Replies: 1 comment
-
|
Hi @Xyz00777 Thank you for sharing your concerns. SCA was created to perform Security Configuration Assessments natively, along with a new YAML format for the SCA policies. Although the default policies are based on CIS benchmarks, this new format count with several advantages for us:
Apart from that, the Wazuh team has made a great effort to provide good policy coverage, up to date with the available CIS benchmarks. Here you can check the currently available policies. If you are missing anyone, feel free to open us an issue with the policy request and we will be happy to attend it. The Wazuh team is continuously working on having these policies as updated as possible. Here you can check the current work in this area. In addition, the SCA documentation provides a guide to creating your own SCA policies. |
Beta Was this translation helpful? Give feedback.
Uh oh!
There was an error while loading. Please reload this page.
-
Hi i seen that in the new wazuh 5 version openscap will be removed completly and im quite confused why?
As far as i know only the OVAS for vulnerability informations are getting removed but not the XCCDF information about missconfiguration of systems against baselines. Yes you have built an alternative but i dont understand why you build something own when something already working is there and the OpenScap project is still getting maintained and developed on. At least i would let it the server side, so Deployments still can use OpenScap for misconfiguration checks.
Beta Was this translation helpful? Give feedback.
All reactions