We are trying to create and import custom XCCDF files that include our security requirements. These files we would use to target systems to be scanned for compliancy against these definitions.
The issues is that using SCCM/SCAP export for Microsoft platforms this fails - we tried by the books.
The other issue is, that we are struggling to sort out how we create these definitions for platforms other than Microsoft (Oracle, Red Hat, z/OS, AIX etc.).
We are aware of that McAfee cross-refering templates exists, but these do not match our requirements. Nor do the vendor templates do, so we must change these. Anyone cna propose a solution to go ahead with, or some experience to be shared?