CIS scoring tools/scripts for Solaris 10 & RHEL 6/7 or any other scripts

sunhux
sunhux used Ask the Experts™
on
http://benchmarks.cisecurity.org/downloads/show-single/?file=solaristool

Anyone have CIS scoring tool for Solaris 10 and RHEL Linux (RHEL 6 or 7 will be best):
I last got them from CIS websites for Solaris 8 & RHEL 4/5 about 11 years ago but think
CIS now requires membership to get the scoring scripts.

Looking for free tools/scripts, not something subscription-based.

The scripts should not make changes/hardening but just collection
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Distinguished Expert 2018

Commented:
You can use VM solutions to cover you here. Both Rapid7 and Tenable can certainly help in this arena. So while working in finding your vulnerability management solution, you should end up solving this also.
Exec Consultant
Distinguished Expert 2018
Commented:
Openscap is probably another option.
Oracle Solaris 11 also implements SCAP and integrates the OpenSCAP set of tools and libraries. A new command, compliance, has been developed that wraps these tools that allows administrators to assess and report against different benchmarks including PCI-DSS.
Commands: compliance, oscap
https://www.oracle.com/technetwork/server-storage/solaris11/overview/redhat-mapping-guide-1555721.html#9

Can it further to check with your supplier on the tool  
Benchmark configurations for the compliance script are stored in the repository /usr/lib/compliance/benchmarks; rules are stored in the directory /usr/lib/compliance/tests.

The compliance framework and tools are a part of the security/compliance software package, which must be installed prior to use.
https://community.oracle.com/docs/DOC-921632

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial