-
# User Story:
As an OSCAL profile maintainer, I have the ability to define dynamic parameters based on certain requirements. While not a common scenario, a specific example can be found with `cm-6_…
-
It appears that many of the control references in the ssg xml files are still specific to NIST 800-53 rev3. I'm having trouble figuring out or tracing out how the content is generated or maintained, s…
-
Error in Dependency check scans 5.0.2 and 4.0.2
We are trying to scan a Java project in command line utility. We tried with both 4.0.2 and 5.0.2 and we are getting errors. Please advise.
4.0.2…
-
#### Description of problem:
With the PR #4705 we are cleaning up OSPP profile so it's purely implementation of OSPP guidance. We need to preserve the USGCB profile (originally under ID `ospp`). Afor…
-
# Support XCCDF for control metadata and specification
## Motivation
As an user focused on compliance in my organization,
I want to use InSpec to execute my compliance tests
and …
-
**URL**: https://online.citi.com/US/login.do
**Browser / Version**: Firefox 69.0
**Operating System**: Windows 7
**Tested Another Browser**: No
**Problem type**: Site is not usable
**Description…
-
On the [Policy Choosing Page](
https://www.open-scap.org/security-policies/choosing-policy/) the following link is broken. You can find it under Red Hat Enterprise Linux 7 -> United States Government…
Aevyz updated
5 years ago
-
Dear all,
We started noticing that when running dependency-check we are getting javax.net.ssl.SSLHandshakeException on nvd.nist.gov. This is sort of strange because we are not aware of anything …
-
You need to focus on pulling in resources through `` and `` tags, but the links on your page don't need to be updated in order to comply.
-
Based on:
[1] http://making-security-measurable.1364806.n2.nabble.com/Issues-with-the-linux-def-rpmverifyfile-test-and-linux-def-rpmverifypackage-test-in-OVAL-5-10-td7055684.html
and u…