Thanks Shawn, I have used NIST content validation and realized the test
passed for ssg-rhel6-ds.xml (downloaded from
https://github.com/ComplianceAsCode/content/releases/download/v0.1.43/scap-security-guide-0.1.43-oval-510.zip)
However Nessus SCAP scanning gives error as "Default namespace not foun
Would need to understand where the content is coming from. Perhaps
scap-security-guide in RHEL, and if so, what RHEL and SSG version?
Note red hat doesn’t publish rhel6 content in the National Checklist Program
since rhel6 is out of active maintenance:
https://nvd.nist.gov/ncp/repository?author
Hi,
I have no idea. Does Nessus have any "verbose" mode to get more
helpful error message?
Including scap-security-guide list in this conversation because there
might be people familiar with using SSG with Nessus.
Regards
On Mon, Apr 29, 2019 at 4:54 PM Riaz Ebrahim wrote:
>
> Hi Jan Cerny,
>
Hi,
I will try to answer, but I don't use Nessus, so I'm not sure what is
the exact reason of this fail.
In general, the SSG files are validated against SCAP XML schemas, so
they are valid SCAP content.
However, SCAP standard consist of multiple separate specifications.
Strictly speaking, the SSG
I need help on openscap SSG project.
I am currently exploring SCAP Auditing feature from Nessus console. I
understood that Nessus supports SCAP Content (1.0 or 1.1 or 1.2) which can
be downloaded from NIST repository (https://nvd.nist.gov/ncp/repository)
based on the target host version. This wor