OpenSCAP

来自开放百科 - 灰狐
(版本间的差异)
跳转到: 导航, 搜索
(图集)
第1行: 第1行:
 +
{{SeeWikipedia|Security Content Automation Protocol}}
 +
 
OpenSCAP
 
OpenSCAP
 +
 +
[[文件:OpenSCAP-logo.png|right|OpenSCAP]]
  
 
==简介==
 
==简介==
 
OpenSCAP: Open Source Security Compliance(合规)Solution
 
OpenSCAP: Open Source Security Compliance(合规)Solution
 +
 +
OpenSCAP 开源安全合规解决方案,NIST认证的SCAP 1.2工具箱。
 +
 +
[https://csrc.nist.gov/projects/Security-Content-Automation-Protocol Security Content Automation Protocol (SCAP)] 安全内容自动化协议
  
 
==标准==
 
==标准==
第28行: 第36行:
  
 
==项目==
 
==项目==
 +
*[https://github.com/OpenSCAP OpenSCAP @ GitHub]
  
 
==缩略语==
 
==缩略语==
第62行: 第71行:
 
==链接==
 
==链接==
 
*[https://www.open-scap.org/ OpenSCAP官网]
 
*[https://www.open-scap.org/ OpenSCAP官网]
*[https://github.com/OpenSCAP OpenSCAP @ GitHub]
 
  
 
[[category:security]]
 
[[category:security]]
 
[[category:Red Hat]]
 
[[category:Red Hat]]

2022年5月11日 (三) 01:50的版本

Wikipedia-35x35.png 您可以在Wikipedia上了解到此条目的英文信息 OpenSCAP Thanks, Wikipedia.

OpenSCAP

OpenSCAP

目录

简介

OpenSCAP: Open Source Security Compliance(合规)Solution

OpenSCAP 开源安全合规解决方案,NIST认证的SCAP 1.2工具箱。

Security Content Automation Protocol (SCAP) 安全内容自动化协议

标准

功能

工具

  • OpenSCAP Base
  • OpenSCAP Daemon
  • SCAP Workbench
  • SCAPTimony
  • OSCAP Anaconda Add-on
  • Systems Management
  • Atomic Scan

指南

# yum install openscap-scanner
$ oscap -V
# yum install scap-security-guide
# yum install scap-workbench
$ scap-workbench

项目

缩略语

  • AI(Asset Identification)
  • ARF(Asset Reporting Format)
  • CCE(Common Configuration Enumeration)
  • CCSS(Common Configuration Scoring System)
  • CIS(Center for Internet Security)
  • CPE(Common Platform Enumeration)
  • CVE(Common Vulnerabilities and Exposures)
  • CVSS(Common Vulnerability Scoring System)
  • CWE(Common Weakness Enumeration)
  • FIPS(Federal Information Processing Standards)
  • MITRE
  • NIST(National Institute of Standards and Technology)
  • NVD(National Vulnerability Database)
  • OCIL(Open Checklist Interactive Language)
  • OVAL(Open Vulnerability and Assessment Language)
  • PCI DSS(Payment Card Industry Data Security Standard)
  • SCE(Script Check Engine)
  • SDS(SCAP source data stream)
  • SACM(Security Automation and Continuous Monitorin)
  • SCAP(Security Content Automation Protocol)
  • SWID(Software identification)
  • USGCB(United States Government Configuration Baseline)
  • XCCDF(eXtensible Configuration Checklist Description Format)

图集

链接

分享您的观点
个人工具
名字空间

变换
操作
导航
工具箱