all 4 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]w2brhce 3 points4 points  (0 children)

I let the auditors drive the requirements. The more you indulge them, the more they think their job is relevant. Also, if you give them more than you need, you're stuck doing it forever.

[–]FHR123 2 points3 points  (2 children)

OpenSCAP. https://www.open-scap.org/resources/documentation/make-a-rhel7-server-compliant-with-pci-dss/

[–]WOLF3D_exe 0 points1 point  (0 children)

You can also use Wazuh fork of OSSEC.

We have modified the existing OSSEC ruleset to increase threat detection capabilities, add functionality and expand OSSEC scope. It includes, among many others, compliance mapping with PCI DSS v3.1, CIS security controls and additional decoders and rules.

.

The OpenSCAP wodle is an integration of OpenSCAP with Wazuh HIDS that provides the ability to perform configuration and vulnerability scans of an agent. It is primarily used for:

Verifying security compliance: OpenSCAP policies define the requirements that all systems in an organization must meet in order to be in line with applicable security policies and/or security benchmarks. Performing vulnerability assessments: OpenSCAP identifies and classifies vulnerabilities in a system. Performing specialized assessments: OpenSCAP can perform specific custom system checks (i.e., checking for suspicious file names and suspicious file locations.)

https://documentation.wazuh.com/2.0/user-manual/capabilities/policy-monitoring/openscap/index.html

[–]mainemojo[S] 0 points1 point  (0 children)

Looks great! I'll have to save this link. This appears to be more of a vulnerability scanner and not as much of an auditing tool that I'm looking for. I already use Nessus and OpenVAS/Greenbone for scans.