Hey Jason,
Thanks for the response! OpenSCAP can generate ARF, OVAL results, XCCDF
results in SCAP 1.2 formats.
Shawn
> On Aug 18, 2017, at 1:52 PM, Mackanick, Jason W CIV DISA RE (US)
> <[email protected]> wrote:
>
> The DISA STIG Viewer accepts xccdf results files. Is this the format which
> openscap is using?
>
> -----Original Message-----
> From: [email protected]
> [mailto:[email protected]]
> Sent: Friday, August 18, 2017 1:47 PM
> To: [email protected]
> Subject: [Non-DoD Source] scap-security-guide Digest, Vol 71, Issue 10
>
> All active links contained in this email were disabled. Please verify the
> identity of the sender, and confirm the authenticity of all links contained
> within the message prior to copying and pasting the address to a Web browser.
>
>
>
>
>
> ----
>
> Send scap-security-guide mailing list submissions to
> [email protected]
>
> To subscribe or unsubscribe via email, send a message with subject or
> body 'help' to
> [email protected]
>
> You can reach the person managing the list at
> [email protected]
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of scap-security-guide digest..."
>
> Today's Topics:
>
> 1. Re: oscap output and STIG Viewer (Trevor Vaughan)
> 2. Re: oscap output and STIG Viewer (Shawn Wells)
> 3. RE: [Non-DoD Source] Re: oscap output and STIG Viewer
> (Paige, David B CTR USARMY ICOE (US))
> 4. RE: [Non-DoD Source] Re: oscap output and STIG Viewer
> (Paige, David B CTR USARMY ICOE (US))
> 5. RE: [Non-DoD Source] Re: oscap output and STIG Viewer
> (Albrecht, Thomas C)
>
>
> ----------------------------------------------------------------------
>
> Date: Fri, 18 Aug 2017 10:20:41 -0400
> From: Trevor Vaughan <[email protected]>
> Subject: Re: oscap output and STIG Viewer
> To: SCAP Security Guide <[email protected]>
> Message-ID:
> <cans+fouidyaaoodj9mh4ku8g_ce56bobmqkguttbvcgmggd...@mail.gmail.com>
> Content-Type: multipart/alternative;
> boundary="001a114e7e887ee173055707d587"
>
> --001a114e7e887ee173055707d587
> Content-Type: text/plain; charset="UTF-8"
>
> Please do ask DISA to support the standard SCAP formats if at all possible.
>
> I haven't been able to find any of their internal formats yet I'm trying to
> automate the generation of content for them.
>
> This really is not helpful to their user base.
>
> Trevor
>
>> On Thu, Aug 17, 2017 at 9:58 PM, Shawn Wells <[email protected]> wrote:
>>
>>
>>
>>> On 8/17/17 1:02 PM, Paige, David B CTR USARMY ICOE (US) wrote:
>>> The DISA STIGViewer isn't about to correlate the Redhat STIG with any of
>> the items from a Rhel/CentOS xml file created by openscap. This means that
>> all of the items must be updated manually.
>>>
>>> Would it be possible to get the output to be recognized by the DISA
>> STIGViewer? I'm not sure what openscap does differently from the SPAWAR
>> SCC tool, which can be imported into the STIGViewer.
>>>
>>> The openscap xml output is also not processed by the vulnerator tool,
>> but it will handle the SCC xml files.
>>
>> OpenSCAP generates SCAP content. STIGViewer (and SCC) built in DISA's
>> proprietary extensions/formats.
>>
>> In theory this would be a matter of applying an XSLT to restructure the
>> properly formatted SCAP results into whatever DISA needs.
>> _______________________________________________
>> scap-security-guide mailing list -- scap-security-guide@lists.
