Re: [Open-scap] Pleas explain this (Shawn Wells)

anks, Greg Silverman Mountain View, Ca -- next part -- An HTML attachment was scrubbed... URL: <https://www.redhat.com/archives/open-scap-list/attachments/20170412/a3ae3561/attachment.html> -- Message: 2 Date: Wed, 12 Apr 2017 17:05:38 -0400 From: Sh

Re: [Open-scap] Stigviewer

Are you referring to the DISA tool or the COTS/freeware tool ? > On Apr 12, 2017, at 7:42 PM, Shawn Wells wrote: > > > >> On 4/12/17 7:08 PM, Matthew wrote: >> Curious, what's the best way to use openscap, and be able to get >> results for stigviewer? > > IIRC, stigviewer

[Open-scap] Stigviewer

Curious, what's the best way to use openscap, and be able to get results for stigviewer? Matthew Conley 912-398-6704 ___ Open-scap-list mailing list Open-scap-list@redhat.com https://www.redhat.com/mailman/listinfo/open-scap-list

[Open-scap] Pleas explain this

Many of the generated fixes uses this idiom IFS=$'\n' ... unset $IFS IFS is a variable, but, $IFS is a character string, so, unsetting it does not restore IFS to its default value. What am I missing? Thanks, Greg Silverman Mountain View, Ca ___

Re: [Open-scap] Using OpenSCAP for vulnerability assessment

Hello Luther, Yes, SCAP Workbench and OpenSCAP can do vulnerability assessment as SCAP Workbench uses OpenSCAP under the hood. OpenVAS/Nexpose and other security tools used to do vulnerability assessment from an external point of view, using unauthenticated methods through the network, but in

[Open-scap] Using OpenSCAP for vulnerability assessment

I see that OpenSCAP has a vulnerability assessment function[1]. I wish to confirm if this functionality is present in the SCAP Workbench? I would like to know OpenSCAP compares with other tools like OpenVAS[2] and Vuls[3] in vulnerability assessment of existing software. Are they an apple to