Mozilla scribe host policy evaluator

compliance go hardening scribe vulnerabilities

Перейти к файлу

Aaron Meihm f8914dce49 initial import chains implementation		2015-08-03 13:45:11 -05:00
src	initial import chains implementation	2015-08-03 13:45:11 -05:00
test	initial import chains implementation	2015-08-03 13:45:11 -05:00
.gitignore	gitignore: ignore pkg and bin directories	2015-07-10 21:51:07 -05:00
.travis.yml	disable email notifications	2015-07-08 18:21:50 -05:00
LICENSE	Initial commit	2015-07-07 10:48:31 -05:00
Makefile	add a generic example	2015-07-15 15:56:30 -05:00
README.md	updated documentation and travis links for repo move	2015-07-17 13:26:26 -05:00

README.md

scribe

scribe is a host policy evaluator written in Go.

Overview

scribe is a Go library and frontend used to evaluate policies on systems. Policies are specified as a JSON document containing a series of tests, and these tests return a status indicating if the test criteria passed.

It is intended to perform functions such as:

Identification of software versions that do not meet a specific requirement
Evaluation of hardening criteria or other system security policies
Any other functions involving extraction and analysis of host information

The software is designed to return only test status criteria, and meta-data associated with the test. It runs directly on the system being evaluated, and requires no data from the system to be returned to a central server for additional processing.

It's primary purpose is integration with Mozilla MIG which allows investigators to perform system evaluation by sending a policy to the MIG agent for execution. It is also suited to executing policies as part of an instance build and testing process, or periodically on an installed system.

Additional documentation

Additional documentation on the library is available at godoc.org.