[Debconf-discuss] SCAP security guide and tools BoF (automatic verification of security configuration)

To: debconf-discuss@lists.debconf.org
Subject: [Debconf-discuss] SCAP security guide and tools BoF (automatic verification of security configuration)
From: Frank Lin PIAT <fpiat@klabs.be>
Date: Tue, 18 Aug 2015 13:28:50 +0200
Message-id: <[🔎] 1439897330.6239.82.camel@klabs.be>

BoF at 14:00 in room Madrid !


Short:
Debian doesn't provide a security guide in SCAP format, let's fix that.

Long:
SCAP guides are really nice for users because it's really easy
"audit" (evaluate) one or many systems. Also, SCAP security guides can
contain multiple profiles (Server, Desktop, Virtualisation Host...).
Those profiles can further be customized by the user: enable/disable
some checks, adjust threshold...

The XML results can be also be converted in some nice HTML file with
explanation, reference and remediation hints. The XML file could even be
used for automatic remediation.

In this BoF, I would like to discuss with interested parties on what
should be done, how to do it, what should be supported, etc.

I have grabbed some ideas/todo/pitfalls on this wiki pages:
https://wiki.debian.org/SCAPGuide


Franklin


See:
http://www.open-scap.org
https://en.wikipedia.org/wiki/Security_Content_Automation_Protocol
Security guides:
https://fedorahosted.org/scap-security-guide/ (maintained)
https://fedorahosted.org/sce-community-content/ (inactive since 2013)

Reply to:

Prev by Date: Re: [Debconf-discuss] [Debconf-announce] First recorded videos live!
Next by Date: Re: [Debconf-discuss] Public transport work hours?
Previous by thread: [Debconf-discuss] Karaoke
Next by thread: [Debconf-discuss] Best bus to get to Hbf with luggage?
Index(es):
- Date
- Thread