[Open-scap] OpenSCAP 1.3.0

Ruben Oliva david.oliva at verizon.net
Fri Oct 12 22:58:27 UTC 2018 

Trey:


You got me curious about this.


How did you do it?




David Oliva

 

 

 

-----Original Message-----
From: Trey Henefield <trey.henefield at ultra-ats.com>
To: Shawn Wells <shawn at redhat.com>; open-scap-list <open-scap-list at redhat.com>
Sent: Tue, Oct 9, 2018 12:08 pm
Subject: Re: [Open-scap] OpenSCAP 1.3.0


    
    
    For what its worth,

I was able to perform scans on Windows with OpenSCAP 1.3.0 using the following DISA STIG benchmarks:

Google Chrome
Adobe Acrobat DC
Windows Defender
Windows Firewall
Windows 10

All of the scans work. However, Windows 10 results were a bit off. Allot of unknowns and false positives. This could be an issue with the benchmark, however it works fine in SCAP Compliance Checker. All others were spot on.

I was also able to import my results from the scan into the STIG Viewer to populate the results into a checklist.

Excellent work!

Best regards,

Trey Henefield, CISSP
Senior IAVA Engineer

Ultra Electronics
Advanced Tactical Systems, Inc.
4101 Smith School Road
Building IV, Suite 100
Austin, TX 78744 USA

Trey.Henefield at ultra-ats.com
Tel: +1 512 327 6795 ext. 647
Fax: +1 512 327 8043
Mobile: +1 512 541 6450

-----Original Message-----
From: open-scap-list-bounces at redhat.com <open-scap-list-bounces at redhat.com> On Behalf Of Shawn Wells
Sent: Tuesday, October 9, 2018 10:53 AM
To: open-scap-list at redhat.com
Subject: Re: [Open-scap] OpenSCAP 1.3.0



On 10/9/18 7:38 AM, Jan Cerny wrote:
> Hello OpenSCAPers,
>
> We are thrilled to announce general availability of OpenSCAP 1.3.0 release.
>
> This is the first release from maint-1.3 maintenance branch. API/ABI 
> is not compatible with 1.2.x releases. API/ABI is not compatible with 
> 1.3.0_alpha releases.
>
> Changes from 1.3.0_alpha2:
>    - New features
>      - Introduced a virtual '(all)' profile selecting all rules
>      - Verbose mode is a global option in all modules
>      - Added Microsoft Windows CPEs
>      - oscap-ssh can supply SSH options into an environment variable
>    - Maintenance
>      - Removed SEXP parser
>      - Added Fedora 30 CPE
>      - Fixed many Coverity defects (memory leaks etc.)
>      - SCE builds are enabled by default
>      - Moved many low-level functions out of public API
>      - Removed unused and dead code
>      - Updated manual pages
>      - Numerous small fixes
>
> Key differences from 1.2.x series:
> - Basic Microsoft Windows support
> - Removed deprecated command line interfaces
> - Removed deprecated API symbols
> - Probes are not separate processes anymore
> - CMake used as build system
> - CTest used as a test framework
>
> Download:
> https://github.com/OpenSCAP/openscap/releases/download/1.3.0/openscap-1.3.0.tar.gz
>
> SHA512:
> 9405d0f17b60ab4a52ddd0f49d0e2395eb2540f0d07d68dfd142e2b8b2988e88cf1272
> 30523e68f67d3d22a6dd4eb2397f9468c923d19bb7cb059abf487ab5a1
>
> Audit, Fix, And Be Merry!

Thanks Jan!

How far along is Windows support? Saw the mention of 'basic' -- but how should OpenSCAP on Windows be positioned?

For example:
- How many Windows probes are implemented?
- Does OpenSCAP on Windows pass the NIST automated tooling?
- Where can we send people who want to find out more?

_______________________________________________
Open-scap-list mailing list
Open-scap-list at redhat.com
https://www.redhat.com/mailman/listinfo/open-scap-list
    
    
 
Disclaimer
        The information contained in this communication from           trey.henefield at ultra-ats.com           sent at          2018-10-09          12:08:47          is private and may be legally privileged or export controlled. It is intended solely for           use by             open-scap-list at redhat.com             and others           authorized to receive it. If you are not             open-scap-list at redhat.com             you are hereby notified that any disclosure, copying, distribution or           taking action in reliance of the contents of this information is strictly           prohibited and may be unlawful.
          
    

_______________________________________________
Open-scap-list mailing list
Open-scap-list at redhat.com
https://www.redhat.com/mailman/listinfo/open-scap-list
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/open-scap-list/attachments/20181012/d252720a/attachment.htm>

More information about the Open-scap-list mailing list