The OpenSCAP project is a collection of open source tools for implementing and enforcing this standard, and has been awarded the SCAP 1.2 certification by NIST in 2014. The project provides tools that are free to use anywhere you like, for any purpose.
The OpenSCAP basic tools are:
- OpenSCAP Base
- Provides a command line tool which enables various SCAP capabilities such as displaying the information about specific security content, vulnerability and configuration scanning, or converting between different SCAP formats.
- SCAP Workbench
- User friendly graphical utility offering an easy way to tailor SCAP content to your needs, perform local or remote scans, and export results.