How to generate InSpec Profile Structures
An InSpec profile is a reusable artifact that organizes controls into a standalone structure for testing and auditing applications and infrastructure. InSpec profiles are used to organize controls, support dependency management, and support code reuse.
MITRE SAF provides an automated capability for generating a new profile structure via the Command Line Application (CLI) generate:inspect_profile (alias - generate:xccdf_benchmark2inspec_stub).
The process uses Extensible Configuration Checklist Description Format (XCCDF) guidance (sets of security configuration rules for systems or applications) uniquely or in combination with Open Vulnerability and Assessment Language (OVAL) definitions (standardized checks for vulnerabilities) files.
The process generates the following structure: <profile_name>
- Home
- How to create a release
- Splunk Configuration
- Supplement HDF Configuration
- Validation with Thresholds
- Development Standards & References
- SAF CLI Delta Process
- Mapper Creation Guide for HDF Converters
- How to create a SAF CLI
- How to recommend development of a mapper
- Using an unreleased version of select packages from the SAF ecosystem in the SAF CLI
- Troubleshooting