openscap

ansible-role-openscap

Role to install the latest OpenSCAP.

The Security Content Automation Protocol (SCAP) is a U.S. standard maintained by the National Institute of Standards and Technology (NIST). SCAP provides a specification for system for vulnerability detetection and remediation.

SCAP supports the process of FISMA Compliance, and the National Vulnerability Database (NVD) is the U.S. government content repository for SCAP.

OpenSCAP implements the standard and version 1.0.8 was awarded "NIST SCAP 1.2 certification" in 2014. It is a project created and supported by Red Hat and as such, has tradtionally been focused on the Red Hat (and CentOS) operating systems. But it is a flexible, open standard (if a bit obscure) and its use across other platforms and applications is growing.

Note that this role will install OpenSCAP version 1.2.x which has not yet received NIST certification.

Quick start (testing with local vagrant instaces)

To make OpenSCAP easier/more manageable to use, see the GovReady toolkit role.

To install the latest openscap on your servers

Example openscap-playbook.yml:

- name: Install openscap on all servers
  hosts: servers
  roles:
    - { role: CivicActions.openscap, become: true }

Run command:

ansible-playbook -i inventory openscap-playbook.yml

About

Install OpenSCAP - security scanner

role content monitoring security

Install

ansible-galaxy install openprivacy/ansible-role-openscap

GitHub repository

1 stars

1 forks

0 open issues

License

Unknown

Downloads

Owner

Fen Labalme

CISSP. CISO at @CivicActions working to transform government by automating and enhancing the Authority to Operate (ATO) process with FOSS.