You can meet your compliance requirements by using a new compliance(1M) tool that manages a variety of compliance benchmarks and assessments. This tool builds on the existing compliance framework introduced in Oracle Solaris 11 based on the Security Content Automation Protocol (SCAP), a line of standards managed by the National Institute of Standards and Technology (NIST). It provides a standardized approach in maintaining the security of enterprise systems, such as:
Automatically verifying the presence of critical updates
Checking system security configuration settings
Examining systems for signs of compromise
Also included in Oracle Solaris 11.2 is a new Oracle Solaris Security Policy benchmark with support for two new profiles, Baseline and Recommended, and an Oracle Solaris Payment Card Industry PCI-DSS benchmark.
For example, to run a PCI-DSS compliance assessment and report the results:
# compliance assess -b pci-dss
# compliance report
See Oracle Solaris 11.2 Security Compliance Guide for more information.