DevConf.CZ 2019 has ended
Back To Schedule
Friday, January 25 • 1:00pm - 2:50pm
Automated hardening of systems your way.

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
So you are a sysadmin responsible for a server, and you have to be sure that the system is hardened in some particular and maybe non-standard way. Then, meet your best friend - the project of the ComplianceAsCode initiative.
It features checks and hardening snippets in Ansible, Bash and SCAP-compliant formats, so you can use automation to determine the system's state and to keep the system hardened. Discover the smart way of system hardening - learn how to leverage the project:
  • Extend it - write your custom rules,
  • tailor existing rules to exactly suit your needs,
  • compose rules into your security profiles that you can use to audit your system against, and
  • test your custom content for robustness.
For the best interactive experience, bring a laptop with
  • these packages installed: git, Ansible, openscap and Python with the pytest, jinja2 and PyYAML Python packages.
  • the ComplianceAsCode/content repository cloned (or updated to it's current master branch).
  • the ComplianceAsCode/demo repository cloned. Check out it's README for useful tips and tricks for the workshop!
  • libvirt-powered Fedora VM, where the root user accepts your unlocked/passwordless SSH key (this is needed only to run tests).

avatar for Watson Sato

Watson Sato

Software Engineer, Red Hat, Inc., Red Hat
Watson Sato is a Software Engineer at Red Hat, Inc working on OpenSCAP project. He is involved on development of the OpenSCAP scanner and ComplianceAsCode content.
avatar for Matěj Týč

Matěj Týč

Software Engineer, Red Hat

Friday January 25, 2019 1:00pm - 2:50pm CET
Workshop - A113