Is it possible to convert .nessus files into a compatible format so they can be imported to stig-manager? #1454
Replies: 4 comments 1 reply
-
|
Hi @Bwall95 STIG Manager is designed to handle STIG data only, not vulnerability scans. I've heard ACAS can run STIG scans, but am not familiar with the output it produces. If it produces valid XCCDF, CKL, or CKLB files, you should be able to import them into STIGMan. |
Beta Was this translation helpful? Give feedback.
-
|
Hello @Bwall95 were you able to find a solution for this? I'm trying to do the same thing. I'm able to get STIG result in nessus, I tried to do the import .nessus file and getting error |
Beta Was this translation helpful? Give feedback.
-
|
No solution yet. I may try to have the scan results export in XCCDF and give that a go. I know the application OpenRMF supports both Nessus and checklists from Evaluate-STIG. So that may be our next focus. An all in one reporting tool. Let me know if you find anything out in the meantime! :) |
Beta Was this translation helpful? Give feedback.
-
|
Our sponsor does not use that file format in their process so the team isn't familiar with it. If you'd like our clients to parse Be sure to include either or both:
|
Beta Was this translation helpful? Give feedback.
-
|
This article reports that users can export Nessus compliance scans as XCCDF, which is a format STIG Manager supports. It may or not apply to an ACAS deployment... |
Beta Was this translation helpful? Give feedback.
-
If not, what's the best workaround to still reflect ACAS results in stig-manager?
Beta Was this translation helpful? Give feedback.
All reactions