Open SCAP Library

Overview

OpenSCAP is a set of open source libraries providing an easier path for integration of the SCAP line of standards.

SCAP is a line of standards managed by NIST with the goal of providing a standard language for the expression of Computer Network Defense related information.

Libraries

• Common - Objects and mechanisms used across all parts of library.
• CPE - Common Platform Enumeration
• CVE - Common Vulnerabilities and Exposures
• CVSS - Common Vulnerability Scoring System
• OVAL - Open Vulnerability and Assessment Language
• XCCDF - Extensible Configuration Checklist Description Format
• XCCDF_POLICY - Policy interface to XCCDF benchmark

Links

• OpenSCAP homepage: http://www.open-scap.org/
• Information on SCAP at NIST: http://nvd.nist.gov/scap.cfm