9 Dec
2016
9 Dec
'16
5:24 p.m.
I have tried importing the outputs into Security Center following the guidance from Tenable.
http://static.tenable.com/prod_docs/SecurityCenter_5.0_SCAP_Assessments.pdf
The problem I encounter is that the scan returns with an "XML Validation Failed" message on the information module. I tried importing the SCAP content into a Nessus scanner breaking up the SCAP and OVAL content, but again, the scan fails.Tenable does not provide much information as to why the XML validation failed on the SCAP content.
I have successfully imported the DISA STIG for RHEL 7 and run in Security Center, but the DISA version is not structured for automated checks. That scan shows all the controls, but with a "Not Checked" status requiring manual review.