These look really great. Added a few comments on your blog.
Many U.S. Government customers use a tool called SECSCAN. Here's output from a system I had to scan long ago: http://people.redhat.com/swells/mea/SECSCAN-Current/PFFinalFindingsReport.ht...
One of the more useful fields is the "Authorizing Official Review/Comments." From a general workflow perspective, SysAdmins scan their systems and use this field to pass commentary back to their C&A team, or from the C&A team back to the SysAdmin. It'd be interesting if the HTML report would allow text input to facilitate these notes... making comments such as "false positive," "known issue," etc would increase the useability of the reports.
On 7/11/14, 12:33 PM, Greg Elin wrote:
Great stuff! Thanks for post.
I will add comments. It's also in my grant project budget to have some professional design work done.
Greg Elin P: 917-304-3488 E: gregelin@gitmachines.com
Sent from my iPhone
On Jul 11, 2014, at 10:09 AM, Martin Preisler mpreisle@redhat.com wrote:
Hi, I wrote a blog post about the ongoing HTML report redesign.
http://martin.preisler.me/2014/07/openscap-html-report-redesign/
Please give it a look and consider providing feedback.
-- Martin Preisler -- SCAP Security Guide mailing list scap-security-guide@lists.fedorahosted.org https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide https://github.com/OpenSCAP/scap-security-guide/
scap-workbench@lists.fedorahosted.org