[SCAP-On-Apple-Dev] [Fed-Talk] What happened with SCAP-on-Apple?
David Solin
david at joval.org
Tue Jun 3 13:01:11 PDT 2014
jOVAL is currently soliciting for beta testers for automated STIG
evaluation on Apple OSX. Those interested should contact jOVAL via
http://joval.org/contact for more information.
[NB: cross-posting to the scap-on-apple list]
Regards,
--David Solin
On 2/10/2014 4:56 PM, Colvin, Ron (GSFC-700.0)[VALADOR INC] wrote:
> For those on the list using CIS or looking for security guidance
> rather than compliance the Benchmark for 10.8 was released last week.
> We are hoping to get 10.9 out in a couple months, depending on how
> many changes there are from 10.8.
>
> https://benchmarks.cisecurity.org/downloads/show-single/?file=osx108.100
>
> Mobile
>
> On Feb 10, 2014, at 5:40 PM, "John Oliver" <john.n.oliver.ctr at navy.mil
> <mailto:john.n.oliver.ctr at navy.mil>> wrote:
>
>> It looks like that project is languishing. This makes me sad.
>>
>> I attended (virtually) the OSD Apple Engineering Coalition
>> <https://dodaec.osd.mil/> kickoff last week, and, coincidentally,
>> just found out about and volunteered for a working group to address
>> enterprise management of Macs at SSC. One of the obvious issues we
>> have with Macs on a government network is STIGs, the rapid release
>> and die-off schedule for OSX, and the three years it takes DISA to
>> release a STIG (BTW: I believe we can expect a STIG for Mountain Lion
>> maybe in a month or so?)
>>
>> Red Hat addressed this issue with their own open source SCAP Security
>> Guide <https://fedorahosted.org/scap-security-guide/> project.
>> That's the official upstream for STIGs for Red Hat now, and they can
>> get it done in about a year. Something like this would be a
>> tremendous resource for Apple and for those of us who use Apple products.
>>
>> I hope we can light a fire and help SCAP-on-Apple to succeed!
>>
>> Anyone who's interested in DoDAEC – I can forward on some info to
>> anyone with a CAC who works on a DoD program. They created a trifold
>> but it weighs in at 12MB so I won't be attaching it :-)
>>
>>
>> --
>>
>> John Oliver | SAIC
>>
>> Defense & Maritime Solutions
>>
>> Surveillance and Reconnaissance Solutions Division
>>
>> SPAWAR Systems Center Pacific | Code 53223
>>
>> Sr. Systems Administrator
>>
>> Bldg 600 | Room 428N
>>
>> Office: (619) 553-9567
>>
>> john.n.oliver at saic.com <mailto:john.n.oliver at saic.com>
>>
>> joliver at spawar.navy.smil.mil <mailto:joliver at spawar.navy.smil.mil>
>>
>> DCO: john.oliver8 at chat.dco.dod.mil
>> <mailto:john.oliver8 at chat.dco.dod.mil>
>>
>> _______________________________________________
>> Do not post admin requests to the list. They will be ignored.
>> Fed-talk mailing list (Fed-talk at lists.apple.com
>> <mailto:Fed-talk at lists.apple.com>)
>> Help/Unsubscribe/Update your Subscription:
>> https://lists.apple.com/mailman/options/fed-talk/ron.colvin%40nasa.gov
>>
>> This email sent to ron.colvin at nasa.gov <mailto:ron.colvin at nasa.gov>
>
>
> _______________________________________________
> Do not post admin requests to the list. They will be ignored.
> Fed-talk mailing list (Fed-talk at lists.apple.com)
> Help/Unsubscribe/Update your Subscription:
> https://lists.apple.com/mailman/options/fed-talk/david%40joval.org
>
> This email sent to david at joval.org
--
jOVAL.org: SCAP Simplified.
Learn More <http://www.joval.org> | Features
<http://www.joval.org/features/> | Download
<http://www.joval.org/download/>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.macosforge.org/pipermail/scap-on-apple-dev/attachments/20140603/cbe797a7/attachment.html>
More information about the SCAP-On-Apple-Dev
mailing list