I just started working on vROPs compliance feature and wanted to check on few points:
* we have some standard security compliance packs with vROPs7.0, can we customize the standards and define our own standards for defining compliant and non-compliant resources.
*How they calculate if compliant or non compliant, what are the factors or object they consider and what is the formula behind it.
I was looking for any document or reference guide which clarifies the above doubts.
if anyone has worked on these features or have any idea on the same please help.
I looked at this briefly. The PCI pack i looked at was all based on alerts and symptoms. I am guessing modifying or disabling the ones you dont need for your environment is what you are meant to do but again i only look at it for an afternoon.