Shawn Wells
> On Oct 12, 2016, at 12:38 PM, Dan White <d_e_wh...@icloud.com> wrote:
> 
> Nice list.
> Waiting for other responses.
> Dan White | d_e_wh...@icloud.com
> ------------------------------------------------
> “Sometimes I think the surest sign that intelligent life exists elsewhere in 
> the universe is that none of it has tried to contact us.”  (Bill Waterson: 
> Calvin & Hobbes)
> 
> On Oct 12, 2016, at 12:13 PM, Olivier BONHOMME <obonho...@nerim.net> wrote:
> 
>> Hello the list,
>> 
>> I made that little sheet
>> https://hosting.ptitoliv.net/owncloud/index.php/s/ZUIwPiXXfvqntA6 where I 
>> tried
>> to map DISA STIG rules against openscap rules located into input/xccdf
>> directory.
>> 
>> I found there were several rules (63) which didn't have a declared OpenSCAP
>> rule stigid reference but that actually had a matching rule. So I put in 
>> front
>> on these rules a matching OpenSCAP rule.
>> 
>> You can show these rules in the sheet using the following filter : 
>> * Matching rule status : Checked by OB
>> * Potential OSCAP Matching rule : Everything except "Not Available"
>> 
>> Do you think it is relevant ? If it is, would you accept some PR in order to
>> update the stigid reference for these rules.
>> 
>> I also detected 76 DISA Rules without any matching test. Is it planned from
>> scap-security-guide project to create new rules in order to have a complete 
>> (or
>> almost complete) coverage against DISA Stig XCCF ?
>> 
>> Thanks for your answers

Thank you for doing this! Patches that map RHEL-07-* identifiers to SSG rules 
would be awesome. 

Intent is definitely to have full coverage. Viewing from cell phone now, so a 
bit hard to identify which rules are in DISA edition but not in SSG.


>> 
>> Regards,
>> Olivier Bonhomme
>> _______________________________________________
> _______________________________________________
> scap-security-guide mailing list -- scap-security-guide@lists.fedorahosted.org
> To unsubscribe send an email to 
> scap-security-guide-le...@lists.fedorahosted.org
_______________________________________________
scap-security-guide mailing list -- scap-security-guide@lists.fedorahosted.org
To unsubscribe send an email to scap-security-guide-le...@lists.fedorahosted.org

Reply via email to