
           
             RHEL-08-030200 - The RHEL 8 audit system must be configured to audit any usage of the setxattr, fsetxattr, lsetxattr, removexattr, fremovexattr, and lremovexattr system calls.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
 
@@ -17786,7 +17933,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
           
             RHEL-08-030250 - Successful/unsuccessful uses of the chage command in RHEL 8 must generate an audit record.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
 
@@ -17804,7 +17952,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
           
             RHEL-08-030260 - Successful/unsuccessful uses of the chcon command in RHEL 8 must generate an audit record.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
 
@@ -17822,7 +17971,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
           
             RHEL-08-030280 - Successful/unsuccessful uses of the ssh-agent in RHEL 8 must generate an audit record.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
 
@@ -17840,7 +17990,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
           
             RHEL-08-030290 - Successful/unsuccessful uses of the passwd command in RHEL 8 must generate an audit record.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
 
@@ -17858,7 +18009,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
           
             RHEL-08-030300 - Successful/unsuccessful uses of the mount command in RHEL 8 must generate an audit record.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
 
@@ -17876,7 +18028,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
           
             RHEL-08-030301 - Successful/unsuccessful uses of the umount command in RHEL 8 must generate an audit record.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
 
@@ -17894,7 +18047,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
           
             RHEL-08-030302 - Successful/unsuccessful uses of the mount syscall in RHEL 8 must generate an audit record.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
 
@@ -17912,7 +18066,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
           
             RHEL-08-030310 - Successful/unsuccessful uses of the unix_update in RHEL 8 must generate an audit record.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Reconstruction of harmful events or forensic analysis is not possible if audit records do not contain enough information.
 
@@ -17930,7 +18085,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
           
             RHEL-08-030311 - Successful/unsuccessful uses of postdrop in RHEL 8 must generate an audit record.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Reconstruction of harmful events or forensic analysis is not possible if audit records do not contain enough information.
 
@@ -17948,7 +18104,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
           
             RHEL-08-030312 - Successful/unsuccessful uses of postqueue in RHEL 8 must generate an audit record.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Reconstruction of harmful events or forensic analysis is not possible if audit records do not contain enough information.
 
@@ -17966,7 +18123,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
           
             RHEL-08-030313 - Successful/unsuccessful uses of semanage in RHEL 8 must generate an audit record.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Reconstruction of harmful events or forensic analysis is not possible if audit records do not contain enough information.
 
@@ -17984,7 +18142,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
           
             RHEL-08-030314 - Successful/unsuccessful uses of setfiles in RHEL 8 must generate an audit record.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Reconstruction of harmful events or forensic analysis is not possible if audit records do not contain enough information.
 
@@ -18002,7 +18161,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
           
             RHEL-08-030315 - Successful/unsuccessful uses of userhelper in RHEL 8 must generate an audit record.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Reconstruction of harmful events or forensic analysis is not possible if audit records do not contain enough information.
 
@@ -18020,7 +18180,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
           
             RHEL-08-030316 - Successful/unsuccessful uses of setsebool in RHEL 8 must generate an audit record.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Reconstruction of harmful events or forensic analysis is not possible if audit records do not contain enough information.
 
@@ -18038,7 +18199,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
           
             RHEL-08-030317 - Successful/unsuccessful uses of unix_chkpwd in RHEL 8 must generate an audit record.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Reconstruction of harmful events or forensic analysis is not possible if audit records do not contain enough information.
 
@@ -18056,7 +18218,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
           
             RHEL-08-030320 - Successful/unsuccessful uses of the ssh-keysign in RHEL 8 must generate an audit record.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
 
@@ -18074,7 +18237,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
           
             RHEL-08-030330 - Successful/unsuccessful uses of the setfacl command in RHEL 8 must generate an audit record.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
 
@@ -18092,7 +18256,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
           
             RHEL-08-030340 - Successful/unsuccessful uses of the pam_timestamp_check command in RHEL 8 must generate an audit record.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
 
@@ -18110,7 +18275,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
           
             RHEL-08-030350 - Successful/unsuccessful uses of the newgrp command in RHEL 8 must generate an audit record.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
 
@@ -18128,7 +18294,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
           
             RHEL-08-030360 - Successful/unsuccessful uses of the init_module and finit_module system calls in RHEL 8 must generate an audit record.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
 
@@ -18148,7 +18315,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
           
             RHEL-08-030361 - Successful/unsuccessful uses of the rename, unlink, rmdir, renameat, and unlinkat system calls in RHEL 8 must generate an audit record.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
 
@@ -18173,7 +18341,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
           
             RHEL-08-030370 - Successful/unsuccessful uses of the gpasswd command in RHEL 8 must generate an audit record.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
 
@@ -18191,7 +18360,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
           
             RHEL-08-030390 - Successful/unsuccessful uses of the delete_module command in RHEL 8 must generate an audit record.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
 
@@ -18209,7 +18379,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
           
             RHEL-08-030400 - Successful/unsuccessful uses of the crontab command in RHEL 8 must generate an audit record.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
 
@@ -18227,7 +18398,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
           
             RHEL-08-030410 - Successful/unsuccessful uses of the chsh command in RHEL 8 must generate an audit record.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
 
@@ -18245,7 +18417,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
           
             RHEL-08-030420 - Successful/unsuccessful uses of the truncate, ftruncate, creat, open, openat, and open_by_handle_at system calls in RHEL 8 must generate an audit record.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
 
@@ -18270,7 +18443,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
           
             RHEL-08-030480 - Successful/unsuccessful uses of the chown, fchown, fchownat, and lchown system calls in RHEL 8 must generate an audit record.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
 
@@ -18294,7 +18468,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
           
             RHEL-08-030490 - Successful/unsuccessful uses of the chmod, fchmod, and fchmodat system calls in RHEL 8 must generate an audit record.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
 
@@ -18317,7 +18492,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
           
             RHEL-08-030550 - Successful/unsuccessful uses of the sudo command in RHEL 8 must generate an audit record.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
 
@@ -18335,7 +18511,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
           
             RHEL-08-030560 - Successful/unsuccessful uses of the usermod command in RHEL 8 must generate an audit record.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
 
@@ -18353,7 +18530,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
           
             RHEL-08-030570 - Successful/unsuccessful uses of the chacl command in RHEL 8 must generate an audit record.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
 
@@ -18371,7 +18549,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
           
             RHEL-08-030580 - Successful/unsuccessful uses of the kmod command in RHEL 8 must generate an audit record.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Without the capability to generate audit records, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
 
@@ -18399,7 +18578,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
           
             RHEL-08-030600 - Successful/unsuccessful modifications to the lastlog file in RHEL 8 must generate an audit record.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Without the capability to generate audit records, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
 
@@ -18427,7 +18607,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
           
             RHEL-08-030601 - RHEL 8 must enable auditing of processes that start prior to the audit daemon.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Without the capability to generate audit records, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
 
@@ -18457,7 +18638,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
           
             RHEL-08-030602 - RHEL 8 must allocate an audit_backlog_limit of sufficient size to capture processes that start prior to the audit daemon.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Without the capability to generate audit records, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
 
@@ -18475,7 +18657,8 @@ Allocating an audit_backlog_limit of sufficient size is critical in maintaining
           
             RHEL-08-030610 - RHEL 8 must allow only the Information System Security Manager (ISSM) (or individuals or roles appointed by the ISSM) to select which auditable events are to be audited.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Without the capability to restrict the roles and individuals that can select which events are audited, unauthorized personnel may be able to prevent the auditing of critical events. Misconfigured audits may degrade the system's performance by overwhelming the audit log. Misconfigured audits may also make it more difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
           
@@ -18487,7 +18670,8 @@ Allocating an audit_backlog_limit of sufficient size is critical in maintaining
           
             RHEL-08-030620 - RHEL 8 audit tools must have a mode of 0755 or less permissive.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Protecting audit information also includes identifying and protecting the tools used to view and manipulate log data. Therefore, protecting audit tools is necessary to prevent unauthorized operation on audit information.
 
@@ -18503,7 +18687,8 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
           
             RHEL-08-030630 - RHEL 8 audit tools must be owned by root.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Protecting audit information also includes identifying and protecting the tools used to view and manipulate log data. Therefore, protecting audit tools is necessary to prevent unauthorized operation on audit information.
 
@@ -18521,7 +18706,8 @@ Satisfies: SRG-OS-000256-GPOS-00097, SRG-OS-000257-GPOS-00098, SRG-OS-000258-GPO
           
             RHEL-08-030640 - RHEL 8 audit tools must be group-owned by root.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Protecting audit information also includes identifying and protecting the tools used to view and manipulate log data. Therefore, protecting audit tools is necessary to prevent unauthorized operation on audit information.
 
@@ -18539,7 +18725,8 @@ Satisfies: SRG-OS-000256-GPOS-00097, SRG-OS-000257-GPOS-00098, SRG-OS-000258-GPO
           
             RHEL-08-030670 - RHEL 8 must have the packages required for offloading audit logs installed.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Information stored in one location is vulnerable to accidental or incidental deletion or alteration.
 
@@ -18562,7 +18749,8 @@ Note that a port number was given as there is no standard port for RELP.
             RHEL-08-030680 - RHEL 8 must have the packages required for encrypting offloaded audit logs installed.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Information stored in one location is vulnerable to accidental or incidental deletion or alteration.
 
@@ -18585,7 +18773,8 @@ Note that a port number was given as there is no standard port for RELP.
             RHEL-08-030700 - RHEL 8 must take appropriate action when the internal event queue is full.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Information stored in one location is vulnerable to accidental or incidental deletion or alteration.
 
