-
Notifications
You must be signed in to change notification settings - Fork 670
Writing OVAL Content
Greg Elin edited this page Jul 20, 2015
·
20 revisions
Understanding the following conventions will make it easier for you to navigate the SCAP-Security-Guide repository and author SCAP content.
- All OVAL definitions are written as "SSG source OVAL XML files" using in a shorthand syntax. This shorthand syntax is unique to SSG.
- Each SSG source OVAL XML file defines exactly one vulnerability assessment definition.
- Each source OVAL XML files is named for the vulnerability assessed, separating words with underscores (example:
accounts_password_pam_decredit.xml
) - SSG source OVAL XML files are transformed into the official OVAL language format during the SSG build process.