Shawn, For those of still on the learning curve in this area, could you explain how this announcement impacts everything? I'd be happy to put together a blog post / tutorial for GovReady to explain.
DISA updates RHEL 6 STIG (Security Technical Implementation Guide). What's upstream and downstream from each other? Where does a person go to get *started* with the STIG? Where does a person go to *update* their work, how do you update? What does the OVAL integration really mean? How does a person take advantage of it? How does STIG impact USG baselines? What is the relationship to other baselines like the CIS baselines? Greg Elin personal cell: 917-304-3488 personal email: [email protected] email: [email protected] On Mon, May 19, 2014 at 10:48 PM, Shawn Wells <[email protected]> wrote: > This morning DISA FSO released an update against the Red Hat Enterprise > Linux 6 STIG. > > - Clarifying language on contentious requirements; > - For customers performing manual system verification, there's been a > focus on properly documenting pass/fail tests; > - A few dozen bug fixes; > - Now includes OVAL automation; > - Release notes clearly indicate SSG as upstream consensus content! :) > > Official content can be found on the DISA FSO website: > http://iase.disa.mil/stigs/os/unix/red_hat.html > > I put a note out on social media for those (like myself) who didn't > receive FSO's EMail. Feel free to help pass the word! > > LinkedIn: > http://linkd.in/1jjQwtV > > Or twitter: > http://bit.ly/1kjLDBp > > > > _______________________________________________ > scap-security-guide mailing list > [email protected] > https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide >
_______________________________________________ scap-security-guide mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
