Hi, Currently 4 rules that can be automated are not yet upstream, should hopefully be done in the next weeks.
Ciao, Marcus On Tue, May 18, 2021 at 02:32:36PM +0000, Lemons, Terry wrote: > Internal Use - Confidential > > Hi Marcus > > Thanks very much for the reply. This is great news! > > What is the target date for completing the implementation of the automatable > SLES 12 STIG rules? > > Thanks! > tl > > -----Original Message----- > From: Marcus Meissner <meiss...@suse.de> > Sent: Tuesday, May 18, 2021 9:55 AM > To: Lemons, Terry > Cc: open-scap-list@redhat.com > Subject: Re: [Open-scap] Question on openscap development > > > [EXTERNAL EMAIL] > > Hi Terry, > > On Mon, May 17, 2021 at 07:45:33PM +0000, Lemons, Terry wrote: > > Hi > > > > I read the posting in > > https://urldefense.com/v3/__https://github.com/ComplianceAsCode/content/discussions/6669__;!!LpKI!1VWQqY15WMaCNaDCjiU2AK-78iV1JV3TCNiYEaqvPXV9U6lBa_TPWgBCVq-fueyd$ > > [github[.]com], and was hoping I might ask a few questions about openscap. > > > > I was hoping to be able to use oscap and the DISA STIG for SUSE Linux > > Enterprise 12 profile in the scap-security-guide to automate the SLES 12 > > STIG hardening of our SLES-based product. I just learned about OpenSCAP > > last week, so I've spent a bunch of time reading and learning. I'm really > > encouraged by the obvious professionalism of OpenSCAP, and by the number of > > SLES 12 STIG rules that have already been implemented. > > > > Alas for me, I've found ~32 rules that have not yet been implemented > > (according to my search of > > https://urldefense.com/v3/__https://static.open-scap.org/ssg-guides/ssg-sle12-guide-index.html__;!!LpKI!1VWQqY15WMaCNaDCjiU2AK-78iV1JV3TCNiYEaqvPXV9U6lBa_TPWgBCVqygBBs3$ > > [static[.]open-scap[.]org]) that my product needs to fix in our product. > > I'm trying to figure out both (1) are there additional rule implementations > > beyond what I'm seeing in > > https://urldefense.com/v3/__https://static.open-scap.org/ssg-guides/ssg-sle12-guide-index.html__;!!LpKI!1VWQqY15WMaCNaDCjiU2AK-78iV1JV3TCNiYEaqvPXV9U6lBa_TPWgBCVqygBBs3$ > > [static[.]open-scap[.]org] and (2) how can I contribute by writing > > additional rule implementations? > > > > Thoughts on these questions, please! > > SUSE is actively working on integrating all STIG rules from the SLE12 and the > SLE15 STIG into ComplianceAsCode. > > The last scap-security-guide release still lacked a very small number of SLES > 12 rules, these are being added for the next release. > > Not all rules in the STIG can however be automated, so there will be some > that still need to be checked manually. > > Ciao, Marcus > _______________________________________________ Open-scap-list mailing list Open-scap-list@redhat.com https://listman.redhat.com/mailman/listinfo/open-scap-list
