Rootconf proposals for round the year in 2018

On DevOps, security, cloud and IT infrastructure

Introduction to OpenScap

Submitted by jaskaran narula (@jaskaransingh) on Monday, 5 February 2018

videocam_off

Technical level

Beginner

Section

Full talk

Status

Submitted

Vote on this proposal

Login to vote

Total votes:  +18

Abstract

Security Content Automation Protocol (SCAP) which is a collection of standards managed by National Institute of Standards and Technology (NIST). It was created to provide a standardized approach to maintaining the Security of enterprise system, such as automatically Verifying the presence of patched, checking system security configuration settings, and examining systems for signs of compromise. Along with this Audience will also have a good view of Foreman, how openscap can be integrated with foreman and become more useful and efficient to use.

What Audiance will take away?
Audiance after his talk will have a clear idea how the companies are using the most advance mechanisum to automate the security policies within the orginisation along with what they can do to contribute to the upstream and make their own profiles and set of security rules. What are the rules that are used by different companies in differnt working profile and how they want to have the better security protocals for them.

Outline

Audience will learn about Openscap. Tools used by openscap along with profiles and components of openscap. I will also through some light on how we all can have our own set of policies and how we can develop certain profiles and policies that will be custom of ourself and also useful for upstream. This talk will also involve how to deploy openscap, how to use different tools of openscap and warping up with the analysises of the reports generated by the scap policies. At the end you get a clear picture of openscap also with managing all the tools and reports by them.

Requirements

Requirements:
1)Basic Linux Administrator Skills
2)Bits of security domain knowledge.

Speaker bio

My name is Jaskaran Singh Narula and Currently working Red Hat as an Associate Technical support Engineer on Red Hat Satellite. I have been working with the Null open source security community for nearly 2 years. I have been an active member, speaker and volunteer at Bhopal Null Chapter. https://null.co.in/profile/5502-jaskaran-singh-narula

Comments

Login with Twitter or Google to leave a comment