BeyondTrust

Security In Context

Bringing you news and commentary on solutions and strategies for protecting your critical IT infrastructure.

Posts Tagged ‘SCAP’

SCAPblog-img2

Going Beyond SCAP for Benchmark Compliance

SCAP configuration compliance assessments, commonly referred to as “Benchmark” assessments, are traditionally cumbersome tasks when multiple benchmarks have to be tested against multiple targets at the same time. For the vast majority of SCAP-certified tools, this means executing one benchmark at a time against a valid host(s) and reviewing the results. The same targets often…

Post by Morey Haber February 24, 2014
Tags:
, , , , , ,
BeyondTrust is the expert source of VMware Security LEARN MORE
retinacs-img9

Creating a Gold Image SCAP Template for Windows

One of the challenges of Benchmark Configuration management is creating or modifying SCAP OVAL content to match your business policies and requirements. The following procedure is recommended to create custom Windows benchmarks for the Retina Network Security Scanner and Retina CS via local system policy, Local GPO, and Microsoft Security and Compliance Manager. For starters,…

Post by Bill Tillson March 21, 2013
Tags:
, , , ,
img-mobile

A Basic Guide to SCAP

The Security Content Automation Protocol (SCAP, pronounced S-cap) is a suite of open standards that when referenced together, deliver an automated vulnerability management, measurement, and policy compliance evaluation for network assets. The first version of the suite specification focused on standardizing communication of endpoint related data and to provide a standardized approach to maintaining the…

Post by Morey Haber March 24, 2011
Tags:
, ,
sticky

Automating Configuration Auditing

????????I want to discuss a rather simple use case with my readers that until recently, had a rather complex solution. Consider you are a major airline, corporation, or even a local government with thousands of systems that should be identical from a configuration perspective. These could be airline check-in kiosks, a call center handling support calls,…

Post by Morey Haber March 15, 2011
Tags:
, , , , , , , , ,

Too Many Regulatory Standards, Only One Tool Please

About every two years, I indulge myself with a new laptop. This time, I waited almost three years and will be retiring my old Dell XPS M1330 for a new Alienware M15x. I wanted raw horsepower for virtual machines in a laptop format and was not as concerned about battery life (since I carry an…

Post by Morey Haber November 12, 2010
Tags:
, , , , , , , , , , , , , , , , ,

Benchmarks as a Point of Reference

I have been reading Stephen Hawking’s new book, “The Grand Design” and am completely stunned by the analogies he uses to simplify perception, measurements, and even quantum physics. This book is not light reading and has had me looking up terms using old college textbooks and Google multiple times. The one thing that fascinates me…

Post by Morey Haber November 3, 2010
Tags:
, , , , , , , ,