@@ -18603,7 +18792,8 @@ Satisfies: SRG-OS-000342-GPOS-00133, SRG-OS-000479-GPOS-00224
           
             RHEL-08-030720 - RHEL 8 must authenticate the remote logging server for off-loading audit logs.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Information stored in one location is vulnerable to accidental or incidental deletion or alteration.
 
@@ -18627,7 +18817,8 @@ Satisfies: SRG-OS-000342-GPOS-00133, SRG-OS-000479-GPOS-00224
           
             RHEL-08-030730 - RHEL 8 must take action when allocated audit record storage volume reaches 75 percent of the repository maximum audit record storage capacity.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             If security personnel are not notified immediately when storage volume reaches 75 percent utilization, they are unable to plan for audit record storage capacity expansion.
           
@@ -18639,7 +18830,8 @@ Satisfies: SRG-OS-000342-GPOS-00133, SRG-OS-000479-GPOS-00224
           
             RHEL-08-030741 - RHEL 8 must disable the chrony daemon from acting as a server.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Inaccurate time stamps make it more difficult to correlate events and can lead to an inaccurate analysis. Determining the correct time a particular event occurred on a system is critical when conducting forensic analysis and investigating system events. Sources outside the configured acceptable allowance (drift) may be inaccurate.
 
@@ -18657,7 +18849,8 @@ Note that USNO offers authenticated NTP service to DoD and U.S. Government agenc
           
             RHEL-08-030742 - RHEL 8 must disable network management of the chrony daemon.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Inaccurate time stamps make it more difficult to correlate events and can lead to an inaccurate analysis. Determining the correct time a particular event occurred on a system is critical when conducting forensic analysis and investigating system events. Sources outside the configured acceptable allowance (drift) may be inaccurate.
 
@@ -18675,7 +18868,8 @@ Note that USNO offers authenticated NTP service to DoD and U.S. Government agenc
           
             RHEL-08-040000 - RHEL 8 must not have the telnet-server package installed.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
 
@@ -18697,7 +18891,8 @@ If a privileged user were to log on using this service, the privileged user pass
           
             RHEL-08-040001 - RHEL 8 must not have any automated bug reporting tools installed.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
 
@@ -18715,7 +18910,8 @@ Verify the operating system is configured to disable non-essential capabilities.
           
             RHEL-08-040002 - RHEL 8 must not have the sendmail package installed.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
 
@@ -18733,7 +18929,8 @@ Verify the operating system is configured to disable non-essential capabilities.
           
             RHEL-08-040004 - RHEL 8 must enable mitigations against processor-based vulnerabilities.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
 
@@ -18753,7 +18950,8 @@ Kernel page-table isolation is a kernel feature that mitigates the Meltdown secu
           
             RHEL-08-040010 - RHEL 8 must not have the rsh-server package installed.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
 
@@ -18773,7 +18971,8 @@ Satisfies: SRG-OS-000095-GPOS-00049, SRG-OS-000074-GPOS-00042
           
             RHEL-08-040021 - RHEL 8 must disable the asynchronous transfer mode (ATM) protocol.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
 
@@ -18789,7 +18988,8 @@ The Asynchronous Transfer Mode (ATM) is a protocol operating on network, data li
           
             RHEL-08-040022 - RHEL 8 must disable the controller area network (CAN) protocol.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
 
@@ -18805,7 +19005,8 @@ The Controller Area Network (CAN) is a serial communications protocol, which was
           
             RHEL-08-040023 - RHEL 8 must disable the stream control transmission protocol (SCTP).
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
 
@@ -18821,7 +19022,8 @@ The Stream Control Transmission Protocol (SCTP) is a transport layer protocol, d
           
             RHEL-08-040024 - RHEL 8 must disable the transparent inter-process communication (TIPC) protocol.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
 
@@ -18837,7 +19039,8 @@ The Transparent Inter-Process Communication (TIPC) protocol is designed to provi
           
             RHEL-08-040025 - RHEL 8 must disable mounting of cramfs.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
 
@@ -18853,7 +19056,8 @@ Compressed ROM/RAM file system (or cramfs) is a read-only file system designed f
           
             RHEL-08-040026 - RHEL 8 must disable IEEE 1394 (FireWire) Support.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
 
@@ -18867,7 +19071,8 @@ The IEEE 1394 (FireWire) is a serial bus standard for high-speed real-time commu
           
             RHEL-08-040070 - The RHEL 8 file system automounter must be disabled unless required.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Automatically mounting file systems permits easy introduction of unknown devices, thereby facilitating malicious activity.
           
@@ -18879,7 +19084,8 @@ The IEEE 1394 (FireWire) is a serial bus standard for high-speed real-time commu
           
             RHEL-08-040080 - RHEL 8 must be configured to disable USB mass storage.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             USB mass storage permits easy introduction of unknown devices, thereby facilitating malicious activity.
 
@@ -18893,7 +19099,8 @@ Satisfies: SRG-OS-000114-GPOS-00059, SRG-OS-000378-GPOS-00163
           
             RHEL-08-040100 - A firewall must be installed on RHEL 8.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             "Firewalld" provides an easy and effective way to block/limit remote access to the system via ports, services, and protocols.
 
@@ -18911,7 +19118,8 @@ RHEL 8 functionality (e.g., RDP) must be capable of taking enforcement action if
           
             RHEL-08-040111 - RHEL 8 Bluetooth must be disabled.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Without protection of communications with wireless peripherals, confidentiality and integrity may be compromised because unprotected communications can be intercepted and either read, altered, or used to compromise the RHEL 8 operating system.
 
@@ -18927,7 +19135,8 @@ Protecting the confidentiality and integrity of communications with wireless per
           
             RHEL-08-040120 - RHEL 8 must mount /dev/shm with the nodev option.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
 
@@ -18945,7 +19154,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
           
             RHEL-08-040121 - RHEL 8 must mount /dev/shm with the nosuid option.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
 
@@ -18961,7 +19171,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
           
             RHEL-08-040122 - RHEL 8 must mount /dev/shm with the noexec option.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
 
@@ -18979,7 +19190,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
           
             RHEL-08-040123 - RHEL 8 must mount /tmp with the nodev option.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
 
@@ -18997,7 +19209,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
           
             RHEL-08-040124 - RHEL 8 must mount /tmp with the nosuid option.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
 
@@ -19013,7 +19226,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
           
             RHEL-08-040125 - RHEL 8 must mount /tmp with the noexec option.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
 
@@ -19031,7 +19245,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
           
             RHEL-08-040126 - RHEL 8 must mount /var/log with the nodev option.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
 
@@ -19049,7 +19264,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
           
             RHEL-08-040127 - RHEL 8 must mount /var/log with the nosuid option.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
 
@@ -19067,7 +19283,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
           
             RHEL-08-040128 - RHEL 8 must mount /var/log with the noexec option.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
 
@@ -19085,7 +19302,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
           
             RHEL-08-040129 - RHEL 8 must mount /var/log/audit with the nodev option.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
 
@@ -19103,7 +19321,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
           
             RHEL-08-040130 - RHEL 8 must mount /var/log/audit with the nosuid option.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
 
@@ -19121,7 +19340,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
           
             RHEL-08-040131 - RHEL 8 must mount /var/log/audit with the noexec option.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
 
@@ -19139,7 +19359,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
           
             RHEL-08-040132 - RHEL 8 must mount /var/tmp with the nodev option.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
 
@@ -19157,7 +19378,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
           
             RHEL-08-040133 - RHEL 8 must mount /var/tmp with the nosuid option.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
 
@@ -19175,7 +19397,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
           
             RHEL-08-040134 - RHEL 8 must mount /var/tmp with the noexec option.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
 
@@ -19193,7 +19416,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
           
             RHEL-08-040135 - The RHEL 8 fapolicy module must be installed.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
 
@@ -19215,7 +19439,8 @@ Satisfies: SRG-OS-000368-GPOS-00154, SRG-OS-000370-GPOS-00155, SRG-OS-000480-GPO
           
             RHEL-08-040150 - A firewall must be able to protect against or limit the effects of Denial of Service (DoS) attacks by ensuring RHEL 8 can implement rate-limiting measures on impacted network interfaces.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             DoS is a condition when a resource is not available for legitimate users. When this occurs, the organization either cannot accomplish its mission or must operate at degraded capacity.
 
@@ -19231,7 +19456,8 @@ Since version 0.6.0, "firewalld" has incorporated "nftables" as its backend supp
           
             RHEL-08-040160 - All RHEL 8 networked systems must have and implement SSH to protect the confidentiality and integrity of transmitted and received information, as well as information during preparation for transmission.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Without protection of the transmitted information, confidentiality and integrity may be compromised because unprotected communications can be intercepted and either read or altered. 
 
@@ -19249,7 +19475,8 @@ Satisfies: SRG-OS-000423-GPOS-00187, SRG-OS-000424-GPOS-00188, SRG-OS-000425-GPO
           
             RHEL-08-040161 - RHEL 8 must force a frequent session key renegotiation for SSH connections to the server.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Without protection of the transmitted information, confidentiality and integrity may be compromised because unprotected communications can be intercepted and either read or altered. 
 
