The OpenSCAP project provides a variety of hardening guides and configuration baselines developed by the open source community, allowing you to choose a security policy that best suits the needs of your organization, regardless of its size. The OpenSCAP ecosystem provides multiple tools to assist administrators and auditors with assessment, measurement, and enforcement of security baselines. In the following illustration one can see that, at the time of writing, CIS has made one version benchmark available for Red Hat Enterprise Linux (RHEL) 8, version 1.0.0. That is why Red Hat produces the scap-security-guidelines package, which contains what is necessary to scan for compliance, automate and remediate the results. These benchmarks, even if they were to be available, do not contain the automation and remediation steps required to change a server state to reach compliance. ![]() They do offer some benchmarks in an XCCDF 1 format, that can be used by tools, but they are reserved for paying members. ![]() The benchmarks, offered free for CIS members in the form of PDFs, are not directly usable by a scanning tool, but they are human readable. ![]() In particular, it produces benchmarks, which are “configuration guidelines for various technology groups to safeguard systems against today evolving cyber threat" in the words of the CIS. The CIS (Center for Internet Security) produces various cyber security related services.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |