DISA STIG False Positives and Tailoring Profile

Matthew Hane

5/1/24, 3:34 PM

we currently use oscap to run security scans to validate configurations in DISA STIG for our Linux machines. We are seeing a lot of false positives and we are trying to figure out if there is a way to use a tailoring file to update the rule results so that the end results show as "False Positive" and not "Failed".

We want to see if there's a way to do this through a tailoring file so we have some traceability on what rules are being customized in the xccdf document.

Thank you for reading.

0 + 0

security

hardening

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: DISA STIG False Positives and Tailoring Profile

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.