Our Ansible content can be used by entire teams to ensure deployed systems and applications are compliant.
Automatically take a pre and post-run remediation score using OpenSCAP. Use this NIST-approved reporting to demonstrate compliance or add your own code to manipulate the output into whatever format you need.
We built our content to be repeatedly run on systems, so the same content works with new deployments and existing infrastructure.
Turn individual rules on or off or disable entire classes or categories. Configuration options are just Ansible variables, so changing what controls are applied per host, or per best practices, is as simple as changing a variable at execution time.
Apply Lockdown content to systems at deployment time to ensure your newly deployed applications are compliant from day zero.
Automatically copy scoring runs to a SIEM or central logging location of your choice.
Lockdown Enterprise Roles can be run in a validation (think check mode) or remediation mode. Safely see what controls will be applied before making the decision to remediate them.
From the command line, from a Red Hat Ansible Tower Job or Workflow, your CI/CD tool like Jenkins, or via any other management tool that understands Ansible. The same content can be used from as many different tools needed to ensure full lifecycle coverage.