@@ -19269,7 +19496,8 @@ Satisfies: SRG-OS-000033-GPOS-00014, SRG-OS-000420-GPOS-00186, SRG-OS-000424-GPO
           
             RHEL-08-040170 - The x86 Ctrl-Alt-Delete key sequence must be disabled on RHEL 8.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             A locally logged-on user, who presses Ctrl-Alt-Delete when at the console, can reboot the system. If accidentally pressed, as could happen in the case of a mixed OS environment, this can create the risk of short-term loss of availability of systems due to unintentional reboot. In a graphical user environment, risk of unintentional reboot from the Ctrl-Alt-Delete sequence is reduced because the user will be prompted before any action is taken.
           
@@ -19281,7 +19509,8 @@ Satisfies: SRG-OS-000033-GPOS-00014, SRG-OS-000420-GPOS-00186, SRG-OS-000424-GPO
           
             RHEL-08-040171 - The x86 Ctrl-Alt-Delete key sequence in RHEL 8 must be disabled if a graphical user interface is installed.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             A locally logged-on user, who presses Ctrl-Alt-Delete, when at the console, can reboot the system. If accidentally pressed, as could happen in the case of a mixed OS environment, this can create the risk of short-term loss of availability of systems due to unintentional reboot. In a graphical user environment, risk of unintentional reboot from the Ctrl-Alt-Delete sequence is reduced because the user will be prompted before any action is taken.
           
@@ -19293,7 +19522,8 @@ Satisfies: SRG-OS-000033-GPOS-00014, SRG-OS-000420-GPOS-00186, SRG-OS-000424-GPO
           
             RHEL-08-040172 - The systemd Ctrl-Alt-Delete burst key sequence in RHEL 8 must be disabled.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             A locally logged-on user who presses Ctrl-Alt-Delete when at the console can reboot the system. If accidentally pressed, as could happen in the case of a mixed OS environment, this can create the risk of short-term loss of availability of systems due to unintentional reboot. In a graphical user environment, risk of unintentional reboot from the Ctrl-Alt-Delete sequence is reduced because the user will be prompted before any action is taken.
           
@@ -19305,7 +19535,8 @@ Satisfies: SRG-OS-000033-GPOS-00014, SRG-OS-000420-GPOS-00186, SRG-OS-000424-GPO
           
             RHEL-08-040180 - The debug-shell systemd service must be disabled on RHEL 8.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             The debug-shell requires no authentication and provides root privileges to anyone who has physical access to the machine.  While this feature is disabled by default, masking it adds an additional layer of assurance that it will not be enabled via a dependency in systemd.  This also prevents attackers with physical access from trivially bypassing security on the machine through valid troubleshooting configurations and gaining root access when the system is rebooted.
           
@@ -19317,7 +19548,8 @@ Satisfies: SRG-OS-000033-GPOS-00014, SRG-OS-000420-GPOS-00186, SRG-OS-000424-GPO
           
             RHEL-08-040190 - The Trivial File Transfer Protocol (TFTP) server package must not be installed if not required for RHEL 8 operational support.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             If TFTP is required for operational support (such as the transmission of router configurations) its use must be documented with the Information System Security Officer (ISSO), restricted to only authorized personnel, and have access control rules established.
           
@@ -19329,7 +19561,8 @@ Satisfies: SRG-OS-000033-GPOS-00014, SRG-OS-000420-GPOS-00186, SRG-OS-000424-GPO
           
             RHEL-08-040200 - The root account must be the only account having unrestricted access to the RHEL 8 system.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             If an account other than root also has a User Identifier (UID) of "0", it has root authority, giving that account unrestricted access to the entire operating system. Multiple accounts with a UID of "0" afford an opportunity for potential intruders to guess a password for a privileged account.
           
@@ -19341,7 +19574,8 @@ Satisfies: SRG-OS-000033-GPOS-00014, SRG-OS-000420-GPOS-00186, SRG-OS-000424-GPO
           
             RHEL-08-040210 - RHEL 8 must prevent IPv6 Internet Control Message Protocol (ICMP) redirect messages from being accepted.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages modify the host's route table and are unauthenticated. An illicit ICMP redirect message could result in a man-in-the-middle attack.
 
@@ -19361,7 +19595,8 @@ The sysctl --system command will load settings from all system configuration fil
           
             RHEL-08-040220 - RHEL 8 must not send Internet Control Message Protocol (ICMP) redirects.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages contain information from the system's route table, possibly revealing portions of the network topology.
 
@@ -19383,7 +19618,8 @@ The sysctl --system command will load settings from all system configuration fil
           
             RHEL-08-040230 - RHEL 8 must not respond to Internet Control Message Protocol (ICMP) echoes sent to a broadcast address.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Responding to broadcast ICMP echoes facilitates network mapping and provides a vector for amplification attacks.
 
@@ -19404,7 +19640,8 @@ The sysctl --system command will load settings from all system configuration fil
           
             RHEL-08-040240 - RHEL 8 must not forward IPv6 source-routed packets.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Source-routed packets allow the source of the packet to suggest that routers forward the packet along a different path than configured on the router, which can be used to bypass network security measures. This requirement applies only to the forwarding of source-routed traffic, such as when forwarding is enabled and the system is functioning as a router.
 
@@ -19424,7 +19661,8 @@ The sysctl --system command will load settings from all system configuration fil
           
             RHEL-08-040250 - RHEL 8 must not forward IPv6 source-routed packets by default.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Source-routed packets allow the source of the packet to suggest that routers forward the packet along a different path than configured on the router, which can be used to bypass network security measures. This requirement applies only to the forwarding of source-routed traffic, such as when forwarding is enabled and the system is functioning as a router.
 
@@ -19444,7 +19682,8 @@ The sysctl --system command will load settings from all system configuration fil
           
             RHEL-08-040260 - RHEL 8 must not enable IPv6 packet forwarding unless the system is a router.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Routing protocol daemons are typically used on routers to exchange network topology information with other routers. If this software is used when not required, system network information may be unnecessarily transmitted across the network.
 
@@ -19464,7 +19703,8 @@ The sysctl --system command will load settings from all system configuration fil
           
             RHEL-08-040261 - RHEL 8 must not accept router advertisements on all IPv6 interfaces.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Routing protocol daemons are typically used on routers to exchange network topology information with other routers. If this software is used when not required, system network information may be unnecessarily transmitted across the network.
 
@@ -19486,7 +19726,8 @@ The sysctl --system command will load settings from all system configuration fil
           
             RHEL-08-040262 - RHEL 8 must not accept router advertisements on all IPv6 interfaces by default.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Routing protocol daemons are typically used on routers to exchange network topology information with other routers. If this software is used when not required, system network information may be unnecessarily transmitted across the network.
 
@@ -19508,7 +19749,8 @@ The sysctl --system command will load settings from all system configuration fil
           
             RHEL-08-040270 - RHEL 8 must not allow interfaces to perform Internet Control Message Protocol (ICMP) redirects by default.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages contain information from the system's route table, possibly revealing portions of the network topology.
 
@@ -19530,7 +19772,8 @@ The sysctl --system command will load settings from all system configuration fil
           
             RHEL-08-040280 - RHEL 8 must ignore IPv6 Internet Control Message Protocol (ICMP) redirect messages.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages modify the host's route table and are unauthenticated. An illicit ICMP redirect message could result in a man-in-the-middle attack.
 
@@ -19550,7 +19793,8 @@ The sysctl --system command will load settings from all system configuration fil
           
             RHEL-08-040281 - RHEL 8 must disable access to network bpf syscall from unprivileged processes.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
 
@@ -19570,7 +19814,8 @@ The sysctl --system command will load settings from all system configuration fil
           
             RHEL-08-040282 - RHEL 8 must restrict usage of ptrace to descendant  processes.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
 
@@ -19590,7 +19835,8 @@ The sysctl --system command will load settings from all system configuration fil
           
             RHEL-08-040283 - RHEL 8 must restrict exposed kernel pointer addresses access.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
 
@@ -19610,7 +19856,8 @@ The sysctl --system command will load settings from all system configuration fil
           
             RHEL-08-040284 - RHEL 8 must disable the use of user namespaces.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
 
@@ -19630,7 +19877,8 @@ The sysctl --system command will load settings from all system configuration fil
           
             RHEL-08-040285 - RHEL 8 must use reverse path filtering on all IPv4 interfaces.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
 
@@ -19650,7 +19898,8 @@ The sysctl --system command will load settings from all system configuration fil
           
             RHEL-08-040290 - RHEL 8 must be configured to prevent unrestricted mail relaying.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             If unrestricted mail relaying is permitted, unauthorized senders could use this host as a mail relay for the purpose of sending spam or other unauthorized activity.
           
@@ -19662,7 +19911,8 @@ The sysctl --system command will load settings from all system configuration fil
           
             RHEL-08-040320 - The graphical display manager must not be installed on RHEL 8 unless approved.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Internet services that are not required for system or application processes must not be active to decrease the attack surface of the system. Graphical display managers have a long history of security vulnerabilities and must not be used, unless approved and documented.
           
@@ -19674,7 +19924,8 @@ The sysctl --system command will load settings from all system configuration fil
           
             RHEL-08-040330 - RHEL 8 network interfaces must not be in promiscuous mode.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Network interfaces in promiscuous mode allow for the capture of all network traffic visible to the system. If unauthorized individuals can access these applications, it may allow them to collect information such as logon IDs, passwords, and key exchanges between systems.
 
@@ -19688,7 +19939,8 @@ If the system is being used to perform a network troubleshooting function, the u
           
             RHEL-08-040340 - RHEL 8 remote X connections for interactive users must be disabled unless to fulfill documented and validated mission requirements.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             The security risk of using X11 forwarding is that the client's X11 display server may be exposed to attack when the SSH client requests forwarding.  A system administrator may have a stance in which they want to protect clients that may expose themselves to attack by unwittingly requesting X11 forwarding, which can warrant a "no" setting.
 
