[Open-scap] OpenSCAP Ecosystem :: Year 2015 in Review

Šimon Lukašík slukasik at redhat.com
Wed Dec 23 10:34:58 UTC 2015 

Hello Everyone,

Let me express heartfelt gratitude to everyone who has contributed to 
OpenSCAP ecosystem successes during the year.

Following list is the feature highlights from 2015. The list of people 
who had contributed, however, would be at least 4 times longer.

  * The new portal www.open-scap.org has been put online with 
respectable load of documentation
  * Red Hat Enterprise Linux 7.2 Installer was integrated with OpenSCAP, 
allowing users to remediate system before the first boot
  * Red Hat Satellite 6.1 was integrated with OpenSCAP, allowing users 
to scan whole infrastructure by mouse click
  * Red Hat Insights offering leveraged OpenSCAP tool, allowing 
customers to easily notice vulnerabilities on their systems
  * The initial OpenSCAP support has been added into ManageIQ project
  * The `atomic scan` command has introduced as a short-cut to audit 
containers
  * openscap-daemon upstream project has started
  * The community started to focus on Debian support
  * 8 upstream releases of scap-security-guide project, the hightlights 
include
    * PCI-DSS profiles has been introduced and finalized for Red Hat 
Enterprise Linux version 6 and 7
    * U.S. Government Commercial Cloud Services (C2S) has been profile 
introduced for Red HAt Enterprise Linux 7
    * NIAP OSPP v4 profile has been introduced for Red Hat Enterprise 
Linux 7
    * USGCB profile for Red Hat Enterprise Linux 6 has been finalized 
and it is ready for review at NIST
    * CNSS No. 1253 profile has been introduced for Red Hat Enterprise 
Linux 6
    * The initial profile has been introduced for Debian 8 (Jessie)
    * An upstream STIG guidance has been introduced for applications 
like: JRE, Firefox, and Chromium and OpenStack (RHEL-0SP-7)
  * 7 upstream releases of scap-workbench bringing MS Windows and MacOS 
X support
  * 8 upstream releases of openscap, highlights include:
    * vastly improved HTML reports and introduced verbosity mode
    * oscap-docker tool for assessing containers and images
    * oscap-vm tool for assessing cold virtual machines
    * oscap-ssh tool for assessing remote systems
    * OVAL 5.11 and 5.11.1 support
  * jenkins bot joined openscap team on github to all projects
  * and hundreds of other feature and bug fixing patches landed in

On behalf of whole team, I wish you merry Christmas and successful year 
2016. Please accept the attached card as a small gift.

Audit, Fix, And Be Merry!
~š.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: openscap-christmas.pdf
Type: application/pdf
Size: 216432 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/open-scap-list/attachments/20151223/c0098b5b/attachment.pdf>

More information about the Open-scap-list mailing list