Respected Madam / Sir, I am referring the following url to know about open-scap and Ubuntu secure configuration. https://static.open-scap.org/ssg-guides/ssg-ubuntu1604-guide-anssi_np_nt28_average.html
I have one query : 1. At present, the severities are labelled as unknown, low, medium and high. a) Is there any mechanism or logic, which will quantify these severity levels. e.g. low : 0 to < 3, medium : 3 to < 6 and high : 6 to 9 (as given in OWASP - Owasp risk rating methodology. https://www.owasp.org/index.php/OWASP_ Risk_Rating_Methodolog) b) If yes, requesting you share the information / document / url with me. Your guidance is vital to me - waiting for the reply. Thanks & Regards Harshad
_______________________________________________ Open-scap-list mailing list Open-scap-list@redhat.com https://www.redhat.com/mailman/listinfo/open-scap-list