Well, that seems exactly like what we're talking about... Nice work Jerome!
Trevor On Fri, Feb 2, 2018 at 2:46 AM, Jerome Athias <athiasjer...@gmail.com> wrote: > In case of interest https://github.com/athiasjerome/XORCISM > Models are SQL representations of CVE, CWE, CAPEC, OVAL, etc. > Plugins/Connectors exchange information with various tools (APIs/formats) > to normalize the data in a central way. Making it easy to retrieve and > export in your preferred format > > Comments welcome > > Regards > > On Fri 2 Feb 2018 at 04:19, Trevor Vaughan <tvaug...@onyxpoint.com> wrote: > >> Fen, >> >> This might help if you want to get started with XCCDF XSLT processing >> https://github.com/simp/NIST-800-18-SSP_Template/ >> tree/master/docs/references/controls/nist800-53rev4 >> >> There are already the splits for outputting the HIGH/MODERATE/LOW 800-53 >> controls. >> >> It outputs RST but it should be easy enough to swap those parts out to >> pretty much anything. >> >> Patches/feedback most welcome! >> >> Thanks, >> >> Trevor >> >> On Thu, Feb 1, 2018 at 5:37 PM, Fen Labalme <fen.laba...@civicactions.com >> > wrote: >> >>> Would love some XSLT files for parsing the XML files nicely (I've been >>> wanting this, but am not an XSLT sorta guy). If the transform included >>> name, CVE, perhaps RMF controls and result, well, that would be a great >>> start. >>> >>> Had not seen wuzah - looks awesome. I don't need the PCI DSS but rather >>> the RMF low/mod controls, and I use Graylog instead of ELK, but these >>> should be straightforward issues to resolve. (And if resolved, can >>> contribute the patches - I love open source!) >>> >>> =Fen >>> >>> >>> On Thu, Feb 1, 2018 at 4:01 PM, Luke Salsich <luke.sals...@gmail.com> >>> wrote: >>> >>>> ... >>>> All of this is to say maybe a first step would be to write some XSLT >>>> files for MariaDB and Postgre and then see where that goes? someone could >>>> use that to then start an API, etc. >>>> >>>> I also did want to mention the really great work the people at Wazuh >>>> have done in adding Open-Scap data to their OSSEC fork which then outputs >>>> data into elasticsearch / Kibana dashboards really nicely. I will continue >>>> to use their product gratefully, but as I say - I'm looking for data which >>>> I can query without having to master Lucene to get data out of >>>> Elasticsearch. >>>> >>>> http://wazuh.com >>>> https://documentation.wazuh.com/current/user-manual/ >>>> capabilities/policy-monitoring/openscap/index.html >>>> >>>> >>>> On Thu, Feb 1, 2018 at 1:20 PM, Fen Labalme < >>>> fen.laba...@civicactions.com> wrote: >>>> >>>>> ... >>>>> I like https://osquery.io/ (open source at: >>>>> https://github.com/facebook/osquery) >>>>> >>>>> Also consider InSpec (https://github.com/chef/inspec) - though >>>>> created by/for Chef, it's entirely self-contained. OpenSCAP integrating >>>>> with either/both of these would be awesome. >>>>> >>>> >>> _______________________________________________ >>> scap-security-guide mailing list -- scap-security-guide@lists. >>> fedorahosted.org >>> To unsubscribe send an email to scap-security-guide-leave@ >>> lists.fedorahosted.org >>> >>> >> >> >> -- >> Trevor Vaughan >> Vice President, Onyx Point, Inc >> (410) 541-6699 x788 <(410)%20541-6699> >> >> -- This account not approved for unencrypted proprietary information -- >> _______________________________________________ >> scap-security-guide mailing list -- scap-security-guide@lists. >> fedorahosted.org >> To unsubscribe send an email to scap-security-guide-leave@ >> lists.fedorahosted.org >> > > _______________________________________________ > scap-security-guide mailing list -- scap-security-guide@lists. > fedorahosted.org > To unsubscribe send an email to scap-security-guide-leave@ > lists.fedorahosted.org > > -- Trevor Vaughan Vice President, Onyx Point, Inc (410) 541-6699 x788 -- This account not approved for unencrypted proprietary information --
_______________________________________________ scap-security-guide mailing list -- scap-security-guide@lists.fedorahosted.org To unsubscribe send an email to scap-security-guide-le...@lists.fedorahosted.org