> On Oct 12, 2016, at 12:38 PM, Dan White <d_e_wh...@icloud.com> wrote:
> Nice list.
> Waiting for other responses.
> Dan White | d_e_wh...@icloud.com
> “Sometimes I think the surest sign that intelligent life exists elsewhere in
> the universe is that none of it has tried to contact us.” (Bill Waterson:
> Calvin & Hobbes)
> On Oct 12, 2016, at 12:13 PM, Olivier BONHOMME <obonho...@nerim.net> wrote:
>> Hello the list,
>> I made that little sheet
>> https://hosting.ptitoliv.net/owncloud/index.php/s/ZUIwPiXXfvqntA6 where I
>> to map DISA STIG rules against openscap rules located into input/xccdf
>> I found there were several rules (63) which didn't have a declared OpenSCAP
>> rule stigid reference but that actually had a matching rule. So I put in
>> on these rules a matching OpenSCAP rule.
>> You can show these rules in the sheet using the following filter :
>> * Matching rule status : Checked by OB
>> * Potential OSCAP Matching rule : Everything except "Not Available"
>> Do you think it is relevant ? If it is, would you accept some PR in order to
>> update the stigid reference for these rules.
>> I also detected 76 DISA Rules without any matching test. Is it planned from
>> scap-security-guide project to create new rules in order to have a complete
>> almost complete) coverage against DISA Stig XCCF ?
>> Thanks for your answers
Thank you for doing this! Patches that map RHEL-07-* identifiers to SSG rules
would be awesome.
Intent is definitely to have full coverage. Viewing from cell phone now, so a
bit hard to identify which rules are in DISA edition but not in SSG.
>> Olivier Bonhomme
> scap-security-guide mailing list -- firstname.lastname@example.org
> To unsubscribe send an email to
scap-security-guide mailing list -- email@example.com
To unsubscribe send an email to scap-security-guide-le...@lists.fedorahosted.org