The reason I ask is because I will be starting a Senior capstone class for college soon and was wondering how useful would a tool like TARA/Tiger be to the Open Source community. I invision it as a client-server application where either the client or server can initiate a scan and the results would go into a database (MySQL or PostgreSQL). From the DB risk acceptance filters could be applied and reports (Web & email) could be generated. A web interface could generate reports for each site or support region. This could be used by managment to see how security compliant a given region is.
The DB could also have tables in it to support determining how patch compliant systems are. I would like the DB flexable enough to support other security concerns in the furture.
I would like to hear your thoughts on how useful this would be before I spend a lot of time working on it. Of cource it also comes down to if the professor will accept it as a project.
--
Jamie Bohr
-- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
