System Compliance involves auditing a computer Operating System (whether several servers, a single virtual machine, or a fleet of nodes) and comparing that systems existing Digital Security Signatures (DSS) with that of a framework defined by an International Industry Standard. After evaluating the resultset, a benchmarked report is compiled indicating what (if any) measures or system changes are required to achieve and maintain System Compliance with that chosen policy or Security Framework.

Cybervine have been exploring methods to proactively assist with Information Security, Data Protection, and System Integrity using International Industry Standards (such as those governed by NIST) to adopt best practices and protection standards for System Compliance & Remediation.

Although in early Beta, our System Compliance & Remediation reports cater for the adapating rules and regulations of these standards, policies, and best practices. This includes nodes provisioned for transactional purposes (Eg. PCI DSS), client data storage clusters (Eg. POPIA Compliance), hosted email services, as well as private/public systems requiring a security baseline with reporting and/or security audits with remediation/mitigation advisory.

To perform this service, Cybervine utilizes the results from an agentless scan (OpenSCAP) and evaluates the Digital Signature Standards (DSS) to provide a detailed report of system requirements not yet met (including remediation/mitigation advice where applicable) – whether matching criteria with an International Industry Standard Framework, or a custom defined framework to meet a level of system hardening.

In addition, Cybervine can assist by providing regular system-wide Compliance & Remediation Reporting for your system(s) and IT environment. To get started, request a once-off free trial (limited storage capacity available).

Alternatively, kindly contact us if you have any questions or require assistance!

Please note: Cybervine IT Solutions are unable to certify System Compliance and thus this service can only assist in System Compliance (Risk Managment).

Email a Consultant
Call a Consultant



  • Overall IT System or Environmental Audit & Assessment

  • Remediation Advice & Mitigation Techniques with Code Snippets

  • Custom/tailor-made Frameworks to suit your requirements

  • Persistent System Hardening

  • Prevention & Protection against known attack vectors


  • Weekly, Monthly, and Quarterly Automated Compliance Reports

  • Custom Remediation Playbooks for Automation

  • International Industry Standard Framework (Eg. Payment Card Industry)

  • Custom rule selection/removal for specific edge cases

  • Access to Scan Results in a web portal


Kindly fill in the form below to get started! Once submitted, instructions on how and where to upload your OpenSCAP results, as well as download your System Compliance & Remediation report, will be privately sent to you.

Kindly select the appropriate Security Framework required for System Compliance
Thank you for your enquiry. A consultant will respond shortly with information on how to perform an OpenSCAP scan and where to upload the results.
There was an error trying to send your message. Please try again later or alternatively, please send an email to info @ with your System Compliance requirements.

Please note: Cybervine IT Solutions do not certify Compliance. This is an evaluation of one or more OpenSCAP results from your system(s)  to provide an overall System Compliance & Remediation report.


OpenSCAP is a project consisting of open source tools for using the Security Content Automation Protocol (SCAP) to extract the data driven measurements required to facilitate System Compliance. OpenSCAP performs this measurement by evaluating a baseline scan of a systems’ digial signatures with that of a selected framework (such as one governed by NIST).

The National Institute of Standards and Technology (NIST) is the organization providing the cybersecurity framework and guidelines required for compliance measurements, best practices, and IT security standards.

The Digital Signature Standard (DSS) is a suite of code signing algorithms for NIST to verify the authenticity and integrity of data at rest or in transit.

The Payment Card Industry Data Security Standard (PCI-DSS) is an information security standard to safeguard the processing of card transactions. The standard is enforced internationally to protect cardholders and assist with preventing unauthorised online and fraudulent use.

Have a specific query?