Skip to content

UHL-Hosting/scaptimony

 
 

Repository files navigation

SCAPtimony

SCAPtimony project gives full testimony about compliance of your infrastructure. SCAPtimony is SCAP storage and database server build on top of OpenSCAP library. SCAPtimony can be deployed as a part of your Rails application (i.e. Foreman) or as a stand-alone sealed server.

  • Current features:
    • Achieve SCAP audit results from your infrastructure
      • Provide API for tools to upload collected SCAP results
    • Define security/compliance policies
      • Upload SCAP content and assign it with the policy
      • Set-up a periodical schedule of audits for the policy
      • Organization defined targeting (Assign a set of nodes with the policy)
    • Result post-processing
      • Search SCAP results
      • Search for non-compliant systems
      • Search for not audited systems
    • Rails artefacts to display audit results within your application
  • Future features:
    • Define security/compliance policies
      • Archive distinct versions of the policy
      • Define known-issues and waivers (Assign waivers with a set of nodes and the policy)
      • Set-up rules for automated deletion of results
    • vulnerability assessment (processing OVAL CVE streams)
    • Result post-processing
      • Comparison of audit results
      • Waive known issues
        • One time waivers of a report
        • Set-up periodic waivers for a given policy and system
        • Set a waiver expirations time (to give the time to remediate things)
        • Calculate score before and after waiver (ammount of risk accepted needs to be made available to the authorizing official)
    • Let us know, if your feature is missing.

Installation from RPMs

  • Enable isimluk/OpenSCAP COPR repository

  • Install SCAPtimony

    yum install rubygem-scaptimony ruby193-rubygem-scaptimony
    

Installation from upstream git

  • Get SCAPtimony sources

    $ git clone https://github.com/OpenSCAP/scaptimony.git
    
  • Build SCAPtimony RPM (instructions for Red Hat Enterprise Linux 6)

    Enable Software Collections as per instructions.

    $ cd scaptimony
    $ gem build scaptimony.gemspec
    # yum install yum-utils rpm-build scl-utils scl-utils-build ruby193-rubygems-devel ruby193-build ruby193
    # yum-builddep extra/rubygem-scaptimony.spec
    $ rpmbuild  --define "_sourcedir `pwd`" --define "scl ruby193" -ba extra/rubygem-scaptimony.spec
    
  • Install SCAPtimony RPM

    # yum localinstall ~/rpmbuild/RPMS/noarch/ruby193-rubygem-scaptimony-*.noarch.rpm
    

Usage

Users are currently adviced to use SCAPtimony only through foreman_openscap.

Copyright

Copyright (c) 2014 Red Hat, Inc.

This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program. If not, see http://www.gnu.org/licenses/.

About

SCAPtimony is SCAP database and storage server

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages

  • Ruby 91.6%
  • HTML 5.8%
  • JavaScript 1.4%
  • CSS 1.2%