Re: Baseline Config Audit policy creation or modification

[Jerome Athias <athiasjerome () gmail com>]

Hi,

they could (should) be all translated in XCCDF
http://scap.nist.gov/specifications/xccdf/

Now, in these tools, you can use the profiles as is, or use the defined
ones and customize them.

More info on the benchmarks
http://frhack.org/research/xorcism.php


2013/7/26 Albert R. Campa <abcampa () gmail com>

> Hello everyone. :)
>
> I am doing some work on baseline/benchmark/compliance/config auditing, and
> I would like to get some experience feedback on doing editing/modifcation
> of these benchmarks.
>
> As you know there are many standards CIS, DISA, PCI, etc, on many
> platforms, MS, Linux, DB, Cisco, etc.
>
> My questions is for anyone who does this are the following:
>
> Do you use default policies from CIS, DISA, etc and run with that?
> Do you use a CIS, DISA, etc as a start and then modify to org standards?
> Or do you just create a baseline from scratch?
>
> I created a blog post on this, showing my point of view using Nessus and
> Nexpose.
>
> http://compusec.org/2013/07/25/configuration-benchmark-auditing-with-nexpose-and-nessus/
>
> I also want to find out from you how useful would a gui be to edit/create
> these audit policies? If you read the blog post you will see where I am
> coming from, as well as Tenable/Rapid7 point of view. Hopefully we have
> some Nexpose users on this list. ;)
>
> Thanks,
>
> Albert Campa
>
> _______________________________________________
> Pauldotcom mailing list
> Pauldotcom () mail pauldotcom com
> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> Main Web Site: http://pauldotcom.com
_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com