To date, I've used OpenSCAP to check the configuration of Unix operating systems against government baselines.
But I assume OpenSCAP can consume any SCAP content including daily CVE feeds? I have not tried that yet. And superficial searching did not reveal any obvious documentation. Does anyone know of a good example that would get a person started with using OpenSCAP to consume CVE feeds? Any recommendations of freely available feeds? Thanks! Greg Elin
-- SCAP Security Guide mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide https://github.com/OpenSCAP/scap-security-guide/
