[Open-scap] Let me poll the community
Shawn Wells
shawn at redhat.com
Wed May 16 16:10:21 UTC 2018
On 5/14/18 7:26 PM, Geoffry Roberts wrote:
> A few weeks ago I saw a thread or two where some were seeking a means
> of analyzing large volumes of SCAP result sets.
>
> I'd like to ask the community as to what extent this represents a
> problem?
>
> People I know who are using SCAP are scanning on a small scale and can
> read the results manually. It makes sense to me that as volumes rise
> some form automation would be in order.
>
> What say ye?
My own work revolves around containers these days. Scan results are
ephemeral. Once the scan is complete (and passed) the CI/CD moves on.
Outputs (container images) are immutable. No need to continuously rescan
them or keep stale records around.
For lots of legacy virtualization workloads, something like Satellite,
Tenable, or even ePO, is used to aggregate the scans over time.
More information about the Open-scap-list
mailing list