@@ -19704,7 +19956,8 @@ If X11 services are not required for the system's intended function, they should
           
             RHEL-08-040341 - The RHEL 8 SSH daemon must prevent remote hosts from connecting to the proxy display.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             When X11 forwarding is enabled, there may be additional exposure to the server and client displays if the sshd proxy display is configured to listen on the wildcard address.  By default, sshd binds the forwarding server to the loopback address and sets the hostname part of the DIPSLAY environment variable to localhost.  This prevents remote hosts from connecting to the proxy display.
           
@@ -19716,7 +19969,8 @@ If X11 services are not required for the system's intended function, they should
           
             RHEL-08-040350 - If the Trivial File Transfer Protocol (TFTP) server is required, the RHEL 8 TFTP daemon must be configured to operate in secure mode.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Restricting TFTP to a specific directory prevents remote users from copying, transferring, or overwriting system files.
           
@@ -19728,7 +19982,8 @@ If X11 services are not required for the system's intended function, they should
           
             RHEL-08-040360 - A File Transfer Protocol (FTP) server package must not be installed unless mission essential on RHEL 8.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             The FTP service provides an unencrypted remote access that does not provide for the confidentiality and integrity of user passwords or the remote session. If a privileged user were to log on using this service, the privileged user password could be compromised. SSH or other encrypted file transfer methods must be used in place of this service.
           
@@ -19740,7 +19995,8 @@ If X11 services are not required for the system's intended function, they should
           
             RHEL-08-040370 - The gssproxy package must not be installed unless mission essential on RHEL 8.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
 
@@ -19756,7 +20012,8 @@ The gssproxy package is a proxy for GSS API credential handling and could expose
           
             RHEL-08-040380 - The iprutils package must not be installed unless mission essential on RHEL 8.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
 
@@ -19772,7 +20029,8 @@ The iprutils package provides a suite of utilities to manage and configure SCSI
           
             RHEL-08-040390 - The tuned package must not be installed unless mission essential on RHEL 8.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
 
@@ -19788,7 +20046,8 @@ The tuned package contains a daemon that tunes the system settings dynamically.
           
             RHEL-08-010163 - The krb5-server package must not be installed on RHEL 8.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Unapproved mechanisms that are used for authentication to the cryptographic module are not verified and therefore cannot be relied upon to provide confidentiality or integrity, and DoD data may be compromised.
 
@@ -19806,7 +20065,8 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
           
             RHEL-08-010382 - RHEL 8 must restrict privilege elevation to authorized personnel.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             The sudo command allows a user to execute programs with elevated (administrator) privileges. It prompts the user for their password and confirms your request to execute a command by checking a file, called sudoers. If the "sudoers" file is not configured correctly, any user defined on the system can initiate privileged actions on the target system.
           
@@ -19818,7 +20078,8 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
           
             RHEL-08-010383 - RHEL 8 must use the invoking user's password for privilege escalation when using "sudo".
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             The sudoers security policy requires that users authenticate themselves before they can use sudo. When sudoers requires authentication, it validates the invoking user's credentials. If the rootpw, targetpw, or runaspw flags are defined and not disabled, by default the operating system will prompt the invoking user for the "root" user password. 
 For more information on each of the listed configurations, reference the sudoers(5) manual page.
@@ -19831,7 +20092,8 @@ For more information on each of the listed configurations, reference the sudoers
           
             RHEL-08-010384 - RHEL 8 must require re-authentication when using the "sudo" command.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Without re-authentication, users may access resources or perform tasks for which they do not have authorization. 
 
@@ -19847,7 +20109,8 @@ If the value is set to an integer less than 0, the user's time stamp will not ex
           
             RHEL-08-010049 - RHEL 8 must display a banner before granting local or remote access to the system via a graphical user logon.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Display of a standardized and approved use notification before granting access to the operating system ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.
 
@@ -19863,7 +20126,8 @@ Satisfies: SRG-OS-000023-GPOS-00006, SRG-OS-000228-GPOS-00088
           
             RHEL-08-010152 - RHEL 8 operating systems must require authentication upon booting into emergency mode.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             If the system does not require valid root authentication before it boots into emergency or rescue mode, anyone who invokes emergency or rescue mode is granted privileged access to all files on the system.
           
@@ -19875,7 +20139,8 @@ Satisfies: SRG-OS-000023-GPOS-00006, SRG-OS-000228-GPOS-00088
           
             RHEL-08-010159 - The RHEL 8 pam_unix.so module must be configured in the system-auth file to use a FIPS 140-2 approved cryptographic hashing algorithm for system authentication.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Unapproved mechanisms that are used for authentication to the cryptographic module are not verified and therefore cannot be relied upon to provide confidentiality or integrity, and DoD data may be compromised.
 
@@ -19891,7 +20156,8 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
           
             RHEL-08-010201 - The RHEL 8 SSH daemon must be configured with a timeout interval.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Terminating an idle SSH session within a short time period reduces the window of opportunity for unauthorized personnel to take control of a management session enabled on the console or console port that has been left unattended. In addition, quickly terminating an idle SSH session will also free up resources committed by the managed network element.
 
@@ -19909,7 +20175,8 @@ Satisfies: SRG-OS-000163-GPOS-00072, SRG-OS-000126-GPOS-00066, SRG-OS-000279-GPO
           
             RHEL-08-010472 - RHEL 8 must have the packages required to use the hardware random number generator entropy gatherer service.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             The most important characteristic of a random number generator is its randomness, namely its ability to deliver random numbers that are impossible to predict.  Entropy in computer security is associated with the unpredictability of a source of randomness.  The random source with high entropy tends to achieve a uniform distribution of random values.  Random number generators are one of the most important building blocks of cryptosystems.  
 
@@ -19923,7 +20190,8 @@ The rngd service feeds random data from hardware device to kernel random device.
           
             RHEL-08-010522 - The RHEL 8 SSH daemon must not allow GSSAPI authentication, except to fulfill documented and validated mission requirements.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Configuring this setting for the SSH daemon provides additional assurance that remote logon via SSH will require a password, even in the event of misconfiguration elsewhere.
           
@@ -19935,7 +20203,8 @@ The rngd service feeds random data from hardware device to kernel random device.
           
             RHEL-08-010544 - RHEL 8 must use a separate file system for /var/tmp.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             The use of separate file systems for different paths can protect the system from failures resulting from a file system becoming full or failing.
           
@@ -19947,7 +20216,8 @@ The rngd service feeds random data from hardware device to kernel random device.
           
             RHEL-08-010572 - RHEL 8 must prevent files with the setuid and setgid bit set from being executed on the /boot/efi directory.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             The "nosuid" mount option causes the system not to execute "setuid" and "setgid" files with owner privileges. This option must be used for mounting any file system not containing approved "setuid" and "setguid" files. Executing files from untrusted file systems increases the opportunity for unprivileged users to attain unauthorized administrative access.
           
@@ -19959,7 +20229,8 @@ The rngd service feeds random data from hardware device to kernel random device.
           
             RHEL-08-020032 - RHEL 8 must disable the user list at logon for graphical user interfaces.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Leaving the user list enabled is a security risk since it allows anyone with physical access to the system to enumerate known user accounts without authenticated access to the system.
           
@@ -19971,7 +20242,8 @@ The rngd service feeds random data from hardware device to kernel random device.
           
             RHEL-08-020082 - RHEL 8 must prevent a user from overriding the screensaver lock-enabled setting for the graphical user interface.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             A session time-out lock is a temporary action taken when a user stops work and moves away from the immediate physical vicinity of the information system but does not log out because of the temporary nature of the absence. Rather than relying on the user to manually lock their operating system session prior to vacating the vicinity, operating systems need to be able to identify when a user's session has idled and take action to initiate the session lock.
 
@@ -19991,7 +20263,8 @@ Satisfies: SRG-OS-000029-GPOS-00010, SRG-OS-000031-GPOS-00012, SRG-OS-000480-GPO
           
             RHEL-08-020332 - RHEL 8 must not allow blank or null passwords in the password-auth file.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             If an account has an empty password, anyone could log on and run commands with the privileges of that account. Accounts with empty passwords should never be used in operational environments.
           
@@ -20003,7 +20276,8 @@ Satisfies: SRG-OS-000029-GPOS-00010, SRG-OS-000031-GPOS-00012, SRG-OS-000480-GPO
           
             RHEL-08-030181 - RHEL 8 audit records must contain information to establish what type of events occurred, the source of events, where events occurred, and the outcome of events.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Without establishing what type of events occurred, the source of events, where events occurred, and the outcome of events, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack.
 
@@ -20021,7 +20295,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000038-GPO
           
             RHEL-08-030731 - RHEL 8 must notify the System Administrator (SA) and Information System Security Officer (ISSO) (at a minimum) when allocated audit record storage volume 75 percent utilization.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             If security personnel are not notified immediately when storage volume reaches 75 percent utilization, they are unable to plan for audit record storage capacity expansion.
           
@@ -20033,7 +20308,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000038-GPO
           
             RHEL-08-040101 - A firewall must be active on RHEL 8.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             "Firewalld" provides an easy and effective way to block/limit remote access to the system via ports, services, and protocols.
 
