On 06. 03. 20 17:36, Trevor Vaughan wrote:
This sounds roughly like reinventing OSCAL.
You are right that this is addressed by OSCAL. However, due to the
complexity of OSCAL, we will probably propose introduction only of its
subset to the ComplianceAsCode project. So in other words, we are aware
of OSCAL, we don't want to reinvent the wheel, and at the same time we
don't intend to go full OSCAL all at once.
On Fri, Mar 6, 2020 at 11:35 AM Matěj Týč <ma...@redhat.com
<mailto:ma...@redhat.com>> wrote:
Hello Ben,
...
... Having the concept of security controls emphasized in the
build system would allow us to produce tables that are grouped in
a smarter way, as well as a better overview of what security
controls exist but are not implemented by the profile, or what
controls are not SCAP-applicable at all.
...
On 04. 03. 20 15:18, Benjamin P Segal wrote:
...
_______________________________________________
Open-scap-list mailing list
Open-scap-list@redhat.com <mailto:Open-scap-list@redhat.com>
https://www.redhat.com/mailman/listinfo/open-scap-list
--
Trevor Vaughan
Vice President, Onyx Point, Inc
(410) 541-6699 x788
-- This account not approved for unencrypted proprietary information --
_______________________________________________
Open-scap-list mailing list
Open-scap-list@redhat.com
https://www.redhat.com/mailman/listinfo/open-scap-list
