Hello, The listed languages are examples of supported languages for SCE.
But SCE supports any kind of languages, as long as you follow XCCDF rule for results check, see https://www.open-scap.org/features/other-standards/sce/ in part "examples". For example, the proprietary and paid software "CIS-CAT Pro Assessor" (from non-profit entity Center of Internet Security) use SCE along with PowerShell scripts (Source: https://ccpa-docs.readthedocs.io/en/latest/Coverage%20Guide/#scripting-capabilities). Note: if the last sentence is not appropriate here, let me know. But building your own XCCDF file to use SCE feature look not easy, at least for me. It may help that OpenSCAP can be used to validate the security content against standard SCAP XML schemas, such as XCCDF. See http://static.open-scap.org/openscap-1.3/oscap_user_manual.html#_validating_scap_content And remember that SCE is not part of any SCAP specification. It is here to ease the changeover between script based assessment and SCAP based assessment. Regards, Rafael CONTI Principal Engineer - Cybersecurity Schneider Electric E rafael.co...@se.com France *Please consider the environment before printing this e-mail -----Message d'origine----- De : Rao, Yarlagadda Srinivasa (MCS) <yarlagadda-srinivasa....@hpe.com> Envoyé : jeudi 12 décembre 2019 08:03 À : Rafael CONTI <rafael.co...@se.com>; open-scap-list@redhat.com Objet : RE: Openscap for windows - roadmap [External email: Use caution with links and attachments] ________________________________ Thank you again Rafael for sharing the information. We will go-through the link for the new probe implementation. Regarding SCE, supported languages are Bash, Python, Perl, Ruby. All of them are works for Linux platform We are looking the languages that are supported for windows platform. Regards, Vasu -----Original Message----- From: Rafael CONTI [mailto:rafael.co...@se.com] Sent: Wednesday, December 11, 2019 5:52 PM To: Rao, Yarlagadda Srinivasa (MCS) <yarlagadda-srinivasa....@hpe.com>; open-scap-list@redhat.com Subject: RE: Openscap for windows - roadmap Hello, Regarding missing probes, major contribution to openscap was done during a master thesis (https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.vutbr.cz%2Fwww_base%2Fzav_prace_soubor_verejne.php%3Ffile_id%3D181284&data=02%7C01%7Crafael.conti%40se.com%7C3cde055eb57a4d19541208d77ed158e1%7C6e51e1adc54b4b39b5980ffe9ae68fef%7C0%7C1%7C637117309923176554&sdata=051CD02OPBjIlxmaxM9VyuwdHZd5vLN9xVTPzINRFo8%3D&reserved=0 ). This document may help to understand openscap structure and how openscap works under the hood. The document also mention briefly how to add new probe for Windows operating system (p35 - 4.6.1) and why there is two wmi test probe (p42 - 4.6.6). There is also the Script Check Engine, which may help using script for running checks: https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.open-scap.org%2Ffeatures%2Fother-standards%2Fsce%2F&data=02%7C01%7Crafael.conti%40se.com%7C3cde055eb57a4d19541208d77ed158e1%7C6e51e1adc54b4b39b5980ffe9ae68fef%7C0%7C1%7C637117309923176554&sdata=59OsaCHaolcAIsNnOFNsWUPQ3P4Twc6kuQSATa%2FAnaU%3D&reserved=0 Regards, Rafael CONTI Principal Engineer - Cybersecurity E rafael.co...@se.com France *Please consider the environment before printing this e-mail -----Message d'origine----- De : Rao, Yarlagadda Srinivasa (MCS) <yarlagadda-srinivasa....@hpe.com> Envoyé : mardi 3 décembre 2019 04:50 À : Rafael CONTI <rafael.co...@se.com>; open-scap-list@redhat.com Objet : RE: Openscap for windows - roadmap [External email: Use caution with links and attachments] ________________________________ Thank you Rafael for sharing the information. Just wanted to understand are there any alternatives available (like calling python OR PowerShell scripts) for the missing probes? Also wanted to know, is there any open source location to download complete oval and xccdf files for windows platform CIS benchmarks? Regards, Vasu -----Original Message----- From: Rafael CONTI [mailto:rafael.co...@se.com] Sent: Monday, December 2, 2019 9:02 PM To: Rao, Yarlagadda Srinivasa (MCS) <yarlagadda-srinivasa....@hpe.com>; open-scap-list@redhat.com Subject: RE: Openscap for windows - roadmap Hello Vasu, I already search for this information, and I am actively following openscap integration for windows. You can check this thread (https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2FOpenSCAP%2Fopenscap%2Fissues%2F1312&data=02%7C01%7Crafael.conti%40se.com%7C3cde055eb57a4d19541208d77ed158e1%7C6e51e1adc54b4b39b5980ffe9ae68fef%7C0%7C1%7C637117309923176554&sdata=vC4HUwKaoL1TQXapmPFW3gLa4N%2Bx7MwbEI1FHaSEYYg%3D&reserved=0 ) which list both links: source code of implemented windows probes : https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2FOpenSCAP%2Fopenscap%2Ftree%2Fmaint-1.3%2Fsrc%2FOVAL%2Fprobes%2Fwindows&data=02%7C01%7Crafael.conti%40se.com%7C3cde055eb57a4d19541208d77ed158e1%7C6e51e1adc54b4b39b5980ffe9ae68fef%7C0%7C1%7C637117309923186508&sdata=CUmKVH6WiXkGVmyz9ZR1HjN7DCeraYo2BJTTzsfa7Lc%3D&reserved=0 specification of all probes for windows : https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2FOVAL-Community%2FOVAL%2Fblob%2Fmaster%2Foval-specifications%2Foval-windows-extension-specification.docx&data=02%7C01%7Crafael.conti%40se.com%7C3cde055eb57a4d19541208d77ed158e1%7C6e51e1adc54b4b39b5980ffe9ae68fef%7C0%7C1%7C637117309923186508&sdata=Tfb%2Bs2MHpraGEpm5M185OukRG7hDXAhWpdILBGpxEOw%3D&reserved=0 With those document, you can see implemented and missing probes in windows. I did not find information about a roadmap/status for missing probes. I am willing to share information about openscap and windows, Rafael CONTI Principal Engineer - Cybersecurity Energy Management Business Schneider Electric France *Please consider the environment before printing this e-mail De : open-scap-list-boun...@redhat.com <open-scap-list-boun...@redhat.com> De la part de Rao, Yarlagadda Srinivasa (MCS) Envoyé : lundi 2 décembre 2019 16:21 À : open-scap-list@redhat.com Objet : [Open-scap] Openscap for windows - roadmap [External email: Use caution with links and attachments] ________________________________________ Hi, Where can find more information on Openscap for windows. Right now I could find very limited no of oval objects are supported. I am looking for how many oval objects (probes) are completely implemented and how many are in work in progress and not yet implemented for windows. Can someone help me to find out this? Thanks & Regards, Vasu ______________________________________________________________________ This email has been scanned by the Symantec Email Security.cloud service. ______________________________________________________________________ ______________________________________________________________________ This email has been scanned by the Symantec Email Security.cloud service. ______________________________________________________________________ ______________________________________________________________________ This email has been scanned by the Symantec Email Security.cloud service. ______________________________________________________________________ _______________________________________________ Open-scap-list mailing list Open-scap-list@redhat.com https://www.redhat.com/mailman/listinfo/open-scap-list