@@ -20050,7 +20326,8 @@ RHEL 8 functionality (e.g., RDP) must be capable of taking enforcement action if
           
             RHEL-08-040136 - The RHEL 8 fapolicy module must be enabled.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
 
@@ -20072,7 +20349,8 @@ Satisfies: SRG-OS-000368-GPOS-00154, SRG-OS-000370-GPOS-00155, SRG-OS-000480-GPO
           
             RHEL-08-040139 - RHEL 8 must have the USBGuard installed.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Without authenticating devices, unidentified or unknown devices may be introduced, thereby facilitating malicious activity.
 Peripherals include, but are not limited to, such devices as flash drives, external storage, and printers.
@@ -20088,7 +20366,8 @@ The System Administrator (SA) must work with the site Information System Securit
           
             RHEL-08-040141 - RHEL 8 must enable the USBGuard.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Without authenticating devices, unidentified or unknown devices may be introduced, thereby facilitating malicious activity.
 
@@ -20106,7 +20385,8 @@ The System Administrator (SA) must work with the site Information System Securit
           
             RHEL-08-040159 - All RHEL 8 networked systems must have SSH installed.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Without protection of the transmitted information, confidentiality and integrity may be compromised because unprotected communications can be intercepted and either read or altered. 
 
@@ -20124,7 +20404,8 @@ Satisfies: SRG-OS-000423-GPOS-00187, SRG-OS-000424-GPOS-00188, SRG-OS-000425-GPO
           
             RHEL-08-040209 - RHEL 8 must prevent IPv4 Internet Control Message Protocol (ICMP) redirect messages from being accepted.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages modify the host's route table and are unauthenticated. An illicit ICMP redirect message could result in a man-in-the-middle attack.
 
@@ -20144,7 +20425,8 @@ The sysctl --system command will load settings from all system configuration fil
           
             RHEL-08-040239 - RHEL 8 must not forward IPv4 source-routed packets.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Source-routed packets allow the source of the packet to suggest that routers forward the packet along a different path than configured on the router, which can be used to bypass network security measures. This requirement applies only to the forwarding of source-routed traffic, such as when forwarding is enabled and the system is functioning as a router.
 
@@ -20164,7 +20446,8 @@ The sysctl --system command will load settings from all system configuration fil
           
             RHEL-08-040249 - RHEL 8 must not forward IPv4 source-routed packets by default.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Source-routed packets allow the source of the packet to suggest that routers forward the packet along a different path than configured on the router, which can be used to bypass network security measures. This requirement applies only to the forwarding of source-routed traffic, such as when forwarding is enabled and the system is functioning as a router.
 
@@ -20184,7 +20467,8 @@ The sysctl --system command will load settings from all system configuration fil
           
             RHEL-08-040279 - RHEL 8 must ignore IPv4 Internet Control Message Protocol (ICMP) redirect messages.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages modify the host's route table and are unauthenticated. An illicit ICMP redirect message could result in a man-in-the-middle attack.
 
@@ -20204,7 +20488,8 @@ The sysctl --system command will load settings from all system configuration fil
           
             RHEL-08-040286 - RHEL 8 must enable hardening for the Berkeley Packet Filter Just-in-time compiler.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
 
@@ -20226,7 +20511,8 @@ The sysctl --system command will load settings from all system configuration fil
           
             RHEL-08-010121 - The RHEL 8 operating system must not have accounts configured with blank or null passwords.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             If an account has an empty password, anyone could log on and run commands with the privileges of that account. Accounts with empty passwords should never be used in operational environments.
           
@@ -20238,7 +20524,8 @@ The sysctl --system command will load settings from all system configuration fil
           
             RHEL-08-010331 - RHEL 8 library directories must have mode 755 or less permissive.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             If RHEL 8 were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
 
@@ -20252,7 +20539,8 @@ This requirement applies to RHEL 8 with software libraries that are accessible a
           
             RHEL-08-010341 - RHEL 8 library directories must be owned by root.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             If RHEL 8 were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
 
@@ -20266,7 +20554,8 @@ This requirement applies to RHEL 8 with software libraries that are accessible a
           
             RHEL-08-010351 - RHEL 8 library directories must be group-owned by root or a system account.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             If RHEL 8 were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
 
@@ -20280,7 +20569,8 @@ This requirement applies to RHEL 8 with software libraries that are accessible a
           
             RHEL-08-010385 - The RHEL 8 operating system must not be configured to bypass password requirements for privilege escalation.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Without re-authentication, users may access resources or perform tasks for which they do not have authorization. 
 
@@ -20296,7 +20586,8 @@ Satisfies: SRG-OS-000373-GPOS-00156, SRG-OS-000373-GPOS-00157, SRG-OS-000373-GPO
           
             RHEL-08-020101 - RHEL 8 must ensure the password complexity module is enabled in the system-auth file.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. "pwquality" enforces complex password construction configuration and has the ability to limit brute-force attacks on the system.
 
@@ -20312,7 +20603,8 @@ RHEL 8 uses "pwquality" as a mechanism to enforce password complexity. This is s
           
             RHEL-08-020102 - RHEL 8 systems below version 8.4 must ensure the password complexity module in the system-auth file is configured for three retries or less.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. "pwquality" enforces complex password construction configuration and has the ability to limit brute-force attacks on the system.
 
@@ -20330,7 +20622,8 @@ By limiting the number of attempts to meet the pwquality module complexity requi
           
             RHEL-08-020103 - RHEL 8 systems below version 8.4 must ensure the password complexity module in the password-auth file is configured for three retries or less.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. "pwquality" enforces complex password construction configuration and has the ability to limit brute-force attacks on the system.
 
@@ -20348,7 +20641,8 @@ By limiting the number of attempts to meet the pwquality module complexity requi
           
             RHEL-08-040321 - The graphical display manager must not be the default target on RHEL 8 unless approved.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Internet services that are not required for system or application processes must not be active to decrease the attack surface of the system. Graphical display managers have a long history of security vulnerabilities and must not be used, unless approved and documented.
           
@@ -20360,7 +20654,8 @@ By limiting the number of attempts to meet the pwquality module complexity requi
           
             RHEL-08-020035 - RHEL 8 must terminate idle user sessions.
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             Terminating an idle session within a short time period reduces the window of opportunity for unauthorized personnel to take control of a management session enabled on the console or console port that has been left unattended.
           
@@ -20423,11 +20718,11 @@ By limiting the number of attempts to meet the pwquality module complexity requi
         
           
         
-        
+        
           
           
         
-        
+        
           
           
         
@@ -22363,12 +22658,12 @@ By limiting the number of attempts to meet the pwquality module complexity requi
           1
         
         
-          /boot/efi/EFI/redhat/grub.cfg
+          /boot/efi/EFI/almalinux/grub.cfg
           ^\s*set\s+superusers\s*=\s*"(\w+)"\s*$
           1
         
         
-          /boot/efi/EFI/redhat/user.cfg
+          /boot/efi/EFI/almalinux/user.cfg
           ^\s*GRUB2_PASSWORD=(\S+)\b
           1
         
@@ -26048,7 +26343,8 @@ By limiting the number of attempts to meet the pwquality module complexity requi
           
             RHEL 8 is installed
             
-              Red Hat Enterprise Linux 8
+              Red Hat Enterprise Linux 8
+AlmaLinux OS 8
             
             
             RHEL 8 is installed
diff --git a/shared/templates/accounts_password/tests/conflicting_values_directory.fail.sh b/shared/templates/accounts_password/tests/conflicting_values_directory.fail.sh
index 8c002663d..c8d3ff1a4 100644
--- a/shared/templates/accounts_password/tests/conflicting_values_directory.fail.sh
+++ b/shared/templates/accounts_password/tests/conflicting_values_directory.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # This test only applies to platforms that check the pwquality.conf.d directory
-# platform = Oracle Linux 8,multi_platform_rhel
+# platform = Oracle Linux 8,multi_platform_rhel,multi_platform_almalinux
 # variables = var_password_pam_{{{ VARIABLE }}}={{{ TEST_VAR_VALUE }}}
 
 truncate -s 0 /etc/security/pwquality.conf
diff --git a/shared/templates/accounts_password/tests/correct_value_directory.pass.sh b/shared/templates/accounts_password/tests/correct_value_directory.pass.sh
index 689093008..c25c13332 100644
--- a/shared/templates/accounts_password/tests/correct_value_directory.pass.sh
+++ b/shared/templates/accounts_password/tests/correct_value_directory.pass.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # This test only applies to platforms that check the pwquality.conf.d directory
-# platform = Oracle Linux 8,multi_platform_rhel
+# platform = Oracle Linux 8,multi_platform_rhel,multi_platform_almalinux
 # variables = var_password_pam_{{{ VARIABLE }}}={{{ TEST_VAR_VALUE }}}
 
