Linux Security Hardening with OpenSCAP and Ansible

In some organizations, Linux systems are audited for security compliance by an external auditor. Remediating the findings and making the systems compliant used to be a matter of manually applying changes or running monolithic scripts. Today, remediation can be fully automated with Ansible, and security compliance can be checked before the auditor arrives with OpenSCAP. Below, we’ll see how to do this for Red Hat Enterprise Linux 6. Continue reading