Does anybody know if CentOS have official support for OVAL definitions?

Question

I saw it here that CentOS have no official support for OVAL security definitions(patch, vulnerabilities).

Based on what I observe at oval.mitre.org, it looks like they don't even have a vulnerability definition for CentOS 7.x.

Is this true? If so, do we have other options for security management on CentOS systems?

The note at the top of the page at your link says that the site you are using is not current — schroeder, Jul 04 '17 at 14:17

score 1 · Accepted Answer · answered Jul 04 '17 at 14:08

1

OVAL has transitioned to the Center for Internet Security (CIS) https://oval.cisecurity.org/ . The MITRE OVAL website is in "Archive" status.

answered Jul 04 '17 at 14:08

InSEC-T

2

Its an empty "shell" OVAL and has nothing inside it – Noam Rathaus Aug 17 '17 at 09:48

1 Answers1