>> fedorahosted.org
>> To unsubscribe send an email to scap-security-guide-leave@
>> lists.fedorahosted.org
>>
>
>
>
> --
> Trevor Vaughan
> Vice President, Onyx Point, Inc
> (410) 541-6699 x788
>
> -- This account not approved for unencrypted proprietary information --
>
> --001a114e7e887ee173055707d587
> Content-Type: text/html; charset="UTF-8"
> Content-Transfer-Encoding: quoted-printable
>
> <div dir=3D"ltr"><div><div><div>Please do ask DISA to support the standard =
> SCAP formats if at all possible.<br><br></div>I haven't been able to fi=
> nd any of their internal formats yet I'm trying to automate the generat=
> ion of content for them.<br><br></div>This really is not helpful to their u=
> ser base.<br><br></div>Trevor<br></div><div class=3D"gmail_extra"><br><div =
> class=3D"gmail_quote">On Thu, Aug 17, 2017 at 9:58 PM, Shawn Wells <span di=
> r=3D"ltr"><<a href=3D"Caution-mailto:[email protected]";
> target=3D"_blank">shawn@r=
> edhat.com</a>></span> wrote:<br><blockquote class=3D"gmail_quote" style=
> =3D"margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><span cl=
> ass=3D""><br>
> <br>
> On 8/17/17 1:02 PM, Paige, David B CTR USARMY ICOE (US) wrote:<br>
> > The DISA STIGViewer isn't about to correlate the Redhat STIG with =
> any of the items from a Rhel/CentOS xml file created by openscap.=C2=A0 Thi=
> s means that all of the items must be updated manually.<br>
> ><br>
> > Would it be possible to get the output to be recognized by the DISA ST=
> IGViewer?=C2=A0 I'm not sure what openscap does differently from the SP=
> AWAR SCC tool, which can be imported into the STIGViewer.<br>
> ><br>
> > The openscap xml output is also not processed by the vulnerator tool, =
> but it will handle the SCC xml files.<br>
> <br>
> </span>OpenSCAP generates SCAP content. STIGViewer (and SCC) built in DISA&=
> #39;s<br>
> proprietary extensions/formats.<br>
> <br>
> In theory this would be a matter of applying an XSLT to restructure the<br>
> properly formatted SCAP results into whatever DISA needs.<br>
> <div class=3D"HOEnZb"><div class=3D"h5">______________________________<wbr>=
> _________________<br>
> scap-security-guide mailing list -- <a
> href=3D"Caution-mailto:scap-security-guide@l=
> ists.fedorahosted.org">scap-security-guide@lists.<wbr>fedorahosted.org</a><=
> br>
> To unsubscribe send an email to <a
> href=3D"Caution-mailto:scap-security-guide-leave=
> @lists.fedorahosted.org">scap-security-guide-leave@<wbr>lists.fedorahosted.=
> org</a><br>
> </div></div></blockquote></div><br><br clear=3D"all"><br>-- <br><div class=
> =3D"gmail_signature" data-smartmail=3D"gmail_signature"><div dir=3D"ltr"><d=
> iv><div dir=3D"ltr"><div>Trevor Vaughan<br>Vice President, Onyx Point, Inc<=
> br></div><div>(410) 541-6699 x788<br></div><div><br>-- This account not app=
> roved for unencrypted proprietary information --</div></div></div></div></d=
> iv>
> </div>
>
> --001a114e7e887ee173055707d587--
>
> ------------------------------
>
> Date: Fri, 18 Aug 2017 12:12:53 -0400
> From: Shawn Wells <[email protected]>
> Subject: Re: oscap output and STIG Viewer
> To: [email protected]
> Message-ID: <[email protected]>
> Content-Type: text/plain; charset=utf-8
>
>
>
>> On 8/18/17 10:20 AM, Trevor Vaughan wrote:
>> Please do ask DISA to support the standard SCAP formats if at all
>> possible.
>>
>> I haven't been able to find any of their internal formats yet I'm
>> trying to automate the generation of content for them.
>>
>> This really is not helpful to their user base.
>
> Having end-customers/users make the requests would be ideal:
>
> Caution-https://iase.disa.mil/stigs/Pages/contact.aspx
>
> [email protected]
>
> ------------------------------
>
> Date: Fri, 18 Aug 2017 16:18:14 +0000
> From: "Paige, David B CTR USARMY ICOE (US)"
> <[email protected]>
> Subject: RE: [Non-DoD Source] Re: oscap output and STIG Viewer
> To: SCAP Security Guide <[email protected]>
> Message-ID:
> <6be43602bc42c149a3f61277e163dc2fc845a...@usathu5d.easf.csd.disa.mil>
> Content-Type: text/plain; charset="utf-8"
>
> I will drop them a note and see if they have any plans to support the
> standard SCAP formats.
>
> -----Original Message-----
> From: Shawn Wells [Caution-mailto:[email protected]]
> Sent: Friday, August 18, 2017 9:13 AM
> To: [email protected]
> Subject: [Non-DoD Source] Re: oscap output and STIG Viewer
>
> All active links contained in this email were disabled. Please verify the
> identity of the sender, and confirm the authenticity of all links contained
> within the message prior to copying and pasting the address to a Web browser.
>
>
>
>
>
> ----
>
>
>
>> On 8/18/17 10:20 AM, Trevor Vaughan wrote:
>> Please do ask DISA to support the standard SCAP formats if at all
>> possible.
>>
>> I haven't been able to find any of their internal formats yet I'm
>> trying to automate the generation of content for them.
>>
>> This really is not helpful to their user base.
