Re: [Open-scap] Trouble Scanning OVAL from CIS Repository

As far as I know, the CIS materials have non-standard extensions that only their scanner supports. On Wed, Aug 14, 2019 at 11:47 PM Tim wrote: > Another issue has come up while attempting to scan a Fedora-based system > using the quasi-official OVAL collection at CIS: > > https://oval.cisecurity

Re: [Open-scap] Trouble Scanning OVAL from CIS Repository

Those extensions are only in the CIS benchmark content and not part of the OVAL repository. I plan on taking a look at the specific content mentioned in the thread to see what I can see. Cheers Bill M (CIS) Get Outlook for iOS On Thu, Aug 15, 2019 at 7:49 AM -0400, "T

Re: [Open-scap] Trouble Scanning OVAL from CIS Repository

Ah, good to know. Thanks! On Thu, Aug 15, 2019 at 7:51 AM William Munyan < william.mun...@cisecurity.org> wrote: > Those extensions are only in the CIS benchmark content and not part of the > OVAL repository. I plan on taking a look at the specific content mentioned > in the thread to see what I

Re: [Open-scap] Questions about OVAL

Hi, On Tue, Aug 13, 2019 at 4:53 AM Tim Burress wrote: > > Hello, > > I'm trying to learn my way around SCAP just now, with the main focus > right now on scans of Linux-based systems using oscap and the related > tools. I'm hitting a bit of a wall when it comes to writing OVAL content > and just

[Open-scap] OSCAP scan for RHEL7 STIG checks

Good Morning As you may know the RHEL7 STIG has 240 checks in total. The OSCAP scan would cover at least 90 of those checks. Has this capability been updated to cover all 240 checks. Thank you. r/ Jason Donald (JD) This e-mail and any attachments are intended

Re: [Open-scap] Trouble Scanning OVAL from CIS Repository

Tim, I guess the first thing I would ask is why you’re downloading the full OVAL XML file. That file, as you can see is huge, and contains ALL the definitions in the entire repository. I can make an educated guess that your Fedora-based system doesn’t need to assess against every Windows defin