欢迎大家赞助一杯啤酒🍺 我们准备了下酒菜:Formal mathematics/Isabelle/ML, Formal verification/Coq/ACL2/Agda, C++/Lisp/Haskell
OpenSCAP
来自开放百科 - 灰狐
(版本间的差异)
小 (→指南) |
小 (→图集) |
||
第57行: | 第57行: | ||
<gallery> | <gallery> | ||
image:SCAP-Security-Guide.png|SCAP Security Guide | image:SCAP-Security-Guide.png|SCAP Security Guide | ||
+ | image:SCAP-Workbench.png|SCAP Workbench | ||
</gallery> | </gallery> | ||
2020年11月12日 (四) 15:35的版本
OpenSCAP
目录 |
简介
OpenSCAP: Open Source Security Compliance(合规)Solution
标准
- Security Content Automation Protocol (SCAP)
- SCAP Components XCCDF, OVAL, DataStream, ARF, CPE, CVE, CWE, SCE.
- Other Standards SACM, SWID, CC, FIPS.
功能
工具
- OpenSCAP Base
- OpenSCAP Daemon
- SCAP Workbench
- SCAPTimony
- OSCAP Anaconda Add-on
- Systems Management
- Atomic Scan
指南
# yum install openscap-scanner $ oscap -V # yum install scap-security-guide # yum install scap-workbench $ scap-workbench
项目
缩略语
- AI(Asset Identification)
- ARF(Asset Reporting Format)
- CCE(Common Configuration Enumeration)
- CCSS(Common Configuration Scoring System)
- CIS(Center for Internet Security)
- CPE(Common Platform Enumeration)
- CVE(Common Vulnerabilities and Exposures)
- CVSS(Common Vulnerability Scoring System)
- CWE(Common Weakness Enumeration)
- FIPS(Federal Information Processing Standards)
- MITRE
- NIST(National Institute of Standards and Technology)
- NVD(National Vulnerability Database)
- OCIL(Open Checklist Interactive Language)
- OVAL(Open Vulnerability and Assessment Language)
- PCI DSS(Payment Card Industry Data Security Standard)
- SCE(Script Check Engine)
- SDS(SCAP source data stream)
- SACM(Security Automation and Continuous Monitorin)
- SCAP(Security Content Automation Protocol)
- SWID(Software identification)
- USGCB(United States Government Configuration Baseline)
- XCCDF(eXtensible Configuration Checklist Description Format)
图集
链接
分享您的观点