With the recent DISA publication of the draft STIG, the timing seems right to host a STIG workshop. NSA IAD and Red Hat will be hosting a public STIG and SCAP workshop on _Tuesday 26-MAR-2013_. Additionally, DISA FSO will be in attendance to hear feedback from the community. You can register here:

https://engage.redhat.com/forms/stig-workshop

In the March 26th workshop we will:

* Share knowledge on the installation of SCAP Security Guide (SSG). How to run a scan, how to customize settings, how to get a report that you can show your ISSE/ISSM, and hw to generate a certification test plan based on your customized rules.

* Go a bit deeper, and understand how the code works. Answering questions like: "What is XCCDF, OVAL, and OCIL?" "How can you add your own custome rules?"

* Prep your environment to submit patches back to SSG, including learning how to setup git and how to create a Fedora Hosted account.

* Chat about what additional profiles are needed. How should we handle CNSSI 12-53? What about PCI compliance?

We'll go through Red Hat Enterprise Linux 6 SCAP content, including the STIG, performing scans, and generating C&A artifacts. Attendees can take this setup home and use it to start providing feedback against the RHEL6 STIG.

Sign up for the workshop! Date: Tuesday March 26, 2013, with three 2-hour workshop intervals to choose from. Limited availability per session!

MORNING SESSION: Red Hat Office, 8260 Greensboro Drive, Suite 300, McLean, VA Morning 0800-1000

AFTERNOON SESSIONS: NSA unclassified facility in the BWI area. Address will be sent to registered attendees. Afternoon: 1200 - 1400 Afternoon: 1430 - 1630

Registration at: https://engage.redhat.com/forms/stig-workshop