>
> Having end-customers/users make the requests would be ideal:
>
> Caution-Caution-https://iase.disa.mil/stigs/Pages/contact.aspx
>
> [email protected]
> _______________________________________________
> scap-security-guide mailing list -- [email protected]
> To unsubscribe send an email to
> [email protected]
>
> ------------------------------
>
> Date: Fri, 18 Aug 2017 17:36:19 +0000
> From: "Paige, David B CTR USARMY ICOE (US)"
> <[email protected]>
> Subject: RE: [Non-DoD Source] Re: oscap output and STIG Viewer
> To: SCAP Security Guide <[email protected]>
> Message-ID:
> <6be43602bc42c149a3f61277e163dc2fc845a...@usathu5d.easf.csd.disa.mil>
> Content-Type: text/plain; charset="utf-8"
>
> OpenSCAP will not be supported. There is a benchmark in development which
> will correspond to the RHEL7 STIG.
>
> -----Original Message-----
> From: Shawn Wells [Caution-mailto:[email protected]]
> Sent: Friday, August 18, 2017 9:13 AM
> To: [email protected]
> Subject: [Non-DoD Source] Re: oscap output and STIG Viewer
>
> All active links contained in this email were disabled. Please verify the
> identity of the sender, and confirm the authenticity of all links contained
> within the message prior to copying and pasting the address to a Web browser.
>
>
>
>
>
> ----
>
>
>
>> On 8/18/17 10:20 AM, Trevor Vaughan wrote:
>> Please do ask DISA to support the standard SCAP formats if at all
>> possible.
>>
>> I haven't been able to find any of their internal formats yet I'm
>> trying to automate the generation of content for them.
>>
>> This really is not helpful to their user base.
>
> Having end-customers/users make the requests would be ideal:
>
> Caution-Caution-https://iase.disa.mil/stigs/Pages/contact.aspx
>
> [email protected]
> _______________________________________________
> scap-security-guide mailing list -- [email protected]
> To unsubscribe send an email to
> [email protected]
>
> ------------------------------
>
> Date: Fri, 18 Aug 2017 17:46:29 +0000
> From: "Albrecht, Thomas C" <[email protected]>
> Subject: RE: [Non-DoD Source] Re: oscap output and STIG Viewer
> To: SCAP Security Guide <[email protected]>
> Message-ID:
> <[email protected]>
> Content-Type: text/plain; charset="utf-8"
>
> Sadly, this is the response I expected. DISA is not being asked to support
> OpenSCAP. They're being asked to comply with SCAP, which, last time I
> checked, is a standard published by NIST.
>
> Embrace and extend.
>
> Tom A.
>
> -----Original Message-----
> From: Paige, David B CTR USARMY ICOE (US)
> [Caution-mailto:[email protected]]
> Sent: Friday, August 18, 2017 1:36 PM
> To: SCAP Security Guide <[email protected]>
> Subject: EXTERNAL: RE: [Non-DoD Source] Re: oscap output and STIG Viewer
>
> OpenSCAP will not be supported. There is a benchmark in development which
> will correspond to the RHEL7 STIG.
>
> -----Original Message-----
> From: Shawn Wells [Caution-mailto:[email protected]]
> Sent: Friday, August 18, 2017 9:13 AM
> To: [email protected]
> Subject: [Non-DoD Source] Re: oscap output and STIG Viewer
>
> All active links contained in this email were disabled. Please verify the
> identity of the sender, and confirm the authenticity of all links contained
> within the message prior to copying and pasting the address to a Web browser.
>
>
>
>
>
> ----
>
>
>
>> On 8/18/17 10:20 AM, Trevor Vaughan wrote:
>> Please do ask DISA to support the standard SCAP formats if at all
>> possible.
>>
>> I haven't been able to find any of their internal formats yet I'm
>> trying to automate the generation of content for them.
>>
>> This really is not helpful to their user base.
>
> Having end-customers/users make the requests would be ideal:
>
> Caution-Caution-https://iase.disa.mil/stigs/Pages/contact.aspx
>
> [email protected]
> _______________________________________________
> scap-security-guide mailing list -- [email protected]
> To unsubscribe send an email to
> [email protected]
> _______________________________________________
> scap-security-guide mailing list -- [email protected]
> To unsubscribe send an email to
> [email protected]
>
> ------------------------------
>
> Subject: Digest Footer
>
> _______________________________________________
> scap-security-guide mailing list -- [email protected]
> To unsubscribe send an email to
> [email protected]
>
>
> ------------------------------
>
> End of scap-security-guide Digest, Vol 71, Issue 10
> ***************************************************
_______________________________________________
scap-security-guide mailing list -- [email protected]
To unsubscribe send an email to [email protected]
