On Fri, Jul 21, 2017 at 09:49:14PM -0400, Yonas Yanfa
wrote:> On 07/21/2017 20:17, Joey Kelly wrote:
> > On Friday 21 July 2017 19:21:10 Yonas Yanfa wrote:
> > > Hi,
> > >
> > > Is there anything like OpenSCAP for FreeBSD?
> > If it's a matter of selecting an XML profile, then surely one can
be crafted
> > for any OS you choose.
> >
>
> Yes, and it shouldn't be too hard to port this to FreeBSD, but possibly
time
> consuming.
>
> The benefit of porting it is that they already have a lot of security
> policies <https://www.open-scap.org/security-policies/> written (eg.
USGCB,
> PCI DSS). Scanning and remedying Linux and FreeBSD systems for
> vulnerabilities could be done using the same XML file. Also, you can use
> their installer plugin
> <https://www.open-scap.org/tools/oscap-anaconda-addon/> to set
security
> profiles during install.
I'll get in touch with some of my coworkers, who were instrumental in
the creation of SCAP. I'll get their thoughts on LoE for porting to
FreeBSD. Depending on their schedules, my response may be delayed.
Thanks,
--
Shawn Webb
Cofounder and Security Engineer
HardenedBSD
GPG Key ID: 0x6A84658F52456EEE
GPG Key Fingerprint: 2ABA B6BD EF6A F486 BE89 3D9E 6A84 658F 5245 6EEE
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL:
<http://lists.freebsd.org/pipermail/freebsd-security/attachments/20170722/6ca30291/attachment.sig>