Home > Blogs > VMware Security & Compliance Blog > Tag Archives: OVAL

Tag Archives: OVAL

VMware releases OVAL content editor open source project

Hello Everyone,

Today, VMware releases SCAP 1.3 draft spec compliant Open Source project for OVAL content editor. A couple of months back VMware released an SCAP compliance assessment and remediation app for FREE. The security and compliance community loved it and came back to us asking for an easier and simpler way to write OVAL assessment rules and generate XCCDF out of it instead of handcrafting the XMLs. We listened and responded!

Continue reading

VMware releases STIG Compliance App for FREE

Hello Everyone,

I am pleased to announce the availability of VMware STIG Compliance App. Using this app, you can assess, remediate and harden remote *NIX machines in line with STIG (Security Technical Implementation Guide) or any other security configuration benchmark. The app is available as a container image.

The app supports and requires configuration benchmark to be in SCAP 1.2 format and is capable of performing XCCDF or OVAL assessments. The app uses OpenSCAP as the assessment engine and Ansible as the action engine for performing remediation and hardening.

Continue reading