[Open-scap] Blog post about XCCDF Tailoring
Martin Preisler
mpreisle at redhat.com
Wed Nov 20 10:14:40 UTC 2013
Hi,
> As an idea:
>
> The SSG community works with the U.S. Military to form something called
> the Security Technical Implementation Guide for RHEL6 (aka, RHEL6 STIG).
> Configuration settings reflect DoD CIO approved settings. Individual
> commands, such as the Army, are able to refine these controls within
> reason (e.g. increase password length requirements for U.S. Army systems).
>
> IMO, it would be very useful to demonstrate loading the core SSG
> content, adjusting refine-values, and saving a custom XCCDF.
Definitely a good idea. I am currently working on improving documentation
for scap-workbench. The plan is to first document the few core use-cases
and then go over some of the details that are not commonly used.
One of the use cases will be using SSG content to tailor and scan.
I'll let you know once I have something and would appreciate a review.
--
Martin Preisler
More information about the Open-scap-list
mailing list