All articles about the Security Content Automation Protocol, or SCAP. This protocol consists of markup, tools, information, and applies also to Linux.

Using Open Source Auditing Tools as Alternative for CIS Benchmarks

Using Open Source Auditing Tools An alternative to CIS Benchmarks and hardening guides Hardening guides, and the CIS benchmarks in particular, are a great resource to check your system for possible weaknesses and conduct system hardening. But who has the time to read it cover to cover, and apply every single step? In this article we have a look at the alternative: open source auditing tools. Time.. Hardening is a time consuming task. As security specialists, we know that. It […]

Read more

Security Automation for Linux: Are Humans Still Needed?

Security automation for Linux: Are humans still needed? The problem with humans is that they are smart yet slow at the same time. They can’t react to simultaneous events and aren’t always working. Besides that, they make mistakes, have to deal with budgets and internal company politics. Information security is impacted by these effects as well. As you might have guessed the solution is in automation. SCAP (Security Content Automation Protocol) is one of the answers. Especially the automation part is interesting, […]

Read more