What is OVAL?
by Sven Vermeulen, post on Sun 22 December 2013Time to discuss OVAL (Open Vulnerability Assessment Language). In all the previous posts I focused the checking of rules (does the system comply with the given rule) on scripts, through the Script Check Engine supported by openscap. The advantage of SCE is that most people can quickly provide automated checks …
Running a bit with the XCCDF document
by Sven Vermeulen, post on Wed 18 December 2013In my previous post I introduced automated checking of rules through SCE (Script Check Engine). Let's focus a bit more now on running with an XCCDF document: how to automatically check the system, read the results and find more information of those results.
To provide a usable example, you can …
XCCDF - Documenting a bit more than just descriptions
by Sven Vermeulen, post on Mon 16 December 2013In my previous
post I
made a skeleton XCCDF document. By now, we can create a well documented
"baseline" (best practice) for our subject (say PostgreSQL). But for now
I only talked about <description>
whereas XCCDF allows many other tags
as well.
You can add metadata information for a particular …