8.13. Related Information

Supported versions of the SCAP Security Guide - The article lists the supported version of the SCAP Security Guide in different versions of RHEL.

The OpenSCAP project page - The home page of the OpenSCAP project provides detailed information about the oscap utility and other components and projects related to SCAP.

The SCAP Workbench project page - The home page of the SCAP Workbench project provides detailed information about the scap-workbench application.

The SCAP Security Guide (SSG) project page - The home page of the SSG project that provides the latest security content for Red Hat Enterprise Linux.

Red Hat Security Demos: Creating Customized Security Policy Content to Automate Security Compliance - A hands-on lab to get initial experience in automating security compliance using the tools that are included in Red Hat Enterprise Linux to comply with both industry standard security policies and custom security policies. If you want training or access to these lab exercises for your team, contact your Red Hat account team for additional details.

Red Hat Security Demos: Defend Yourself with RHEL Security Technologies - A hands-on lab to learn how to implement security at all levels of your RHEL system, using the key security technologies available to you in Red Hat Enterprise Linux, including OpenSCAP. If you want training or access to these lab exercises for your team, contact your Red Hat account team for additional details.

National Institute of Standards and Technology (NIST) SCAP page - This page represents a vast collection of SCAP-related materials, including SCAP publications, specifications, and the SCAP Validation Program.

National Vulnerability Database (NVD) - This page represents the largest repository of SCAP content and other SCAP standards-based vulnerability management data.

Red Hat OVAL content repository - This is a repository containing OVAL definitions for vulnerabilities of Red Hat Enterprise Linux systems. This is the recommended source of vulnerability content.

MITRE CVE - This is a database of publicly known security vulnerabilities provided by the MITRE corporation. For RHEL, using OVAL CVE content provided by Red Hat is recommended.

MITRE OVAL - This page represents an OVAL-related project provided by the MITRE corporation. Among other OVAL-related information, these pages contain the latest version of the OVAL language and a repository of OVAL content with thousands of OVAL definitions. Note that for scanning RHEL, using OVAL CVE content provided by Red Hat is recommended.

Red Hat Satellite documentation - This set of guides describes, among other topics, how to maintain system security on multiple systems by using OpenSCAP.