OVAL® International in scope and free for public use, OVAL is an information security community effort to standardize how to assess and report upon the machine state of computer systems. OVAL includes a language to encode system details, and an assortment of content repositories held throughout the community.
Tools and services that use OVAL for the three steps of system assessment — representing system information, expressing specific machine states, and reporting the results of an assessment — provide enterprises with accurate, consistent, and actionable information so they may improve their security. Use of OVAL also provides for reliable and reproducible information assurance metrics and enables interoperability and automation among security tools and services.
| OVAL in the Enterprise | |
|---|---|
|
||||||
Focus On
How to Participate in the OVAL Adoption Program
An organization can participate in the OVAL Adoption Program if its security products/services use OVAL in one or more of the following ways:
- Produce an OVAL System Characteristics file based on the details of a system
- Host OVAL content in a repository
- Author OVAL content
- Evaluate OVAL content and present the results in the OVAL results format
- Consume OVAL results and display them or use them to perform an action
If your organization uses or is planning to use OVAL, review the OVAL Adoption Program Process for instructions on how to participate and/or contact oval@mitre.org to learn more.
MITRE Hosts Community Call about "OVAL for Android"
OVAL Board Meeting Minutes Now Available
OVAL a Main Topic of Cisco Webinar about Security Automation
OVAL Interpreter Updated to Version 5.10.1.5
New OVAL Board Member for Microsoft
OVAL booth at InfoSec World 2013
OVAL Repository Announces Top Contributors Awards for Q1-2013
Draft of OVAL Version 5.11 Now Available
OVAL Board Teleconference Meeting, July 8
