[Openstack-security] Security Guideline pdf + SCAP implementation
Luke Hinds
lhinds at redhat.com
Wed Nov 16 11:50:44 UTC 2016
On Wed, Nov 16, 2016 at 10:16 AM, Antonin M <anto0192 at orange.fr> wrote:
> Hi all,
>
>
>
> It might be a simple question, but I haven't find a way to do so. I would
> like to know if it is possible to download the Security Guide (
> http://docs.openstack.org/security-guide/) in pdf?
>
I thought there used to be one, but it seems not. You could use the rst2pdf
sphinx plugin, and I will also ask on the OSSP IRC meeting tomorrow.
> My other question is about SCAP files (https://scap.nist.gov/index.html).
> Is there any SCAP files available (OVAL/XCCDF…) in order to check the
> security compliance described in the Security Guide? If not, is it planned
> to generate those kind of files?
>
There are some that were put up as prototypes that use the same
recommendations as the security guide / security notes, but they are
outdated (OSP7 is Kilo)
https://github.com/OpenSCAP/scap-security-guide/tree/master/OpenStack/RHEL-OSP/7
I am planning to update these shortly to work with /master and then tag a
version for each release in the scap profiles.
I can email you when something is up that can be taking out for a test
drive.
Luke
>
>
> Best Regards,
>
> Antonin
>
> _______________________________________________
> Openstack-security mailing list
> Openstack-security at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-security
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-security/attachments/20161116/88c4b992/attachment.html>
More information about the Openstack-security
mailing list