Hi, I wanted show off some of the features that are unique to SecState and are very relevant to this project. All of you are likely familiar with oscap. This tool is great if your use case includes interpreting entire sets of content described in a profile. However, if you want to tweak a profile you must adjust the XML by hand. SecState is capable of content management. You can cherry pick elements relevant to your environment.
What follows is an example of using SecState for the purpose. First you import a profile (thanks to SSG for the content!): # secstate import /usr/local/scap-security-guide/RHEL6/output/rhel6-xccdf-scap-security-guide.xml Next you disable content you don't want to interpret. This is great when you want to enter a continuous monitoring mode and you want to trim down the result sets. # secstate select -r RHEL-6 intro Then you run the audit: # secstate audit Remediate the findings (thanks to Aqueduct for the content!). # secstate remediate -y I would recommend re-running the audit to ensure the findings are fixed: # secstate audit The reports it generates can be seen here: http://oss.tresys.com/spencer/audit-localhost.localdomain-Sun-July-15-23_03_36-2012KZQm9N/RHEL-6.results.html I've uploaded some packages from CLIP here and created a yum repo: http://oss.tresys.com/files/clip/secstate-ssg-aqueduct-alpha/ My rationale for this email is that I need others, particularly those developing SCAP content, to use and advocate the use of this tool. It provides a great feature set not available in other tools. Thanks, --Spencer _______________________________________________ scap-security-guide mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
