Chapter 15 - Auditing Security Policy with OpenSCAP

  1. Security Content Automation Protocol.
  2. SCAP policies can audit your systems against a given standard - for example the CIS Benchmarks discussed in this book, or the PCI-DSS (Payment Card Industry - Data Security Standard) requirements. There are many pre-written policies available, and with open source tools such as OpenSCAP, you can write your own policies with your own requirements. This is valuable to the enterprise in being able to run audits against Linux servers and ensure they remain compliant with a chosen standard.
  3. You would most likely the OpenSCAP Daemon for this purpose.
  1. At a fundamental level, the OVAL file contains the low level system checks the scanning engine should perform. ...

Get Hands-On Enterprise Automation on Linux now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.