C5fb840ed173bd016d543163af340d91

by Kazuki Omo
from SIOS Technology, Inc.

Over 15 years experience in Unix/Linux/Windows system and many of Security related product. Working for OSS community over 15 years.
- Published SELinux and related security articles from 2004-2014.
- Maintainer of "LIDS(Linux Intrusion Detection System)".
- Published "Linux Security textbook" from LPI-Japan.
- Presentation on LinuxWorld C&D 2004 Japan "KB1-4 Keynote:Explanation about SELinux"
- Presentation on OSC 2007 TOKYO Japan "How to to daily operate for SELinux"
- Presentation on Linux Conference 2015 TOKYO Japan "Information Tracking System"

SCAP(Security Content Automation Protocol) is a method for using specific standards to enable automated vulnerability management, measurement, and policy compliance evaluation (e.g., FISMA compliance). And OSS OpenSCAP tools are used for checking system security status through Spacewalk, theforeman, etc. openSUSE is supporting OpenSCAP and SUSE is providing OVAL(Open Vulnerability and Assessment Language) for openSUSE. But some of important contents(for example SCAP Security Guide, which implements security guidances recommended by respected authorities, namely PCI DSS, STIG, and USGCB.d ) are published only for Red Hat, Fedora, Debian, but not for openSUSE. In this presentation we will make clear what parts of contents/components are missing for openSUSE, and try to make some example based on other OS's contents. Also check that customized SCAP-Security-Guide with hardened openSUSE by using spacewalk, oscap, and other OpenSCAP tools.

Date:
2016 October 1 15:15
Duration:
30 min
Room:
FST 102
Conference:
openSUSE.Asia Summit 2016
Language:
Track:
openSUSE
Difficulty:
Medium