sluetze
sluetze
#### Description: Added notes and controls for BSI SYS.1.6 A17-A21 #### Rationale: As we have multiple customers asking for a BSI profile to be included in the compliance-operator, we are...
Hi, https://github.com/SovereignCloudStack/standards/blob/main/Standards/scs-0218-v1-container-registry-for-scs-standard-implementation.md?plain=1#L140-L144 states, that the development of Quay is in a downstream repository, which makes it hard to assert the contributors and their spread across companies. I am unsure, why...
#### Description: This PR adds two control files, enhances a profile profile and adds a rule. #### Rationale: Customers were asking for a OpenShift Compliance Operator Profile for BSI. Our...
#### Description: Removing `kubelet_configure_tls_cipher_suites_openshiftapiserver_operator` and `kubelet_configure_tls_cipher_suites_kubeapiserver_operator` and renaming `kubelet_configure_tls_cipher_suites_ingresscontroller` to create a more concise structure this is part of a larger effort to make all TLS Cipher Suites and their...
#### Description: This PR adds Cilium to the default regex which is checked to see if the CNI Plugin used provides support for network-policies. This PR also makes this value...
This scripts queries the stackrox API to export all risk factors associated with a specific deployment.
#### Description: This PR adds the ability to configure the cipher suites for the different components in OCP It also adds remediations / makes them configurable and fixes some minor...
#### Description: This PR rewrites the master_taint_noschedule test in a way that is compatible with Hypershift. #### Rationale: When running the bsi-profile on a hosted cluster in hypershift, the api-checks...