Add fields to Nessus STIG compliance mapper #101
Comments
|
There were also a couple fixes to the standard stig json as well correct that we identified. May as well just keep it in a clean PR |
|
Also, see email on reply from the DISA Emass folks confirming our discovery on the required data vs the meta-data. |
|
from the email we recieved: "Additionally, we did confirm that asset matching criteria is checking against Host Name, MAC Address, and IP Address." so by default we should encourge users to provide this info when we create a ckl. |
|
I think the nessus scan may have some of this meta-data by default |
|
I have a fix for populating However as you know these only exists for the STIG based check entries in the Nessus file... not the plugin based checks A .nessus could have both plugin and stig based checks... When we developed the mapper we chose to map both kinds to the hdf file... would the ingester fail if some controls dont have CCIs,Stig_id,rid? |
|
Well I guess we would have to say somthing like |
Signed-off-by: Rony Xavier <[email protected]>
* Fixes #101 * Adds ruleid, CCI, and stigid to Nessus mapper * Nessus-related sample updates with new fields
Add the following HDF tags to output:
These are crucial to allow inspec2ckl to form proper .ckl files
Example data to parse in a .nessus xml:
cm:compliance-reference800-171|3.13.8,800-53|SC-8,800-53|SC-8(1),CAT|II,CCI|CCI-002418,CCI|CCI-002421,CN-L3|8.1.2.2(a),CN-L3|8.1.2.2(b),CN-L3|8.1.4.7(a),CN-L3|8.1.4.8(a),CN-L3|8.2.4.5(c),CN-L3|8.2.4.5(d),CN-L3|8.5.2.2,CSCv6|13,CSF|PR.DS-2,CSF|PR.DS-5,ISO/IEC-27001|A.10.1.1,ISO/IEC-27001|A.13.2.3,ITSG-33|SC-8,ITSG-33|SC-8(1),ITSG-33|SC-8a.,NESA|T4.3.1,NESA|T4.3.2,NESA|T4.5.1,NESA|T4.5.2,NESA|T7.3.3,NESA|T7.4.1,NIAv2|IE8,NIAv2|IE9,NIAv2|IE12,NIAv2|NS5d,NIAv2|NS6b,NIAv2|NS29,NIAv2|SS24,QCSC-v1|5.2.2,QCSC-v1|6.2,Rule-ID|SV-220915r569187_rule,STIG-ID|WN10-SO-000040,SWIFT-CSCv1|2.1,TBA-FIISB|29.1,Vuln-ID|V-220915</cm:compliance-reference>
The text was updated successfully, but these errors were encountered: