It would be nice if lynis would gather (and report in the portal/reports) information about user-accounts:

• Expired or soon to expire passwords (passwd -e)
• Locked accounts (passwd -S )
• Expired accounts (chage -E / chage -l )

We frequently see people asking how they can use OPA to implement authorization and IAM within their apps. There are several examples online like the chef/automate guide but it would be nice to have a first-class guide in the OPA docs for new users to easily discover.

A few things to consider:

• IAM affects more than just backend APIs. The docs should (eventually) cover how to handle other a

Hello. We currently run 2.9.4 and run into the 1000 dead agents issue and would like to upgrade to the latest version to take advantage of the -F switch to "Remove agents with duplicated IP if disconnected since seconds." (wazuh/wazuh#125)

1. How would it be possible to upgrade with zero downtime? We're on CentOS 7.x.
2. Could we just download the tar.gz file,

As a new custodian user, I'm trying to understand the usage of variables in policies. There seems to be multiple types of variables.

A non-exhaustive list for a beginner can be:

• vars in a policy yaml
• [standard runtime variables for in

It'd be helpful if there was a check for ELB and ALBs that have either no listeners or no instances in their target pool. The check is similar to an unused security group although their are more financial penalties for having idle ELB and ALBs.

Detailed Description

Update os_env documentation to state where variables should be set for controls using the os_env resource.

Context

Why is thi

Description

When we have an automatic email reports configuration and there are no alerts to be reported that day (e.g the rule or group of rules that we have configured in reports have not triggered during the day), the report will not be sent.

This is not good behavior because it can lead the user to think that the automatic reports are not working.

Let's also say that I have to sen

Hi, great project. I'd like to make a request. Right now, to exclude rules, you have to modify the code to "a comment containing tfsec:ignore:<RULE> to the offending line in your templates", per the README. It would be very useful if we could do this via CLI args as well, for assessment purposes.

sudo-plugin, despite its generic name, currently only supports creating IO plugins, and not policy plugins. Would you consider policy plugins to be in-scope for the crate?

PS: Many thanks for releasing sudo-pair, and making sudo-plugin available as a reusable crate.

Description of problem:

I have never written SCAP content before, and am looking at how to get started. I would like to write SCAP content to test compliance on Photon OS against DISA SRGs. I have been all over the wiki pages, but I am still not sure how to get started. The main page makes it look super easy for writing OVAL and XCCDF files using YAML, but I am not sure where to build those

OAI ensures the contents of the S3 bucket remain private and prevent people from bypassing CloudFront to access content

Checkov may need to do a multiple resource check for this… (Both the CFN Distro and backing S3 bucket)

Description

Running the following Command:

./scancode -clp --json-pp sample_filter_clues.json samples --filter-clues

Gives the Error:

ERROR: failed to run post-scan plugin: filter-clues:
Traceback (most recent call last):
  File "/home/ayansm/Desktop/GSoD/scancode-toolkit-versions/scancode-toolkit-3.1.1/src/scancode/cli.py", line 1033, in run_codebase_plugins
    plugin.p

** Question : **

I arrived here and am interested in leveraging this platform in addition to and as a compliment terratest, but I don't want to start from scratch in writing features and I can't find any reference at all in the readme to a sample library or folder of already-existing tests/features. I could copy-paste all the examples from the .md example files but that seems like more work

Description

Add documentation about how to apply helper functions

Acceptance Criteria

Docs in the rules/policies pages on applying helpers, best practices, and patterns

Description of Problem:CMake Warning (dev) at C:/devel/vcpkg/scripts/buildsystems/vcpkg.cmake:195 (_add_library):

Policy CMP0028 is not set: Double colon in target name means ALIAS or
IMPORTED target. Run "cmake --help-policy CMP0028" for policy details.
Use the cmake_policy command to set the policy and suppress this warning.

OpenSCAP Version:1.4.0

Operating Sys

Please delete this issue if this is not the proper place to ask. Anyway;
I've got temporary files on disk which I need to encrypt and pass on to http client (that reads IO/streams).

Not sure how to do this right, Pass file and StringIO (as a target) to SymmetricEncryption::Writer.encrypt and then construct new StringIO object from the result?

Description

Hello,

I am trying to integrate a fossology instance with my project workflow.

What i want to do is make the task easier for the users of my app, and get the resul

The notice-pre-processor.kts file allows for customisation of the generated notice file, see https://github.com/oss-review-toolkit/ort/blob/master/docs/notice-pre-processor-kts.md.

Not all customisations seem possible, though. I would like to:

• customize the notice separator
• get rid of the separator between the different headers
• include the license name/id before the license text

Hi team,

I have noticed that the log examples found in 0610-win-ms_logs_rules.xml don't match their rules.
It is due the fields providerName and channel aren't correct.

https://github.com/wazuh/wazuh-ruleset/blob/725a0155cfde0a849729d9d174f03e1453e31242/rules/0610-win-ms_logs_rules.xml#L37-L63

To match rules 63103, 63104 and 63105, the logs must have matched before rules `60

Description

Currently add_failure takes the values required to create a failure, creates it then adds it to the Result object's failed_rules
On the other hand add_warning takes a Failure object directly.

Proposed solution

The methods should be updated so that they both have the same behavior (or maybe even just add an add_finding method which takes a type that can be either Failure o

Hello folks,

I think it'd be great if every ENV VAR used in the images would be explained in the README.md, and also it can be included in the Wazuh official documentation once they're ready.

Feel free to share your thoughts on this here.

Regards

Description
Letters will move around as you hover over items in the Kibana App using Firefox.
This is most notable in the Management tab and when the window size is somewhat small.

Steps to reproduce
With Firefox

1. Go to Management
2. Hover over the different dashboard buttons
3. Resize browser win