Skip to main content

DevSec Baselines

DevSec offers a range of baseline tests for configuring basic security across various applications. These can be ran via commandline or manually reviewed at dev-sec.io

These baseline tests requires Inspec to be installed. If you don't have it installed, it can be grabbed for RHEL, Ubuntu, and Mac using the following command.
curl https://omnitruck.chef.io/install.sh | sudo bash -s -- -P inspec

To run a baseline test, grab the required repository from the DevSec GitHub and run the following command
inspec exec BASELINETEST

For example, to run SSH-Baseline, just run the following

# Don't forget to install Inspec 
# curl https://omnitruck.chef.io/install.sh | sudo bash -s -- -P inspec
git clone https://github.com/dev-sec/ssh-baseline
inspec exec ssh-baseline
SSH-Baseline

 

Back to top