These look really great. Added a few comments on your blog.
Many U.S. Government customers use a tool called SECSCAN. Here's output
from a system I had to scan long ago:
http://people.redhat.com/swells/mea/SECSCAN-Current/PFFinalFindingsReport.html
One of the more useful fields is the "Authorizing Official
Review/Comments." From a general workflow perspective, SysAdmins scan
their systems and use this field to pass commentary back to their C&A
team, or from the C&A team back to the SysAdmin. It'd be interesting if
the HTML report would allow text input to facilitate these notes...
making comments such as "false positive," "known issue," etc would
increase the useability of the reports.
On 7/11/14, 12:33 PM, Greg Elin wrote:
Great stuff! Thanks for post.
I will add comments. It's also in my grant project budget to have some
professional design work done.
Greg Elin
P: 917-304-3488
E: [email protected]
Sent from my iPhone
On Jul 11, 2014, at 10:09 AM, Martin Preisler <[email protected]> wrote:
Hi,
I wrote a blog post about the ongoing HTML report redesign.
http://martin.preisler.me/2014/07/openscap-html-report-redesign/
Please give it a look and consider providing feedback.
--
Martin Preisler
--
SCAP Security Guide mailing list
[email protected]
https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
https://github.com/OpenSCAP/scap-security-guide/
--
Shawn Wells
Director, Innovation Programs
[email protected] | 443.534.0130
@shawndwells
--
SCAP Security Guide mailing list
[email protected]
https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
https://github.com/OpenSCAP/scap-security-guide/