 # This test will ensure that OVAL also checks the configuration in
diff --git a/shared/templates/grub2_bootloader_argument/kickstart.template b/shared/templates/grub2_bootloader_argument/kickstart.template
index c5051bcf7..846c0e661 100644
--- a/shared/templates/grub2_bootloader_argument/kickstart.template
+++ b/shared/templates/grub2_bootloader_argument/kickstart.template
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
 # reboot = true
 # strategy = restrict
 # complexity = medium
diff --git a/shared/templates/grub2_bootloader_argument/tests/arg_not_in_entries.fail.sh b/shared/templates/grub2_bootloader_argument/tests/arg_not_in_entries.fail.sh
index 4c25b2d95..26100fc4e 100644
--- a/shared/templates/grub2_bootloader_argument/tests/arg_not_in_entries.fail.sh
+++ b/shared/templates/grub2_bootloader_argument/tests/arg_not_in_entries.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-# platform = multi_platform_fedora,multi_platform_rhel
+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux
 # packages = grub2,grubby
 
 source common.sh
diff --git a/shared/templates/grub2_bootloader_argument/tests/arg_not_in_grubenv_and_not_referenced.pass.sh b/shared/templates/grub2_bootloader_argument/tests/arg_not_in_grubenv_and_not_referenced.pass.sh
index 59d4ddd5d..f47ce4d8b 100644
--- a/shared/templates/grub2_bootloader_argument/tests/arg_not_in_grubenv_and_not_referenced.pass.sh
+++ b/shared/templates/grub2_bootloader_argument/tests/arg_not_in_grubenv_and_not_referenced.pass.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 # packages = grub2,grubby
 
 {{%- if ARG_VARIABLE %}}
diff --git a/shared/templates/grub2_bootloader_argument/tests/arg_not_in_grubenv_but_referenced.fail.sh b/shared/templates/grub2_bootloader_argument/tests/arg_not_in_grubenv_but_referenced.fail.sh
index 98da43833..d41cbe4c2 100644
--- a/shared/templates/grub2_bootloader_argument/tests/arg_not_in_grubenv_but_referenced.fail.sh
+++ b/shared/templates/grub2_bootloader_argument/tests/arg_not_in_grubenv_but_referenced.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 # packages = grub2,grubby
 
 source common.sh
diff --git a/shared/templates/grub2_bootloader_argument/tests/correct_value_grubenv_only.pass.sh b/shared/templates/grub2_bootloader_argument/tests/correct_value_grubenv_only.pass.sh
index 1a955c392..cbce6c60e 100644
--- a/shared/templates/grub2_bootloader_argument/tests/correct_value_grubenv_only.pass.sh
+++ b/shared/templates/grub2_bootloader_argument/tests/correct_value_grubenv_only.pass.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 # packages = grub2,grubby
 
 source common.sh
diff --git a/shared/templates/grub2_bootloader_argument/tests/correct_value_mix_entries_and_grubenv.pass.sh b/shared/templates/grub2_bootloader_argument/tests/correct_value_mix_entries_and_grubenv.pass.sh
index 888445d23..d97a32fb5 100644
--- a/shared/templates/grub2_bootloader_argument/tests/correct_value_mix_entries_and_grubenv.pass.sh
+++ b/shared/templates/grub2_bootloader_argument/tests/correct_value_mix_entries_and_grubenv.pass.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 # packages = grub2,grubby
 
 source common.sh
diff --git a/shared/templates/grub2_bootloader_argument/tests/wrong_value_entries.fail.sh b/shared/templates/grub2_bootloader_argument/tests/wrong_value_entries.fail.sh
index 0ee7a41ca..a31c37bc4 100644
--- a/shared/templates/grub2_bootloader_argument/tests/wrong_value_entries.fail.sh
+++ b/shared/templates/grub2_bootloader_argument/tests/wrong_value_entries.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-# platform = multi_platform_fedora,multi_platform_rhel
+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux
 # packages = grub2,grubby
 
 source common.sh
diff --git a/shared/templates/grub2_bootloader_argument/tests/wrong_value_grubenv.fail.sh b/shared/templates/grub2_bootloader_argument/tests/wrong_value_grubenv.fail.sh
index 75c487299..0143d91e3 100644
--- a/shared/templates/grub2_bootloader_argument/tests/wrong_value_grubenv.fail.sh
+++ b/shared/templates/grub2_bootloader_argument/tests/wrong_value_grubenv.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8
 # packages = grub2,grubby
 
 source common.sh
diff --git a/shared/templates/grub2_bootloader_argument_absent/tests/arg_there_etcdefaultgrub.fail.sh b/shared/templates/grub2_bootloader_argument_absent/tests/arg_there_etcdefaultgrub.fail.sh
index fc3db8ccd..a12bef4b2 100644
--- a/shared/templates/grub2_bootloader_argument_absent/tests/arg_there_etcdefaultgrub.fail.sh
+++ b/shared/templates/grub2_bootloader_argument_absent/tests/arg_there_etcdefaultgrub.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-# platform = multi_platform_rhel
+# platform = multi_platform_rhel,multi_platform_almalinux
 # packages = grub2-tools,grubby
 
 # Adds argument from kernel command line in /etc/default/grub
diff --git a/shared/templates/grub2_bootloader_argument_absent/tests/arg_there_grubenv.fail.sh b/shared/templates/grub2_bootloader_argument_absent/tests/arg_there_grubenv.fail.sh
index 4e4f5135e..79ec788c4 100644
--- a/shared/templates/grub2_bootloader_argument_absent/tests/arg_there_grubenv.fail.sh
+++ b/shared/templates/grub2_bootloader_argument_absent/tests/arg_there_grubenv.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-# platform = Red Hat Enterprise Linux 8
+# platform = Red Hat Enterprise Linux 8,AlmaLinux OS 8
 # packages = grub2-tools,grubby
 
 # Adds audit argument from kernel command line in /boot/grub2/grubenv
diff --git a/shared/templates/grub2_bootloader_argument_absent/tests/arg_value_there_etcdefaultgrub.fail.sh b/shared/templates/grub2_bootloader_argument_absent/tests/arg_value_there_etcdefaultgrub.fail.sh
index e51f669fd..00a74f76f 100644
--- a/shared/templates/grub2_bootloader_argument_absent/tests/arg_value_there_etcdefaultgrub.fail.sh
+++ b/shared/templates/grub2_bootloader_argument_absent/tests/arg_value_there_etcdefaultgrub.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-# platform = multi_platform_rhel
+# platform = multi_platform_rhel,multi_platform_almalinux
 # packages = grub2-tools,grubby
 
 # Adds argument with a value from kernel command line in /etc/default/grub
diff --git a/shared/templates/kernel_module_disabled/kubernetes.template b/shared/templates/kernel_module_disabled/kubernetes.template
index c77cebfbb..2820e9745 100644
--- a/shared/templates/kernel_module_disabled/kubernetes.template
+++ b/shared/templates/kernel_module_disabled/kubernetes.template
@@ -1,5 +1,5 @@
 ---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ocp,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ocp,multi_platform_rhcos
 # reboot = true
 # strategy = disable
 # complexity = low
diff --git a/shared/templates/mount/blueprint.template b/shared/templates/mount/blueprint.template
index 56617467d..3cdacd4db 100644
--- a/shared/templates/mount/blueprint.template
+++ b/shared/templates/mount/blueprint.template
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
 
 [[customizations.filesystem]]
 mountpoint = "{{{ MOUNTPOINT }}}"
diff --git a/shared/templates/mount/kickstart.template b/shared/templates/mount/kickstart.template
index fc2bdebd7..3c7833aa7 100644
--- a/shared/templates/mount/kickstart.template
+++ b/shared/templates/mount/kickstart.template
@@ -1,3 +1,3 @@
-# platform = multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
 
 logvol {{{ MOUNTPOINT }}} {{{ MIN_SIZE_MB }}}
diff --git a/shared/templates/package_installed/bootc.template b/shared/templates/package_installed/bootc.template
index ddac8ef40..86cb91791 100644
--- a/shared/templates/package_installed/bootc.template
+++ b/shared/templates/package_installed/bootc.template
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
 # reboot = false
 # strategy = enable
 # complexity = low
diff --git a/shared/templates/package_installed/kickstart.template b/shared/templates/package_installed/kickstart.template
index be0fc1de8..8284a5711 100644
--- a/shared/templates/package_installed/kickstart.template
+++ b/shared/templates/package_installed/kickstart.template
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
 # reboot = false
 # strategy = enable
 # complexity = low
diff --git a/shared/templates/package_removed/bootc.template b/shared/templates/package_removed/bootc.template
index 9e3535578..f0a418432 100644
--- a/shared/templates/package_removed/bootc.template
+++ b/shared/templates/package_removed/bootc.template
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
 # reboot = false
 # strategy = disable
 # complexity = low
diff --git a/shared/templates/package_removed/kickstart.template b/shared/templates/package_removed/kickstart.template
index 486ebbbdc..963412bac 100644
--- a/shared/templates/package_removed/kickstart.template
+++ b/shared/templates/package_removed/kickstart.template
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
 # reboot = false
 # strategy = disable
 # complexity = low
diff --git a/shared/templates/pam_account_password_faillock/tests/conflicting_settings_authselect.fail.sh b/shared/templates/pam_account_password_faillock/tests/conflicting_settings_authselect.fail.sh
index 1e4ab26a7..88a935f88 100644
--- a/shared/templates/pam_account_password_faillock/tests/conflicting_settings_authselect.fail.sh
+++ b/shared/templates/pam_account_password_faillock/tests/conflicting_settings_authselect.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect,pam
-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
 
 {{{ tests_init_faillock_vars("correct") }}}
 
diff --git a/shared/templates/pam_account_password_faillock/tests/pam_faillock_conflicting_settings.fail.sh b/shared/templates/pam_account_password_faillock/tests/pam_faillock_conflicting_settings.fail.sh
index e9f8a06f4..ef4195f65 100644
--- a/shared/templates/pam_account_password_faillock/tests/pam_faillock_conflicting_settings.fail.sh
+++ b/shared/templates/pam_account_password_faillock/tests/pam_faillock_conflicting_settings.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
+# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,Oracle Linux 8
 # remediation = none
 
