欢迎大家赞助一杯啤酒🍺 我们准备了下酒菜:Formal mathematics/Isabelle/ML, Formal verification/Coq/ACL2/Agda, C++/Lisp/Haskell
OpenSCAP
来自开放百科 - 灰狐
(版本间的差异)
小 (→链接) |
小 (→指南) |
||
| 第29行: | 第29行: | ||
==指南== | ==指南== | ||
| + | Red Hat & CentOS | ||
# yum install openscap-scanner | # yum install openscap-scanner | ||
$ oscap -V | $ oscap -V | ||
| 第34行: | 第35行: | ||
# yum install scap-workbench | # yum install scap-workbench | ||
$ scap-workbench | $ scap-workbench | ||
| + | |||
| + | Debian & Ubuntu | ||
| + | $ sudo apt install openscap-daemon | ||
| + | $ oscap -V | ||
==项目== | ==项目== | ||
2022年5月11日 (三) 02:24的版本
|
您可以在Wikipedia上了解到此条目的英文信息 OpenSCAP Thanks, Wikipedia. |
OpenSCAP
目录 |
简介
OpenSCAP: Open Source Security Compliance(合规)Solution
OpenSCAP 开源安全合规解决方案,NIST认证的SCAP 1.2工具箱。
Security Content Automation Protocol (SCAP) 安全内容自动化协议
标准
- Security Content Automation Protocol (SCAP)
- SCAP Components XCCDF, OVAL, DataStream, ARF, CPE, CVE, CWE, SCE.
- Other Standards SACM, SWID, CC, FIPS.
功能
工具
- OpenSCAP Base
- OpenSCAP Daemon
- SCAP Workbench
- SCAPTimony
- OSCAP Anaconda Add-on
- Systems Management
- Atomic Scan
指南
Red Hat & CentOS
# yum install openscap-scanner $ oscap -V # yum install scap-security-guide # yum install scap-workbench $ scap-workbench
Debian & Ubuntu
$ sudo apt install openscap-daemon $ oscap -V
项目
缩略语
- AI(Asset Identification)
- ARF(Asset Reporting Format)
- CCE(Common Configuration Enumeration)
- CCSS(Common Configuration Scoring System)
- CIS(Center for Internet Security)
- CPE(Common Platform Enumeration)
- CVE(Common Vulnerabilities and Exposures)
- CVSS(Common Vulnerability Scoring System)
- CWE(Common Weakness Enumeration)
- FIPS(Federal Information Processing Standards)
- MITRE
- NIST(National Institute of Standards and Technology)
- NVD(National Vulnerability Database)
- OCIL(Open Checklist Interactive Language)
- OVAL(Open Vulnerability and Assessment Language)
- PCI DSS(Payment Card Industry Data Security Standard)
- SCE(Script Check Engine)
- SDS(SCAP source data stream)
- SACM(Security Automation and Continuous Monitorin)
- SCAP(Security Content Automation Protocol)
- SWID(Software identification)
- USGCB(United States Government Configuration Baseline)
- XCCDF(eXtensible Configuration Checklist Description Format)
图集
SCAP Security Guide
SCAP Workbench
链接
分享您的观点
