OpenSCAP is a set of open source libraries that support the Security Content Automation Protocol (SCAP) standards from the National Institute of Standards and Technology (NIST). OpenSCAP supports the SCAP components:
Common Vulnerabilities and Exposures (CVE)
Common Platform Enumeration (CPE)
Common Configuration Enumeration (CCE)
Common Vulnerability Scoring System (CVSS)
Open Vulnerability and Assessment Language (OVAL)
Extensible Configuration Checklist Description Format (XCCDF)
Additionally, the openSCAP package includes an application to generate SCAP reports about system configuration. This package is considered a Technology Preview in Red Hat Enterprise Linux 6.
