[Open-scap] IR7831 Remediation in OpenSCAP

Kent_Landfield at mcafee.com Kent_Landfield at mcafee.com
Mon Mar 25 13:32:52 UTC 2013 

While I have no problem with wanting to advance CRE, it is far from something that will be available worldwide. CRE is not much more than a pipe dream at this point. It was a draft idea that has been around for years and has not gone far.

I commend the open-scap effort for expanding the remediation capabilities of XCCDF and hope that shortly they can be introduced into the actual XCCDF specification so they can be adopted as a part of any SCAP developed component.  Remediation has been a problem for the community and sometimes it just takes an example of how it can be done within the existing specifications to break the logjam.

This is the beginning, not the end of effort I hope.  But just making a CRE entry will not make your solution available worldwide.

Kent Landfield

McAfee | An Intel Company
Direct: +1.972.963.7096
Mobile: +1.817.637.8026
Web: www.mcafee.com<http://www.mcafee.com/>

From: "david.oliva at verizon.net<mailto:david.oliva at verizon.net>" <david.oliva at verizon.net<mailto:david.oliva at verizon.net>>
Date: Monday, March 25, 2013 8:04 AM
To: "shawn at redhat.com<mailto:shawn at redhat.com>" <shawn at redhat.com<mailto:shawn at redhat.com>>, "Open-scap-list at redhat.com<mailto:Open-scap-list at redhat.com>" <Open-scap-list at redhat.com<mailto:Open-scap-list at redhat.com>>
Subject: [Open-scap] IR7831 Remediation in OpenSCAP

Shawn and all:

I really like to see an interest in remediation.

If you were to post this particular remediation in the CRE (IR 7831) standard, your entry would probably look something like this


ID


cre:isimluk.livejournal.com:2013-1


Platform


cpe:2.3:o:linux:redhat:*:*:*:*:*:*:*:*




This would make your solution available worldwide.

What do you all think?

David Oliva
On 03/24/13, Shawn Wells<shawn at redhat.com<mailto:shawn at redhat.com>> wrote:

On 3/22/13 4:05 PM, Simon Lukasik wrote:
> Hello OpenSCAPers,
>
> Recently, we have added remediation processing into OpenSCAP. I have
> written few notes at
>
> http://isimluk.livejournal.com/3573.html
>
> for those of you interested in the automated remediation and xccdf:fix
> processing.
>
> Have a nice weekend!

Nice writeup, and gives us something to point people to. Thank you!

_______________________________________________
Open-scap-list mailing list
Open-scap-list at redhat.com<mailto:Open-scap-list at redhat.com>
https://www.redhat.com/mailman/listinfo/open-scap-list
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/open-scap-list/attachments/20130325/d6bec780/attachment.htm>

More information about the Open-scap-list mailing list