Benchmark and STIG support #386

brandtkeller · 2024-04-24T16:26:11Z

Is your feature request related to a problem? Please describe.

Ability for Lula to support the validation of STIG or other benchmarks as parallel efforts to authorization or accreditation processes.

Describe the solution you'd like

Given a benchmark artifact is supplied to Lula
When performing a validation
Then Lula will perform analysis and provide a result of that benchmark in an OSCAL format

Describe alternatives you've considered

Integration with KubeBench

Additional context

May require direct shell access (Not uncommon for various STIG tooling)

brandtkeller · 2024-04-29T18:42:51Z

This issue is intended to be an investigation with docs/ADR as the output.

brandtkeller · 2024-06-28T19:56:16Z

In consideration of a shell domain - review the capability for Lula offer the generic shell domain with an optional allow list or configuration for commands that are permitted without execute escalation. Shifting initial responsibility for managing what is permitted and permissions to the end-user.

brandtkeller added the enhancement New feature or request label Apr 24, 2024

github-actions bot added the triage Awaiting triage from the team label Apr 24, 2024

brandtkeller removed the triage Awaiting triage from the team label Apr 29, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Benchmark and STIG support #386

Benchmark and STIG support #386

brandtkeller commented Apr 24, 2024

brandtkeller commented Apr 29, 2024

brandtkeller commented Jun 28, 2024

Benchmark and STIG support #386

Benchmark and STIG support #386

Comments

brandtkeller commented Apr 24, 2024

Is your feature request related to a problem? Please describe.

Describe the solution you'd like

Describe alternatives you've considered

Additional context

brandtkeller commented Apr 29, 2024

brandtkeller commented Jun 28, 2024