Tag Archives: DISA

.audit-based Compliance Management in Nessus

In this post I will briefly describe how Nessus .audit-based Compliance Management works, why I like it, what could be improved and why I suppose Tenable won’t do it soon. 😉

Nessus compliance checks are mainly presented in a form of special .audit scripts. This scripting language is very different from familiar NASL (Nessus Attack Scripting Language).

Basically, it is a collection of universal checks for various objects (e.g. existence of the line or parameter in the file, access permissions of the file,  service status, etc.). Of course, nowadays Сompliance Management is not only about Operating System and software (mis)configuration. We have different network devices, databases, cloud services, etc. but originally it was the main case.

By combining the universal checks  any requirement of low-level configuration standard (CIS, DISA, etc.) can be implemented. The similar principles are used in OVAL/SCAP content.

Continue reading

SteelCloud ConfigOS

Sometimes LinkiedIn shows me an interesting advertising. For example, today I watched a  recorded demo of SteelCloud ConfigOS. It is a proprietary tool that performs automated DISA STIGs compliance checking for RHEL or Windows  and provides automated remediation.

Well, as it works automatically, it  won’t make custom SELinux configuration for you, for example. In the other hand, this software is for the US military and related organizations, where everything should be highly standardized.

Scan running

scan_running

Continue reading

Altx-Soft ComplianceCheck against cryptolockers and ransomware

ComplianceChecker is a free Compliance Management tool made by Altx-Soft, a security product company from Moscow Region, Russia. Altx-Soft is known abroad mainly as a Top OVAL Contributor, they have been on award-list every quarter since 2012. Their flagman product, RedCheck, is a SCAP-compatible vulnerability and compliance scanner. They also produce family of “Check”-products for controlling and managing Windows operating systems.

Altx-Soft ComplianceChecker scanning results

ComplianceChecker is a promo product for the potential RedCheck buyers. It similar to RedCheck with the most management features cutted off. It can scan only the localhost.

ComplianceChecker is positioned mainly as an utility for SOHO/Home users and it’s not a secret, that on this market Compliance Management solutions are still an exotic. How could they attract the attention of an ordinary people? Altx-Soft took the hottest security topic of 2014-2015 – cryplockers and ransomware, that nowadays are the real threat for literally all kind of platform and especially Windows desktops. Altx-Soft tried to spread the message, that the best way to protect operating system from this kind of malware is to configure it properly. And it’s hard to disagree. So, they made a tool for the security assessment – ComplianceChecker, and made some other tools configure to operating systems (free for RedCheck users). Continue reading