 {{{ tests_init_faillock_vars("correct") }}}
diff --git a/shared/templates/pam_account_password_faillock/tests/pam_faillock_expected_faillock_conf.pass.sh b/shared/templates/pam_account_password_faillock/tests/pam_faillock_expected_faillock_conf.pass.sh
index b5d27377a..31f2fe7c6 100644
--- a/shared/templates/pam_account_password_faillock/tests/pam_faillock_expected_faillock_conf.pass.sh
+++ b/shared/templates/pam_account_password_faillock/tests/pam_faillock_expected_faillock_conf.pass.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
+# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,Oracle Linux 8
 
 {{{ tests_init_faillock_vars("correct") }}}
 
diff --git a/shared/templates/pam_account_password_faillock/tests/pam_faillock_lenient_high_faillock_conf.fail.sh b/shared/templates/pam_account_password_faillock/tests/pam_faillock_lenient_high_faillock_conf.fail.sh
index d900ff868..9b72a395b 100644
--- a/shared/templates/pam_account_password_faillock/tests/pam_faillock_lenient_high_faillock_conf.fail.sh
+++ b/shared/templates/pam_account_password_faillock/tests/pam_faillock_lenient_high_faillock_conf.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
+# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,Oracle Linux 8
 
 {{{ tests_init_faillock_vars("lenient_high") }}}
 
diff --git a/shared/templates/pam_account_password_faillock/tests/pam_faillock_lenient_low_faillock_conf.fail.sh b/shared/templates/pam_account_password_faillock/tests/pam_faillock_lenient_low_faillock_conf.fail.sh
index bcb8d1002..727fd4321 100644
--- a/shared/templates/pam_account_password_faillock/tests/pam_faillock_lenient_low_faillock_conf.fail.sh
+++ b/shared/templates/pam_account_password_faillock/tests/pam_faillock_lenient_low_faillock_conf.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
+# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,Oracle Linux 8
 
 {{{ tests_init_faillock_vars("lenient_low") }}}
 
diff --git a/shared/templates/pam_account_password_faillock/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh b/shared/templates/pam_account_password_faillock/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
index 56f9acccc..63364cc0e 100644
--- a/shared/templates/pam_account_password_faillock/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
+++ b/shared/templates/pam_account_password_faillock/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
+# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,Oracle Linux 8
 # remediation = none
 
 {{{ tests_init_faillock_vars("correct") }}}
diff --git a/shared/templates/pam_account_password_faillock/tests/pam_faillock_stricter_faillock_conf.pass.sh b/shared/templates/pam_account_password_faillock/tests/pam_faillock_stricter_faillock_conf.pass.sh
index 008462181..cb9c98c6f 100644
--- a/shared/templates/pam_account_password_faillock/tests/pam_faillock_stricter_faillock_conf.pass.sh
+++ b/shared/templates/pam_account_password_faillock/tests/pam_faillock_stricter_faillock_conf.pass.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
+# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,Oracle Linux 8
 
 {{{ tests_init_faillock_vars("stricter") }}}
 
diff --git a/shared/templates/service_disabled/kickstart.template b/shared/templates/service_disabled/kickstart.template
index d1e39ae29..7ecd5523e 100644
--- a/shared/templates/service_disabled/kickstart.template
+++ b/shared/templates/service_disabled/kickstart.template
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
 # reboot = false
 # strategy = disable
 # complexity = low
diff --git a/shared/templates/service_disabled/kubernetes.template b/shared/templates/service_disabled/kubernetes.template
index 1ab456524..724e7b779 100644
--- a/shared/templates/service_disabled/kubernetes.template
+++ b/shared/templates/service_disabled/kubernetes.template
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ocp,multi_platform_rhcos,multi_platform_ubuntu
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ocp,multi_platform_rhcos,multi_platform_ubuntu
 # reboot = true
 # strategy = disable
 # complexity = low
diff --git a/shared/templates/service_disabled_guard_var/bash.template b/shared/templates/service_disabled_guard_var/bash.template
index 0afd3332d..62c4762e7 100644
--- a/shared/templates/service_disabled_guard_var/bash.template
+++ b/shared/templates/service_disabled_guard_var/bash.template
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
 # reboot = false
 # strategy = disable
 # complexity = low
diff --git a/shared/templates/service_enabled/kickstart.template b/shared/templates/service_enabled/kickstart.template
index 451af774a..27ac615a2 100644
--- a/shared/templates/service_enabled/kickstart.template
+++ b/shared/templates/service_enabled/kickstart.template
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
 # reboot = false
 # strategy = disable
 # complexity = low
diff --git a/shared/templates/zipl_bls_entries_option/ansible.template b/shared/templates/zipl_bls_entries_option/ansible.template
index 73810f216..54434bb42 100644
--- a/shared/templates/zipl_bls_entries_option/ansible.template
+++ b/shared/templates/zipl_bls_entries_option/ansible.template
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel
+# platform = multi_platform_rhel,multi_platform_almalinux
 # reboot = true
 # strategy = configure
 # complexity = medium
diff --git a/shared/templates/zipl_bls_entries_option/bash.template b/shared/templates/zipl_bls_entries_option/bash.template
index e14d59dfc..1b236a130 100644
--- a/shared/templates/zipl_bls_entries_option/bash.template
+++ b/shared/templates/zipl_bls_entries_option/bash.template
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel
+# platform = multi_platform_rhel,multi_platform_almalinux
 
 # Correct BLS option using grubby, which is a thin wrapper around BLS operations
 grubby --update-kernel=ALL --args="{{{ ARG_NAME }}}={{{ ARG_VALUE }}}"
diff --git a/ssg/constants.py b/ssg/constants.py
index cf58db6a1..30b8e5076 100644
--- a/ssg/constants.py
+++ b/ssg/constants.py
@@ -40,7 +40,7 @@ SSG_REF_URIS = {
 product_directories = [
     'alinux2',
     'alinux3',
-    'almalinux9',
+    'almalinux8',
     'anolis8',
     'anolis23',
     'al2023',
@@ -204,7 +204,7 @@ PKG_MANAGER_TO_CONFIG_FILE = {
 FULL_NAME_TO_PRODUCT_MAPPING = {
     "Alibaba Cloud Linux 2": "alinux2",
     "Alibaba Cloud Linux 3": "alinux3",
-    "AlmaLinux OS 9": "almalinux9",
+    "AlmaLinux OS 8": "almalinux8",
     "Anolis OS 8": "anolis8",
     "Anolis OS 23": "anolis23",
     "Amazon Linux 2023": "al2023",
@@ -295,7 +295,7 @@ MULTI_PLATFORM_LIST = ["rhel", "fedora", "rhv", "debian", "ubuntu",
 
 MULTI_PLATFORM_MAPPING = {
     "multi_platform_alinux": ["alinux2", "alinux3"],
-    "multi_platform_almalinux": ["almalinux9"],
+    "multi_platform_almalinux": ["almalinux8"],
     "multi_platform_anolis": ["anolis8", "anolis23"],
     "multi_platform_debian": ["debian11", "debian12"],
     "multi_platform_example": ["example"],
diff --git a/tests/data/product_stability/ol7.yml b/tests/data/product_stability/ol7.yml
index eb1005de9..6c1f3517b 100644
--- a/tests/data/product_stability/ol7.yml
+++ b/tests/data/product_stability/ol7.yml
@@ -29,7 +29,7 @@ groups:
   dedicated_ssh_keyowner:
     name: ssh_keys
 grub2_boot_path: /boot/grub2
-grub2_uefi_boot_path: /boot/efi/EFI/redhat
+grub2_uefi_boot_path: /boot/efi/EFI/almalinux
 grub_helper_executable: grubby
 init_system: systemd
 major_version_ordinal: 7
diff --git a/tests/data/product_stability/ol8.yml b/tests/data/product_stability/ol8.yml
index ec49ad45f..67008023e 100644
--- a/tests/data/product_stability/ol8.yml
+++ b/tests/data/product_stability/ol8.yml
@@ -29,7 +29,7 @@ groups:
   dedicated_ssh_keyowner:
     name: ssh_keys
 grub2_boot_path: /boot/grub2
-grub2_uefi_boot_path: /boot/efi/EFI/redhat
+grub2_uefi_boot_path: /boot/efi/EFI/almalinux
 grub_helper_executable: grubby
 init_system: systemd
 major_version_ordinal: 8
diff --git a/tests/data/product_stability/rhel8.yml b/tests/data/product_stability/rhel8.yml
index cec14308a..b7e6596bf 100644
--- a/tests/data/product_stability/rhel8.yml
+++ b/tests/data/product_stability/rhel8.yml
@@ -80,7 +80,7 @@ groups:
   dedicated_ssh_keyowner:
     name: ssh_keys
 grub2_boot_path: /boot/grub2
-grub2_uefi_boot_path: /boot/efi/EFI/redhat
+grub2_uefi_boot_path: /boot/efi/EFI/almalinux
 grub_helper_executable: grubby
 init_system: systemd
 journald_conf_dir_path: /etc/systemd/journald.conf.d
diff --git a/tests/data/utils/disa-stig-rhel8-v1r6-xccdf-manual.xml b/tests/data/utils/disa-stig-rhel8-v1r6-xccdf-manual.xml
index 849ab06f6..1a4927eec 100644
--- a/tests/data/utils/disa-stig-rhel8-v1r6-xccdf-manual.xml
+++ b/tests/data/utils/disa-stig-rhel8-v1r6-xccdf-manual.xml
@@ -368,7 +368,7 @@ $ sudo egrep "^SHA_CRYPT_" /etc/login.defs
 
 If only one of "SHA_CRYPT_MIN_ROUNDS" or "SHA_CRYPT_MAX_ROUNDS" is set, and this value is below "5000", this is a finding.
 
