Skip to content
This repository was archived by the owner on Feb 28, 2020. It is now read-only.
This repository was archived by the owner on Feb 28, 2020. It is now read-only.

InSpec hardening and baselines need to be grouped by Compliance Standard ( move this to the right project ) #7

Open
Open
InSpec hardening and baselines need to be grouped by Compliance Standard ( move this to the right project )#7
Assignees
sauriollukemalinowski
@aaronlippold

Description

@aaronlippold
aaronlippold
opened on Aug 20, 2018

InSpec Profile Baselines

The MITRE InSpec Team has been working with
Dev-Sec Project
( www.place.io )
The devsec project is the open source community building inspec profiles that are best-practice and service driven rather than just one-to-one alignment with a formal compliance guidance document. The dev-sec community focus on helping build hardening and validation around services and capabilities that you can use as reference or as part of inherited profiles to help you build more security systems.

  • apache
    • baseline
    • hardening
  • ssl

DISA STIG
( iase.disa.mil/stigs... )
The DISA Security Technical Implementation Guides are ... . They are derived security guidance from the DISA Security Requirements Guides which outline the general security guidance .... ( I am sure you can find a desc on the IASE site )

  • CrunchyDB baseline
  • CrunchyDB Hardening
  • SIMP RHEL7 STIG
  • RHEL hardening ...

CIS Benchmarks
( www.cisbenchmarks... )
( From the website desc )

Integration, Examples & Demos

Examples and demos of full and 'micro-profiles' showing various validation and security issues that InSpec can help solve. These are also g

  • ...
  • ...
    ...

Metadata

Metadata

Assignees

Labels

No labels
No labels

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions