The software described in this documentation is either in Extended Support or Sustaining Support. See https://www.oracle.com/us/support/library/enterprise-linux-support-policies-069172.pdf for more information.
Oracle recommends that you upgrade the software described by this documentation as soon as possible.
The Security Content Automation Protocol (SCAP) provides an automated, standardized methodology for managing system security, including measuring and managing system vulnerability, and evaluating policy compliance against security standards such as the Federal Information Security Management Act (FISMA). The U.S. government content repository for SCAP standards is the National Vulnerability Database (NVD), which is managed by the National Institute of Standards and Technology (NIST).
Oracle Linux provides the following SCAP packages for Oracle Linux 6:
-
openscap-utils
The
openscap-utils
package contains command-line tools that use the OpenSCAP library. This package previously included the oscap command-line configuration and vulnerability scanner, but this is now made available separately in theopenscap-scanner
package. Theopenscap-scanner
package is installed as a dependency when you install theopenscap-utils
package.-
openscap-scanner
Provides the oscap command-line configuration and vulnerability scanner, which can perform compliance checking against SCAP content including the SCAP Security Guide. This is a dependency of the
openscap-utils
package.-
openscap
Provides the OpenSCAP open-source libraries for generating SCAP-compliance documentation. OpenSCAP received SCAP 1.2 certification from NIST in April 2014.
-
scap-security-guide
Provides system-hardening guidance in SCAP format, including links to government requirements. The guide provides security profiles that you can modify to comply with the security policies that you have established for your site.