Compliance scanner findings #8168
Replies: 2 comments
-
|
Are you referring to findings for Security Onion itself, or vulnerability/compliance data ingestion? Some things you might find will not work OOB if you are attempting to apply STIGs, etc. |
Beta Was this translation helpful? Give feedback.
0 replies
-
|
Thanks for the question Wes. I am referring to the findings for SO ISO itself, not related to data ingestion. Yeah I expect as I (we?) move forward there will be some updates that we absolutely won't want to mess with. My goal here is to close that gap as much as realistically possible. Thoughts on proposed approach? |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Hello SO GURUS,
One of the requirements I believe many implementers will face will be to configure SO to be as close to 'compliant' as reasonably possible when scanned with a tool like nessus. Is there any interest in bringing some(?)of the recommended changes into the SO ISO? I am just starting to look at settings like password history, pam.d/sudo, etc. and am currently using a combination of local/common/init.sls and local/common/files to work down findings. If there is a more elegant solution then this please let me know. If you believe there is a need, I would be happy to submit a pull request.
Beta Was this translation helpful? Give feedback.
All reactions