-If both "SHA_CRYPT_MIN_ROUNDS" and "SHA_CRYPT_MAX_ROUNDS" are set, and the highest value for either is below "5000", this is a finding.SRG-OS-000080-GPOS-00048<GroupDescription></GroupDescription>RHEL-08-010140RHEL 8 operating systems booted with United Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user mode and maintenance.<VulnDiscussion>If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for RHEL 8 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>DPMS Target Red Hat Enterprise Linux 8DISADPMS TargetRed Hat Enterprise Linux 82921CCI-000213Configure the system to require a grub bootloader password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the /boot/efi/EFI/redhat/user.cfg file.
+If both "SHA_CRYPT_MIN_ROUNDS" and "SHA_CRYPT_MAX_ROUNDS" are set, and the highest value for either is below "5000", this is a finding.SRG-OS-000080-GPOS-00048<GroupDescription></GroupDescription>RHEL-08-010140RHEL 8 operating systems booted with United Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user mode and maintenance.<VulnDiscussion>If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for RHEL 8 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>DPMS Target Red Hat Enterprise Linux 8DISADPMS TargetRed Hat Enterprise Linux 82921CCI-000213Configure the system to require a grub bootloader password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the /boot/efi/EFI/almalinux/user.cfg file.
 
 Generate an encrypted grub2 password for the grub superusers account with the following command:
 
@@ -378,7 +378,7 @@ Confirm password:For systems that use BIOS, this is Not Applicable.
+$ sudo grub2-mkconfig -o /boot/efi/EFI/almalinux/grub.cfgFor systems that use BIOS, this is Not Applicable.
 
 Verify that a unique name is set as the "superusers" account:
 
-$ sudo grep -iw "superusers" /boot/efi/EFI/redhat/grub.cfg
+$ sudo grep -iw "superusers" /boot/efi/EFI/almalinux/grub.cfg
 set superusers="[someuniquestringhere]"
 export superusers
 
diff --git a/tests/shared/grub2.sh b/tests/shared/grub2.sh
index d11a2ea48..2a0d14294 100644
--- a/tests/shared/grub2.sh
+++ b/tests/shared/grub2.sh
@@ -7,10 +7,10 @@ function set_grub_uefi_root {
 		if grep VERSION /etc/os-release | grep -q '9\.0'; then
 			GRUB_CFG_ROOT=/boot/grub2
 		else
-			GRUB_CFG_ROOT=/boot/efi/EFI/redhat
+			GRUB_CFG_ROOT=/boot/efi/EFI/almalinux
 		fi
 	elif grep NAME /etc/os-release | grep -iq "Oracle"; then
-		GRUB_CFG_ROOT=/boot/efi/EFI/redhat
+		GRUB_CFG_ROOT=/boot/efi/EFI/almalinux
 	fi
 }
 
diff --git a/tests/unit/ssg-module/data/product.yml b/tests/unit/ssg-module/data/product.yml
index 540ab0181..191dde4ec 100644
--- a/tests/unit/ssg-module/data/product.yml
+++ b/tests/unit/ssg-module/data/product.yml
@@ -25,7 +25,7 @@ aux_pkg_version: "5a6340b3"
 release_key_fingerprint: "567E347AD0044ADE55BA8A5F199E2F91FD431D51"
 auxiliary_key_fingerprint: "7E4624258C406535D56D6F135054E4A45A6340B3"
 
-grub2_uefi_boot_path: "/boot/efi/EFI/redhat"
+grub2_uefi_boot_path: "/boot/efi/EFI/almalinux"
 
 cpes_root: "./applicability"
 cpes:
diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/config_and_current_same_time.pass.sh b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/config_and_current_same_time.pass.sh
index b607202c5..e1c44eba9 100644
--- a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/config_and_current_same_time.pass.sh
+++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/config_and_current_same_time.pass.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9
 # packages = crypto-policies-scripts
 
 # IMPORTANT: This is a false negative scenario.
diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/config_newer_than_current.fail.sh b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/config_newer_than_current.fail.sh
index e5b598342..1033ac9c2 100644
--- a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/config_newer_than_current.fail.sh
+++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/config_newer_than_current.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9
 # packages = crypto-policies-scripts
 
 update-crypto-policies --set "DEFAULT"
diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/missing_nss_config.fail.sh b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/missing_nss_config.fail.sh
index 7be3c82f3..903d545cf 100644
--- a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/missing_nss_config.fail.sh
+++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/missing_nss_config.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9
 # profiles = xccdf_org.ssgproject.content_profile_ospp
 # packages = crypto-policies-scripts
 
diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/missing_policy.fail.sh b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/missing_policy.fail.sh
index 261dc3f96..14162c91b 100644
--- a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/missing_policy.fail.sh
+++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/missing_policy.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9
 # profiles = xccdf_org.ssgproject.content_profile_ospp, xccdf_org.ssgproject.content_profile_standard
 # packages = crypto-policies-scripts
 
diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/missing_policy_file.fail.sh b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/missing_policy_file.fail.sh
index 356aa3ffe..d68c61790 100644
--- a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/missing_policy_file.fail.sh
+++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/missing_policy_file.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9
 # profiles = xccdf_org.ssgproject.content_profile_ospp, xccdf_org.ssgproject.content_profile_standard
 # packages = crypto-policies-scripts
 
diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/nss_config_as_file.pass.sh b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/nss_config_as_file.pass.sh
index 06bd713dd..7928814d2 100644
--- a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/nss_config_as_file.pass.sh
+++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/nss_config_as_file.pass.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9
 # profiles = xccdf_org.ssgproject.content_profile_ospp
 # packages = crypto-policies-scripts
 
diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/nss_config_as_symlink.pass.sh b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/nss_config_as_symlink.pass.sh
index 56a081eca..8038be94d 100644
--- a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/nss_config_as_symlink.pass.sh
+++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/nss_config_as_symlink.pass.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9
 # profiles = xccdf_org.ssgproject.content_profile_ospp
 # packages = crypto-policies-scripts
 
diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_default_cis_l1.pass.sh b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_default_cis_l1.pass.sh
index 10cb25593..bb78d0e64 100644
--- a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_default_cis_l1.pass.sh
+++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_default_cis_l1.pass.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9
 # profiles = xccdf_org.ssgproject.content_profile_cis_server_l1,xccdf_org.ssgproject.content_profile_cis_workstation_l1
 # packages = crypto-policies-scripts
 
diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_default_nosha1_set.pass.sh b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_default_nosha1_set.pass.sh
index a2107d146..d9c3f0b6a 100644
--- a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_default_nosha1_set.pass.sh
+++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_default_nosha1_set.pass.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9
 # profiles = xccdf_org.ssgproject.content_profile_e8
 # packages = crypto-policies-scripts
 
diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_default_set.pass.sh b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_default_set.pass.sh
index b06e035fa..6635de3dc 100644
--- a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_default_set.pass.sh
+++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_default_set.pass.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9
 # profiles = xccdf_org.ssgproject.content_profile_standard
 # packages = crypto-policies-scripts
 
diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_fips_ospp_set.pass.sh b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_fips_ospp_set.pass.sh
index 6679f94bd..df3b4781f 100644
--- a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_fips_ospp_set.pass.sh
+++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_fips_ospp_set.pass.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9
 # profiles = xccdf_org.ssgproject.content_profile_ospp
 # packages = crypto-policies-scripts
 
diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_future_cis_l2.pass.sh b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_future_cis_l2.pass.sh
index 116f6b676..01c2b1587 100644
--- a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_future_cis_l2.pass.sh
+++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_future_cis_l2.pass.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9
 # profiles = xccdf_org.ssgproject.content_profile_cis,xccdf_org.ssgproject.content_profile_cis_workstation_l2
 # packages = crypto-policies-scripts
 
diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/wrong_policy.fail.sh b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/wrong_policy.fail.sh
index 9461c3ddd..54a9e50d6 100644
--- a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/wrong_policy.fail.sh
+++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/wrong_policy.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9
 # profiles = xccdf_org.ssgproject.content_profile_ospp, xccdf_org.ssgproject.content_profile_standard
 # packages = crypto-policies-scripts
 
diff --git a/tests/unit/ssg_test_suite/data/correct.pass.sh b/tests/unit/ssg_test_suite/data/correct.pass.sh
index 5a2bc1005..c3dfe6dce 100644
--- a/tests/unit/ssg_test_suite/data/correct.pass.sh
+++ b/tests/unit/ssg_test_suite/data/correct.pass.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = sudo,authselect
-# platform = multi_platform_rhel,Fedora
+# platform = multi_platform_rhel,multi_platform_almalinux,Fedora
 # profiles = xccdf_org.ssgproject.content_profile_cis
 # check = oval
 # remediation = none
diff --git a/utils/ansible_playbook_to_role.py b/utils/ansible_playbook_to_role.py
index e3c4bc4ae..5c2e3176e 100755
--- a/utils/ansible_playbook_to_role.py
+++ b/utils/ansible_playbook_to_role.py
@@ -65,6 +65,7 @@ yaml.add_constructor(_mapping_tag, dict_constructor)
 PRODUCT_ALLOWLIST = set([
     "rhel8",
     "rhel9",
+    "almalinux8",
 ])
 
 PROFILE_ALLOWLIST = set([