8.8. NIST SCAP 1.2 Certification

As of Red Hat Enterprise Linux 6.6, OpenSCAP (openscap) is certified by the National Institute of Standards and Technology’s (NIST) Security Content Automation Protocol (SCAP) 1.2. SCAP provides a standardized approach to maintaining the security of enterprise systems, allowing you to automatically verify the presence of patches, check system security configuration settings, and examine systems for signs of compromise.

Red Hat Enterprise Linux 6.6 also includes a new package, scap-security-guide, which provides more information on how to get the best out of OpenSCAP.