Introduction to OpenScap
Jaskaran Singh Narula
Security Content Automation Protocol (SCAP) which is a collection of standards managed by National Institute of Standards and Technology (NIST). It was created to provide a standardized approach to maintaining the Security of enterprise system, such as automatically Verifying the presence of patched, checking system security configuration settings, and examining systems for signs of compromise. Along with this Audience will also have a good view of Foreman, how openscap can be integrated with foreman and become more useful and efficient to use.
What Audiance will take away?
Audiance after his talk will have a clear idea how the companies are using the most advance mechanisum to automate the security policies within the orginisation along with what they can do to contribute to the upstream and make their own profiles and set of security rules. What are the rules that are used by different companies in differnt working profile and how they want to have the better security protocals for them.
Audience will learn about Openscap. Tools used by openscap along with profiles and components of openscap. I will also through some light on how we all can have our own set of policies and how we can develop certain profiles and policies that will be custom of ourself and also useful for upstream. This talk will also involve how to deploy openscap, how to use different tools of openscap and warping up with the analysises of the reports generated by the scap policies. At the end you get a clear picture of openscap also with managing all the tools and reports by them.
1)Basic Linux Administrator Skills
2)Bits of security domain knowledge.
My name is Jaskaran Singh Narula and Currently working Red Hat as an Associate Technical support Engineer on Red Hat Satellite. I have been working with the Null open source security community for nearly 2 years. I have been an active member, speaker and volunteer at Bhopal Null Chapter. https://null.co.in/profile/5502-jaskaran-singh-narula