Double posting to Scap-Security-Guide and OpenSCAP mailing list...
Can I get a show of hands a late September or early October, one or two day code-a-thon
around baseline configurations and integrating compliance tools with DevOps?
The space of SCAP, baselines, and general integration of security with DevOps seems to be
getting frothy lately with activity. Examples:http://bit.ly/DevOpsAudit, OpenSCAP on
Github,https://github.com/fisma-ready/ubuntu-lts. We also have some work,
likehttp://martin.preisler.me/2014/07/openscap-html-report-redesign/ that could benefit
from some shared face time and coding.
I think there would be a nice turn out in DC for such an event.
I'd be interested in this.
The Mil-OSS [1] and gov-sec [2] communities would also likely be interested.
[1]