Sometimes LinkiedIn shows me an interesting advertising. For example, today I watched a  recorded demo of SteelCloud ConfigOS. It is a proprietary tool that performs automated DISA STIGs compliance checking for RHEL or Windows  and provides automated remediation.

Well, as it works automatically, it  won’t make custom SELinux configuration for you, for example. In the other hand, this software is for the US military and related organizations, where everything should be highly standardized.

Scan running

Scan results

Automated remediation

By the way, this product resembles me Secpod Saner: similar combination of SCAP checks and proprietary scripts for remediation. The difference is that ConfigOS utility works agentless.

Alexander Leonov

Hi! My name is Alexander and I am an Information Security Automation specialist. You can read more about me here. Currently, the best way to follow me is my Telegram channel @avleonovcom. I update it more often than this site. If you haven’t used Telegram yet, give it a try. It’s great. You can discuss my posts or ask questions at @avleonovchat.

• Last Week's Security news: Pegasus, SeriousSAM, Sequoia
• My thoughts on the "2021 Gartner Market Guide for Vulnerability Assessment". What about the quality?
• Last Week’s Security news: Exploits for ForgeRock, vSphere, Apache Tomcat, new Print Spooler vuln, Kaseya Patch and REvil, SolarWinds, Schneider Electric, Bulletins

Set your Author Custom HTML Tab Content on your Profile page