Scap scanning with custom checks

Is there a way to create a scap package to be run by morpheus which would audit the results / desired state

eg: check is a registry is present, socket is open/closed

Scap workbench could be used SCAP Workbench | OpenSCAP portal

anyone used it?

Hey @aabraham I haven’t personally used the SCAP workbench to create new benchmarks. I tend to use existing benchmarks. This repository is a good resource for benchmarkshttps://public.cyber.mil/stigs/scap/ which covers lots of different targets. The oscap docs suggests you can use workbench to create a new profile. SCAP Workbench User Manual information about the XCCDF Specification can be found here: Security Content Automation Protocol | CSRC

1 Like