Tenable Network Security, the makers of Nessus, announced today that they have added audit files for AIX. You can read more about it on the Tenable blog. It’s good to see more and more operating systems added to the list. We don’t have any AIX systems slated for Bandolier but I know that it’s out there in a variety of control system applications.

Our plan for Bandolier is to separate application-specific checks into different audit files from the baseline operating system checks. Doing this should provide the maximum flexibility in terms of how and where it can be used. For example, let’s say you have the Siemens Spectrum application running on AIX. You could potentially use the AIX audit file from Tenable coupled with the Bandolier Siemens Spectrum application-level audit file (Nessus allows you to run up to four audit files simultaneously). The files from Tenable would obviously not have been tested with the control system vendors and asset owners like those from the Bandolier project, but can still provide valuable security best practice information.