On 2/12/14, 7:02 PM, Lee Kinser wrote:
Hey guys,
I just wanted to send out a quick hello to the list in hopes of getting to know
some of you. I'm part of one of our security teams inside of Red Hat and am
looking to do what I can to help expand on remediation content inside of SSG.
I've worked for years in Government spaces, so my experience and interest is
primarily around STIG content... I'd love to get SSG to a point where we can
scan and remediate essentially everything that can possibly be automated inside
of the STIG. I just might need some help from you guys in getting started.:)
First question, what's the format for remediation content? It appears that
everything is held under ./scap-security-guide/RHEL/6/input/fixes/bash, but
since they're named with words instead of finding ID, I'm a bit unsure as to
how to map them to requirements in the policy... anyone have any tips there?
How about how to add new fixes? Writing the BASH content is the easy part, I
just need to know how to incorporate it into the SSG.
Thanks for the help!
Hey Lee! Remediation came up in another thread, but wanted to wrap back
around here. Were you able to link things together?
_______________________________________________
scap-security-guide mailing list
[email protected]
https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
