On 12/16/13, 10:44 PM, Shawn Wells wrote:
On 12/16/13, 4:07 PM, Eric Smith wrote:
On 12/16/2013 04:00 PM, Kordell, Luke T wrote:
Hello,
Is there a flag or setting that can be changed to include the
NIST 800-53 number on SCAP scan output or guide generation in-place
of the CCE number? I know the guides contain a reference to the NIST
800-53 pdf file but it doesn't appear to list the control it satisfies.
They're included in the guide, e.g.:
http://people.redhat.com/swells/scap-security-guide/RHEL6/output/rhel6-guide-custom.html#sshd_use_approved_ciphers
Maps back to IA-5(1)(c), AU-10(5), etc.
Also, FWIW, inclusion of the NIST mappings within SCAP output files goes
against the results specification, which is why they haven't been included.
Hi Luke,
I wrote a python script recently that can post process your results
to include the NIST 800-53 security controls in addition to the CCE
number. Let me know if you want I'll send you a copy of the script.
That'd be omgz awesome. Could you share with the list?
--
Shawn Wells
Director, Innovation Programs
[email protected] | 443.534.0130
@shawndwells
_______________________________________________
scap-security-guide mailing list
[email protected]
https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
