For RMF is there a way to upload the scan results in eMASS or do you have to fill out the exported Excel document that lists all the hundreds of controls by hand?
You'd think eMASS would easily take xccdf or ckl files but as far as I know they don't. I think there have been a few open source projects to merge results into a .CSV to make loading easier.
Great video for newbie! Can you make a video for after completing stigging and making as much as you can compliant. How to take the stig gpo and import into AD to apply to workstation and servers.
I'll give that a look, GPOs wouldn't be hard but manually going over the nix ones is pretty intensive and usually sites will have a nix sme to script the hardening.
Great Video, and was able to easily follow along. If you have tenable... can you make a video of doing the SCAP scans using the benchmarks imported to Nessus/Tenable.sc? Also....Where's part 2? ;)
I don't have a trial license with tenable but can hopefully get one to show importing disa XMLs vs using native nessus .audit files. The unlocked feature is no longer supported so that shot down part 2, but the Linux plugin works now so maybe I'll do a vid in that!
A great demo/how-to!
Great video, new to the environment and I was struggling till I came across your video. Keep up the great work.
token guy. thx
For RMF is there a way to upload the scan results in eMASS or do you have to fill out the exported Excel document that lists all the hundreds of controls by hand?
You'd think eMASS would easily take xccdf or ckl files but as far as I know they don't. I think there have been a few open source projects to merge results into a .CSV to make loading easier.
Great video for newbie! Can you make a video for after completing stigging and making as much as you can compliant. How to take the stig gpo and import into AD to apply to workstation and servers.
I'll give that a look, GPOs wouldn't be hard but manually going over the nix ones is pretty intensive and usually sites will have a nix sme to script the hardening.
Great Video, and was able to easily follow along. If you have tenable... can you make a video of doing the SCAP scans using the benchmarks imported to Nessus/Tenable.sc?
Also....Where's part 2? ;)
I don't have a trial license with tenable but can hopefully get one to show importing disa XMLs vs using native nessus .audit files. The unlocked feature is no longer supported so that shot down part 2, but the Linux plugin works now so maybe I'll do a vid in that!
Posted part 2 showing that the unix scan plugin is now working.
Is there a way to view MySQL checks or a way to automate against a DB
Hey brother. Do you have any automated templates/benchmark for scanning using SCC for L2/3 NAD?
Sorry, I do not