The workbench was one of the reason I signed up for a RHEL subscription... Greg Elin P: 917-304-3488 E: grege...@gitmachines.com
Sent from my iPhone > On Sep 19, 2014, at 11:04 AM, Shawn Wells <sh...@redhat.com> wrote: > > >> On 9/18/14, 5:31 AM, Chen, Wei (Contractor)(CFPB) wrote: >> " A profile is just statement about a set of controls: a collection of >> controls plus variable settings." >> >> That brings up another important point regarding the controls. How would >> one configure the organizational defined values and feed it to the >> benchmark? Obviously, if the profiles are meant to be generic, the values >> can't be hardcoded in the OVAL file. You can setup the benchmark like USGCB >> content that allows default values to be overridden with external variables, >> but it is not as straight forward as one would like. Perhaps another >> shorthand XML that takes in organizational values or simply rebuild the SSG >> content with custom values? > > There are certainly those that clone SSG and rebuild RPMs for > distributing on their networks. I think this is largely an artifact of > when SSG wasn't shipping natively in RHEL, and a practice that most > certainly came about before SCAP Workbench was developed. > > Check out SCAP Workbench. It provides a GUI tool to tailor your source > content (e.g. SSG) and then refine selected rules and values. > -- > SCAP Security Guide mailing list > scap-security-guide@lists.fedorahosted.org > https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide > https://github.com/OpenSCAP/scap-security-guide/ -- SCAP Security Guide mailing list scap-security-guide@lists.fedorahosted.org https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide https://github.com/OpenSCAP/scap-security-guide/
