Yah. Openscap is nessus on steroids. I run it on non- region boxes. Nessus should be able to do the same thing --- assuming joe can install an agent on each server.
PVS is even more interesting. https://www.tenable.com/products/nessus/nessus-network-monitor From: [email protected] Sent: August 9, 2018 11:15 AM To: [email protected] Reply to: [email protected] Subject: "Publish OpenSCAP scan metrics to CloudWatch and optionally send SNS notifications" Was told about a project that integrates OpenSCAP scanning into AWS CloudWatch. Thought it was pretty cool & wanted to share: Overview This openscap-aws rpm is intended to be used on CentOS or Red Hat AWS instances and will configure them to self-scan each day, publish score metrics to CloudWatch and optionally report any failures to an SNS topic. As the scan score is a percentage of pass/fail findings and some tests may not be applicable to your environment the use of a tailoring file to specify which failures have been accepted by your organization makes this much more effective because then you can require that scans have a 100% score. Code: https://github.com/ICFI/openscap-aws Docs: https://icfi.github.io/openscap-aws/docs.html THIS MESSAGE IS FOR THE USE OF THE INTENDED RECIPIENT(S) ONLY AND MAY CONTAIN INFORMATION THAT IS PRIVILEGED, PROPRIETARY, CONFIDENTIAL, AND/OR EXEMPT FROM DISCLOSURE UNDER ANY RELEVANT PRIVACY LEGISLATION. No rights to any privilege have been waived. If you are not the intended recipient, you are hereby notified that any review, retransmission, dissemination, distribution, copying, conversion to hard copy, taking of action in reliance on or other use of this communication is strictly prohibited. If you are not the intended recipient and have received this message in error, please notify me by return e-mail and delete or destroy all copies of this message.
_______________________________________________ scap-security-guide mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/[email protected]/message/TCLGA27TMIBL7BAPAMJCSIXRKKRU5FX4/
