Sometimes LinkiedIn shows me an interesting advertising. For example, today I watched a recorded demo of SteelCloud ConfigOS. It is a proprietary tool that performs automated DISA STIGs compliance checking for RHEL or Windows and provides automated remediation.
Well, as it works automatically, it won’t make custom SELinux configuration for you, for example. In the other hand, this software is for the US military and related organizations, where everything should be highly standardized.
Scan running
Scan results
Automated remediation
By the way, this product resembles me Secpod Saner: similar combination of SCAP checks and proprietary scripts for remediation. The difference is that ConfigOS utility works agentless.
Hi! My name is Alexander and I am an Information Security Automation specialist. You can read more about me here. Currently, the best way to follow me is my Telegram channel @avleonovcom. I update it much more often than this site. If you haven’t used Telegram yet, give it a try. It’s great. You can also discuss my posts or ask a question at @avleonovchat.
Pingback: Remediation capabilities of Vulnerability Management products | Alexander V. Leonov