Chapter 7. Industry Standards and Certification

NIST Certification for OpenSCAP

OpenSCAP 1.0.8 has been certified by the National Institute of Standards and Technology’s (NIST) Security Content Automation Protocol (SCAP) 1.2 in the Authenticated Configuration Scanner category with the Common Vulnerabilities and Exposure (CVE) option. OpenSCAP provides a library that can parse and evaluate each component of the SCAP standard in order to make creating new SCAP tools convenient. Also, OpenSCAP offers a multi-purpose tool designed to format content into documents or scan the system based on this content.