SteelCloud ConfigOS. Sometimes LinkiedIn shows me an interesting advertising. For example, today I watched a recorded demo of SteelCloud ConfigOS. It is a proprietary tool that performs automated DISA STIGs compliance checking for RHEL or Windows and provides automated remediation.
Well, as it works automatically, it won’t make custom SELinux configuration for you, for example. In the other hand, this software is for the US military and related organizations, where everything should be highly standardized.
Scan running
Scan results
Automated remediation
By the way, this product resembles me Secpod Saner: similar combination of SCAP checks and proprietary scripts for remediation. The difference is that ConfigOS utility works agentless.
Hi! My name is Alexander and I am a Vulnerability Management specialist. You can read more about me here. Currently, the best way to follow me is my Telegram channel @avleonovcom. I update it more often than this site. If you haven’t used Telegram yet, give it a try. It’s great. You can discuss my posts or ask questions at @avleonovchat.
А всех русскоязычных я приглашаю в ещё один телеграмм канал @avleonovrus, первым делом теперь пишу туда.
Pingback: Remediation capabilities of Vulnerability Management products | Alexander V. Leonov