The OVAL Community Version 5.12.2 Documentation
Welcome to the guidelines for OVAL, the Open Vulnerability and Assessment Language. These guidelines are designed to explain everything you need to know to start contributing to OVAL (or link you to places to ask questions, should the explanations not suffice), as well as provide a variety of standards and resources to the community.
OVAL 5.12.2 is designed to align with NIST’s SCAP 1.4 release.
If you are looking for documentation for documentation on previous versions of OVAL
- OVAL version 5.11.2 (SCAP 1.3): https://oval-community-guidelines.readthedocs.io/en/5.11.2_release/
- OVAL version 6.0 (Future SCAP 3.0): https://oval-community-guidelines.readthedocs.io/en/v6.0/
Notice:
# Notice: Posted Sept 19, 2024
The development team of the SCAP Compliance Checker (SCC) at the Naval Information Warfare Center (NWIC) has taken over the role as OVAL Sponsor. If your organization is interested in being part of this development community composed of top security experts, system administrators, and software developers from industry, government, and academia, please reach out to our team at scc.fct@navy.mil
What is OVAL?¶
OVAL is an open language built by security experts, system administrators, and software developers to universalize assessment and reporting on the state of computer systems.
Who is the OVAL Community?¶
The OVAL Community is the group responsible for proposals about anything and everything OVAL related. It comprises Members, Area Supervisors, the Leadership Board, and the Sponsor. The community maintains, fixes, and improves OVAL through an established governance process.
Learn More¶
Get Involved¶
License¶
The Guidelines