Does the point of view matter, etc.? (i.e. inside vs outside) -----Original Message----- From: Martin Preisler [mailto:[email protected]] Sent: Thursday, October 20, 2016 3:57 PM To: SCAP Security Guide <[email protected]> Subject: Re: VMs, containers vs. bare-metal machines in SSG
----- Original Message ----- > From: "Shawn Wells" <[email protected]> > To: [email protected] > Sent: Thursday, October 20, 2016 2:45:39 PM > Subject: Re: VMs, containers vs. bare-metal machines in SSG > > [snip] > > Really like the idea of CPEs. We can always work with NIST to get > extra CPEs added.... but wouldn't that mean creation of redhat:docker, > redhat:openshift, Docker:docker, pivotal:cloudfoundry, etc? I'd like for SSG to be agnostic of the tech so I would go for CPE ID for container-image and that will be applicable when scanning docker images, rkt images, plain LXC images, etc... Same with vm-image, applicable on all offline virtual machine scanning, regardless of what is powering the VM or how it's stored. -- Martin Preisler Identity Management and Platform Security | Red Hat, Inc. _______________________________________________ scap-security-guide mailing list -- [email protected] To unsubscribe send an email to [email protected] THIS MESSAGE IS FOR THE USE OF THE INTENDED RECIPIENT(S) ONLY AND MAY CONTAIN INFORMATION THAT IS PRIVILEGED, PROPRIETARY, CONFIDENTIAL, AND/OR EXEMPT FROM DISCLOSURE UNDER ANY RELEVANT PRIVACY LEGISLATION. No rights to any privilege have been waived. If you are not the intended recipient, you are hereby notified that any review, retransmission, dissemination, distribution, copying, conversion to hard copy, taking of action in reliance on or other use of this communication is strictly prohibited. If you are not the intended recipient and have received this message in error, please notify me by return e-mail and delete or destroy all copies of this message. _______________________________________________ scap-security-guide mailing list -- [email protected] To unsubscribe send an email to [email protected]
