On Fri, Jul 21, 2017 at 09:49:14PM -0400, Yonas Yanfa wrote: > On 07/21/2017 20:17, Joey Kelly wrote: > > On Friday 21 July 2017 19:21:10 Yonas Yanfa wrote: > > > Hi, > > > > > > Is there anything like OpenSCAP for FreeBSD? > > If it's a matter of selecting an XML profile, then surely one can be crafted > > for any OS you choose. > > > > Yes, and it shouldn't be too hard to port this to FreeBSD, but possibly time > consuming. > > The benefit of porting it is that they already have a lot of security > policies <https://www.open-scap.org/security-policies/> written (eg. USGCB, > PCI DSS). Scanning and remedying Linux and FreeBSD systems for > vulnerabilities could be done using the same XML file. Also, you can use > their installer plugin > <https://www.open-scap.org/tools/oscap-anaconda-addon/> to set security > profiles during install.
I'll get in touch with some of my coworkers, who were instrumental in the creation of SCAP. I'll get their thoughts on LoE for porting to FreeBSD. Depending on their schedules, my response may be delayed. Thanks, -- Shawn Webb Cofounder and Security Engineer HardenedBSD GPG Key ID: 0x6A84658F52456EEE GPG Key Fingerprint: 2ABA B6BD EF6A F486 BE89 3D9E 6A84 658F 5245 6EEE
signature.asc
Description: PGP signature
