Hard to believe it's been a year. I was drawn off to other things but I'm back and I still want waivers ;)
Ideally, I'd like to have a yaml file (easy for an AO to read) that contains waivers (rule IDs and explanations) and an additional column on the results.html so there would be: | Group | Severity | Baseline | Result | ...where Baseline would be the (ultimately NIST certified) Baseline, and Result would be (ideally) all Green after application of the waivers. Has any additional work or thought gone into this? There are a lot of good ideas in this thread (Scaptimony, Ruby wrapper, OpenSCAP tailoring files, ...) -- is anything mature enough that I can use on my RHEL7 instances now? Thanks, =Fen On Thu, Apr 9, 2015 at 1:25 PM, Shawn Wells <[email protected]> wrote: > > > On 4/9/15 5:52 AM, Greg Elin wrote: > >> You may have convinced me Simon that writings preserve the discussion >> better. >> >> That said, I would like to discuss that I think some live demos and q&a's >> preserved on video would speed adoption and understanding. >> > There's been some talk of doing a 1-2x/month community call where we share > things like: > > - Show & Tell of latest code sprints (e.g. what's the latest from > SCAPtimony and Workbench?) > - Blockers on any pending SSG content (new profiles being written, > requests for help) > - General discussions (requests for recorded videos, whitepapers, upcoming > conferences) > > Does such a thing make sense? It's easy to host if there's interest. > > > _______________________________________________ > Open-scap-list mailing list > [email protected] > https://www.redhat.com/mailman/listinfo/open-scap-list > -- Fen Labalme, CISO at CivicActions.com Security | Quality | DevOps mobile: 412-996-4113 github/skype/twitter: openprivacy
_______________________________________________ Open-scap-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/open-scap-list
