Well, that seems exactly like what we're talking about...

Nice work Jerome!

Trevor

On Fri, Feb 2, 2018 at 2:46 AM, Jerome Athias <athiasjer...@gmail.com>
wrote:

> In case of interest https://github.com/athiasjerome/XORCISM
> Models are SQL representations of CVE, CWE, CAPEC, OVAL, etc.
> Plugins/Connectors exchange information with various tools (APIs/formats)
> to normalize the data in a central way. Making it easy to retrieve and
> export in your preferred format
>
> Comments welcome
>
> Regards
>
> On Fri 2 Feb 2018 at 04:19, Trevor Vaughan <tvaug...@onyxpoint.com> wrote:
>
>> Fen,
>>
>> This might help if you want to get started with XCCDF XSLT processing
>> https://github.com/simp/NIST-800-18-SSP_Template/
>> tree/master/docs/references/controls/nist800-53rev4
>>
>> There are already the splits for outputting the HIGH/MODERATE/LOW 800-53
>> controls.
>>
>> It outputs RST but it should be easy enough to swap those parts out to
>> pretty much anything.
>>
>> Patches/feedback most welcome!
>>
>> Thanks,
>>
>> Trevor
>>
>> On Thu, Feb 1, 2018 at 5:37 PM, Fen Labalme <fen.laba...@civicactions.com
>> > wrote:
>>
>>> Would love some XSLT files for parsing the XML files nicely (I've been
>>> wanting this, but am not an XSLT sorta guy). If the transform included
>>> name, CVE, perhaps RMF controls and result, well, that would be a great
>>> start.
>>>
>>> Had not seen wuzah - looks awesome. I don't need the PCI DSS but rather
>>> the RMF low/mod controls, and I use Graylog instead of ELK, but these
>>> should be straightforward issues to resolve. (And if resolved, can
>>> contribute the patches - I love open source!)
>>>
>>> =Fen
>>>
>>>
>>> On Thu, Feb 1, 2018 at 4:01 PM, Luke Salsich <luke.sals...@gmail.com>
>>> wrote:
>>>
>>>> ...
>>>> All of this is to say maybe a first step would be to write some XSLT
>>>> files for MariaDB and Postgre and then see where that goes? someone could
>>>> use that to then start an API, etc.
>>>>
>>>> I also did want to mention the really great work the people at Wazuh
>>>> have done in adding Open-Scap data to their OSSEC fork which then outputs
>>>> data into elasticsearch / Kibana dashboards really nicely. I will continue
>>>> to use their product gratefully, but as I say - I'm looking for data which
>>>> I can query without having to master Lucene to get data out of
>>>> Elasticsearch.
>>>>
>>>> http://wazuh.com
>>>> https://documentation.wazuh.com/current/user-manual/
>>>> capabilities/policy-monitoring/openscap/index.html
>>>>
>>>>
>>>> On Thu, Feb 1, 2018 at 1:20 PM, Fen Labalme <
>>>> fen.laba...@civicactions.com> wrote:
>>>>
>>>>> ...
>>>>> I like https://osquery.io/ (open source at:
>>>>> https://github.com/facebook/osquery)
>>>>>
>>>>> Also consider InSpec (https://github.com/chef/inspec) - though
>>>>> created by/for Chef, it's entirely self-contained. OpenSCAP integrating
>>>>> with either/both of these would be awesome.
>>>>>
>>>>
>>> _______________________________________________
>>> scap-security-guide mailing list -- scap-security-guide@lists.
>>> fedorahosted.org
>>> To unsubscribe send an email to scap-security-guide-leave@
>>> lists.fedorahosted.org
>>>
>>>
>>
>>
>> --
>> Trevor Vaughan
>> Vice President, Onyx Point, Inc
>> (410) 541-6699 x788 <(410)%20541-6699>
>>
>> -- This account not approved for unencrypted proprietary information --
>> _______________________________________________
>> scap-security-guide mailing list -- scap-security-guide@lists.
>> fedorahosted.org
>> To unsubscribe send an email to scap-security-guide-leave@
>> lists.fedorahosted.org
>>
>
> _______________________________________________
> scap-security-guide mailing list -- scap-security-guide@lists.
> fedorahosted.org
> To unsubscribe send an email to scap-security-guide-leave@
> lists.fedorahosted.org
>
>


-- 
Trevor Vaughan
Vice President, Onyx Point, Inc
(410) 541-6699 x788

-- This account not approved for unencrypted proprietary information --
_______________________________________________
Open-scap-list mailing list
Open-scap-list@redhat.com
https://www.redhat.com/mailman/listinfo/open-scap-list

Reply via email to