Chapter 2. Security content automation protocol
Satellite uses the Security Content Automation Protocol (SCAP) standard to define security policies.
SCAP is a framework of several specifications based on XML, such as checklists described in the Extensible Checklist Configuration Description Format (XCCDF) and vulnerabilities described in the Open Vulnerability and Assessment Language (OVAL). These specifications are encapsulated as data stream files.
Checklist items in XCCDF, also known as rules, express the desired configuration of a system item. For example, a rule may specify that no one can log in to a host over SSH using the root user account. Rules can be grouped into one or more XCCDF profiles, which allows multiple profiles to share a rule.
The OpenSCAP scanner tool evaluates system items on a host against the rules and generates a report in the Asset Reporting Format (ARF), which is then returned to Satellite for monitoring and analysis.
| Title | Description | Version |
| SCAP | Security Content Automation Protocol | 1.3 |
| XCCDF | Extensible Configuration Checklist Description Format | 1.2 |
| OVAL | Open Vulnerability and Assessment Language | 5.11 |
| - | Asset Identification | 1.1 |
| ARF | Asset Reporting Format | 1.1 |
| CCE | Common Configuration Enumeration | 5.0 |
| CPE | Common Platform Enumeration | 2.3 |
| CVE | Common Vulnerabilities and Exposures | 2.0 |
| CVSS | Common Vulnerability Scoring System | 2.0 |
Additional resources
- For more information about SCAP, see the OpenSCAP project.
