Good day. I am trying to apply current RHEL7 STIG guidance to AWS EC2 instances and have run into issues. Could someone check my conclusions below and let me know if I missed something?
- OpenSCAP doesn't yet support RHEL7 STIG V2R6 in its in-tree code (including remediation code) - The NIST NCP for RHEL7 from https://github.com/ComplianceAsCode/content/tree/master/rhel7 doesn't yet include STIG V2R4 remediations - The actual DISA RHEL7 STIG XCCDF file does not include fixes, such that OpenSCAP could use it to generate remediation scripts - https://github.com/MindPointGroup/RHEL7-STIG is probably the best RHEL7 STIG remediation script that's publicly available Thanks for any corrections, -- Jeff Bachtel Senior Cloud Ops Developer, IronNet -- This message is intended exclusively for the individual(s) or entity to which it is addressed. It may contain information that is privileged or otherwise legally exempt from disclosure. If you are not the named addressee, you are not authorized to read, print, retain, copy or disseminate this message or any part of it. If you have received this message in error, please notify the sender immediately by e-mail and delete all copies of the message. Any digital signatures or certifications transmitted with this email are for sender verification purposes only and have not been included in this email for the purposes of binding the company to any statement or attachment made herein or for any other purpose.
_______________________________________________ scap-security-guide mailing list -- scap-security-guide@lists.fedorahosted.org To unsubscribe send an email to scap-security-guide-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/scap-security-guide@lists.fedorahosted.org
