Wednesday 11th November, 2015
4:00pm to 5:30pm
SCAP is a set of specifications related to security compliance. The primary use-case is to ensure a system is configured according to a predefined policy. It is heavily used in government, defense, and finance industries.
In this tutorial we will go through all the necessary steps towards a continuous compliance setup of an infrastructure. We will start by installing the tools and preparing the SCAP content. Then we will proceed to scan a single machine for compliance, further refining the content. After that we will explore how to scan it continuously and how to scan multiple machines at once.
Note: Fedora 22 or a Fedora 22 VM recommended. RHEL6, RHEL7, CentOS6, and CentOS7 have older versions of the packages but an additional repository can be enabled to get the latest versions. Other distributions may or may not work, depending on packaging status of the SCAP tools.
Who should attend:
System administrators, especially government, defense, telecommunication, finance and payment processing decision-makers that are thinking about adopting SCAP or improving proactive security.
Take back to work:
I work at Red Hat doing security - mainly #OpenSCAP, SCAP Workbench and SCAP Security Guide. bio from Twitter
Sign in to add slides, notes or videos to this session