Skip to content

SCAP Security Guide Contributor WorkShop

Jump to bottom Edit New page
Ján Lieskovský edited this page Feb 25, 2016 · 20 revisions

SSG Contributor WorkShop Logo

SCAP Security Guide Contributor WorkShop

Table Of Content:
01. [About](#about) 02. [Past sessions](#past) 03. [Upcoming / future sessions](#future) 04. [Disclaimer](#disclaimer) 05. [Topics covered](#topics) 06. [Frequently Asked Questions](#faq)

About:

The SCAP Security Guide (SSG) Contributor WorkShop is a term for regular sessions, hold by SSG upstream. The point of these sessions is to help people willing to contribute to the SCAP Security Guide project by providing additional information / guidance, where to start. The sessions have the form of a webinar (accessible online, recorded, presented slides available offline for following self-study). The sessions tend to be interactive (practice the covered topics interactively). It is primarily designed for SCAP content developers (searching for the internal details & build blocks SCAP Security Guide content is created from). But audience from wider community is welcome too.

Past sessions:

Date: Presentation Recordings Code examples:
Tuesday, November the 24-th 2015 [Download PDF](https://jlieskov.files.wordpress.com/2013/11/scap_security_guide_questions_answers_contributor_workshop_volume_1_november_2015.pdf) Not recorded
* [New ```service_sssd_enabled``` XCCDF rule](https://github.com/iankko/scap-security-guide/commit/405d319897077fe65e2ebe7913b9a5b9cea0b781)

* [New ```service_sssd_enabled``` OVAL check](https://github.com/iankko/scap-security-guide/commit/29b2cb925cb1ca738ab276ad33c2c159e4cd154d)

* [New ```service_sssd_enabled``` remediation script](https://github.com/iankko/scap-security-guide/commit/0aacb78aaf18b0f1ed7660220361543fc00bb639)

* [Example of adding new SSSD profile](https://github.com/iankko/scap-security-guide/commit/457a742fb8916fc18e1f221047310294c4e52b92)

Monday, January the 11-th 2016 [Download PDF](https://jlieskov.files.wordpress.com/2013/11/scap_security_guide_questions_answers_contributor_workshop_volume_2_january_2016.pdf) Recordings to come GitHub branch

Upcoming / future sessions:

Date: Time: Presentation Recordings Code examples:
Monday, March the 14-th 2016 10:00am - 12:00pm [EDT](http://www.timeanddate.com/time/zones/edt) To come This instance of SSG workshop will
NOT be recorded.
Be sure to attend and raise questions. 		To come

Disclaimer:

The plan is to have the sessions recorded. By subscribing to some of the upcoming events you accept this fact.

Preview of topics covered:

* Introductory Notes: * Purpose of SCAP Security Guide project * SCAP protocol standards * Source code / Repository Notes: * Where to obtain the source code * Developer workflow * Pull request reviewer workflow * Repository structure * Currently supported SSG products * SSG "shorthand" format * Contributing new rule * Contributing XCCDF part * Contributing OVAL part * Contributing remediation part * Advanced topics: * Using SSG ```templates``` to contribute new OVAL checks * Purpose of different locations of various OVAL checks * Selected use cases: * How to contribute new rule from scratch * How to contribute new rule from ```templates``` * How to port existing rules, profiles, benchmarks across different products

In the case you did not find the desired topics in the above list, propose it for inclusion.

Frequently Asked Questions:

Q: Is the workshop agenda always the same?

A: No. The covered agenda is a combination of topics intended to be covered by session holders and topics requested previously by attendees to be covered.

--

Q: How do I propose topic to be covered?

A: Send an email to scap-security-guide mailing list.

--

Q: How do I subscribe to receive the official event invitation?

A: Send an email with the subject [SSG_CWS Date_Of_The_Upcoming_Event: Subscribe] to the scap-security-guide mailing list. Example: [SSG_CWS 2016-01-11: Subscribe]

--

Q: What technology is used to provide the webinar?

A: BlueJeans

--

Q: What software do I need to be able to access the webinar?

A: A web browser able to connect to BlueJeans session is sufficient.

--

Q: Is it possible to check ahead if my connection will work?

A: Yes. Try this instance

--

Q: I am experiencing issues trying to connect to the webinar instance. What should I do?

A: Try a different browser, different browser version etc.

--

Q: How much time should I reserve for one session?

A: Approx. 2 hours

--

Q: Which timezone are these webinars hold in?

A: Eastern Standard Time / Eastern Daylight Time

--

Q: Are the provided examples reachable for later testing / inspection?

A: Yes. See the Code Examples: column for each session

--

Q: How do I provide feedback, comments, suggestions?

A: Send an email to scap-security-guide mailing list preferably specifying [SSG_CWS] field in the Subject:

--

Add a custom footer
Add a custom sidebar
Clone this wiki locally