On 4/28/17 9:10 AM, 面和毅 wrote: > Dear Shawn, > > Many thanks for your feedback. > > Now I'm writing some web article regarding with OpenSCAP, then I wish to > make clear each SCAP Components current status, relation, and so on.
Certainly can't speak for NIST or other content providers, but SSG actively uses (+maintains) CCEs for included configuration checks. e.g. for CCE to NIST 800-53 mappings: http://people.redhat.com/swells/scap-security-guide/RHEL/7/output/table-rhel7-nistrefs-ospp.html CCE to CIS: http://people.redhat.com/swells/scap-security-guide/RHEL/7/output/table-rhel7-cisrefs-c2s.html and master list: http://people.redhat.com/swells/scap-security-guide/RHEL/7/output/table-rhel7-cces.html Those tables are generated as part of the build process. URLs above are not official, just a development dropbox for myself. Official table mappings ship downstream via the scap-security-guide-docs RPM in RHEL _______________________________________________ scap-security-guide mailing list -- [email protected] To unsubscribe send an email to [email protected]
