content icon indicating copy to clipboard operation
content copied to clipboard

verified publisher icon ComplianceAsCode

Metadata

Security automation content in SCAP, Bash, Ansible, and other formats

Results 630 content issues
Sort by recently updated
recently updated
newest added

Update ansible_playbook_to_role util for RHEL 9

#### Description of problem: The current ansible_playbook_to_role.py utility does not include support for converting RHEL 9 playbooks to roles. Utility needs to be updated to support the new RHEL 9...

dmc5179 avatar dmc5179

syslog-ng and rsyslog failed and conflict on debian 12

#### Description of problem: With the profile : xccdf_org.ssgproject.content_profile_anssi_np_nt28_high on a Debian12 i have two rules failed : - Ensure syslog-ng is Installed - Enable syslog-ng Service So i installed...

inaz0 avatar inaz0

Debian

Remove remediations for security_patches_up_to_date

4 comment

#### Description: Remove remediations for security_patches_up_to_date #### Rationale: Part of removing this rule from various profiles.

Mab879 avatar Mab879

Update Rule

Check ufw is active

5 comment

#### Description: - Only check whether the ufw is active after ufw service is enable instead of configuring the ufw. #### Rationale: - Ensure ongoing compliance with remote access policies...

alanmcanonical avatar alanmcanonical

Ubuntu
New Rule
needs-ok-to-test
STIG

Better description and test scenarios for set_nftables_table

4 comment

#### Description: This PR makes some improvements in `set_nftables_table`: - Adopt variables also in rule description - Include warning about check and remediation only in run-time - Make Bash remediation...

marcusburghardt avatar marcusburghardt

Test Suite
Update Rule

Stop building -ds-1.2.xml data streams

4 comment

#### Description: This change will stop building the -ds-1.2.xml data streams. These data streams are marked as SCAP 1.2 data streams, but they aren't SCAP 1.2 compatible, because they contain...

jan-cerny avatar jan-cerny

Infrastructure

OpenSCAP Ubuntu 20.04 STIG Profile Issue with Banner Test

2 comment

#### Description of problem: The DISA STIG item UBTU-20-010038 says that "The Ubuntu operating system must display the Standard Mandatory DoD Notice and Consent Banner before granting any local or...

bdou avatar bdou

Ubuntu
STIG

Should files in /tmp be checked for permissions when using tmpfs?

#### Description of problem: Some policies require a separate partition for `/tmp` but when this is not required and `/tmp` uses a `tmpfs` file system, the mount point will be...

marcusburghardt avatar marcusburghardt

OVAL

Add OSCAL Component Definitions as a release artifact

1 comment

#### Share the context Utilities were added to the content repository to create OSCAL Component definitions from the compliance data stored in YAML. This allows user/devs to create OSCAL Component...

jpower432 avatar jpower432

enhancement
OSCAL

incorrectly failing for a multiple DNS rule

#### Description of problem: I am trying to harden UBI 8 base images using the openscap tool. The scanner has a rule: xccdf_org.ssgproject.content_rule_network_configure_name_resolution which checks the /etc/resolv.conf file for multiple...

2000rosser avatar 2000rosser

Metadata

2.1k
Stars
671
Forks
Watchers

Owner

verified publisher icon ComplianceAsCode

Metadata

Security automation content in SCAP, Bash, Ansible, and other formats

Back