Was told about a project that integrates OpenSCAP scanning into AWS
CloudWatch. Thought it was pretty cool & wanted to share:
Overview
This openscap-aws rpm is intended to be used on CentOS or Red Hat AWS
instances and will configure them to self-scan each day, publish score
metrics to CloudWatch and optionally report any failures to an SNS
topic. As the scan score is a percentage of pass/fail findings and
some tests may not be applicable to your environment the use of a
tailoring file to specify which failures have been accepted by your
organization makes this much more effective because then you can
require that scans have a 100% score.
Code: https://github.com/ICFI/openscap-aws
Docs: https://icfi.github.io/openscap-aws/docs.html
_______________________________________________
scap-security-guide mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/[email protected]/message/JRGTR554RBTSJAJT6LTRBLU7GKQRIXC5/
