BTW, to get to those numbers I compared the number of implemented rules in files https://github.com/OpenSCAP/scap-security-guide/blob/master/RHEL/7/profiles/stig-rhel7-disa.xml and https://github.com/OpenSCAP/scap-security-guide/blob/master/RHEL/6/profiles/stig-rhel6-server-upstream.xml to https://iase.disa.mil/stigs/os/unix-linux/Pages/red-hat.aspx.
Regards Wesley ----- Original Message ----- From: "Wesley Ceraso Prudencio" <[email protected]> To: "Anh (TA) Vo" <[email protected]> Cc: [email protected] Sent: Tuesday, September 5, 2017 10:38:30 AM Subject: Re: [Open-scap] [open-scap] scan percentage with respect to rules specified by STIG Hi Anh Vo I'm not an expert, but if I got it right, we currently cover approximately 85% of STIG rules for RHEL7 and 23% for RHEL6. Regards Wesley ----- Original Message ----- From: "Anh (TA) Vo" <[email protected]> To: [email protected] Sent: Sunday, September 3, 2017 5:45:03 PM Subject: [Open-scap] [open-scap] scan percentage with respect to rules specified by STIG Hi Group, I recently joined the group. In addition, I am totally a newbie. I would like to know what percentage the scanner can cover the rules specified by STIG in general and with respect to RHEL 6/7. My colleague told me that the scanner can cover about 65%. It seems low. Therefore, I would like to ask the experts for sure. Thank you very much. Anh Vo _______________________________________________ Open-scap-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/open-scap-list _______________________________________________ Open-scap-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/open-scap-list _______________________________________________ Open-scap-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/open-scap-list
