Openscap apache. The OpenSCAP ecosystem provides multiple tools to assist administrators and auditors with assessment, measurement, and enforcement of security baselines. OpenSCAP has 19 repositories available. The project is using a BSD license and the policies it provides can be used freely by anyone. OpenSCAP provides various tools for auditing systems and fixing problems in your system, according to the SCAP Security Guide (SSG). This tool allows users to perform configuration and vulnerability scans on a single local or a remote system, perform remediation of the system in accordance with the given XCCDF or SDS file. Another place where these identifiers can be found are machine-readable Result Datastream files. SCAP Workbench is a graphical utility that offers an easy way to perform common oscap tasks. Open Source Security Compliance Solution. OpenSCAP is a comprehensive implementation of the Security Content Automation Protocol (SCAP) standards, including XCCDF, OVAL, CPE, and Data Streams. OpenSCAP mainly processes the XCCDF which is a standard way of expressing a checklist content and OpenSCAP — The oscap command-line utility is designed to perform configuration and vulnerability scans on a local system, to validate security compliance content, and to generate reports and guides based on these scans and evaluations. Jun 3, 2025 · This document provides a high-level overview of the OpenSCAP project, covering its architecture, core components, and key interfaces. Jul 3, 2022 · In this article, I will guide you through the basics of SCAP and the entire steps for performing security compliance management and vulnerability assessment with an open-source tool called OpenSCAP. Security Content Automation Protocol (SCAP) is U. SCAP was created to provide a standardized approach for maintaining system security. This file can be generated during the scan by adding --results-arf option. The OpenSCAP project is a collection of open source tools for implementing and enforcing this standard, and has been awarded the SCAP 1. open-scap. Although you can use any content, this is the content choice we recommend you start with. Contribute to OpenSCAP/openscap development by creating an account on GitHub. NIST Certified SCAP 1. New specifications are governed by NIST’s SCAP Release cycle in order to provide a consistent and repeatable revision workflow. All projects under the OpenSCAP umbrella are open source and can be downloaded and used for free. standard maintained by National Institute of Standards and Technology (NIST). org/ and the repository for their tools and profiles is on GitHub at https://github. Simple graphical tool which brings OpenSCAP to the average user. And above all, SCAP Security guide is available for download free. May 10, 2022 · Related: How to Install Apache on Ubuntu to Manage your Traffic Installing OpenSCAP and SSG Packages OpenSCAP is a free and open-source security automation tool for managing system security and compliance testing. Aug 21, 2015 · SSG Questions/Answers Contributor Workshop March 9, 2016Jan Lieskovsky Install PCI-DSS compliant RHEL-7. S. 2 toolkit. Feb 27, 2026 · Open Source Security Compliance Solution. The OpenSCAP library, with the accompanying oscap command-line utility, is designed to perform configuration and vulnerability scans on a local system, to validate configuration compliance content, and to generate reports and guides based on these scans and evaluations. Oct 9, 2018 · OpenSCAP doesn’t provide metadata for other types of identifiers. We maintain great flexibility and interoperability, reducing the costs of performing security audits. 2 certification by NIST in 2014. You can read more about the project at http://www. Follow their code on GitHub. . SCAP Security guide is a dynamic open source project, which means that many organizations interested in computer security share their efforts and collaborate on security policies contained in SCAP Security guide. OpenSCAP is a project that implements tools for performing SCAP scans and remediating findings. The OpenSCAP library is the core building block used in a content tailoring program called SCAP Workbench, integrated in Red Hat Satellite by SCAPTimony and used for all SCAP evaluation by OpenSCAP Daemon. com/OpenSCAP/openscap/. 2 using oscap Anaconda Add-on October 5, 2015Michal Šrubař Customizing SCAP Security Guide for your use-case September 16, 2015Jan Černý Security compliance of RHEL7 Docker containers September 16, 2015Zbynek Moravec Make a RHEL7 server compliant with PCI-DSS September 2, 2015Michal OpenSCAP uses SCAP which is a line of specifications maintained by the NIST. OpenSCAP is available on various Linux distributions, including Red Hat Enterprise Linux, Fedora and Ubuntu. It has usage in Military and Intelligence communities, healthcare, aviation, telecom and other industries. SCAP Security Guide An open source project creating and providing SCAP security policies for various platforms – namely Red Hat Enterprise Linux 6 and 7, Fedora, Firefox, and others.