Open aaronlippold opened 6 years ago
@aaronlippold Is this the tagging functionality you wanted added to the main page, where we group profiles by type with a pipe delimited CSV. Which is why you added "(move this to the right project)"?
Yes, basically
InSpec Profile Baselines
The MITRE InSpec Team has been working with Dev-Sec Project ( www.place.io ) The devsec project is the open source community building inspec profiles that are best-practice and service driven rather than just one-to-one alignment with a formal compliance guidance document. The dev-sec community focus on helping build hardening and validation around services and capabilities that you can use as reference or as part of inherited profiles to help you build more security systems.
DISA STIG ( iase.disa.mil/stigs... ) The DISA Security Technical Implementation Guides are ... . They are derived security guidance from the DISA Security Requirements Guides which outline the general security guidance .... ( I am sure you can find a desc on the IASE site )
CIS Benchmarks ( www.cisbenchmarks... ) ( From the website desc )
Integration, Examples & Demos
Examples and demos of full and 'micro-profiles' showing various validation and security issues that InSpec can help solve. These are also g