search

Cingulara / openrmf-web

The web UI for the OpenRMF tool, which uses multiple containers for parts of the distributed openRMF tool for managing DoD STIG checklists and RMF compliance.
https://www.openrmf.io/
GNU General Public License v3.0
24 stars 12 forks source link

[FEATURE] allow adaptive updates for nessus/acas files instead of overwriting the previous file imported. #226

Closed jsburch closed 1 year ago

jsburch commented 3 years ago

Is your feature request related to a problem? Please describe. We have a customer that requires the investigation of ACAS files every other month. We need to see if new ACAS files uploaded close findings/vulnerabilities listed in the previous ACAS scans. However when nessus files are added to the system, the previous file is overwritten. We need instead to list the vulnerability as no longer a finding instead of just removing it all together. That way we can have a record of what was completed instead of manually checking for missing data and closing it in a outside of open RMF.

Describe the solution you'd like allow nessus/acas data to be additive instead of overwriting previous data, recording vulnerabilities not found as closed, instead of just deleting that data from the system.

Describe alternatives you've considered the alternative is to take an excel export of the POAM items from the current system and the old system, then run a queries to highlight any data that's missing from the new that was in the old, highlight data that hasn't changed, and then highlight new data that that wasn't in the last scan. the only possible solution is to no do this work in OPEN RMF but go back to the manual spreadsheet files.

Additional context I think I described the context well already.

Cingulara commented 3 years ago

This is a similar answer to #225

The function of allowing multiple separate nessus files to upload, merge results, apply the score on the number of patches, etc. is in the OpenRMF Professional 2.2 (and later) versions. https://www.soteriasoft.com/features.html shows the features. In order to do that as well as track hardware listing, software listing, ports/protocols/services listing, patch score history and change history you would need to go to the OpenRMF Professional version. That is available now. You can request an evaluation copy of it and see for yourself the differences for free. No obligation. No people bugging you. https://www.soteriasoft.com/contact.html#contactform

Version 2.3 is coming out in a few weeks in the June 2021 timeframe. It adds several performance improvements, tailoring and compliance to the subcontrol level (i.e. not just AC-2 but AC-2(21), overlays, managing POAM mitigation statements, more reports, and quick search links to pivot through your data.

jsburch commented 3 years ago

THANK YOU!

Cingulara commented 3 years ago

@jsburch we have .OVA files setup with OpenRMF Professional already 100% installed. You can pull down, scan it, run "yum update" or "apt-get update" and then adjust the IP. We have instructions for all that. Get a license and let it rip for 30-days to see if it is what you need or not.

Some folks use the OSS and it fits what they need. Others need more. You can submit a ticket on the soteriasoft.com site and it gets into our helpdesk system. Either me or someone else can set you up to get you running.