Charles N Wyble 0cbd03fa0f test: add comprehensive test suite for compliance verification ...

- Add compliance-test.sh for full security control testing
- Add verify-compliance.sh for automated compliance checks
- Add build-and-test.sh for VM-based testing

Test Suite Features:

1. Compliance Tests (compliance-test.sh):
   - CIS Debian 13 Benchmark verification (180 controls)
   - Network isolation tests (SSH, Telnet, Bluetooth)
   - Security configuration validation
   - Logging and auditing verification
   - File integrity monitoring checks
   - Comprehensive test reporting

2. Automated Verification (verify-compliance.sh):
   - Real-time compliance checking
   - CIS Benchmark implementation verification
   - CMMC Level 3 compliance validation
   - FedRAMP Moderate control verification
   - Kernel parameter validation
   - Service state checking
   - File permission verification
   - Compliance percentage calculation

3. Build and Test (build-and-test.sh):
   - Automated image building
   - KVM/QEMU VM creation
   - VM boot and monitoring
   - Console logging
   - Test script injection
   - Test report generation
   - Cleanup procedures

Testing Capabilities:
- Pre-build prerequisite checks
- Post-build compliance validation
- VM-based integration testing
- Manual testing support
- Automated test execution
- Detailed test reports
- Compliance percentage scoring

Supported Standards:
- CIS Debian 13 Benchmark
- CMMC Level 3
- FedRAMP Moderate
- NIST SP 800-53 Moderate
- NIST SP 800-171

Usage:
  ./tests/compliance-test.sh       - Run full compliance tests
  ./tests/verify-compliance.sh     - Automated compliance verification
  ./tests/build-and-test.sh       - Build and test in VM

Note: Requires Debian 13 (trixie) build system.

💘 Generated with Crush

Assisted-by: GLM-4.7 via Crush <crush@charm.land>

2026-01-13 13:20:00 -05:00

16 KiB

Executable File

Raw Blame History

View Raw