andersonz1
commented
2 months ago Hi Juerg, Did you have chance of evaluating this enhancement ?
Thank you very much, Best Regards, Anderson
Open andersonz1 opened 3 months ago
andersonz1
commented
2 months ago Hi Juerg, Did you have chance of evaluating this enhancement ?
Thank you very much, Best Regards, Anderson
Hi, thank you for developing SCAPinoculars, this is very useful !
I would like to suggest an additional type of report for vulnerabilities (oval), in addition to compliance (xccdf) reports.
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/security_hardening/scanning-the-system-for-configuration-compliance-and-vulnerabilities_security-hardening
This would centralize the most important oscap scanning types in a single tool. I am attaching a sample xml and html generated by the commands below:
Generating xml report: oscap oval eval --results vulnerability.xml rhel-9.oval.xml
Generating html report from a xml: oscap oval generate report vulnerability.xml > vulnerability.html
Or generating both xml and html in one command: oscap oval eval --results vulnerability.xml --report vulnerability.html rhel-9.oval.xml
Oval reports contain revelant information about CVEs and vulnerability scoring.
Thank you very much ! By best regards, Anderson Augusto
vulnerability.html.txt vulnerability.xml.txt