Projects / openscap


The openscap project is a set of open source libraries that support the SCAP (Security Content Automation Protocol) set of standards from NIST. It supports CPE, CCE, CVE, CVSS, OVAL, and XCCDF.

Operating Systems

Recent releases

  •  24 Jun 2011 14:36

    Release Notes: This release adds new probes and schemas for OVAL 5.8 support, has RHEL6 SCAP content improvements, creates an "analyse" mode in the oscap tool, supports validation against schematron rules, and has many bugfixes.

    •  20 Apr 2011 16:56

      Release Notes: New support for OVAL 5.7. Content updates. The oscap tool now allows skipping content validation before evaluation. There are many bugfixes.

      •  12 Mar 2011 00:56

        Release Notes: Self tests were improved. All input files are now validated. Substitution support was added to XCCDF. A minor security issue was fixed. There were also bugfixes and cleanups.

        •  12 Feb 2011 13:39

          Release Notes: OVAL 5.6 support was finalized. The ability to terminate plugins if a scan terminates on a signal was improved. Some important bugs were fixed.

          •  02 Feb 2011 13:52

            Release Notes: OVAL 5.6 content is supported. XCCDF reporting was improved. CPE support was added to the oscap-scan utility. Many bugs were fixed.


            Project Spotlight


            A Fluent OpenStack client API for Java.


            Project Spotlight

            TurnKey TWiki Appliance

            A TWiki appliance that is easy to use and lightweight.