Home Features

Improve security of your infrastructure using open source tools.

Open Source

Free to use on any platform

The OpenSCAP project provides tools that are free to use anywhere you like, for any purpose. Availability of the code results in greater portability – anyone can send patches to add support for their platform of choice.

Public code, no secrets

The source code of all OpenSCAP tools is public. Feel free to learn from it, share it, or review it! You don’t have to trust us, you can verify our claims.

Contributors welcome

If you see something you would like to change, send us a patch! The open source development model lets you influence the project’s direction. We welcome all contributors. Continue

Security compliance

Security compliance is a state where computer systems are in line with a specific security policy.

In the ever-changing world of computer security where new vulnerabilities are being discovered and patched every day, enforcing security compliance must be a continuous process. It also needs to include a way to make adjustments to policies, as well as periodic assessment and risk monitoring. The OpenSCAP ecosystem provides tools and customizable policies for a quick, cost-effective and flexible implementation of such a process.

Vulnerability assessment

Vulnerability assessment is a process that identifies and classifies vulnerabilities on a system.

Leaving your systems with unpatched vulnerabilities can have a number of consequences, ranging from embarrassment to heavy damage when a vulnerability is exploited by an attacker. A timely inspection of software inventory that identifies vulnerabilities is a must for any organization in the 21st century. The OpenSCAP project provides tools for automated vulnerability checking, allowing you to take steps to prevent attacks before they happen.


We are professionals, we follow standards!