On 5/14/18 7:26 PM, Geoffry Roberts wrote:
A few weeks ago I saw a thread or two where some were seeking a means
of analyzing large volumes of SCAP result sets.
I'd like to ask the community as to what extent this represents a
problem?
People I know who are using SCAP are scanning on a small scale and can
read the results manually. It makes sense to me that as volumes rise
some form automation would be in order.
What say ye?
My own work revolves around containers these days. Scan results are
ephemeral. Once the scan is complete (and passed) the CI/CD moves on.
Outputs (container images) are immutable. No need to continuously rescan
them or keep stale records around.
For lots of legacy virtualization workloads, something like Satellite,
Tenable, or even ePO, is used to aggregate the scans over time.
_______________________________________________
Open-scap-list mailing list
Open-scap-list@redhat.com
https://www.redhat.com/mailman/listinfo/open-scap-list
