Home Tools
quotes

No single tool fits all use cases. Whether you want to scan just a single system or manage compliance of an entire cluster, we have the right tool for you!

Tools

Systems management

Systems Management

Use OpenSCAP with your systems management solution of choice as Red Hat Satellite 6 (Foreman), Red Hat Satellite 5 (Spacewalk), RH Access Insights, and Preupgrade Assistant.

Project Atomic

Atomic Scan

Use the Atomic Scan feature to scan containers for both security vulnerabilities and compliance issues. The functionality is delivered via the “openscap” docker image in the official Red Hat registry.

About the OpenSCAP Family

We like to think about the OpenSCAP ecosystem in terms of layers. Generally speaking, the higher level projects depend on the lower level ones.

At the bottom, low-level layer, stands OpenSCAP Base. It provides the raw functionality of reading SCAP content and allows you to perform compliance scanning on a single system. It features the NIST-certified command line scanner tool called oscap.

One layer above stands the SCAP Workbench, a graphical user interface that uses the functionality provided by OpenSCAP Base. It aims to be intuitive and lower the initial learning curve of SCAP scanning.

The tools described above are useful for scanning and possibly remediating already installed and running systems. But what if you need to install a new one, and you want to ensure its compliance from the get go? This is where the OpenSCAP Anaconda Add-on comes in. It integrates into the Anaconda installer and allows you to install a new system that will be compliant with your policy right from the first boot.

Even higher in the hierarchy stands the OpenSCAP Daemon. It enables you to continuously scan multiple systems, whether they run on bare metal or as virtual machines, and it can even perform compliance scans of containers.

At the highest level of the ecosystem are several tools which enable you to maintain multiple systems in a state of security compliance: Spacewalk, Foreman, or Cockpit. The lower level tools provided by the OpenSCAP project can work reliably with any of these system management frameworks.

ecosystem1
sitemap