Hi I read the posting in https://github.com/ComplianceAsCode/content/discussions/6669, and was hoping I might ask a few questions about openscap.
I was hoping to be able to use oscap and the DISA STIG for SUSE Linux Enterprise 12 profile in the scap-security-guide to automate the SLES 12 STIG hardening of our SLES-based product. I just learned about OpenSCAP last week, so I've spent a bunch of time reading and learning. I'm really encouraged by the obvious professionalism of OpenSCAP, and by the number of SLES 12 STIG rules that have already been implemented. Alas for me, I've found ~32 rules that have not yet been implemented (according to my search of https://static.open-scap.org/ssg-guides/ssg-sle12-guide-index.html) that my product needs to fix in our product. I'm trying to figure out both (1) are there additional rule implementations beyond what I'm seeing in https://static.open-scap.org/ssg-guides/ssg-sle12-guide-index.html and (2) how can I contribute by writing additional rule implementations? Thoughts on these questions, please! Thanks tl Terry Lemons [DellEMC_Logo_Hz_Blue_rgb_10percent] Data Management Infrastructure Solutions Group 176 South Street, MS 2/B-34 Hopkinton MA 01748 terry.lem...@dell.com<mailto:terry.lem...@dell.com>
_______________________________________________ Open-scap-list mailing list Open-scap-list@redhat.com https://listman.redhat.com/mailman/listinfo/open-scap-list
