8.8. Additional Resources

For more information about various security compliance fields of interest, see the resources below.

Installed Documentation

  • oscap(8) — The manual page for the oscap command-line utility provides a complete list of available options and their usage explanation.
  • Guide to the Secure Configuration of Red Hat Enterprise Linux 6 — An HTML document located in the /usr/share/doc/scap-security-guide-0.1.18/ directory that provides a detailed guide for security settings of your system in form of an XCCDF checklist.

Online Documentation

  • The OpenSCAP project page — The home page to the OpenSCAP project provides detailed information about the oscap utility and other components and projects related to SCAP.
  • The SCAP Workbench project page — The home page to the SCAP Workbench project provides detailed information about the scap-workbench application.
  • The SCAP Security Guide (SSG) project page — The home page to the SSG project that provides the latest security content for Red Hat Enterprise Linux.
  • National Institute of Standards and Technology (NIST) SCAP page — This page represents a vast collection of SCAP related materials, including SCAP publications, specifications, and the SCAP Validation Program.
  • National Vulnerability Database (NVD) — This page represents the largest repository of SCAP content and other SCAP standards based vulnerability management data.
  • Red Hat OVAL content repository — This is a repository containing OVAL definitions for Red Hat Enterprise Linux systems.
  • MITRE CVE — This is a database of publicly known security vulnerabilities provided by the MITRE corporation.
  • MITRE OVAL — This page represents an OVAL related project provided by the MITRE corporation. Amongst other OVAL related information, these pages contain the latest version of the OVAL language and a huge repository of OVAL content, counting over 22 thousands OVAL definitions.
  • Red Hat Satellite documentation — This set of guides describes, amongst other topics, how to maintain system security on multiple systems by using OpenSCAP.