(Mini-Tutorial) Automated Security Compliance Evaluation of Your Infrastructure with SCAP

A session at LISA15

Wednesday 11th November, 2015

4:00pm to 5:30pm (EST)

SCAP is a set of specifications related to security compliance. The primary use-case is to ensure a system is configured according to a predefined policy. It is heavily used in government, defense, and finance industries.

In this tutorial we will go through all the necessary steps towards a continuous compliance setup of an infrastructure. We will start by installing the tools and preparing the SCAP content. Then we will proceed to scan a single machine for compliance, further refining the content. After that we will explore how to scan it continuously and how to scan multiple machines at once.

Note: Fedora 22 or a Fedora 22 VM recommended. RHEL6, RHEL7, CentOS6, and CentOS7 have older versions of the packages but an additional repository can be enabled to get the latest versions. Other distributions may or may not work, depending on packaging status of the SCAP tools.

Who should attend:
System administrators, especially government, defense, telecommunication, finance and payment processing decision-makers that are thinking about adopting SCAP or improving proactive security.

Take back to work:

  • What is SCAP? Where can it be used?
  • Where do I get SCAP content? Where do I get the tools?
  • Ability to customize existing SCAP content for my needs
  • How to deploy customized SCAP content for a single machine and multiple machines

Topics include:

  • OpenSCAP
  • SCAP Workbench
  • oscap
  • oscap-ssh
  • oscap-docker
  • security policy tailoring/customization
  • SCE
  • Spacewalk/Satellite 5 SCAP integration
  • Foreman/Satellite 6 SCAP integration
  • USGCB, PCI-DSS, DISA STIG compliance

About the speaker

This person is speaking at this event.
Martin Preisler

I work at Red Hat doing security - mainly #OpenSCAP, SCAP Workbench and SCAP Security Guide. bio from Twitter

Sign in to add slides, notes or videos to this session

Tell your friends!


Time 4:00pm5:30pm EST

Date Wed 11th November 2015

Session Hash Tag


Short URL


View the schedule


See something wrong?

Report an issue with this session