I have recently gone through a lot of testing under Red Hat, CentOS and Linux platforms for PCI-DSS and STIG compliance, assessment, and remediation using the oscap engine. Do we have anyone that would be interested in seeing this documented with simple custom packages that could kick off the oscap validation and remediation efforts through Heat EMSS? Primarily this would be aimed at finance/retail for PCI-DSS and STIG being Federal Government and any system interacting with DOD. Not only does this replace our recently removed SCM product from EMSS but it is a important security standard for the US to help automate the testing and hardening of machines. This can also potentially be done under Windows although I have not done this testing.