The openscap project is a set of open source libraries that support the SCAP (Security Content Automation Protocol) set of standards from NIST. It supports CPE, CCE, CVE, CVSS, OVAL, and XCCDF.
|Tags||Software Development Security Interpreters|
|Implementation||Python C Perl|
Release Notes: This release adds new probes and schemas for OVAL 5.8 support, has RHEL6 SCAP content improvements, creates an "analyse" mode in the oscap tool, supports validation against schematron rules, and has many bugfixes.
Release Notes: New support for OVAL 5.7. Content updates. The oscap tool now allows skipping content validation before evaluation. There are many bugfixes.
Release Notes: Self tests were improved. All input files are now validated. Substitution support was added to XCCDF. A minor security issue was fixed. There were also bugfixes and cleanups.
Release Notes: OVAL 5.6 support was finalized. The ability to terminate plugins if a scan terminates on a signal was improved. Some important bugs were fixed.
Release Notes: OVAL 5.6 content is supported. XCCDF reporting was improved. CPE support was added to the oscap-scan utility. Many bugs were fixed.