On 12/9/16 6:24 PM, [email protected] wrote: > I have tried importing the outputs into Security Center following the > guidance from Tenable. > > http://static.tenable.com/prod_docs/SecurityCenter_5.0_SCAP_Assessments.pdf > > The problem I encounter is that the scan returns with an "XML Validation > Failed" message on the information module. I tried importing the SCAP content > into a Nessus scanner breaking up the SCAP and OVAL content, but again, the > scan fails.Tenable does not provide much information as to why the XML > validation failed on the SCAP content. > > I have successfully imported the DISA STIG for RHEL 7 and run in Security > Center, but the DISA version is not structured for automated checks. That > scan shows all the controls, but with a "Not Checked" status requiring manual > review.
Well this is no good. The Tenable team has been very good about supporting SCAP, including getting Security Center SCAP 1.2 certified: https://www.tenable.com/blog/tenable-s-securitycenter-5-achieves-scap-12-certification Even made sure the OpenSCAP JBoss content could be ingested with their tools a few years ago: https://community.tenable.com/thread/5914 I reached out to Ron offline asking who we could work with at Tenable to troubleshoot. FYI @Martin - CC'd you on that note. _______________________________________________ scap-security-guide mailing list -- [email protected] To unsubscribe send an email to [email protected]
