Thank you for your feedback... Any particular areas where focus needs to be applied first for STIG, or just jump in ... :)?
Jeff ________________________________________ From: [email protected] <[email protected]> on behalf of Šimon Lukašík <[email protected]> Sent: Wednesday, September 30, 2015 12:01 PM To: SCAP Security Guide; [email protected] Subject: Re: Insight into release timing of RHEL7 STIG as "official" -- any help needed on the Project? On 09/29/2015 05:49 PM, Jeffrey Hawkins wrote: > Anyone have any insight on when the RHEL7 STIG is going to be ready for > prime time to be picked up by DISA? I work for a company the delivers > RHEL based Products that use the STIG as part of the Security Standards > /Benchmark to follow, and right now we are middle of development cycle > of migrating our Products from RHEL6 to RHEL7. We are leveraging > existing RHEL6 STIG, and the early RHEL7 drafts where it make sense > within our own Hardening Framework (developed and carried forward from > pre-RHEL4 days). We would like to avoid what we faced with RHEL6 with > chasing the Draft verses RHEL5 STIG, and speculating what would be in > the final . So, thought I would raise a query of the Benchmark rollout... > > > Are there areas where help is needed as I/we would be more than happy to > help the Project? > Hello Jeff, It is work in progress. All the development is taking place in https://github.com/OpenSCAP/scap-security-guide/tree/master/RHEL/7 So far, the focus was on PCI-DSS. We understood PCI-DSS as a sub-set of STIG (not precise, but close). PCI-DSS is close to be finished. So, the focus will shift towards STIG upstream work. We are more then welcome to any contribution! Thanks! -- Šimon Lukašík Senior Software Engineer Team Lead, Security Compliance, Red Hat, Inc. -- SCAP Security Guide mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide https://github.com/OpenSCAP/scap-security-guide/ -- SCAP Security Guide mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide https://github.com/OpenSCAP/scap-security-guide/
