This page is fully or partially automatically translated.

Send message to

Do you want to send the message without a subject?
Please note that your message can be maximum 1000 characters long
Special characters '<', '>' are not allowed in subject and message
reCaptcha is invalid.
reCaptcha failed because of a problem with the server.

Your message has been sent

You can find the message in your personal profile at "My messages".

An error occured

Please try again.

Make an appointment with

So that you can make an appointment, the calendar will open in a new tab on the personal profile of your contact person.

Create an onsite appointment with

So that you can make an onsite appointment, the appointment request will open in a new tab.

Header of SUSE Software Solutions Germany GmbH
Forums it-sa Expo 2023 Knowledge Forum E

SUSE: How to ensure your Linux infrastructure is compliant and secure.

With SUSE Manager and OpenSCAP, the security and compliance status of heterogeneous Linux environments can be checked very efficiently.

calendar_today Thu, 12.10.2023, 12:30 - 12:45

event_available On site

place Hall 7A, Booth 7A-102

Action Video


Action description





Cloud Security Governance, Riskmanagement and Compliance

Key Facts

  • Automated security and compliance checks
  • Hardening of systems through elimination of vulnerabilities
  • Comprehensive protection - also for heterogeneous Linux environments


This action is part of the event Forums it-sa Expo 2023

Action Video

grafischer Background

This video is available to the it-sa 365 community. 
Please register or log in with your login data.

Action description

In view of increasing cyber risks, Linux infrastructure operators are thinking a lot about how they can protect their infrastructure even better against threats such as ransomware. At the same time, those responsible must increasingly prove that they have their risk management under control and adhere to all prescribed security and compliance requirements. In this presentation, Gabriel Ferraz Stein will show you how SUSE can help you with both challenges.

SUSE has always placed great emphasis on security in the development of its products. For example, Linux Enterprise Server (SLES) is the only general purpose operating system today to be certified according to Common Criteria EAL 4+. This certification confirms that not only the product but also the entire supply chain meets the highest security requirements for mission-critical infrastructures. Furthermore, customers can also rely on the independently evaluated security when using SLE Micro and SLE BCI. Since all SUSE operating system products are built on a common code base, they are also protected by the same standards and certifications ("Certify once, use many").

But how can IT departments assess the security and compliance status of their Linux infrastructure themselves-even if they use Linux distributions from different vendors? With SUSE Manager and OpenSCAP, they have the ability to check the security of any Linux system and perform regular audit scans in their environment.

SCAP stands for Security Content Automation Protocol. It is a framework of specifications that support automated configuration, vulnerability analysis and compliance assessment of enterprise IT systems. OpenSCAP is a collection of open source tools that implement the SCAP framework for Linux. It converts the SCAP Security Guide security policies into a machine-readable format that can then be used by OpenSCAP and other tools. 

SUSE Manager uses the capabilities of OpenSCAP, for example, to determine the patch status of Linux systems and to check the correct configuration of security settings. Potential threats and compliance violations can also be detected during the regular audit scans.

In this presentation, Gabriel Ferraz Stein will give you an overview of how to automate the monitoring of the security and compliance of your Linux environment with SUSE Manager and OpenSCAP-and thus create the conditions for a reliable and legally compliant deployment of your sensitive workloads.

Learn, among other things: 
- how to prepare your Linux systems for a SCAP scan,
- how to define the rules for your tests in SCAP content files,
- how to distribute the content files to the different Linux systems in your environment,
- how to schedule and start audit scans with SUSE Manager,
- how to view and evaluate the results of the scans with SUSE Manager,
- how to use Bash scripts and Ansible playbooks to fix found vulnerabilities and harden your systems.

... read more

Language: German

Questions and Answers: No


This content or feature is available to the it-sa 365 community. 
Please register or log in with your login data.