On Thu, Mar 5, 2020, at 12:57 PM, Jeff Bachtel wrote: > Good day. I am trying to apply current RHEL7 STIG guidance to AWS EC2 > instances and have run into issues. Could someone check my conclusions > below and let me know if I missed something? > > - OpenSCAP doesn't yet support RHEL7 STIG V2R6 in its in-tree code > (including remediation code) > - The NIST NCP for RHEL7 from > https://github.com/ComplianceAsCode/content/tree/master/rhel7 doesn't > yet include STIG V2R4 remediations > - The actual DISA RHEL7 STIG XCCDF file does not include fixes, such > that OpenSCAP could use it to generate remediation scripts > - https://github.com/MindPointGroup/RHEL7-STIG is probably the best > RHEL7 STIG remediation script that's publicly available >
All correct from my perspective. V/r, James Cassell _______________________________________________ scap-security-guide mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected]
