I would like to load CIS-CAT Assessor content into a non-proprietary CIS Product
Product Name
CIS-CAT Pro Assessor
Product Version
v4.1+
Date
Mar 8, 2022
Problem
I got errors loading the CIS XCCDF + OVAL files into RHEL Satellite/ Tenable/ Qualys/ non-CIS software but it is saying that it was invalid.
Solution
DataStream collection files are now available as part of the XCCDF+OVAL export option while tailoring!
This content - XCCDF, OVAL and DataStream - is only available to SecureSuite Members and you will need to be a member of the WorkBench Community of the relative Benchmark you wish to export content from.
While CIS makes the DataStream files available, use of the files with all 3rd party software is unsupported and as such may or may not work with certain tools.
What is a DataStream?
A DataStream collection file is an SCAP standard format. It’s helpful to understand the various SCAP components first, per SCAP Components
XCCDF.xml - The XCCDF acronym stands for Extensible Configuration Checklist Description Format. As the name suggests, the language is used to describe security checklists. These files contain benchmark recommendations
OVAL.xml - The OVAL acronym stands for Open Vulnerability and Assessment Language. OVAL is declarative language for making logical assertions about the state of system. These files work in conjunction with the xccdf.xml to help define what is collected from the system using standard OVAL.
CPE-OVAL.xml and CPE-DICTIONARY.xml - The Common Platform Enumeration (CPE) serves to identify IT platforms and systems using unequivocally defined names. These files exist for only specific platform benchmarks and they help the assessment tool check if the target platform is right for the benchmark. If it isn't, the assessment may give a warning or produce no results.
SCE - The Script Check Engine: SCAP extension to allow script execution from SCAP policy. It allows you to make your scripts interoperable with your security policy. This directory exists only if a specific benchmark references attached scripts. The referenced scripts are included in the CIS-CAT Pro Assessor Bundle in the SCE folder.
COLLECTION.xml – This is a DataStream file! and it is a format that packs these other SCAP components, above, into a single file. Think, XCCDF, OVAL, CPE and SCE all in one place.
Keywords; DataStream OVAL SCE XCCDF Data Stream
Content by Label