Skip to content

Writing OVAL Content

Jump to bottom Edit New page
Greg Elin edited this page Jul 20, 2015 · 20 revisions

SCAP-Security-Guide Authoring Conventions

Understanding the following conventions will make it easier for you to navigate the SCAP-Security-Guide repository and author SCAP content.

  • All OVAL definitions are written as "SSG source OVAL XML files" using in a shorthand syntax. This shorthand syntax is unique to SSG.
  • Each SSG source OVAL XML file defines exactly one vulnerability assessment definition.
  • Each source OVAL XML files is named for the vulnerability assessed, separating words with underscores (example: accounts_password_pam_decredit.xml)
  • SSG source OVAL XML files are transformed into the official OVAL language format during the SSG build process.
Add a custom footer
Add a custom sidebar
Clone this wiki locally