<html>
<head>
<meta content="text/html; charset=UTF-8" http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
jOVAL is currently soliciting for beta testers for automated STIG
evaluation on Apple OSX. Those interested should contact jOVAL via
<a class="moz-txt-link-freetext" href="http://joval.org/contact">http://joval.org/contact</a> for more information.<br>
<br>
[NB: cross-posting to the scap-on-apple list]<br>
<br>
Regards,<br>
--David Solin<br>
<br>
<div class="moz-cite-prefix">On 2/10/2014 4:56 PM, Colvin, Ron
(GSFC-700.0)[VALADOR INC] wrote:<br>
</div>
<blockquote cite="mid:DD4E62E5-8F28-4662-AA72-481D8FAFBBD5@nasa.gov"
type="cite">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<div>For those on the list using CIS or looking for security
guidance rather than compliance the Benchmark for 10.8 was
released last week. We are hoping to get 10.9 out in a couple
months, depending on how many changes there are from 10.8. </div>
<div><br>
</div>
<div><a moz-do-not-send="true"
href="https://benchmarks.cisecurity.org/downloads/show-single/?file=osx108.100">https://benchmarks.cisecurity.org/downloads/show-single/?file=osx108.100</a><br>
<br>
Mobile</div>
<div><br>
On Feb 10, 2014, at 5:40 PM, "John Oliver" <<a
moz-do-not-send="true"
href="mailto:john.n.oliver.ctr@navy.mil">john.n.oliver.ctr@navy.mil</a>>
wrote:<br>
<br>
</div>
<blockquote type="cite">
<div>
<div>
<div>
<div>It looks like that project is languishing. This
makes me sad.</div>
<div><br>
</div>
<div>I attended (virtually) the <a moz-do-not-send="true"
href="https://dodaec.osd.mil/">OSD Apple Engineering
Coalition</a> kickoff last week, and, coincidentally,
just found out about and volunteered for a working group
to address enterprise management of Macs at SSC. One of
the obvious issues we have with Macs on a government
network is STIGs, the rapid release and die-off schedule
for OSX, and the three years it takes DISA to release a
STIG (BTW: I believe we can expect a STIG for Mountain
Lion maybe in a month or so?)</div>
<div><br>
</div>
<div>Red Hat addressed this issue with their own open
source <a moz-do-not-send="true"
href="https://fedorahosted.org/scap-security-guide/">
SCAP Security Guide</a> project. That's the official
upstream for STIGs for Red Hat now, and they can get it
done in about a year. Something like this would be a
tremendous resource for Apple and for those of us who
use Apple products.</div>
<div><br>
</div>
<div>I hope we can light a fire and help SCAP-on-Apple to
succeed!</div>
<div><br>
</div>
<div>Anyone who's interested in DoDAEC – I can forward on
some info to anyone with a CAC who works on a DoD
program. They created a trifold but it weighs in at
12MB so I won't be attaching it :-)</div>
<div>
<p class="MsoNormal" style="margin: 0in 0in 0.0001pt;
font-size: 11pt; "><br>
</p>
<p class="MsoNormal" style="margin: 0in 0in 0.0001pt;
font-size: 11pt; ">--<o:p></o:p></p>
<p class="MsoNormal" style="margin: 0in 0in 0.0001pt;
font-size: 11pt; "> John Oliver | SAIC<o:p></o:p></p>
<p class="MsoNormal" style="margin: 0in 0in 0.0001pt;
font-size: 11pt; "> Defense & Maritime Solutions<o:p></o:p></p>
<p class="MsoNormal" style="margin: 0in 0in 0.0001pt;
font-size: 11pt; "> Surveillance and Reconnaissance
Solutions Division<o:p></o:p></p>
<p class="MsoNormal" style="margin: 0in 0in 0.0001pt;
font-size: 11pt; "> SPAWAR Systems Center Pacific |
Code 53223<o:p></o:p></p>
<p class="MsoNormal" style="margin: 0in 0in 0.0001pt;
font-size: 11pt; "> Sr. Systems Administrator<o:p></o:p></p>
<p class="MsoNormal" style="margin: 0in 0in 0.0001pt;
font-size: 11pt; "> Bldg 600 | Room 428N<o:p></o:p></p>
<p class="MsoNormal" style="margin: 0in 0in 0.0001pt;
font-size: 11pt; "> Office: (619) 553-9567<o:p></o:p></p>
<p class="MsoNormal" style="margin: 0in 0in 0.0001pt;
font-size: 11pt; "> <a moz-do-not-send="true"
href="mailto:john.n.oliver@saic.com" style="color:
blue; ">john.n.oliver@saic.com</a></p>
<p class="MsoNormal" style="margin: 0in 0in 0.0001pt;
font-size: 11pt; "> <a moz-do-not-send="true"
href="mailto:joliver@spawar.navy.smil.mil">joliver@spawar.navy.smil.mil</a></p>
<p class="MsoNormal" style="margin: 0in 0in 0.0001pt;
font-size: 11pt; "> DCO: <a moz-do-not-send="true"
href="mailto:john.oliver8@chat.dco.dod.mil">
john.oliver8@chat.dco.dod.mil</a></p>
</div>
</div>
</div>
</div>
</blockquote>
<blockquote type="cite">
<div><span>_______________________________________________</span><br>
<span>Do not post admin requests to the list. They will be
ignored.</span><br>
<span>Fed-talk mailing list (<a moz-do-not-send="true"
href="mailto:Fed-talk@lists.apple.com">Fed-talk@lists.apple.com</a>)</span><br>
<span>Help/Unsubscribe/Update your Subscription:</span><br>
<span><a moz-do-not-send="true"
href="https://lists.apple.com/mailman/options/fed-talk/ron.colvin%40nasa.gov">https://lists.apple.com/mailman/options/fed-talk/ron.colvin%40nasa.gov</a></span><br>
<span></span><br>
<span>This email sent to <a moz-do-not-send="true"
href="mailto:ron.colvin@nasa.gov">ron.colvin@nasa.gov</a></span></div>
</blockquote>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap=""> _______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (<a class="moz-txt-link-abbreviated" href="mailto:Fed-talk@lists.apple.com">Fed-talk@lists.apple.com</a>)
Help/Unsubscribe/Update your Subscription:
<a class="moz-txt-link-freetext" href="https://lists.apple.com/mailman/options/fed-talk/david%40joval.org">https://lists.apple.com/mailman/options/fed-talk/david%40joval.org</a>
This email sent to <a class="moz-txt-link-abbreviated" href="mailto:david@joval.org">david@joval.org</a></pre>
</blockquote>
<br>
<br>
<div class="moz-signature">-- <br>
<p style="color: #333; font: normal 11px/16px 'Droid Sans', Arial,
sans-serif;"> <span style="font-size:14px;line-height:18px;">jOVAL.org:
SCAP Simplified.</span><br>
<a style="color:#360;" href="http://www.joval.org">Learn More</a>
| <a style="color:#360;" href="http://www.joval.org/features/">Features</a>
| <a style="color:#360;" href="http://www.joval.org/download/">Download</a>
</p>
</div>
</body>
</html>