Show Table of Contents
7.12. Related Information
- The OpenSCAP project page - The home page of the OpenSCAP project provides detailed information about the
oscaputility and other components and projects related to SCAP.
- The SCAP Workbench project page - The home page of the SCAP Workbench project provides detailed information about the
- The SCAP Security Guide (SSG) project page - The home page of the SSG project that provides the latest security content for Red Hat Enterprise Linux.
- Red Hat Security Demos - A hands-on lab to get initial experience with the SCAP ecosystem in Red Hat Enterprise Linux (Lab2), and the understanding of the upstream project where RHEL configuration compliance content is developed.
- National Institute of Standards and Technology (NIST) SCAP page - This page represents a vast collection of SCAP-related materials, including SCAP publications, specifications, and the SCAP Validation Program.
- National Vulnerability Database (NVD) - This page represents the largest repository of SCAP content and other SCAP standards-based vulnerability management data.
- Red Hat OVAL content repository - This is a repository containing OVAL definitions for vulnerabilities of Red Hat Enterprise Linux systems. This is the recommended source of vulnerability content.
- MITRE CVE - This is a database of publicly known security vulnerabilities provided by the MITRE corporation. For RHEL, using OVAL CVE content provided by Red Hat is recommended.
- MITRE OVAL - This page represents an OVAL-related project provided by the MITRE corporation. Among other OVAL-related information, these pages contain the latest version of the OVAL language and a repository of OVAL content with thousands of OVAL definitions. Note that for scanning RHEL, using OVAL CVE content provided by Red Hat is recommended.
- Red Hat Satellite documentation - This set of guides describes, among other topics, how to maintain system security on multiple systems by using OpenSCAP.