SCAP Workbench is a tool that can open XCCDF
[The Extensible
Configuration Checklist Description Format]
or SDS
[Source
DataStream]
files and allows the user to evaluate either local or remote
machine using the content in the opened file.
Feature Highlights
-
XCCDF 1.1 and 1.2 support
-
Source DataStream 1.2 support
-
XCCDF 1.2 Tailoring file support
-
Evaluation of local machine
-
Evaluation of remote machine (using SSH)
-
Limited tailoring support - selection, unselection and set value
-
Saving results as XCCDF 1.1 or 1.2 (depending on input) or ARF 1.1
-
Loading content bundle from RPM
-
Exporting content bundle as RPM or into a folder
Requirements
Build Dependencies
-
cmake >= 2.6
-
Qt5 (Core, GUI, XmlPatterns)
-
openscap >= 1.2.0
-
cmake-gui [optional]
Runtime Dependencies (workbench machine)
-
setsid
-
nice
-
ssh and scp (if you want remote scanning)
Runtime Dependencies (evaluated machine)
-
oscap >= 0.8.0
Installation
- From package repository (YUM)
-
# yum install scap-workbench
- From package repository (APT)
-
# apt-get install scap-workbench
- From source
-
-
$ mkdir build ; cd build
-
$ cmake ../
-
$ make
-
# make install
-
- From source (custom options)
-
-
$ mkdir build ; cd build
-
$ cmake-gui ../
-
(select appropriate options in cmake-gui)
-
$ make
-
# make install
-
Typical Use Case
Let us go over a common use case. Any section marked (optional) can be skipped if you do not need the feature explained in it.
Obtain SCAP content
Even before we start the workbench we need to find content to open. Probably
the best choice right now is scap-security-guide
[https://www.open-scap.org/security-policies/scap-security-guide/]
.
It is possible that scap-security-guide has already been installed on your system as a dependency of scap-workbench. If it isn’t, install it:
- From the package repository (YUM)
-
# yum install scap-security-guide
- From the package repository (APT)
-
# apt-get install scap-security-guide
- From upstream source (for advanced users or content developers)
-
-
$ git clone https://github.com/OpenSCAP/scap-security-guide.git ; cd scap-security-guide
-
$ make
-
Alternative SCAP content (optional)
-
USGCB for RHEL5 - XCCDF and OVAL, only suitable for RHEL5.
-
SCE Community Content - Uses SCE, only suitable for Fedora.
Start SCAP Workbench
After installation a new application entry for SCAP Workbench should appear in your desktop environments application menu.