InSpec Profiles General Information
This wiki page is used to document InSpec Profile related information as it applies to the development and implementation of InSpec profile controls.
These values are defined in the @mitre/inspec-objects npm package - file src\utilities\xccdf.ts. The following tables depict the returned values based on the inputted severity, category, or impact provided.
| Severity | Impact |
|---|---|
| none, na, not applicable | 0.0 |
| low | 0.3 |
| medium | 0.5 |
| high | 0.7 |
| severe, critical | 1.0 |
| any other value | 0.5 |
| Category | Impact |
|---|---|
| I (1) | 0.7 |
| II (2) | 0.5 |
| III (3) | 0.3 |
| Impact | Severity |
|---|---|
| >= 0.1 <= 0.3 | low |
| >= 0.4 <= 0.6 | medium |
| >= 0.7 <= 0.8 | high |
| >= 0.9 | critical |
| any other value | none |
| Check List | Heimdall |
|---|---|
<STATUS>Open</STATUS> |
Failed |
<STATUS>NotAFinding</STATUS> with FINDING_DETAILS>passed :: |
Passed |
<STATUS>NotAFinding</STATUS> with FINDING_DETAILS>any text |
Passed |
<STATUS>Not_Reviewed</STATUS> with FINDING_DETAILS>skipped :: |
Not Reviewed |
<STATUS>Not_Applicable</STATUS> FINDING_DETAILS>skipped :: |
Not Applicable |
Warning
<STATUS>NotAFinding</STATUS> with FINDING_DETAILS>skipped :: is not a valid status assigned by Heimdall
- Home
- How to create a release
- Splunk Configuration
- Supplement HDF Configuration
- Validation with Thresholds
- SAF CLI Delta Process
- Mapper Creation Guide for HDF Converters
- How to create a SAF CLI
- How to recommend development of a mapper
- Use unreleased version of a package from the Heimdall monorepo in the SAF CLI
- Troubleshooting